PRIVACY NOTICE FOR EMPLOYEES AND JOB APPLICANTS
In compliance with RA 10173, or the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), and other relevant policies, including issuances of the National Privacy Commission, the Laguna University crafted its Privacy Notice, which can be accessed via its official website.
Laguna University respects and upholds data privacy rights and aims to comply with the requirements of the DPA. This policy ensures that all personal data collected from employees and job applicants are processed, pursuant to the general principles of transparency, legitimate purpose, and proportionality, as stipulated in the Act.
In this Notice, the terms, “data” and “information” are used interchangeably. When we speak of “personal data”, the term includes the concepts of personal information, sensitive personal information, and privileged information. The first two are typically used to distinctively identify you. For their exact definitions, you may refer to the text of the DPA. You should also note that while we give examples here to explain this Notice in simple and clear language, they do not make up an exhaustive list of all the data that we process.
Information We Collect, Acquire, or Generate
The University collects your personal data in many forms. They may consist of written records, photographic and video images, and digital material. Examples include:
- Information provided or generated prior to engagement such as: (1) Personal Data Sheet (PDS); (2) resume and/or curriculum vitae; (3) Transcript of Records; (4) details about your professional license, if any; and (5) additional information obtained from interviews. If you are already engaged by the University, we may use the information already in our possession to process your application for the new or different position.
- Information collected or generated upon issuance of an employment offer or the commencement of your engagement such as: (1) Certificate of Employment; (2) Medical/Fit-to-Work Clearance; (3) NBI Clearance; (4) Philippine Statistics Authority (PSA) Birth Certificate; (5) PSA Marriage Contract, if applicable; (6) GSIS ID; (7) Pag-IBIG Member’s Data Form and/or ID; (8) Pag-IBIG Member’s Change in Information Form (MCIF); (9) PhilHealth MDR or ID; (10) PhilHealth Member Registration Form; and (11) tax-related documents, such as your TIN ID or BIR Form 1902 (with stamp) and 2316.
- Information collected or generated during the course of my employment or engagement with the University such as: (1) annual physical examination results; (2) other data that may be used in the processing of loan applications and insurance claims, in performance evaluation, and in administrative and disciplinary cases; and (3) pictures or videos of activities participated in, via official documentation of such activities, or through recordings from official video platforms.
- Unsolicited Information. There may be instances when personal information is sent to or received by us even without our prior request. In such cases, we will determine if we can legitimately keep such information. If it is not related to any of our legitimate interests, we will immediately dispose of the information in a way that will safeguard your privacy. Otherwise, it will be treated in the same manner as information you provide us.
How We Use Your Information
To the extent permitted or required by law, we use your personal data to pursue our legitimate interests as an educational institution, including a variety of academic, administrative, research, historical, and statistical purposes. For example, we may use the information we collect for purposes such as:
- identifying applicants and processing their respective applications;
- assessing the suitability of candidates for a particular role or position;
- verifying the provided or submitted information;
- checking background information;
- evaluating academic qualifications;
- supporting personnel when implementing health-related adjustments that will allow him/her to carry out a particular role or task;
- administering remuneration, payroll, pension, and other standard employment functions;
- administering human resource-related processes, including those relating to performance management, and disciplinary issues;
- delivering or providing facilities, services, security, and staff benefits to employees;
- facilitating claims and remittances for mandatory benefits;
- communicating effectively with personnel, including the distribution of relevant newsletters and circulars;
- supporting personnel training, health, safety, welfare and religious requirements;
- compiling statistics and conducting surveys and research for internal and statutory reporting purposes;
- enabling the Human Resource Management Office to contact others in the event of an emergency; and
- other similar or related tasks.
We consider the processing of your personal data for these purposes to be necessary for the performance of our contractual obligations to you, for our compliance with a legal obligation, to protect your vitally important interests, including your life and health, for the performance of tasks we carry out in the public interest (e.g., public order, public safety, etc.), or for the pursuit of the legitimate interests of the University or a third party. We understand that the DPA imposes stricter rules for the processing of sensitive personal information and privileged information, and we are fully committed to abiding by those rules.
