The Professional Regulation Commission (PRC) is committed to protecting your privacy and ensuring that all personal data collected from you are processed in accordance with Republic Act No. 10173, also known as the Data Privacy Act of 2012, and pertinent issuances of the National Privacy Commission.
The information gathered from this website shall be treated as highly confidential.
1. DATA COLLECTED AND MODE OF COLLECTION
● Basic personal information like your complete name, date of birth, gender, civil status and citizenship including supporting documents such as certificate of live birth, marriage certificate, and government ID
● Address/Company Address
● Contact Details
● Email address
● Scholastic records
● Fax No.
● Website
● TIN No./ BIR Registration No. / DTI Registration No. / SEC Registration No.
● Employment details
● Company/Firm details
● PRC Registration No.
The PRC collects personal information either manually or electronically. For manual collection, printed forms/documents are made available and are accomplished by the data subjects or their authorized representative/s. For online transactions, data is collected through encoding of information in this website.
2. PURPOSE OF COLLECTION AND USE OF DATA COLLECTED: The PRC collects, uses, and stores personal information for the following purposes:
a. To perform its mandate relative to the regulation and licensing of the various professions under its jurisdiction
b. To provide better service and give the transacting public proper response/feedback
c. To be able to provide the appropriate action that a data subject may require concerning their data privacy rights.
The PRC may use your contact information in order to send an e-mail and/or other communications regarding your status or updates about your transaction/s with us. We may also use your data for statistics, summaries, research and studies for the development of new markets and standards. The PRC will only retain personal data as long as it is utilized for its intended purpose.
3. DISCLOSURE OF PERSONAL DATA: The PRC only shares your information if required by law, or if necessary, for compliance associated with a non-disclosure agreement to keep and treat all of your information confidential and subject to duly executed Data Sharing Agreements (DSAs).
4. DATA PROTECTION AND SECURITY MEASURES: The PRC protects personal data collected by instituting protection measures aimed at minimizing the risks involved in data processing. It implements technical, organizational and physical security measures to protect your personal data against data breach, unauthorized or accidental access or disclosure, alteration or destruction.
● The Technical Measures include, among others: deployment and installation of firewalls, load balancer, file encryption, intrusion detection/prevention systems (IDS/IPS), conduct of vulnerability assessment and penetration testing, access controls, and data backup.
● The Physical Security Measures include, among others: Design of office space/work station (computers are positioned with considerable spaces between them to maintain privacy and protect the processing of personal data); Access procedure of agency personnel (only authorized personnel shall be allowed inside rooms where data are stored);
● The Organizational Measures include, among others: Data Minimization (only collect and processes personal information necessary for the specified purposes); Data Retention Policies (only retain personal data in electronic format, and only for as long as it is utilized for its intended purpose); Privacy Training for Employees; Appointment of DPO and reconstitution of Data Privacy Committee.
5. STORAGE, RETENTION, AND DISPOSAL: Personal Information manually collected (paper-based documents) are kept in secure locations/filing cabinets/boxes in locked rooms, accessible only to authorized personnel. Digital/electronic files are stored in computers and servers/clouds protected by passwords and accessible to a limited number of authorized and trained personnel. Data Retention Periods and Disposal are observed and conducted in accordance with policies/practices compliant with NAP (National Archives of the Philippines) guidelines and other applicable rules/issuances.
6. RIGHTS OF DATA SUBJECTS: Under the Data Privacy Act and related issuances, data subjects are entitled to the following rights:
a. The Right To Be Informed
b. The Right To Access
c. The Right To Object
d. The Right To Erasure or Blocking
e. The Right To Damages
f. The Right To File A Complaint Before The NPC
g. The Right To Rectification
h. The Right To Data Portability
7. DATA PROTECTION OFFICER CONTACT INFORMATION
Assistant Commissioner Lord Louis P. Valera
PRC Data Protection Officer
Email Address: dataprotection.officer@prc.gov.ph
Contact Number: (02) 8736-4880
