Data Privacy Notice
SAINT JOSEPH INSTITUTE OF TECHNOLOGY, AND OTHER STAKEHOLDERS
Welcome to Saint Joseph Institute of Technology (SJIT)
This Privacy Notice informs you of our policy regarding the data we collect and how we use, transfer/disclose, and store/retain/dispose or otherwise process your personal data.
We respect your right to privacy and aim to comply with the requirements of all relevant privacy and data protection laws, particularly the Data Privacy Act of 2012 (DPA). As in the case of the National Privacy Commission (NPC), we also seek to strike a balance between your personal privacy and the free flow of information, especially when pursuing our legitimate interests and when necessary to carry out our mission to (1) deliver quality education through good leadership and management with certified standards in curriculum and instruction; (2) Practice creativity, resourcefulness with integrity and prudence; (3)Produce professionals with passion to serve; and, (4) Develop the emotional and physical wellness of learners, faculty and staff. In this NOTICE, the terms “data” and “information” are used interchangeably.
When we speak of “personal data,” the term includes the concepts of personal information, sensitive personal information, and privileged information. The first two are typically used to identify you distinctively. For their exact definitions, you may refer to the DPA text or visit the office of the SJIT Data Protection Officer. You should also note that while we give examples here to explain this Privacy Notice in simple and clear language, such examples do not form an exhaustive list of all the data that we process.
Information We Collect, Acquire, or Generate
We collect, acquire, or generate your personal data in many forms. These may consist of written records, photographic and video images, digital material, and even biometric records. Examples include:
1. Information you provide us during your registration. When you register with us, we collect, among others:
- Full name, ID Number, Age Birthdate, Address, Gender, Contact Number (Mobile Number, and Telephone Number), Civil Status, Religion, DepEd No, Previous School Background Information (Elementary, Senior High School), Parents Information (Complete Name, Occupation, Address, and Contact Number), Name of Guardian, and other relevant information in connection with the transactions with the SJIT;
- data about your student’s grade records, such as your Program, Full name, student number, subject, Instructor’s Name, Raw scores, final grade and other relevant circumstances and academic related records; and
- data about your Post-Onboard details (for Maritime students) such as Full name, Address, Contact Number, Email Address, Name of Company, Name of Vessel, Cadet Profile, Sea Service, and other relevant details regarding post-onboard details;
- Data about your senior high school records such as Full name, Year Graduated, Grade Level, Academic Strand, Signature of Principal, and other details and circumstances related to your high school records;
- Data about your Drug Test Result such as, Name, Address, Age, Sex, ID Number, Course, Year, Semester, Academic Year, Drug Test Result, Date of Examination,Recommendation, School Nurse, and other relevant information regarding your post-Drug test details;
- Data about your MS Teams Account such as Name, Username, Password, and other relevant information regarding your MS Teams details; and
- any or all information obtained through interviews and/or other forms of personal data collection.
2. Information you provide us during your application for employment. When you apply for employment with us, we collect, among others:
- Name, Address, Contact Number, Email Address, Place of Birth, Date of Birth, Religion, Civil Status, Age, Gender, Spouse Information (Name of Spouse, Occupation, and Contact Number), Children (Name of children, and Age), Parents Details (Parents Name, Occupation, and Address), Siblings Details (Name of Siblings, Age, Address, and Occupation), Educational Background (Degree, Name of School, Address, and Year Graduated), TIN Number, License Number, Physical Records; and
- any or all information obtained through interviews and/or other forms of personal data collection.
3. Information you provide us for Accreditation of External Providers (Good and Services). When you apply for accreditation as external provides with us, we collect, among others:
- Name, Address, Contact Number, Signature;
- any or all information obtained through interviews and/or other forms of personal data collection.
4. Information we process or generate after the collection. When doing transactions with SJIT, as a student, employee or client, we may also collect additional information about you, including:
- Name, Rate, Teachers Load (for Teacher’s Payroll Preparation)
- ID Number, Full Name, Gender, Contact Number, Course/Department, Year, Email Address, Home Address (Book Borrowing)
- Name, ID Number, Birthdate (Wifi Authentication)
We may obtain these additional personal data when you provide them in the:
-
-
- S3 ARIS System
- MS Teams Account
- WIFI Authentication
-
5. Unsolicited Information. There may be instances when personal information is sent to or received by us even without our prior request. In such cases, we will determine if we can legitimately keep such information. If it is not related to any of our legitimate interests, we will immediately dispose of the information in a way that will safeguard your privacy. Otherwise, it will be treated in the same manner as information you provide us as confidential and secure.
