HomeNewsResourcesAboutContactPrograms
HomeNewsResourcesAboutContactPrograms

Your data

Privacy Policy

How TACTICS collects, uses, retains, and protects your information, in line with the Data Privacy Act of 2012.

Last updated July 24, 2025

1. Purpose

This Privacy Policy ("Policy") establishes and describes how The Ateneo Consortium of Technological, Information, and Computing Sciences ("TACTICS," "we," "us," "our," or "Organization"), a student-led, co-curricular organization under the Department of Computer Science of Ateneo de Naga University, processes, collects, uses, retains, discloses, and disposes of your data when you use (or not use) the TACTICS website ("Website"), pursuant to the mandates of the Republic Act No. 10173, also known as the Data Privacy Act of 2012 ("the DPA" or "law"), and to uphold the law's general principles of transparency, legitimate purpose, and proportionality.

In this Policy, we may refer to the users as "you," "User," or "consumer". We also use "data" or "information" to refer to your personally identifiable information ("PII" or "personal information"). The Website serves as the official digital presence of TACTICS, which aims to enhance the organization's visibility, streamline access to information, and operate as a central hub for students, collaborators, and academic partners.

2. Terms and Definitions

Data-related services
Actions done by TACTICS as requested by the Users through the Website (e.g., answering questions, fixing problems, etc.).
Data subject
An individual whose data is being collected, held, or processed.
Security breach
A security incident that results in unauthorized access, alteration, destruction of data, and the loss of ability to access and operate the Website.
Anonymization
A data processing technique that removes identifiable characteristics from personally identifiable information.

3. Scope

This Policy applies to:

  • All users, consumers, developers, contributors, managers, and third-party vendors involved in the operations and use of the Website.
  • All core functionalities and operations that use data including, but not limited to troubleshooting, general inquiry, analytics, and others.

4. Policy Statements

4.1. Data Collected

The data we gather from you may include:

  • Email
  • Name
  • Description of Inquiry
  • Phone Number

4.2. Purpose and Legal Bases for Data Processing

  • Data processing can be done after we are given consent to process the User's data; or
  • Data processing can be done when it is required to administer and facilitate data-related services including, but not limited to, responding to inquiries, troubleshooting, analytics, and others.

4.3. Data Access

Access to the data of the Users shall be restricted to TACTICS only.

4.4. Data Sharing and Third Parties

The Website uses third-party tools to operate and function effectively, including but not limited to, content management systems, hosting platforms, and website analytics. No personally identifiable information is collected through the analytic tools. TACTICS shall not share, rent, or sell your PII to third-party vendors without your explicit consent.

4.5. Data Subject Rights

Data subjects shall have the right to access, request corrections and deletions, and object to the processing of their data.

Requests for correction, deletion, and/or objection shall be addressed to the Cybersecurity Committee through .

4.6. Data Retention and Disposal

The data of Users shall be retained for as long as necessary to uphold legitimate interests, or for historical or statistical purposes.

Upon the User's cancellation, withdrawal of consent, or request for deletion, the User's data shall be anonymized or deleted securely, whichever is more appropriate.

4.7. Incident Response Mechanism

Incident response procedures shall be put in place to ensure the confidentiality of the Users' data, as well as the Website's availability and integrity in cases of security breach.

The Organization shall follow a framework created by the Cybersecurity Committee to facilitate and expedite incident response initiatives.

4.8. Separability Clause

If any portion or part of this Policy is declared, by any competent authority, invalid, unlawful, unenforceable, or contradicting to the TACTICS Constitution and By-Laws, the portion and parts unaffected shall remain in effect, and the affected portions shall be replaced, if necessary.

5. Review and Updates

The Policy shall be reviewed annually or as needed to ensure its relevance and effectiveness. Users shall be made aware of the updates through the TACTICS website.

Last updated: July 24, 2025