Menu
GOVPH

Philippine Standard Time:

Alexis Deodato S. Itao

Alexis Deodato S. Itao is an Assistant Professor of the Department of Humanities of the College of Culture, Arts, and Sports (CCAS) of Cebu Normal University (CNU) in Cebu City, Philippines. He obtained his A.B. Philosophy cum laude from Saint Peter College Seminary in Butuan City. After college, he studied Sacred Theology for a brief period at the Pontifical Lateran University in Rome, Italy. He holds a Master of Arts, major in Philosophy, from the University of San Carlos in Cebu City, graduating in 2009. He also completed a one-year Formation Course in Family and Intercultural Empowerment at the Loreto School for Families in Florence, Italy, in 2013. Assist. Prof. Itao has published scholarly articles in international refereed journals and has participated in and read papers at academic conferences in different parts of the country and abroad. He has been a recipient of several awards for his publications and research, including two Presidential Citations from CNU and the 2023, 2024, and 2025 Albertus Magnus Award from the University of Santo Tomas. Assist. Prof. Itao has also taught at several reputable institutions across the country, including the Rogationist Seminary College-Cebu, University of San Jose-Recoletos (Cebu City), La Salle University- Ozamiz, and the Ateneo de Manila University. He is presently pursuing his Doctor of Philosophy (Ph.D.) major in Philosophy at the University of Santo Tomas, as a full-time scholar under the SIKAP Scholarship Grant of the Commission on Higher Education. He is one of the founding members of Societas Ethica Philosophica, Inc. (SEPI), a professional organization aiming to promote Christian philosophy through various conferences, symposia, and fora. Representing SEPI, he currently sits as a Board Member of the Union of Societies and Associations of Philosophy in the Philippines (USAPP). He served as the P.R.O. for Visayas (2021-2024) of the Philosophical Association of the Visayas and Mindanao (PHAVISMINDA). Scopus Author ID: 57202799229 ORCID iD: orcid.org/0000-0003-1160-5139 Web of Science ResearcherID: X-9213-2019 Google Scholar Profile: https://scholar.google.com.ph/ADS-Itao PhilPeople Profile: https://philpeople.org/profiles/alexis-deodato-itao ResearchGate Profile: https://www.researchgate.net/profile/Alexis-Deodato-Itao

X
Cebu Normal University
PRIVACY POLICY

Policy Statement

This Privacy Policy is adopted in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations (IRR), and other relevant issuances of the National Privacy Commission (NPC). The University is committed to protecting and respecting your personal data privacy. We process personal information in accordance with the principles of transparency, legitimate purpose, and proportionality. This Policy informs how we collect, use, disclose, store, protect, and dispose personal information of our data subjects.

Definitions

Personal information refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information or when put together with other information that would directly and certainly identify an individual.

Sensitive information is a type of personal information with the risk of discrimination against the Data Subject. These are about an identifiable person’s racial or ethnic origin, marital status, color, and religious, philosophical, or political affiliations. It is also, about an individual’s health, education, the genetic or sexual life of person, or any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and specifically established by an executive order or an act of Congress to be kept classified.

Privileged information refers to any and all forms of data which under the Rules of Court and other pertinent laws constitute privileged communication.

Information We Collect

The University may collect personal information in the context of its regular functions — including but not limited to the following categories:

  1. Students: contact and enrollment details, academic records, health or medical records, accommodation records, student-activity participation, and related data.
  2. Staff and job applicants: contact details, employment history, qualifications, employee-related data.
  3. Alumni profiling: contact and demographic details.
  4. Visitors, volunteers, and other stakeholders: information collected through sign-in forms, CCTV or security monitoring, photos or recordings during official events, surveys, and feedback forms.

Collection may occur by any medium, including: paper forms, electronic forms, email, website or online platforms, CCTV or video/photographic capture, surveys/questionnaires, and other lawful means.

Purposes and Uses of the Data Collected and Processed

Personal information collected may be used for:

  1. Administration of admission, enrollment, employment, alumni relations, and other official functions.
  2. Maintenance of student and employee records, including academic, health, and administrative data.
  3. Provision of University services such as counseling, scholarship administration, placement, library access, facilities use, laboratory access, security, parking, and accommodation.
  4. Internal research, quality assurance, performance monitoring, and institutional planning.
  5. Compliance with statutory obligations (e.g. reporting to government agencies when required).
  6. Security, safety, and campus management, including CCTV monitoring.

Legal Basis / Lawful Criteria for Processing

All processing of personal data is carried out in accordance with the legality, fairness, and lawfulness requirements under the Data Privacy Act and IRR.
Where applicable, processing is grounded on consent, contract, legal obligation, legitimate interest, or other lawful bases recognized under the law. The choice of lawful basis depends on the nature of data, the purpose of processing, and legal or contractual requirements.

