Occidental Mindoro State University (OMSU) is required by law to process your personal information and sensitive personal information in order to safeguard academic freedom, uphold your right to quality education, and protect your right to data privacy. This Webpage and Portal Data Privacy Notice outlines how we collect, process, maintain, secure, and dispose of your personal data when you navigate our official website, submit online applications, or access our integrated Student, Faculty, and Administrative Portals.

Our data processing systems strictly comply with Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), and all relevant circulars issued by the National Privacy Commission (NPC). The said law can be viewed via  Republic Act No. 10173 | Official Gazette of the Republic of the Philippines. 

Personal Information We Collect and Stored

OMSU collects, uses, processes, and stores personal information and sensitive personal information necessary for the performance of its educational, administrative, research, and public service functions. The information collected may include, but is not limited to, the following:

· Name, age, date of birth, sex, civil status, nationality, and religion;

· Home address, email address, and contact details;

· Family profile, including the names of parents, guardians, or emergency contacts, and

  their corresponding addresses and contact details;

· Educational records, academic history, grades, class schedules, curriculum records, where applicable;

· Choice of campus, academic program, course, or field of study;

· Photograph, image, signature, and other identifying information;

· Medical history, health records, and other information necessary for the provision of student welfare services;

· Scholarship, financial assistance, and student financial records;

· Socio-economic and geographic information relevant to educational assistance, planning, and reporting requirements;

· Digitized copies of documents submitted in support of admission, enrollment, employment, scholarship, research, or other university transactions; and

· Other information required by law, government regulations, accreditation bodies, and legitimate university operations.

In the course of using the OMSU website, online services, and information systems, the University may also automatically collect certain technical and usage information, including:

· Internet Protocol (IP) address;

· Browser type and version;

· Device and operating system information

· Geolocation indicators derived from network information;

· Pages visited within the OMSU website and online portals;

· Date, time, duration, and frequency of access; and

· Other system-generated logs necessary for security, analytics, maintenance, and performance monitoring.

Sensitive Personal Information Collected and Stored which include, but are not limited to: race, ethnicity, civil status, health information, government-issued ID and relevant financial information is restricted to access and given only to predetermined authorized personnel in relation to their specific function which requires them to access or process student, employee or alumni information.

The foregoing information may be collected directly from data subjects, their parents, legal guardians, authorized representatives, government agencies, educational institutions, or other lawful sources during admission, enrollment, employment, research participation, scholarship application, use of online portals, and throughout their engagement with the University.

Purpose and Use of Collected Information

OMSU processes such information to verify identity, establish eligibility for admission, enrollment, employment, scholarships, grants, and other programs; facilitate academic and administrative services; manage access to institutional systems and online portals; maintain student and personnel records; provide guidance, counseling, health, library, and other support services; comply with legal, regulatory, and reporting obligations; and perform other legitimate educational and institutional functions consistent with applicable laws.

Disclosure and Sharing of Personal Information

OMSU does not sell, lease, or rent your personal data to third parties. We only share or disclose your data to external entities under the following legally recognized conditions:

· Statutory Mandates: Reporting requirements to government agencies such as the Commission on Higher Education (CHED), the Civil Service Commission (CSC), and the Commission on Audit (COA).

· Authorized Third-Party Processors (PIPs): Cloud hosting partners, database administrators, and automated Learning Management System (LMS) providers who operate under strict Data Processing Agreements (DPAs) to ensure the absolute safety of your records.

Storage and Security

Your personal data is stored in physical repositories and secured databases managed by the OMSU Registrar, Management Information System Office and/or their counterparts in the OMSU Campuses. OMSU has appropriate physical, technical and organizational security measures which ensure the confidentiality of your information. These measures will be reviewed over time and upgraded in line with technological developments and regulatory requirements.

If you have questions about our privacy statement and notice, you may reach us through our designated Data Protection Officer, Nestor M. Bacolod III, via this address: Occidental Mindoro State University, Labangan Poblacion, San Jose, Occidental Mindoro, or us at dataprotection@omsc.edu.ph.