²ÝÁñÊÓƵ

Office of the Secretary-General

Data Privacy

Process, Pathway of Approval, and Requirements for Requested Personal Data for Data-gathering Purposes

ÌýIn compliance with the Data Privacy Act of 2012, the University, through its Data Protection Officer (DPO) and heads of academic, research, and administrative offices as Compliance Officer for Privacy (COP), reiterates the need to protect the personal data of our data subjects (i.e., applicants, students, academic staff, support staff, and alumni).Ìý

In relation to a request for the use of personal data needed for the online deployment of data-gathering tools for research (i.e., thesis/dissertation/commissioned research) by internal or external proponents, the final approval of the DPO requires the following:Ìý

a) The clearance from an accredited UST Ethics Review Committee;Ìý

b) The review and endorsement of the Office of the Vice-Rector for Research and Innovation; andÌý

c) The approval of the concerned COPs.Ìý

For your reference, Please seeÌý the table below for the process, pathway, and requirements for the approval by the COPs.

Thank you.Ìý

ÌýPROCESS, PATHWAYS, AND REQUIREMENTSÌý

for the approval of a request for personal data needed for the online deployment of data-gathering tools for a thesis, dissertation, or commisioned research:Ìý

ÌýLegend:Ìý

AU – Academic UnitÌý

COP – Compliance Officer for PrivacyÌý

DPO – Data Privacy OfficerÌý

ERC – Ethics Review CommitteeÌý

ÌýMOA – Memorandum of AgreementÌý

NDA – Non-disclosure AgreementÌý

OVRRI – Office of the Vice-RectorÌý

for Research and InnovationÌý

UST – University of Santo TomasÌý

  1. ÌýThe Compliance Officer for Privacy (COP) for Academic Unit level data is the head of the Academic Unit while the COP for University level data is the head of the concerned University unit.Ìý
  2. The Memorandum of Agreement (MOA) must stipulate the responsibility of the researchers in terms of the different phases of the data life cycle. Ìý

3. Whether the study requires sharing of personal data to an external party or not, the approval to the next step depends on the favorable review of the Ethics Review Committee.Ìý

4. The Non-disclosure Agreement (NDA) must stipulate the extent of responsibility of the researchers and collaborators in terms of the data life cycle, particularly on disclosure/data sharing.Ìý

5. The Memorandum of Agreement (MOA) must stipulate the responsibility of the researchers in terms of the different phases of the data life cycle. Ìý

Contact Information

Office Address​

Telephone Numbers

Online

Office Address​

Telephone Numbers

Online