Privacy Policy

Protecting your personal information and academic data with transparency and care

Last updated: August 26, 2025

Your Privacy Matters: At Baao Community College, we are committed to protecting your privacy and maintaining the confidentiality of your personal and academic information. This policy explains how we collect, use, and safeguard your data.

Information We Collect

We collect the following types of information to provide you with secure access to your academic records:

Personal Information

Name, student ID, email address, phone number, and contact details necessary for account identification and communication.

Academic Information

Grades, course enrollments, academic records, transcripts, and educational history required for grade viewing services.

Technical Information

Login credentials, IP addresses, browser information, device data, and system usage analytics for security and optimization.

Communication Data

Messages, support requests, feedback, and correspondence submitted through our system for service improvement.

How We Use Your Information

Your information is used exclusively for legitimate educational purposes:

  • Providing secure access to academic records and grades
  • Authenticating user identity and maintaining account security
  • Communicating important academic and administrative information
  • Improving system functionality and user experience
  • Generating academic reports and analytics for institutional purposes
  • Complying with educational regulations and legal requirements
  • Preventing fraud and maintaining system integrity

Information Sharing and Disclosure

We maintain strict confidentiality of your information. We do not sell, rent, or trade your personal data. Limited sharing occurs only in these circumstances:

Authorized Educational Personnel

Faculty and staff who require access for legitimate educational purposes, academic advising, and student services.

Legal Requirements

When required by law, court order, subpoena, or government regulation in compliance with applicable legal frameworks.

Safety and Security

To protect the safety, security, and rights of our community members and to investigate potential policy violations.

Service Providers

Trusted third-party vendors who assist in system operations under strict confidentiality agreements and data processing addendums.

Data Security Measures

We implement comprehensive security measures to protect your information from unauthorized access, alteration, or disclosure:

Encryption Protection

AES-256 encryption for data at rest and TLS 1.3 for data in transit, ensuring your information remains secure during storage and transmission.

Multi-Factor Authentication

Advanced authentication systems requiring multiple verification factors to prevent unauthorized account access.

Security Monitoring

24/7 security monitoring, intrusion detection systems, and automated threat response to identify and address potential security incidents.

Secure Infrastructure

Industry-standard secure servers, network infrastructure, and data centers with physical and digital access controls.

Access Controls

Role-based access control (RBAC) ensuring staff access is limited to information necessary for their specific responsibilities.

Staff Training

Regular security awareness training for all staff members handling personal information and academic data.

Your Privacy Rights

You have comprehensive rights regarding your personal information. We respect and facilitate the exercise of these rights:

Access Right

Request access to personal data we maintain about you, including academic records and system usage information.

Correction Right

Request correction of inaccurate, incomplete, or outdated information in your records.

Deletion Right

Request deletion of your data, subject to legal, regulatory, and institutional record-keeping requirements.

Data Portability

Request a copy of your data in a structured, machine-readable format for transfer to other systems.

Processing Restriction

Request limitation of data processing in specific circumstances while maintaining academic record integrity.

Objection Right

Object to certain types of data processing, particularly for marketing or non-essential administrative purposes.

Data Privacy Act of 2012 (Republic Act No. 10173) Compliance

As an educational institution in the Philippines, we strictly comply with the Data Privacy Act of 2012 and regulations from the National Privacy Commission (NPC) and Commission on Higher Education (CHED). Under the DPA, you have the right to:

  • Right to be Informed: Be notified about the collection, processing, and purpose of your personal and academic data
  • Right to Access: Obtain access to your complete education records and personal information maintained by the institution
  • Right to Correction: Request correction or rectification of inaccurate, incomplete, or misleading personal data
  • Right to Erasure: Request deletion or blocking of your personal data under specific lawful circumstances
  • Right to Object: Object to the processing of your personal data for direct marketing, automated processing, or profiling
  • Right to Data Portability: Request your personal data in an electronic format for transmission to another organization
  • Right to File Complaints: File complaints with the National Privacy Commission if you believe your privacy rights have been violated

For detailed information about your data privacy rights, procedures, and to exercise these rights, contact our Data Protection Officer (DPO) at the Registrar's Office or Student Services. You may also visit the National Privacy Commission website at www.privacy.gov.ph for more information.

Cookies and Tracking Technologies

Our system uses cookies and similar technologies to enhance your experience and maintain security:

Essential Cookies

Required for system functionality including session management, authentication, and security features. Cannot be disabled.

Preference Cookies

Remember your settings, language preferences, and interface customizations to improve your user experience.

Analytics Cookies

Collect anonymous usage statistics to help us understand how the system is used and identify areas for improvement.

Security Cookies

Detect suspicious activity, prevent unauthorized access, and enhance overall system security measures.

You can control cookie settings through your browser preferences. Note that disabling essential cookies may affect core system functionality.

Data Retention Policy

We maintain clear data retention schedules balancing operational needs with privacy protection:

  • Academic Records: Maintained permanently as part of your official educational history
  • Personal Information: Retained during enrollment and for 7 years post-graduation for alumni services
  • System Logs: Security and access logs retained for 2 years for audit and investigation purposes
  • Communication Data: Support requests and feedback retained for 3 years for service improvement
  • Technical Data: Anonymous usage analytics retained for 1 year for system optimization

Data is securely deleted using industry-standard data destruction methods when retention periods expire.

International Data Transfers

Your information is primarily processed and stored within secure facilities in the Philippines. When international data transfers are necessary for system operations or service provision, we ensure:

  • Adequate protection through standard contractual clauses or adequacy decisions
  • Compliance with applicable data protection laws in all relevant jurisdictions
  • Appropriate technical and organizational measures to protect data during transfer
  • Transparent notification of any significant changes to data processing locations

Policy Updates

We may periodically update this privacy policy to reflect changes in our practices, technology, legal requirements, or other operational factors. We will:

  • Notify users of material changes through the system, email, or prominent notice
  • Provide at least 30 days notice before significant changes take effect
  • Maintain an archive of previous policy versions for transparency
  • Allow users to review changes and exercise their rights before new policies take effect

Continued use of our services after updates constitutes acceptance of the revised policy.

Children's Privacy Protection

We take special precautions to protect the privacy of younger students:

  • Our system is designed for students aged 18 and above
  • We do not knowingly collect personal information from children under 18 without parental consent
  • If we discover we have collected information from a child under 18, we will promptly delete it
  • Parents and guardians can request access to their child's information and request corrections or deletions
  • Special privacy protections apply to student records in accordance with COPPA and educational privacy laws

Privacy Contact Information

For privacy-related questions, rights requests, or concerns about data handling:


Privacy Officer: Infosys Core Development Team
Email: infosyscoreteam@gmail.com
Phone: +639105673778
Address: Baao Community College, Camarines Sur, Philippines
Response Time: Within 2 business days for all privacy inquiries

We are committed to transparency in our data practices and will work with you to address any privacy concerns or requests promptly and thoroughly.