Give to UP

INTRODUCTION

The University of the Philippines is committed to comply with the Data Privacy Act of 2012 (DPA) in order to protect the right to data privacy of all those who provide UP their personal data through the Give to UP online donation form.

This notice explains in general terms the purposes and legal bases for the processing of personal and sensitive personal information (personal data) that UP collects from you, and the measures in place to protect your right to data privacy and your rights under the DPA.

The term UP/University/we/us refers to the University of the Philippines System and Constituent University (CU) offices.

The term you/your refers to persons who pledge or make donations through the Give to UP online donation form at https://giveto.up.edu.ph/gate/donation.

 

PERSONAL DATA COLLECTED AND THE PURPOSE/S AND LEGAL BASIS FOR PROCESSING SUCH INFORMATION

When you make a pledge or donation to the University of the Philippines, we require you to provide the following information: a) first name, b) last name, c) email address, d) the amount of your pledge or gift to UP, and e) the UP campaign or fund for which you are making a donation.

If the donation is via deposit or bank transfer, we require you to email us a copy of the relevant bank deposit/transfer slip. For your protection, kindly redact all personal information found in the slips except for your name, amount, and date of transaction. For queries regarding the same, please contact the UP Padayon Public Service Office through email at [email protected] or landline at (02) 89818500 local 4256.

We use the above information in order to: process your pledge or donation; communicate with you regarding your pledge or donation; provide you with information about the tax deduction under Section 25 (b) of Republic Act No, 9500 dated 29 April 2008, Bureau of Internal Revenue (BIR) Ruling No. DA(DT-045)499-2009 dated 9-08-2009 (when applicable ) and comply with applicable laws, rules and regulations including the UP Charter, NIRC, COA and BIR issuances.

The University will provide you with an Official Receipt (OR) after collection of your donation as confirmed or reported by the proper UP office/(s). You must contact the UP Office of the Vice President for Public Affairs via email at [email protected] or call (02) 89818500 local 4256 for the issuance of your Certificate of Donation (COD).

The University of the Philippines is authorized to process personal information under Sec. 12 of the DPA, when (b) the processing of personal information is necessary and is related to the fulfillment of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract (Note that a donation is a contract); (c) for compliance with a legal obligation to which the personal information controller (UP) is subject; (e) … to fulfill functions of public authority which necessarily includes the processing of personal data for the fulfillment of its mandate; or (f) the processing is necessary for the purposes of the legitimate interests pursued by the personal information controller (UP is allowed to receive donations pursuant to its Charter) or third parties to whom the information is disclosed.

You may opt to indicate whether you are a UP student or alumnus/alumna. If you are a UP student, please indicate the year you entered UP, your degree program and campus(es) attended. If you are an alumnus/alumna, please indicate the year of graduation, your degree and campus(es) attended, including membership in alumni associations, if applicable. We process such information along with your name and contact information for the purpose of updating your information in the UP Office of Alumni Relations (OAR) database (if you are an alumnus/alumna) and/or sending you communications, in order to comply with UP’s mandate under Sec 3 (h) RA 9500 which requires UP to:

“Provide democratic governance in the University based on collegiality, representation, accountability, transparency and active participation of its constituents, and promote the holding of fora for students, faculty, research, extension and professional staff (REPS), staff, and alumni to discuss non-academic issues affecting the University”.

Note that under 4e, the DPA does not apply to “(i)nformation necessary in order to carry out the functions of public authority”. Also, sensitive personal information may be processed under Sec. 13 of the DPA “…when provided to government or public authority.”

The University of the Philippines may also process your personal data in order:

1. To compile statistics and conduct research, subject to the provisions of the DPA, and applicable research ethics guidelines, in order to carry out its mandate as the National University;
2. To comply with other applicable statutory and regulatory requirements, including directives, issuances by, or obligations of UP to any competent authority, regulator, enforcement agency, court, or quasi-judicial body;
3. To establish, exercise, or defend legal claims;
4. To fulfill other purposes directly related to the above-stated purposes; and
5. For such other purposes as allowed by the DPA and other applicable laws.

 

INSTANCES WHEN YOUR RELEVANT PERSONAL DATA IS PROCESSED BY OR MAY BE DISCLOSED TO THIRD PARTIES AND THE PURPOSE/S AND LEGAL BASIS FOR SUCH DISCLOSURES

If the donation is made via VISA credit, we also require you to email us a copy of the credit card transaction slip. For your protection, kindly redact all personal information found in the slip except for your name, amount, and date of transaction. For queries regarding the same, please contact the UP Padayon Public Service Office through email at [email protected] or landline at (02) 89818500 local 4256.

