Within the framework of the Data Privacy Act of 2012 (R.A. 10173), the University of the East declares its commitment to the protection of the privacy of its stakeholders, such as students, faculty, non-teaching staff, and service providers, from whom it collects personal information in the pursuit of its legitimate interests and responsibilities as an academic institution.
Thus, the University has instituted policies and measures that will safeguard security and confidentiality of the personal information that it collects, retains and stores, and may possibly share under certain circumstances. These policies and measures subscribe to the provisions of R.A. 10173 and its implementing Rules and Regulations.
The Data Protection Officer
Office of the Chancellor
University of the East, Manila Campus
2219 C.M. Recto Avenue, Manila 1008
Telephone No: Trunkline 8735-5471 to 82, Local 433; Direct Line 8735-8559
Email Address: dpo@ue.edu.ph
Statement of Commitment
The University of the East affirms its commitment to the protection of the privacy of its stakeholders, such as students, faculty, non-teaching staff, and service providers, from whom it collects personal information in the pursuit of its legitimate interests and responsibilities as an academic institution, in a manner consistent with the Data Privacy Act of 2012 and its Implementing Rules and Regulations (DPA IRR).
Scope
The Privacy Policy applies to all areas of operation of the University, and all University activities dealing with the collection of personal information from University stakeholders, and extends across the life cycle of information, from collection, creation, storage, use, distribution, and disposal. Failure to comply with this Privacy Policy as well as the detailed procedures compiled in the UE Data Privacy Manual may constitute misconduct and may result in appropriate disciplinary action.
Principles
A. Collection and Use of Personal Information
B. Sharing of Personal Information
The University will share information to other parties in the pursuit of its legitimate interests and responsibilities as an educational institution, in accordance with regulations prescribed by law. Examples of such situations are:
C. Retention of Personal Information
D. Access to, Correction, Blocking, or Deletion of Personal Information
Upon request by a data subject, the University will allow access to his/her own personal information, and/or have the personal information corrected, blocked or deleted unless there is a legitimate reason for refusal, as identified in the limitations to the rights of data subjects, Sec. 37 of the DPA IRR.
E. Handling of Complaints and Data Security Breaches
All University stakeholders who become aware of a suspected or actual breach in data security must immediately bring it to the attention of the Data Protection Officer, in writing or by email, for proper recording and reporting to the National Privacy Commission in accordance with Rule IX, Sections 38 to 42, of the DPA IRR. The University, through a Data Breach Response Team, will address such suspected or actual breach in accordance with its Data Privacy Manual.
Note: All requests or complaints must be submitted in writing using the downloadable form entitled Request_Report Form.pdf