Privacy Policy
Bataan.gov.ph (“we,” “us,” “our”) and the Provincial Government of Bataan are committed to fully protecting your personal data privacy in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA).
We will detail the manner in which we process your personal data and provide a separate privacy notice in an appropriate format and manner whenever we collect personal data through other channels (e.g., publicly facing data processing systems, notices posted at reception areas during events where participants’ personal data is collected through attendance sheets or registration forms, and when personal data is collected according to our mandate). This includes our official website, bataan.gov.ph.
In all instances, we assure you that processing your personal data will strictly follow the provisions of the DPA, especially the general data privacy principles of Transparency, Legitimate Purpose, and Proportionality.
1. Collection of Information
Information You Provide:
- Contact Form: When you use our contact form, we collect your email address and message content.
Information Collected Automatically:
- Google Site Analytics: We use Google Site Analytics to collect information about your interactions with our Site. This information includes details such as your IP address, browser type, referring/exit pages, and operating system. This data is collected for statistical purposes and helps us improve our Site and services.
2. Use of Information
We use the information we collect for the following purposes:
- To respond to your inquiries and messages.
- To analyze and improve our Site’s performance and user experience.
3. Basis, Use, and Purpose for Processing of Personal Data
While your consent may be solicited to process your personal data, we may also process personal data without your consent, such as when processing is according to our mandate or when processing is allowed under Section 12 or Section 13 of the DPA.
In these instances, your personal data is utilized for the following purposes:
- For documentation and processing of inquiries and requests within the Bataan Provincial Government, enabling us to properly address them and forward them to the appropriate internal units for action and response.
- To solicit feedback for the services we provide.
- To provide you with appropriate updates and advisories in an appropriate format and orderly and timely manner.
- To comply with a legal obligation to which we are subject.
- To comply with the requirements of public order and safety or to fulfill the functions of public authority, including processing personal data to fulfill our mandate.
- To be able to provide the appropriate action that a data subject may require concerning their data privacy rights.
Moreover, we may collect other personal data that are relevant and necessary to perform our mandate of providing compliance support and data subject assistance.
4. Disclosure of Information
We do not share, sell, or disclose your personal information to third parties, except as necessary for the following purposes:
- Service Providers: We may share your information with third-party service providers who perform services for us or on our behalf, such as data analysis and email delivery.
- Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
5. Data Security
We use administrative, technical, and physical security measures to protect your personal information. While we have taken steps to secure the personal information you provide to us, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.
6. Data Protection and Security Measures
We safeguard the confidentiality, integrity, and availability of your personal information by maintaining a combination of organizational, physical, and technical security measures based on generally accepted data privacy and information security standards. Among the measures we implement are the following:
- Policies on access control in both digital and physical infrastructures to prevent unauthorized access to personal information.
- Acceptable use policies.
- End-to-end encryption and data classification whenever suitable.
- Security measures against natural disasters, power disturbances, external access, and similar threats.
- Technical measures to protect our computers and databases against accidental, unlawful, or unauthorized usage, interference, or access.
7. Storage and Retention
We store files containing personal information in our computers and servers, which are kept in a secure environment. We may also store your personal information with cloud-based third-party data storage providers. We shall ensure that proper measures are adopted to protect your information.
Personal data shall be stored in a database for two (2) years after inquiries and requests are acted upon. After which, records shall be disposed of securely.
Other categories of data may be kept longer than two (2) years when their retention period is determined by other relevant laws and regulations.
8. Disposal
Physical records shall be disposed of through shredding, while digital files shall be anonymized. In all instances, our manner of disposal shall ensure that the personal information shall no longer be retrieved, processed, or accessed by unauthorized persons.
9. Risks Involved
Risk refers to the potential of an incident to result in harm or danger to a data subject or organization. Risks may lead to the unauthorized collection, use, disclosure, or access to personal data. It includes risks involving the confidentiality, integrity, and availability of personal data or the risk that processing will violate the general data privacy principles and the rights of data subjects.
We ensure that adequate physical, technical, and organizational security measures are in place to protect the confidentiality, integrity, and availability of personal information. However, this does not guarantee absolute protection against certain risks involving the processing of personal data, such as when systems are exposed to targeted cyberattacks, malware, ransomware, and computer viruses or when manual records are accessed without authority.
Adequate policies are in place to ensure appropriate security incident management in line with existing policies, circulars, and other issuances.
10. Your Data Privacy Rights
Under the DPA, you have the right to be informed regarding the processing of the personal information we hold about you.
Further, you may be entitled to request:
- Access to personal data we process about you. It is your right to obtain confirmation on whether or not data relating to you are being processed.
- Rectification of your personal data. This is your right to have your personal data corrected if it is inaccurate or incomplete.
- Erasure or blocking of your personal data whenever warranted.
- The right to object if the personal data processing involved is based on consent or on legitimate interest.
- The right to data portability through which you may obtain and electronically move, copy, or transfer your data securely for further use.
You may claim compensation if you believe you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data or for violating your rights and freedoms as a data subject.
If you believe that your personal information has been misused, maliciously disclosed, or improperly disposed of, or that your data privacy rights have been violated, you have the right to file a complaint with the NPC.
11. Contact Information
If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Data Privacy Officer:
Email: dpo@bataan.gov.ph
Contact Number: 09171390303
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.
13. Feedback on our Privacy Notice
If you have suggestions or comments regarding our privacy statement and notice or for any issues concerning our data privacy practices, please reach us through our Data Protection Officer at the provided contact details.
By using the Site, you acknowledge that you have read and understood this Privacy Policy and agree to be bound by its terms and conditions.
Date last updated: July 19, 2024