mmsu data privacy notice
- what kind of information do we collect?
- how do we use this information?
- how do we manage your information?
- how is this information shared?
- how do we respond to inquiries and complaints?
the mariano marcos state university (mmsu) is committed to the protection of personal information of all stakeholders. this data privacy notice details the collection, processing and disclosure of your personal information pursuant to republic act no. 10173, also known as the “data privacy act of 2012”.
the act protects the privacy of individuals while making sure of free flow of information to promote innovation and growth; regulating the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of personal data; and making sure that government agencies are compliant with international standards set for data protection through the national privacy commission (npc).
by availing university services or by providing your personal information or otherwise by acknowledging receipt of this notice, you have read and consent and/or you are deemed to have read and consent to us using, collecting, and processing your personal information in the manner described in this notice.
mmsu reserves the right to change, amend and/or vary this notice at any time. you are advised to check this notice from the university website from time to time for amendments or updates.
what kind of information do we collect?
the university collects only personal data of data subjects that are necessary in the course of transaction with the university. consent is required prior to the collection and processing of personal data, subject to exemptions stipulated in the dpa and other applicable laws and regulations. the data subject must be provided with specific information regarding the purpose and extent of processing, including, where applicable, the automation processing of his personal data for profiling and data sharing.
how do we use this information?
personal data collected shall be used by the university in a manner compatible with declared, specified and legitimate purpose. personal data shall be processed in manner that ensures appropriate privacy and security safeguards.
how do we manage your information?
the university ensures that personal data under custody are protected against any accidental or unlawful destruction, alteration and disclosure as well as against any other unlawful processing. the university will implement appropriate security measures in storing collected personal information, depending on the nature of the information.
due to the sensitive and confidential nature of the personal data under the custody of the university, only the data subject and the authorized representative of the university shall be allowed to access such personal data, for any purpose, except for those contrary to law, public notice, public order or morals.
retention of personal data shall only for as long as necessary for the fulfillment of the declared, specified, and legitimate purpose, or when the processing relevant to the purpose has been terminated. retention of personal data shall be allowed in cases provided by law.
personal data shall be disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public, or prejudice the interests of the data subjects.
how is this information shared?
all employees and personnel of the university shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, termination of contract, or other contractual relations. personal data under the custody of the university shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.
how do we respond to inquiries and complaints?
data subjects may inquire or request for information regarding any matter relating to the processing of their personal data under the custody of the university, including the data privacy and security policies implemented to ensure the protection of their personal data. they may write to the university at email@example.com and briefly discuss the inquiry, together with their contact details for reference.
complaints shall be filed in three (3) printed copies addressed to details below or sent to firstname.lastname@example.org. the concerned department or unit shall confirm with the complainant its receipt of the complaint.
attention: data protection officer
data protection office
information technology center, main library building
mariano marcos state university
city of batac, ilocos norte 2906