Menu
GOVPH

Philippine Standard Time:

Cebu Normal University (CNU) is one step closer to transforming its campuses into SMART ones.

The University submitted a P23.1M project proposal to the Commission on Higher Education (CHED) seeking assistance to develop CNU’s campuses into SMART (Systems Management Automation and Related Technologies) campuses with specific priority areas on establishing a learning management system (LMS), a student information system (SIS), and a school management information system (SMIS).

The LMS would be the main tool in delivering engaging lessons synchronously and asynchronously, administering courses, tracking, and reporting which will feature student accounts, online examinations, grade books, virtual lockers, forums, built-in chat, teacher accounts, question bank, e-resources, attendance checker, and even guardian/parent accounts for them to monitor their sons’ and daughters’ progress.

The SMIS would include offsite enrollment module, admission and testing module, registrar’s module, and teaching-learning equipment and software (smart interactive whiteboard, control system, microphone, amplifier system, rich ports for external computer in an interactive education platform software bundled with e-learning solution with the use of different teaching tools such as text, 3D animation, video, audio, and virtual simulation).

Meanwhile, the establishment of the SIS would also create an accounting system, budget monitoring system, asset management system, procurement management system, records management system, and project monitoring system.

Mr. Omar Roma, the SMART project leader and the University’s Information and Communications Technology Officer (ICTO) said that the proposed project will result to an improved accessibility and efficiency of the institution’s academic and administrative operations since automation and advancement of the University system and ICT facilities provide secure and real time access to the its information system.

Dr. Filomena T. Dayagbil, the OIC of the Office of the President opined that the SMART project opens windows of opportunities to make the University globally competitive in its academic processes.

“Amidst and beyond the health crisis, the flexible learning modality is the best option for learning continuity. Thus, the major component of the SMART project is the development of a learning management system that is responsive to the needs of the students and the faculty for quality teaching and learning,” Dr. Dayagbil said.

She also expressed her gratitude to CHED through the leadership of Chair Popoy de Vera and the Chair of the CNU Board of Regents Dr. Perfecto A. Alibin for the support.

The 12-month SMART project includes pre-procurement, procurement of proposed learning management system and services, implementation, software development, pre-testing, data migration, end-user training, turn-over, and continuous quality improvement mechanism. – KFR

X
Cebu Normal University
PRIVACY POLICY

Policy Statement

This Privacy Policy is adopted in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations (IRR), and other relevant issuances of the National Privacy Commission (NPC). The University is committed to protecting and respecting your personal data privacy. We process personal information in accordance with the principles of transparency, legitimate purpose, and proportionality. This Policy informs how we collect, use, disclose, store, protect, and dispose personal information of our data subjects.

Definitions

Personal information refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information or when put together with other information that would directly and certainly identify an individual.

Sensitive information is a type of personal information with the risk of discrimination against the Data Subject. These are about an identifiable person’s racial or ethnic origin, marital status, color, and religious, philosophical, or political affiliations. It is also, about an individual’s health, education, the genetic or sexual life of person, or any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and specifically established by an executive order or an act of Congress to be kept classified.

Privileged information refers to any and all forms of data which under the Rules of Court and other pertinent laws constitute privileged communication.

Information We Collect

The University may collect personal information in the context of its regular functions — including but not limited to the following categories:

  1. Students: contact and enrollment details, academic records, health or medical records, accommodation records, student-activity participation, and related data.
  2. Staff and job applicants: contact details, employment history, qualifications, employee-related data.
  3. Alumni profiling: contact and demographic details.
  4. Visitors, volunteers, and other stakeholders: information collected through sign-in forms, CCTV or security monitoring, photos or recordings during official events, surveys, and feedback forms.

Collection may occur by any medium, including: paper forms, electronic forms, email, website or online platforms, CCTV or video/photographic capture, surveys/questionnaires, and other lawful means.

Purposes and Uses of the Data Collected and Processed

Personal information collected may be used for:

  1. Administration of admission, enrollment, employment, alumni relations, and other official functions.
  2. Maintenance of student and employee records, including academic, health, and administrative data.
  3. Provision of University services such as counseling, scholarship administration, placement, library access, facilities use, laboratory access, security, parking, and accommodation.
  4. Internal research, quality assurance, performance monitoring, and institutional planning.
  5. Compliance with statutory obligations (e.g. reporting to government agencies when required).
  6. Security, safety, and campus management, including CCTV monitoring.

Legal Basis / Lawful Criteria for Processing

All processing of personal data is carried out in accordance with the legality, fairness, and lawfulness requirements under the Data Privacy Act and IRR.
Where applicable, processing is grounded on consent, contract, legal obligation, legitimate interest, or other lawful bases recognized under the law. The choice of lawful basis depends on the nature of data, the purpose of processing, and legal or contractual requirements.

