Dominican School of Cebu

Student Portal Data Privacy Policy

Effective Date: 24 June 2024
Last Updated: 12 May 2025

Dominican School of Cebu (“the School”) recognizes the importance of protecting personal data and adheres strictly to the principles outlined under Republic Act No. 10173, also known as the Data Privacy Act of 2012, and other relevant laws and regulations.
This Data Privacy Policy governs the collection, use, processing, storage, and sharing of personal information through the Student Portal and other connected systems operated by the School. By accessing or using the portal, students and authorized users consent to the practices described herein.
________________________________________
1. Purpose
This policy ensures transparency and accountability in how the School processes personal data. It seeks to protect the rights and freedoms of data subjects while enabling efficient delivery of educational and support services.
________________________________________
2. Scope
This policy applies to all students, parents, faculty, and authorized users accessing the Student Portal or providing personal information to the School in relation to academic, administrative, financial, and communication functions.
________________________________________
3. Types of Data Collected
3.1 Personal Identification and Contact Information
• Full name, date of birth, gender, birthplace, civil status, religion, nationality
• Address, contact numbers, email address, Facebook (if voluntarily submitted)
• Emergency contact and parent/guardian details
3.2 Academic Records
• Student ID Number, Learner Reference Number (LRN)
• Previous schools attended, current grade level
• Class schedules, subject enrollment, grades, honors, attendance records
3.3 Financial and Billing Information
• Tuition and miscellaneous fees
• Payment history and billing records
• Payment methods (cash, online, or electronic systems)
• RFID-linked e-wallet data
3.4 Canteen Transactions and Electronic Funds
• Items purchased via RFID or other means
• Electronic wallet balance and transaction history
• Canteen purchase logs and top-up records
3.5 Library and Resource Use
• Borrowed materials, due dates, overdue fines
• Book search history and reservation data
3.6 Medical and Health Information
• Declared medical history, allergies, and other health-related information
• Emergency medical contacts
3.7 System and Technical Information
• IP address, browser type, operating system, device type
• Log-in and usage activity within the portal
• Cookies and other relevant tracking technologies
3.8 Messaging and Communications
• Group messages and announcements
• Private messages (PMs) sent within the platform
• Message timestamps and recipients
________________________________________
4. Legal Basis for Processing
The School processes personal data on the basis of:
• Consent explicitly provided by the data subject or their legal representative
• Performance of a contract, such as enrollment or tuition agreements
• Compliance with legal obligations, such as government-mandated reports
• Protection of vital interests in emergencies
• Legitimate interest of the School, provided such interest is not overridden by the rights and freedoms of the data subject
________________________________________
5. Purposes for Data Processing
Personal information is collected and processed for the following purposes:
• Student authentication and secure access to academic platforms
• Academic monitoring, including grading, attendance, and class management
• Billing and financial services, including tuition payments and e-wallet tracking
• Canteen system integration for RFID-based transactions
• Library services and resource management
• Health and safety monitoring using declared medical data
• Portal communication for updates, announcements, and messaging
• Behavior monitoring, including message audits if necessary
• Legal compliance with reporting obligations and regulatory requirements
• Institutional planning, statistics, and service improvements
________________________________________
6. Messaging and Private Message Access
The privacy of communications within the portal is respected. However, the School reserves the right to access and review message content under the following conditions:
"Private messages (PMs) and communications are, by default, accessible only to the involved parties. However, the School Administrator or duly authorized personnel may access such communications if warranted to investigate complaints, address violations of school policy, respond to disciplinary or legal concerns, or ensure student safety. All such access shall be limited, proportionate, and conducted in strict confidentiality.”
Messages may also be disclosed to competent authorities when required by law or lawful court order.
________________________________________
7. Data Sharing and Disclosure
The School may share personal data under the following lawful circumstances:
• With school officials and faculty for legitimate academic or administrative purposes
• With authorized service providers (e.g., payment processors, IT vendors) bound by confidentiality agreements
• With government agencies when required by law
• With parents/guardians, as part of academic and safety-related responsibilities
• In emergency cases, where the safety of a student or individual is at risk
• With law enforcement or courts, in compliance with official investigations or legal proceedings
The School does not sell, rent, or disclose personal data for commercial purposes.
________________________________________
8. Data Protection Measures
The School implements appropriate organizational, technical, and physical safeguards to ensure data integrity, including:
• Data encryption during transmission and storage
• Access controls based on user roles and permissions
• Secure authentication and password protocols
• Firewall and anti-malware protections
• Regular audits and system reviews
• Incident response protocols for data breaches or unauthorized access
________________________________________
9. Retention and Disposal
Personal data is retained only for as long as necessary for the purposes stated or as required by applicable laws and regulations. After such period, data shall be securely deleted, anonymized, or otherwise disposed of in accordance with the School’s Data Retention Policy.
________________________________________
10. Rights of Data Subjects
Under the Data Privacy Act, you are entitled to the following rights:
• Right to be informed of the collection and processing of your data
• Right to access your personal information
• Right to object to the processing under certain circumstances
• Right to correct inaccuracies or outdated information
• Right to erasure or blocking of data no longer necessary
• Right to data portability to request transfer of your data
• Right to file a complaint with the National Privacy Commission (NPC)
Requests must be submitted in writing and may be subject to identity verification.
________________________________________
11. Changes to the Policy
This policy may be revised at any time. Any updates shall be communicated via the portal and will indicate the effective date of the revised version. Continued use of the portal implies acceptance of the changes.
________________________________________
12. Contact Information
For inquiries, feedback, or concerns regarding data privacy or the exercise of your rights, you may contact:
Data Protection Officer
Dominican School of Cebu
Pitogo, Consolacion, Cebu
📧 [email protected]
📞 (032) 423 5661