Manner of Collection and Processing

Personal data may be collected through physical forms (paper-based), electronic forms, online or web-based platforms (e.g., registration portals, email, institutional website), CCTV or video/photo capture (for security or surveillance), event sign-in sheets or registration forms, surveys or questionnaires, or other legitimate and lawful means.

Processing may include collection, recording, sorting, storing, retrieval, use, updating, modification, blocking, destruction or other operations as allowed under the law, consistent with declared purposes.

Disclosure of Information

The University does not disclose personal information except under the following circumstances:

  1. Internal disclosure within authorized University personnel, only when necessary and appropriate for legitimate institutional purposes.
  2. External disclosure only when required or permitted by law (e.g. statutory obligations), or when the data subject has provided valid consent.
  3. Sensitive personal information or privileged information is processed and disclosed only in accordance with relevant legal provisions.

Risks, Safeguards and Security Measures

The University recognizes that processing of personal data entails certain privacy and security risks. Accordingly, we implement appropriate organizational, technical, and physical security safeguards to protect the confidentiality, integrity, and availability of personal data — whether in electronic or physical form. Such measures include (but are not limited to):

  1. Access controls (both digital and physical) to restrict access only to authorized personnel
  2. Use of secure storage: locked filing cabinets or secure rooms for physical records; password-protected systems, encryption, secure servers, firewalls for electronic data
  3. Secure transmission of data (when shared or transferred), secure printing and disposal protocols, and safe deletion or destruction of data when no longer needed
  4. Classification of data and periodic review of security protocols, to ensure adequacy in light of the risks presented and sensitivity of the data processed

Rights of Data Subjects

Under the Data Privacy Act and its IRR, data subjects have the following rights:

  1. Right to be informed — you have the right to know whether personal information about you will be, is being, or has been processed; the purposes of processing; the personal data to be entered; and the scope and method of processing.
  2. Right to access, correct, or update your data — you may request access to your personal information, ask for rectification of inaccuracies, or request updates.
  3. Right to object or withdraw consent — when processing is based on consent or legitimate interest, you may withdraw consent or object, subject to legal limits.
  4. Right to data portability — where applicable, you may obtain a copy of your personal data in a secure and portable format for transfer to another controller.
  5. Right to erasure or blocking — if personal data is incomplete, outdated, unlawfully obtained or processed, no longer necessary, or processing is unauthorized, you may request erasure or blocking, subject to legitimate grounds for retention (e.g. legal obligations or defense of legal claims).
  6. Right to damages — you may seek indemnification for damages resulting from inaccurate, incomplete, outdated, unlawfully obtained or unauthorized use of your personal data.
  7. Right to lodge a complaint with the NPC if you believe your data privacy rights have been violated.

Requests for access, rectification, objection, portability, erasure or complaints may be submitted in writing to the University’s designated Data Protection Officer (DPO) or Data Privacy Office.

Security, Retention, and Disposal

The University implements appropriate organizational, technical, and physical security measures to safeguard personal data — whether in paper or electronic form — against unauthorized access, disclosure, alteration, or destruction. Such measures include: secure storage (locked filing cabinets or rooms), restricted access to authorized personnel only, use of locked screens/screensavers, secure transmission (sealed envelopes or secure electronic transmission), secure printing and disposal of documents, and safe deletion or destruction of data when no longer needed.

Personal data will be retained only for as long as necessary to fulfill the declared and legitimate purposes, or as required for legal obligations or defense of legal claims. When no longer needed, personal data will be disposed of securely in accordance with University policy and relevant data-protection guidelines.

Consent, Notice, and Legitimate Processing

Where required by law, consent will be obtained from data subjects prior to collection or processing of their personal or sensitive data. In other cases (e.g. CCTV monitoring, legitimate interest), the University will inform data subjects through appropriate notice mechanisms before or at the time of data collection. Privacy notice(s) will accompany data-collection forms or be posted in conspicuous campus areas, and on the University website. At all times, data processing is based on legitimate purpose and proportional to the need.

Data Subject Access and Contact

To exercise your rights or if you have any inquiry, concern, or request regarding your personal data, please contact:

Omar B. Roma

Data Protection Officer
Email: dpo@cnu.edu.ph
Phone: 09422041421

Changes to This Policy

The University reserves the right to update or amend this Privacy Policy as necessary to reflect changes in applicable laws, regulations, regulatory guidance, or its internal data-processing practices. Updated versions will be posted on the University’s official website and, where appropriate, communicated to data subjects.