Manner of Collection and Processing

Personal data may be collected through physical forms (paper-based), electronic forms, online or web-based platforms (e.g., registration portals, email, institutional website), CCTV or video/photo capture (for security or surveillance), event sign-in sheets or registration forms, surveys or questionnaires, or other legitimate and lawful means.

Processing may include collection, recording, sorting, storing, retrieval, use, updating, modification, blocking, destruction or other operations as allowed under the law, consistent with declared purposes.

Disclosure of Information

The University does not disclose personal information except under the following circumstances:

  1. Internal disclosure within authorized University personnel, only when necessary and appropriate for legitimate institutional purposes.
  2. External disclosure only when required or permitted by law (e.g. statutory obligations), or when the data subject has provided valid consent.
  3. Sensitive personal information or privileged information is processed and disclosed only in accordance with relevant legal provisions.

Risks, Safeguards and Security Measures

The University recognizes that processing of personal data entails certain privacy and security risks. Accordingly, we implement appropriate organizational, technical, and physical security safeguards to protect the confidentiality, integrity, and availability of personal data — whether in electronic or physical form. Such measures include (but are not limited to):

  1. Access controls (both digital and physical) to restrict access only to authorized personnel
  2. Use of secure storage: locked filing cabinets or secure rooms for physical records; password-protected systems, encryption, secure servers, firewalls for electronic data
  3. Secure transmission of data (when shared or transferred), secure printing and disposal protocols, and safe deletion or destruction of data when no longer needed
  4. Classification of data and periodic review of security protocols, to ensure adequacy in light of the risks presented and sensitivity of the data processed

Rights of Data Subjects

Under the Data Privacy Act and its IRR, data subjects have the following rights:

  1. Right to be informed — you have the right to know whether personal information about you will be, is being, or has been processed; the purposes of processing; the personal data to be entered; and the scope and method of processing.
  2. Right to access, correct, or update your data — you may request access to your personal information, ask for rectification of inaccuracies, or request updates.
  3. Right to object or withdraw consent — when processing is based on consent or legitimate interest, you may withdraw consent or object, subject to legal limits.
  4. Right to data portability — where applicable, you may obtain a copy of your personal data in a secure and portable format for transfer to another controller.
  5. Right to erasure or blocking — if personal data is incomplete, outdated, unlawfully obtained or processed, no longer necessary, or processing is unauthorized, you may request erasure or blocking, subject to legitimate grounds for retention (e.g. legal obligations or defense of legal claims).
  6. Right to damages — you may seek indemnification for damages resulting from inaccurate, incomplete, outdated, unlawfully obtained or unauthorized use of your personal data.
  7. Right to lodge a complaint with the NPC if you believe your data privacy rights have been violated.

Requests for access, rectification, objection, portability, erasure or complaints may be submitted in writing to the University’s designated Data Protection Officer (DPO) or Data Privacy Office.

Security, Retention, and Disposal

The University implements appropriate organizational, technical, and physical security measures to safeguard personal data — whether in paper or electronic form — against unauthorized access, disclosure, alteration, or destruction. Such measures include: secure storage (locked filing cabinets or rooms), restricted access to authorized personnel only, use of locked screens/screensavers, secure transmission (sealed envelopes or secure electronic transmission), secure printing and disposal of documents, and safe deletion or destruction of data when no longer needed.

Personal data will be retained only for as long as necessary to fulfill the declared and legitimate purposes, or as required for legal obligations or defense of legal claims. When no longer needed, personal data will be disposed of securely in accordance with University policy and relevant data-protection guidelines.

Consent, Notice, and Legitimate Processing

Where required by law, consent will be obtained from data subjects prior to collection or processing of their personal or sensitive data. In other cases (e.g. CCTV monitoring, legitimate interest), the University will inform data subjects through appropriate notice mechanisms before or at the time of data collection. Privacy notice(s) will accompany data-collection forms or be posted in conspicuous campus areas, and on the University website. At all times, data processing is based on legitimate purpose and proportional to the need.

Data Subject Access and Contact

To exercise your rights or if you have any inquiry, concern, or request regarding your personal data, please contact:

Omar B. Roma

Data Protection Officer
Email: dpo@cnu.edu.ph
Phone: 09422041421

Changes to This Policy

The University reserves the right to update or amend this Privacy Policy as necessary to reflect changes in applicable laws, regulations, regulatory guidance, or its internal data-processing practices. Updated versions will be posted on the University’s official website and, where appropriate, communicated to data subjects.