Data Privacy Policy

ALG respects all persons’ right to privacy and aims to comply with the requirements of all relevant privacy and data protection laws, particularly the Data Privacy Act of 2012 (DPA). ALG seeks to strike a balance between personal privacy, and the free flow of information, especially in pursuing its legitimate interests and when necessary to carry out its responsibilities as a developmental alternative legal organization, employer, and/or as a contracting party.

In this policy, the terms “data” and “information” are used interchangeably. “Personal data”, as used in this policy, includes the concepts of personal information, sensitive personal information, and privileged information. The first two are typically used to distinctively identify a person. For their exact definitions, ALG will refer to the DPA.

Information Collected, Acquired, and Generated

ALG collects personal data in many forms. These may consist of written records (ex. Attendance sheets, documentation), photographic and video images, and digital material. Examples include:

1. Information provided or generated prior to engagement. These are information gathered for events, including conferences, trainings, workshops, and meetings. ALG may collect information prior to the event for logistical arrangements, such as flights and accommodations. An applicant for a job position may be asked to provide personal data through the submission of a Personal Data Sheet, Bio-Data, and Curriculum Vitae/Resume. ALG may also request to provide Transcript of Records and details about professional license, if any. During the preliminary screening, ALG may collect additional information, including those generated from the interview and/or those obtained from the indicated professional referees.

2. Information collected or generated upon commencement and during the course of engagement. On the day/s of the event proper, we will collect information, which may or may not already be available to ALG, such as, but not limited to, (1) name; (2) organization; (3) sexual orientation/gender identity; (4) age; (5) position in the organization; and (6) address. There will be times when ALG will acquire other forms of data like photos or videos of activities participated in, via official documentation of such activities.

For job applicants who have been accepted and are engaged for the position, ALG will collect another set of information including, but not limited to, the following: (1) Certificate of Employment; (2) NBI or Police Clearance; (3) Philippine Statistics Authority (PSA) Birth Certificate; (5) SSS ID or E1 or E4; (7) Pag-IBIG Member’s Data Form and/or ID; (8) PhilHealth MDR or ID; (9) tax-related documents, such as TIN ID or BIR Form 1902 (with stamp) and 2316; and (10) bank account details necessary to facilitate the processing of compensation. In the course of employment, ALG may collect additional information about the employee for purposes of performance evaluation and in administrative and disciplinary cases.

3. Unsolicited information. There may be instances when personal information is sent to or received by ALG even without our prior request. In such cases, ALG will determine if it can legitimately keep such information. If it is not related to any of ALG’s legitimate interests, the information will be immediately disposed of in a way that will safeguard the person’s privacy/ Otherwise, it will be treated in the same manner as information provided to ALG.

In case ALG is supplied personal data of other individuals from participants or employees (e.g. person to contact in the event of an emergency, professional referees), ALG will request a certification stipulating that consent of such individuals have been obtained before providing ALG with their personal data.

Use of Information

To the extent permitted by law, ALG uses personal data to pursue its legitimate interests as a developmental alternative legal organization, employer, and/or as a contracting party, including administrative, research, historical, and statistical purposes. For example:

1. identifying participants for events or applicants for processing of applications;
2. assessing suitability of participants for events or candidates for a particular role or position;
3. verifying provided or submitted information;
4. checking background information;
5. evaluating academic qualifications;
6. administering remuneration, payroll, pension, and other standard employment functions and facilitating claims and remittances for mandatory benefits;
7. administering human resource-related processes, including those relating to performance management, and disciplinary issues;
8. providing facilities, services, security, and staff benefits to employees;
9. communicating effectively with personnel;
10. other similar or related tasks.

The processing of personal data for the purposes mentioned above are considered necessary for the performance of contractual obligations, compliance with a legal obligation, for the protection of vitally important interests, including life and health, for the performance of tasks carried out in the public interest (e.g. public order, public safety, etc.), or for the pursuit of legitimate interests of ALG, or a third party. ALG is fully committed to abiding to the rules for the processing of sensitive personal information and privileged information to the extent required by law.

Consent for any specific use of personal data shall be collected at the appropriate time, as needed.

Sharing, Disclosing, or Transferring of Information

To the extent permitted or required by law, ALG may share, disclose, or transfer personal data to other persons or organizations in order to pursue its legitimate interests as a developmental alternative legal organization, employer, and/or as a contracting party. For example,

Data and File Security protocols are implemented to ensure that files are not lost or tampered with. In order to secure data and files, especially those of confidential nature, computers should be backed up on a monthly basis on two external hard drives. One external drive is kept in the office premises and the other kept offsite, both under the care and responsibility of the Finance and Administrative Officer. The location of all backups should be known to the management of the organization. Appropriate security and back-up policies are made for sensitive, critical data.

All users of technological and informational resources are responsible for the protection of ALG assets and for the accuracy, integrity, and confidentiality of the information to which they have access. Unauthorized accessing and/or disclosure of confidential data or files by the staff shall merit disciplinary action.