CIIT College of Arts and Technology (CIIT) is committed to protect the privacy and security of personal data in accordance with Republic Act No. 10173 or the Data Privacy Act of 2012. This Privacy Policy sets out CIIT’s policies on the collection, use, processing, and disclosure of personal data.

 

I. Personal Data

 

CIIT processes personal data of students, applicants, and personnel, which may include information such as name, age, birthdate, place of birth, marital status, gender, nationality, religion, address, contact information, emergency contact information, family background, educational history, grades, academic performance or standing, attendance, health or medical records, disciplinary records, and any other personal information within the scope of the DPA that is under the control or possession of CIIT.

 

CIIT likewise processes personal data of guests, visitors, and other users of the CIIT website, services, and premises, which may include information such as name, address, contact information, educational history, CCTV recordings, credit card details used for online transactions, and any other personal information within the scope of the DPA that is under the control or possession of CIIT.

 

For guidance on the types of personal data and the purposes of collection and use by CIIT, please refer to the non-exhaustive list of personal information and documents set out in the Annex of this Privacy Policy, which may be subject to modification from time to time.

 

 

II. Processing and Location of Data

 

CIIT’s processing includes manual, automatic or electronic collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction, and other operations performed on personal data.  Processing may be done through manual, physical, automatic, virtual or electronic means or methods. We process and store Personal Data only within the Philippines.

 

III. Collection of data

 

CIIT may collect personnel data upon request at appropriate times, including, without limitation, upon:

 

• the accomplishment of forms required for the delivery of CIIT’s services;

• the submission of documentary requirements to CIIT, including cover letters, resumes, transcripts of records, birth certificates and other documents containing personnel data;

• visiting and/or using the CIIT website and/or premises;

• online transactions and payments for CIIT services.

 

IV. Storage of data

 

The personal data and records collected are stored in physical and/or electronic mediums:

 

Personal data and records written in physical documents are stored in lock-and-key containers housed in secure locations and accessed only by authorized personnel. Archival data is stored in secure locations and accessed only by authorized personnel.

 

Personal data and records encoded in electronic systems either encoded or digitized, are stored in official school systems and other third party systems/services utilized by CIIT. School systems are stored and secured in servers hosted within and outside CIIT.

 

Formal agreements between CIIT and all third-party systems/services that store data are established for the proper storage and processing of data.

 

V. Use and sharing of data

 

CIIT will not use, share, or disclose your Personal Data with anyone except as described in this Privacy Policy or when legally required to do so, at the request of governmental authorities conducting an investigation to ensure compliance with applicable laws and policies.

 

Personal data and records collected are shared by CIIT with authorized persons only when appropriate or necessary, including, without limitation, the use of data in connection with:

 

• application for or admission to, enrollment in, or education, training, or internship, and other legitimate purposes of CIIT;

• processing of personal data for background check or verification; and

• internship, on-the-job training, employment, or any other similar engagement.

 

Authorized persons may include, as appropriate, CIIT personnel, service providers and their personnel, partner organizations or companies, government agencies, and regulatory authorities, and parent/s, legal guardian/s, or any person/s giving financial support for students’ education, for purposes of verification and in acknowledgement of the exercise of their authority and responsibilities under the law.

 

VI. Retention and disposal of data

 

CIIT will retain personal data only for as long as necessary for the fulfillment of the purposes for which the data was obtained, for the establishment, exercise or defense of legal claims, for legitimate business purposes, or as provided by applicable laws or regulations. Personal data that is no longer necessary to be retained will be disposed of or de-identified in a secure manner.

 

Certain types of data may be stored in perpetuity by the Office of the Registrar upon enrollment with CIIT, in compliance with the general practices of Registrars and Higher Education Institutions, such as students’ diplomas and transcripts of records.

 

VII. Requests for objections, corrections, erasures, blocking, access or complaint

 

The following concerns may be raised through the submission of a formal letter to the School Registrar for consideration:

 

• objections to the sharing of personal data outside CIIT;

• requests for correction and/or change of personal data;

• requests for erasure, blocking, destruction, or removal of personal data; and

• any other complaints or concerns related to data privacy.

 

VIII. Rights of data subjects

 

Persons providing personal data are solely responsible for the correctness and accuracy of such data or any information provided to CIIT, for which CIIT reserves the right to rely on the same. In case of any changes, updates, or corrections, CIIT should be notified immediately.    

 

The following are rights of data subjects under data privacy laws:

 

1. Right to be informed about data collection and processing

2. Right to object to data processing, except where:

   • the data is needed pursuant to a subpoena or court order;

   • the collection and processing are for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which the data subject is a party, or when necessary or desirable; or

   • the information is being collected and processed as a result of a legal obligation.

3. Right to access upon reasonable demand and with respect to certain information

4. Right to data portability

5. Right to rectify or correct, except when the request for correction is vexatious or otherwise unreasonable

6. Right to file a complaint and provide necessary evidence in support of such

7. Right to suspend, withdraw, or order the blocking, removal, or destruction of personal data, in the event of termination of a relationship with CIIT, provided that there is no other legal ground or overriding legitimate interest for CIIT to retain the personal data

8. Right to transfer administration of one’s personal information to another due to incapacity or death, subject to proof that the latter is an heir or assignee of the data subject

 

CIIT recognizes the existence of limitations or exceptions to the rights of data subjects, as well as conditions and procedures to be complied with to invoke such rights.

 

IX. Contact information

 

If you have any questions or comments about CIIT’s Privacy Policy or relevant data privacy concerns, you may contact us at:

 

CIIT College of Arts and Technology

Interweave Building, 94 Kamuning Rd., Quezon City, Philippines

info@ciit.edu.ph

(02) 411 11 96