GOVPH
MENU

TAPI Privacy Notice

Details

PRIVACY NOTICE

The DOST-TAPI is committed to protect and respect your personal data privacy. We are at the forefront of not only implementing but also complying with the Data Privacy Act of 2012. For this purpose, the Institute puts high premium in complying with the privacy requirements of the laws, rules and regulations.

1. RIGHTS OF DATA SUBJECTS

As the Institute campaigns for respect and protection data privacy among its stakeholders, it undertakes to exert reasonable efforts to ensure that the data subjects are informed of their rights and the means to exercise them. These rights are as follows:

a. Right to be informed. As a data subject, you have the right to be informed that your personal data shall be, are being or have been processed. The right to be informed is a basic right as it empowers you as a data subject to consider other actions to protect your data privacy and assert your other privacy rights. This right also requires personal information controllers (PICs) to notify you if within a specific period of time if your data has been compromised, i.e. in the case of a personal data breach.

b. The right to access. Concomitant to your right to be informed, you also have a right to gain reasonable access to your personal data. You may request access to the following:

    • Contents of your personal data that were processed;
    • Sources from which they were obtained;
    • Names and addresses of the recipients of your data;
    • Manner by which such data were processed;
    • Reasons for disclosure to recipients, if there were any;
    • Information on automated processes where the data will or likely to be made as the sole basis for any decision which would significantly affect you;
    • Date when your data was last accessed and modified; and
    • Name and address of the personal information controller.

c. Right to Object. You have a right to object to the processing of your personal data, including processing for direct marketing, automated processing or profiling. You likewise have the right to be notified and given an opportunity to withhold consent to the processing in case of changes to the information given to you regarding the processing of your information.

d. The right to erasure or blocking. Under the law, you have the right to suspend, withdraw or order the blocking, removal or destruction of your personal data. You can exercise this right upon discovery and substantial proof of the any of the following:

    • Your personal data is incomplete, outdated, false, or unlawfully obtained;
    • It is being used for purposes you did not authorize;
    • The data is no longer necessary for the purposes for which they were collected;
    • You decided to withdraw consent, or you object to its processing, and there is no overriding legal ground for its processing;
    • The data concerns personal information prejudicial to the data subject — unless justified by freedom of speech, of expression, or of the press; or otherwise, authorized;
    • The processing is unlawful; or
    • The personal information controller, or the personal information processor, violated your rights as a data subject.

e. Right to damages. You may claim compensation if you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, considering any violation of your rights and freedoms as data subject.

f. Right to file a complaint. If you are the subject of a privacy violation or personal data breach, or who are otherwise personally affected by a violation of the DPA, may file complaints with the NPC.

g. Right to rectification. You have the right to dispute any inaccuracy or error in your personal data and have the personal information controller correct it immediately, unless the request is vexatious or unreasonable. Once corrected, the PIC should ensure that your access to both new and retracted information, and simultaneous receipt of the new and the retracted information by the intended recipients thereof.

h. Right to data portability. Where your personal information is processed by electronic means, you have a right to obtain from the personal information controller a copy of your personal data a copy of such data in an electronic or structured format that is commonly used and allows for further use. The purpose of this right is to empower you and give you more control over your personal data. This right, which applies subject to certain conditions, supports user choice, user control and consumer empowerment. It enables the free flow of your personal information across organizations according to your preference. This is important especially now that several organizations and services can reuse the same data. Data portability allows you to manage your personal data, and to transmit your data from one personal information controller to another. As such, it promotes competition that fosters better services for the public.

2. SERVICE DESCRIPTION

The Institute provides a variety of external services to its clients. These services are all directed toward the ushering of technologies and innovations from its inception to full blown commercialization. Internal services of the Institute support and complement the external services to ensure that they are smoothly and effectively implemented for the benefit of public. The complete list and brief descriptions of each of the external and internal services of the Institute are provided in its Citizen’s Charter which can be access through the link: http://www.tapi.dost.gov.ph/resources/downloads?task=download.send&id=5146&catid=14&m=0

