BACKGROUND

The Republic Act No. 10173 also known as the Data Privacy Act of 2012 which requires the government and the private sector to follow and comply to fulfil their objective to protect personal data in information and communications systems.

With this, it ensures that the entities of the City Government of Cagayan de Oro are implementing measures and procedures that guarantee the safety and security of personal data under their control or custody and thereby upholding an individual’s data privacy rights; this also applies the principles of Transparency, Legitimate Purpose, and Proportionality in processing of the personal data submitted and stored in the information and communication system.

This Notice serves as a guide or handbook for ensuring the compliance and the City Government with the Data Privacy Act and its Implementing Rules and Regulations (IRR). This also encapsulates the privacy and data protection protocols that are being observed and are being carried out within this entity for specific circumstances (e.g., from collection to destruction), directed toward the fulfilment and realization of the rights of data subjects.

 

INTRODUCTION

We, the City Government of Cagayan de Oro respects and values your data privacy rights. It is our duty to give you assurance and confidence to notify you on the submitted with data, most specifically your given personal information on how it is being collected, processed, and kept. This is also to inform you on your rights in accordance of the laws and regulations stated and specified in the Republic Act No. 10173 which is also known as the “Data Privacy Act of 2012 (DPA)”.

DEFINITION OF TERMS

• Data Privacy Act – refers to the Republic Act No. 10173 or the Data Privacy Act of 2012 and its implementing rules and regulations;

• Processing – refers to any operation or set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data. Processing may be performed through automated means, or manual processing, if the personal data are contained or are intended to be contained in a filing system;
• Personal data – collectively refers to personal information, sensitive personal information, and privileged information;
• Personal Information – refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual;
• Sensitive Personal Information – refers to personal data:
• About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
• About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings;
• Privileged information – refers to any and all forms of personal data, which, under the Rules of Court and other pertinent laws constitute privileged communication;
• Data Subject / Clients – refers to an individual whose personal, sensitive personal, or privileged information is processed; who gives consent to the processors to process the stated data specifically the applicants of Marriage License;
• Online Pre-Application for Marriage License System – an online application and a system processing the personal information of applicants for the Marriage License Pre-Application;
• Processor – City Civil Registry Staff, personnel, processing office of City Government of Cagayan de Oro who processes the personal data using the Online Pre-Application for Marriage License System with utmost confidentiality, integrity and authenticity;
• Developer – City Management Information Systems and Innovation Department (CMISID) 
• National Privacy Commission (NPC) – refers as the forefront of not only implementing but complying with the Data Privacy Act of 2012; 
• Data Protection Officer – Any natural or juridical person or other body involved in the processing of personal data or otherwise be accountable for ensuring compliance with applicable laws and regulations for the protection of data privacy and security (City Government Data Privacy Officer: Atty. Reymond Q. Villablanca)

 

SCOPE AND LIMITATIONS

All personnel of the City Government of Cagayan de Oro, especially the processor, regardless of the type of employment or contractual arrangement, must comply with the terms set out in this Data Privacy Notice. This Data Privacy Notice is publicly posted for the information and transparency of the data being processed through this Online Pre-Application for Marriage License System.

This Data Privacy Notice is written to notify data subjects of the Online Pre-Application for Marriage License System regarding the processing of their personal information and sensitive personal information: from the collection of data through this Online Pre-Application for Marriage License System, to tracking the applicants, and after releases of marriage license; this notice also includes how the processors will keep, secure, and protect the collected data.

PROCESSING OF PERSONAL DATA: WHAT WE PROCESS, HOW WE PROCESS, WHO WILL PROCESS, WHY WE PROCESS

1. Collection (What Information Do We Collect):

The processors collect the information required in the [Online Pre-Application for Marriage License System.]. The following information that are being collected from the data subjects through the Online Pre-Application for Marriage License are the following:  

• Groom's Information
  • Full Name
  • Date of Birth
  • Age
  • Contact number
  • Place of Birth
  • Sex
  • Citizenship
  • Residence
  • Religion
  • Civil Status
  • Previously Married
  • Degree of Relationship to Bride
  • Father Information
  • Mother Information
  • Tax Cert. (CEDULA)
• Bride's Information
  • Full Name
  • Date of Birth
  • Age
  • Contact number
  • Place of Birth
  • Sex
  • Citizenship
  • Residence
  • Religion
  • Civil Status
  • Previously Married
  • Degree of Relationship to Bride
  • Father Information
  • Mother Information
  • Tax Cert. (CEDULA)

The Online Pre-Application for Marriage License System stores the personal data in the database respectively and is being protected through a security protocol where the database system is located for data security and protection.  