Your credit card information is processed not by UP, but by a third party government depositary bank, the Development Bank of the Philippines (DBP), for the benefit of UP through its payment gateway. Such is done pursuant to Section 12 (b) of the DPA which provides that “the processing of the personal information is necessary and is related to the fulfillment of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract”, read in the context of the UP Charter which allows UP to receive donations.

The University of the Philippines, as its way of showing its gratitude to its benefactors, occasionally publishes the list of its donors. You may opt to tick the box that states you wish to make an anonymous donation; in which case, your name will not be included in the donor’s list that UP may publish in its website and social media networks. Nonetheless, as stated above, UP will require the processing of your personal information in order to comply with applicable laws and issuances such as the UP Charter, read in relation to the NIRC, the DPA, and applicable issuances of the COA and BIR.

Disclosures may also be made by UP in order to comply with lawful orders of public authorities, to establish, exercise, or defend legal claims; and to make disclosures that are otherwise permitted by applicable laws, rules and regulations. Rest assured that the information you provide us through UP’s online donation form (excluding the credit card information that you may provide to the DBP as stated above) is securely stored by UP’s third party cloud service provider.

 

RETENTION OF YOUR PERSONAL DATA

UP shall retain and provide measures for the secure storage of your personal data for as long as the above purposes for processing such data subsist, in order to establish or defend legal claims, or as otherwise allowed or required by the DPA and other applicable laws and issuances.

 

HOW UP PROTECTS YOUR PERSONAL DATA

UP has put in place reasonable and appropriate security measures to protect your right to privacy and is committed to reviewing and improving the same. Rest assured that only duly authorized personnel are allowed to process your personal data.

UP takes reasonable and appropriate steps to require its third party service providers who process your personal data to uphold your right to data privacy.

 

ACCESS TO AND CORRECTION OF YOUR PERSONAL DATA AND YOUR RIGHTS UNDER THE DPA

You have the right to access and correct personal data being processed by UP about you. You may access and/or correct your personal data submitted through the online form through the UP Office of the Vice President for Public Affairs – UP Padayon Public Service Office via email at [email protected] or landline at (02) 89818500 local 4256.

In order for UP to ensure that your personal data are disclosed only to you, these offices will require the presentation of your UP ID or other valid government issued ID (GIID) or other IDs or documents that will enable UP to verify your identity. In case you process or request documents through a representative, in order to protect your privacy, UP requires you to provide a letter of authorization specifying the purpose for the request of documents or the processing of information, and your UP ID or other valid GIID, along with the valid GIID of your representative.

Aside from the right to access and correct your personal data, you have the following rights, subject to the conditions and limitations provided under the DPA and other applicable laws and regulations:

1. The right to be informed about the processing of your personal data through this and other applicable privacy notices.
2. The rights to object to the processing of your personal data, to suspend, withdraw or order the blocking, removal or destruction thereof from our filing system. Please note however that, as mentioned above, there are various instances when the processing of personal data you have provided is necessary for us to comply with UP's mandate, statutory and regulatory requirements, or is for a lawful basis other than consent.
3. The right to receive, pursuant to a valid decision, damages due to the inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data, taking into account any violation of your rights and freedoms as a data subject.
4. The right to lodge a complaint before the National Privacy Commission (NPC), provided that you first exhaust administrative remedies by filing a request with the proper office regarding the processing of your information, or the handling of your requests for access, correction, blocking of the processing of your personal data and the like.

 

REVISIONS TO THIS PRIVACY NOTICE AND QUERIES REGARDING DATA PRIVACY

We encourage you to visit the site where this notice is posted from time to time to see revisions to this privacy notice. We will alert you regarding changes to this notice through this site.

For queries, comments, or suggestions regarding this privacy notice or data privacy concerns, please contact the University of the Philippines System Data Protection Officer through the following channels:

1. Via post

Office of the UP President,
2F North Wing Quezon Hall (Admin Building),
University Avenue, UP Diliman,
Quezon City 1101, Philippines

2. Through the following landlines

Phone | (632) 89280110; (632) 89818500 loc. 2521

3. Through email

[email protected]