3. PERSONAL INFORMATION THAT ARE COLLECTED

The Institute collects only the personal information which are necessary to completely process requests and applications for its services. This information include full name, contact information, address, gender, age range, bank details (for assistance involving funding), educational attainment (for contests), and other information necessary for the evaluation of requests, applications, entries, and the like. For personal data collected via the Institute’s official websites, the following are being collected:

    • Your IP address
    • Your network location
    • Your Web browser type
    • Details of device you used
    • Search terms you used
    • Date and time you accessed each page
    • Pages on the site you visited
    • Duration of the time you spent on each page

4. COLLECTION METHOD

Personal information are collected by TAPI personnel through the submission of requests, applications, or entries. These submissions may be done via printed copy or electronically. The clients are to input the details of their personal information in a form. The required personal information varies from one service to another as these services have different purpose, requirements, and manner of implementation. The Institute also collects personal information through its official website for submission of proposal during calls.

5. TIMING OF COLLECTION

The Institute collect its clients’ personal information every time they submit request, application or entry. The Institute usually conducts call for proposals during the last quarter of the year for the following batch of applicants to TAPI programs of assistance. The Institute also conducts several national events involving science, technology, innovation and commercialization thereof. During these events, DOST-TAPI collects personal information of people who participate in them such as the Regional and National Invention contests, National Inventors Week, National Science and Technology Week, Technology Transfer Day, among others. The state has declare specific dates for these events.

6. PURPOSES OF COLLECTED PERSONAL INFORMATION

The Institute, being a funding agency, evaluate the eligibility and propriety of its applicants. The collection and validation of personal information of the applicants ensures that the Institute releases government funds only to legitimate request and applications. Considering that many of its programs involve intellectual properties, it imperative that the Institute secure personal information of its clients to prevent fraud, infringements, and unauthorized use and attributions to these technologies.

7. LOCATION, STORAGE, PROTECTION, AND TRANSMISSION OF PERSONAL INFORMATION

DOST-TAPI stores the personal information of its clients through proper handling of printed and electronic copies of clients’ requests, application and entries containing personal information. through secured facilities such as locked filing cabinets, vaults, firewalls, passwords, and the like. The Institute also have its own server room in an appropriate and secured location. Transmittal of personal information are done internally across different offices in the Institute through printed and electronic means. The Institute implements a strict policy on maintaining internal documents within the premises of the office and preventing these documents, whether printed or electronic from being release outside. All of its personnel have duly executed Non-disclosure Agreement (NDA) as a deterrent to intentional disclosure. The Institute conducts periodic reminders on data privacy related laws, rules, regulations and policies.

8. METHOD OF USE

All the personal information collected are used by the Institute for the purpose of the implementing is programs such as validation, evaluation, recommendation, follow up, and monitoring. Other personal information of its clients such as gender, age range, address, contact numbers, and the like, are also used for statistics and promotional purposes including invitation to other DOST-TAPI/DOST events.

9. THIRD PARTY TRANSFER

The Institute do not transfer or share personal information outside DOST System. DOST-TAPI shares the contact information of some of its beneficiary clients to other DOST offices for purposes of promotion, statistics and invitation to events. This transfer of contact information is normally covered by a memorandum of agreement, contract or conformé.

10. RETENTION PERIOD

The retention period and manner disposal of personal information collected by the Institute are consistent with the National Archives Rules on records disposal. Disposal of electronic copy of personal information are done by permanent deletion of files in hard drive and cloud storage system. The Institute has designated a committee for such disposal to ensure compliance with the law.

11. PARTICIPATION OF DATA SUBJECT

The data subjects may contact the Institute through its official email: This email address is being protected from spambots. You need JavaScript enabled to view it. to communicate their intention to exercise their rights under the Data Privacy Act of 20212. They are referred to the link of this Privacy Notice where there are informed of their rights and how they can exercise them. The copy of the Data Privacy Act of 2012 is also apploaded to the Official website of the Institute for easy reference of the data subjects.

the copy of the What can the data subjects do in order to exercise their rights? Inform the data subject about his/her rights under the Data Privacy Act of 2012 and how these may be properly exercised.

12. INQUIRY

For inquiries or clarifications on the foregoing Privacy Statement, the data subject may contact the Institute through its Compliance Officer for Privacy (COP) via the Institute’s official email: This email address is being protected from spambots. You need JavaScript enabled to view it..