Suppose you supply us with personal data of other individuals (e.g., heirs). In that case, we will request you to certify that you have obtained the consent of such individuals before providing us with their personal data via consent form from the SJIT Data Protection Officer (DPO).
How We Use Your Information
To the extent permitted or required by law, we use your personal data to pursue our legitimate interests as a private institution, including a variety of administrative, research, historical, and statistical purposes. For example, we may use the information we collect for purposes such as but not limited to:
- SJITs Accreditation activities;
- SJITs Certification activities; and
- SJITs collaboration activities with academe and industry partners.
We consider the processing of your personal data for these purposes to be necessary for the performance of our contractual obligations to you, for our compliance with a legal obligation, to protect your vitally important interests, including your life and health, for the performance of tasks we carry out in the public interest (e.g., public order, public safety, etc.), or for the pursuit of the legitimate interests of SJIT or a third party, among others. We understand that the DPA imposes stricter rules for processing sensitive personal information and privileged information, and we are fully committed to abiding by
those rules.
If we require your consent for any specific use of your personal data, we will collect it
at the appropriate time.
Please note further that we will not subject your personal data to any automated decision-making process without your prior consent.
How We Share, Disclose, or Transfer Your Information
To the extent permitted or required by law, we may also share, disclose, or transfer our personal data to other persons or organizations in order to uphold your interests and/or pursue our legitimate interests as an academic institution. For example, we may share,disclose, or transfer your personal data for purposes such as:
- CHED Reportorial Requirements
- Enrollment Processing
- Employment Processing
- Accreditation of Suppliers (Suppliers of Goods and Services)
- Payroll Processing
- Income Tax Return processing
How We Store, Retain, and Dispose of your Information
Your personal data is stored and transmitted securely in a variety of paper and electronic formats, including databases that are shared between the SJIT’s different units or offices. The only people able to access data covered by this policy are those covered under this policy and whose functions necessarily require them to access such data. Rest assured
that our use of your personal data will not be excessive. This policy applies to:
- The departments/units of SJIT
- All students, parents, guardians, alumni, employees, applicants, visitors of SJIT
- All 3rd party service providers and other people working on behalf of SJIT
How we protect your digital data from possible breaches
Some of your digital personal data are stored in the server within the organization and with our 3rd party storage provider. The SJIT and the 3rd party digital service providers perform Vulnerability Assessment to carry out scanning activities to detect and identify vulnerabilities in our online systems. The identified potential exposures are reported and being addressed immediately. The conduct of Penetration Test is also being executed to exploit possible weaknesses in the system infrastructure and determine whether system intruders could gain unauthorized access to our data.
General Staff Guidelines
The only people able to access data are those covered under this policy and whose functions necessarily require them to access such data.
Unless otherwise provided by law or by appropriate SJIT policies, we will retain your relevant personal data indefinitely for historical and statistical purposes. A retention period is provided by law and/or SJIT policy, all affected records will be securely disposed of after such period.
Your Rights with Respect to Your Personal Data
We recognize your rights with respect to your personal data, as provided by theDPA. If you wish to exercise any of your rights, or should you have any concern or question regarding them, this Notice, or any matter involving SJIT and data privacy, you may contact SJIT DPO at: [email protected].
Changes in the Privacy Notice
We may, from time to time, make changes to this Privacy Notice. On such occasions, we will let you know through our website and, when permissible, other means of communication. Any modification is effective immediately upon posting on the website.
Other SJIT Policies
Other policies of SJIT, which are not inconsistent with this Privacy Notice, will continue to apply. Suppose any provision of this Notice is found to be unenforceable or invalid by any court having competent jurisdiction. In that case, the invalidity of such provision will not affect the validity of the other provisions, which shall remain in full force and effect.
SJIT Data Privacy Updated Feb 2022