PRIVACY POLICY

 

Clark International Airport Corporation (“CIAC”) is committed to maintaining the confidentiality and security of your personal information. This Privacy Policy outlines how NMIS collects, uses, processes, safeguards, and disposes of personal data collected through the NMIS Employee’s Time Tracker (“Time Tracker”), in compliance with the Data Privacy Act of 2012 (“DPA”) and its Implementing Rules and Regulations (“DPA-IRR”) - Philippine Republic Act No. 10173.

 

DEFINITIONS:

 

“Personal Information” refers to any information that can identify an individual, either directly (such as a name or employee number) or indirectly (such as location data or device identifiers).

“Employment Information” Information related to an individual's job, including position, employment status, pay details, branch, work schedule, and employment dates.

“Processing” refers to any operation or set of operations performed on Personal Data, whether or not by automated means. This includes collecting, storing, using, disclosing, or disposing of Personal Data.

“Data Subject” refers to an individual whose Personal Data is being processed.

“Data Controller” refers to the entity that determines the purposes and means of processing Personal Data. In this case, CIACacts as the Data Controller.

“Data Processor” refers to an entity that processes Personal Data on behalf of the Data Controller, such as third-party service providers who assist in operating the CIAC Employee’s Time Tracker.

“Third-Party Service Providers” refers to external entities that NMIS may engage as partners to provide services related to the CIAC Employee’s Time Tracker, including the IT development company and IT support.

“Data Breach” refers to an incident where Personal Data is accessed, disclosed, or used inappropriately, either accidentally or unlawfully, compromising its confidentiality, integrity, or availability.

“Encryption” refers to the process of converting data into a coded format to prevent unauthorized access.

“Data Retention” refers to the duration for which Personal Data is kept by CIAC before it is deleted or anonymized.

“We,” “Our” “CIAC refer to CIAC and its affiliates, who are responsible for the management and protection of Personal Data.

“You,” “Your” “Users” refer to individuals who use the CIAC Employee’s Time Tracker, including employees and any other authorized users who interact with the system.

 

  

1. INFORMATION WE COLLECT

 

We collect personal information from users of the CIAC Employee’s Time Tracker, including:

 

1.1. Information Collected during installation and registration

*Last Name

*Date of Birth

*Employee Number

*Personal Identification Number (PIN)

 

1.2. Information Collected While Using CIAC Employee’s Time Tracker:

*Location Information

*Time In and Time Out Data

*Biometric Validation – Face recognition

*Leave Request data (Leave type, leave reason, leave dates and photos or documents uploaded on Leave Request Form)

*Log data

*Device Information (e.g., Device Name, Device Model, Operating System)

 

Purpose of Data Collection:

 

Enrollment Data: Required for CIAC Employee’s Time Tracker account setup, verification of legitimate employment status, and identification. This includes personal and employment information from the HRMIS to ensure accurate records and proper system functionality.

 

HRMIS Data: Used to validate and synchronize employee details, including personal and employment-related information, to maintain up-to-date and consistent records across systems.

 

Location and Time Data: Used to accurately manage and record attendance, track work hours, and ensure proper timekeeping.

 

Payroll and Payslip Data: Utilized to process payroll calculations accurately and provide employees with access to their pay slips. This includes necessary payroll information to ensure accurate payment, transparency, and employee access to payroll details

 

Device Information: Helps ensure compatibility, troubleshoot issues, and improve the performance of the CIAC Employee’s Time Tracker.

 

 

2. HOW WE USE YOUR INFORMATION

 

We use your personal information to:

 

Record your time in and out: Manage and record attendance accurately.

Generate payroll and pay slip: Calculate and process payroll based on time and attendance data.

Create reports: Develop reports on attendance, work hours, and performance metrics.

Improve App Functionality: Enhance the Time Tracker based on feedback and usage.

Communicate with You: Deliver memos, updates, notifications, and relevant information regarding CIAC and your employment.

Ensure Compliance: Meet legal and regulatory requirements.

Support and Troubleshooting: Provide assistance and resolve technical issues.

 

 

3. SHARING OF INFORMATION

 

We share your information with the following:

 

CIAC Human Resource Management Integrated System (HRMIS): The Time Tracker validates personal information against the HRMIS to ensure accuracy. Additionally, certain data collected by the Time Tracker, such as Time In and Time Out records, leave requests and memo/notifications, may be transmitted back to the HRMIS. This ensures that records are updated and maintained consistently for purposes such as payroll management, generating reports, and overall employee time management.

 

Third-Party Service Providers: We share information with trusted service providers for operating and improving the CIAC Employee’s Time Tracker, including our contracted information and communications technology service provider, DBP Data Center Inc. (DCI). These providers adhere to appropriate data protection standards and have entered into Data Processing Agreements with us to ensure the confidentiality, integrity, and lawful processing of personal data.

 

Legal Requirements: We may disclose information in response to legal processes, such as court orders or subpoenas.

 

4. DATA RETENTION

 

Retention Periods: We retain personal data for the duration of your employment and for a reasonable period thereafter, as necessary to fulfill the purposes outlined in this policy. Personal data related to attendance, payroll, and performance metrics will be retained for the length of employment and then for a period of up to one (1) year after employment ends, unless required for security, legal, or regulatory reasons.

 

Usage Data: Usage data, including logs and analytics, is typically retained for shorter periods, unless longer retention is needed for security purposes or to comply with legal obligations.

 

Deletion Requests: Users may submit a written request for data deletion to the CIAC Human Resource Department, subject to CIAC’s company policies, legal and regulatory retention requirements. We will process these requests in accordance with applicable laws and regulations, ensuring that all data is deleted within a reasonable time frame after employment ends.

 

CIAC-Initiated Deletion: CIAC reserves the right to delete personal data, including upon the termination of employment or for legal reasons. Such deletions will be performed in compliance with legal requirements and applicable data protection regulations, and users will be notified of such deletions when appropriate.

 

5. SECURITY MEASURES

 

Protection Measures: We employ encryption, secure storage, data recovery plans, and access controls to protect your data. Specific encryption protocols and security standards are implemented to safeguard your information.

 

Breach Notification: We are dedicated to informing you if a data breach impacts your personal information. Affected individuals will be notified within seventy-two (72) hours of the breach being discovered.

 

Limitations: While we take extensive measures to protect your data, we cannot guarantee the absolute protection of your information. Security threats are constantly evolving, and no system can be entirely immune to breaches. We will continue to review and enhance our security practices to mitigate risks.

 

6. CHANGES TO THE PRIVACY POLICY

 

Policy Updates: We may update this Privacy Policy. Continued use of the Time Tracker signifies acceptance of the updated policy. Users will be notified of changes via email or in-app notifications. Users are encouraged to periodically review this Privacy Policy for updates.

 

7. CONTACT INFORMATION

 

If you have any questions, comments, or concerns regarding these Privacy Policy, or if you need assistance, all inquiries must be addressed to CIAC. You can reach us at:

 

 

CLARK INTERNATIONAL AIRPORT CORPORATION
 No. 4 Visayas Ave., Brgy. Vasra, Quezon City, Philippines 1128
 Telephone Number: (02)8924-7980
Email: nmis@nmis.gov.ph