Right to be informed. You must be informed if your personal data has been, is being, or shall be processed by the University. You must also be informed of other details such as the type of data to be collected, the scope and method of processing, and the purpose for such processing, among others.
Right to access. You must be given reasonable access to your personal data that are under the custody of the University, including other details such as their sources, the contact information of the recipients of your data (if any), and reasons for the disclosure of your data to other parties (if applicable).
Right to object. If your personal data is processed based on your consent or the legitimate interest of the University or a third party, you may withdraw your consent or object if changes are made to the information given to you prior to the processing of your data. For instance, you may object to your personal data being used for direct marketing, profiling, or automated processing if this was not relayed to you when your consent was obtained.
Right to Erasure or blocking. You may withdraw your personal data, order their removal or destruction, or have their processing suspended on certain grounds. You may do so when data about you are incomplete, outdated, false, or were unlawfully obtained. You may also assert this right if your personal data are being used for unauthorized purposes, have already served the purpose of their collection, or are being processed unlawfully.
Right to rectification. You have the right to dispute any inaccuracy or error in your personal data that are under the custody of the University and ask that they be corrected or rectified. You should be given access to the revised or new data, while recipients of the inaccurate or erroneous version should also be given a copy thereof.
Right to data portability. If the University processes your personal data via electronic means and keeps them in a structured and commonly used format, you have the right to obtain a copy thereof for your further use.
Right to file a complaint. If you believe that your personal data have been misused, maliciously disclosed, or improperly disposed of, or that any of your data privacy rights has been violated, you have the right to file a complaint with the National Privacy Commission (NPC). You may also seek the assistance of the University Data Protection Office for data privacy matters concerning the University.
Right to damages. You have the right to be indemnified for any damages you incur due to the processing of your inaccurate, incomplete, outdated, or false data, or if they were unlawfully obtained or used without authorization. The NPC is authorized to award damages in favor of aggrieved parties when violations of the DPA are committed.
If you have any questions or would like to access the complete policy of the Ateneo de Manila University on Data Privacy, you may get in touch with the University Data Protection Office through:
Phone: +63 2 8426-6001 local 4801
Webpage: http://www.ateneo.edu/udpo
Questions/Inquiries: info.udpo@ateneo.edu
Complaints/Security Incidents: alert.udpo@ateneo.edu