2. Use (How We Process Your Information):

Personal data collected shall be used accordingly for marriage license. By filling up the application form through the Online Pre-Application for Marriage License system, the data subject consents the processor and developer to obtain, collect, process, keep the personal data and sensitive personal information of the data subject.  

3. Disclosure and Sharing

All processors shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, termination of contract, or other contractual relations. Personal data under the custody of the City Government shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.  

4. Access

Due to the sensitive and confidential nature of the personal data under the custody of the City Government, only the data subject and the authorized processor shall be allowed to access such personal data, for any purpose, except for those contrary to law, public policy, public order or morals. The authorized processors of this information system are as follows:  

• Processing Office: City Civil Registry Office
• City Management Information Systems and Innovation Department (CMISID): The developer of the Online Pre-Application for Marriage License information system. Data accessibility of this unit is only limited to the structure of the database for the development purposes only. This shared accessibility is being protected by a data sharing agreement between the processing office and the developer.
• Only statistical reports will be shown without any disclosure of personal information or sensitive personal information of the data subjects for transparency of the processor’s service.
1. Storage, Retention and Destruction

The processor as well as the Online Pre-Application for Marriage License system will ensure that personal data under its custody are protected against any other unlawful processing (misused, modified, interfered, lost or disclosed to unauthorized processors without the Data Sharing Agreement).

The implementation and the management of the information system shall have security practices and processes such as but not limited to the following:  

• Document storage security policies;
• Security measures to control access to our systems and premises;
• Limitations on access to personal data;
• Strict selection of third-party data processors and partners; and
• Electronic security systems, such as firewalls, data encryption and transmission of data through a secured file transfer protocol.

The personal data shall be kept and maintained up to a certain period or as long as necessary for the purpose for which they were collected or as required by laws and regulations.  

BREACH AND SECURITY INCIDENTS: RISK INVOLVED IN PROCESSING  

The developer [City Management Information Systems and Innovation Department shall always maintain a backup file for all personal data under its custody. In the event of a security incident or data breach, it shall always compare the backup with the affected file to determine the presence of any inconsistencies or alterations resulting from the incident or breach.

In case of any breach incident, the CMISID developer will report to the Data Protection Officer together with the responsible Compliance Officer for Privacy of City Civil Registry office. The CMISID detailed documentation of the incident or breach encountered as will be forwarded to the management and to the NPC depending on the City Government Data Privacy Officer’s advice.  

SECURITY MEASURED: HOW WE PROTECT YOUR DATA

The privacy of data of the City Government is legally monitored and managed by the registered Data Privacy Officer. The Compliance Officer for Privacy in the City Civil Registry office coordinates with the City Data Privacy Officer is given the role to oversee the compliance of the office or the PIC on the Data Privacy Act, its Implementing Rules and Regulations, and other related policies. PIPs of this request system were trained, oriented, and signed the Non-Disclosure Agreement. All the personal data that is stored in the database of this request system followed the security protocol.

YOU MAY CONTACT US FOR INQUIRIES AND COMPLAINTS

You as our Data Subjects have the following rights (RIGHTS OF DATA SUBJECTS):

Personal information will be made available to the clients and authorized processors anytime in case there are requests for correction, modification or deletion. It is the right of the individual owning the personal data to inquire or obtain a copy of the personal information provided to us.

1. The right to be informed, thus this Data Privacy Notice on how your personal information collected be processed through this Online Pre-Application for Marriage License.
2. The right to access, thus you have the access of your personal details and account.
3. The right to object, thus you can the right not to submit the data so as not the data to be processed.
4. The right to damages, thus you can request for assessment of your data that might be mishandled to our Data Privacy Officer.
5. The right to file a complaint, thus you can file a complaint to our Data Privacy Officer to any misused, maliciously disclosed, or improperly disposition of your data.
6. The right to rectify, thus you have the right to correct and update your submitted through Online Pre-Application for Marriage License.

 

For further inquiries or complaints, you may report or coordinate with our City Government’s Data Privacy Officer:

        Atty. Reymond Q. Villablanca

        Asst. City Legal Officer

        City Legal Office

        Ground Floor, Executive Building, City Hall, Cagayan de Oro City

        Email: dpo.cdo@gmail.com

        Contact Number: (088) 857-2260 / +63-960-902-1208

        Compliance Officer for Privacy:

EFFECTIVITY OF THIS DATA PRIVACY MANUAL:

The provisions of this Manual are effective this 29 day of June, 2021, until revoked or amended by this entity, the City Government of Cagayan de Oro. 

DPN Version 1.0 as of June 29, 2021

DOWNLOAD DATA PRIVACY