If we require your consent for any specific use of your personal data, we will collect it at the appropriate time.
Please note further that we will not subject your personal data to any automated decision-making process without your prior consent.
How We Share, Disclose, or Transfer Your Information
Utmost care and due diligence are practiced by the University in handling personal data. The University shall never share or disclose data to third-parties without prior consent from the data subjects. Whenever disclosure of data is necessary and permitted, the University conscientiously reviews the privacy and security policies of the authorized third-party service providers or external partners. The University may also be required to disclose data in compliance with legal or regulatory obligations.
To the extent permitted or required by law, we may also share, disclose, or transfer your personal data to other persons or organizations in order to uphold your interests and/or pursue our legitimate interests as an educational institution. For example, we may share, disclose, or transfer your personal data for purposes such as:
- submission of information to government agencies such as the Philippine Government of Laguna, Commission on Higher Education and Department of Education, for accreditation and reportorial requirements; the Government Service Insurance System, Philippine Health Insurance Corporation, Pag-IBIG, and Bureau of Internal Revenue, for the provision of employment benefits mandated by law;
- sharing information with entities or organizations (e.g., ALCUCOA and ISO 9001:2015 Certifying Body) for accreditation and certification purposes;
- disclosure of your information related to Termination of Employment, Flexible Fixed/Variable Work Arrangements, Employees Compensation Report to the Civil Service Commission, as part of the University’s reportorial obligations; and
- other purposes, when necessary and under circumstances permitted or required by law.
How We Store and Retain Your Information
Your personal data is stored and transmitted securely in a variety of paper and electronic formats, including databases that are shared between the University and its different units or offices. Access to your personal data is limited to University personnel who have a legitimate interest in them for the purpose of carrying out their contractual duties. Rest assured that our use of your personal data will not be excessive, and shall be limited to that which is necessary to achieve the purpose of their collection, and/or only when permitted by law.
We use reasonable efforts to secure electronically collected Personal Information, such as the use of firewall system and a Secured Socket Layer (SSL). SSL is a cryptographic protocol that provides security and data integrity for communications over networks such as the internet.
In retaining your personal information, we generally subscribe to the following schedule:
- Employees. One year (1) from the day of your separation from the University or the termination of your employment, after which your employment records (e.g., 201 file) in HRMO are classified as Dead Files, subject to applicable University policies.
- Job applicants. Seven (7) months to one (1) year for pooling purposes, after which they are disposed of in a secure and safe manner, if not used within said period.
Unless otherwise provided by law or by appropriate University policies, we will retain your relevant personal data indefinitely for historical and statistical purposes. Where a retention period is provided by law and/or a University policy, all affected records will be securely disposed of after such period.
Your Rights with Respect to Your Personal Data
We recognize the employees and job applicants' rights with respect to personal data as provided by the Data Privacy Act of 2012. Should you or anyone of its data subjects decide to exercise any of these rights, we will consider such action and address the same in accordance with the law.
Should there be concerns or questions with respect to data subject rights, this Notice, or any matter involving the institution’s data privacy, you may contact the Data Privacy Officer of Laguna University at the following:
Laguna Sports Complex, Brgy. Bubukal, Santa Cruz, Laguna
Landline: (049) 501-4360 / (049) 576-4359
Changing This Privacy Notice
Laguna University may need to modify, amend, or make changes to this privacy notice from time to time to reflect the University’s current privacy practices. On such occasions, the institution will notify all data subjects of material modification to this Privacy Notice through the school’s official website, iLearnU, and when permissible, other means of communication. If the institution shall make any changes to this policy, the date below shall be changed and reflect when the said policy is updated.
Other University Policies
Other policies of the University, which are not inconsistent with this one, will continue to apply. If any provision of this Privacy Notice is found to be unenforceable or invalid by any court having competent jurisdiction, the invalidity of such provision will not affect the validity of the other provisions, which shall remain in full force and effect.