DATA PRIVACY AGREEMENT

The National Federation of Junior Philippine Institute of Accountants (NFJPIA) primarily

prioritizes the confidentiality of personal data. This document details how the organization uses and
protects personal data for the purpose of obtaining the consent of data subjects, in accordance with the
Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), other issuances of
the National Privacy Commission (NPC) and other relevant laws of the Philippines.

PERSONAL DATA
To avoid the possible confusion regarding the term “personal data” and “information”, please read the
definitions below about personal data.

Personal data refers to all types of:

• Personal information – “any information, whether recorded in a material form or not, from which
the identity of an individual is apparent or can be reasonably and directly ascertained by the entity
holding the information, or when put together with other information would directly and certainly
identify an individual;”
• Sensitive personal information – “personal information about an individual’s race, ethnic origin,
marital status, age, color, religious/philosophical/political affiliations, health, education genetic or
sexual life, legal proceedings, government issued identifiers and other information specifically
established by an executive order or an act of congress to be kept classified;” and
• Privileged information – “any and all forms of information which, under the Rules of Court and
other pertinent laws, constitute privileged communication, such as, but not limited to, information
which a person authorized to practice medicine, surgery or obstetrics may have acquired in attending
to a patient in a professional capacity.”

Collection of Information
We collect your personal data that include those you provide us during your application, registration, and
other information we acquire or generate upon your membership or participation and until the validity of
your membership.
Access to Information
As a general rule, NFJPIA does not and will not share personal data with third parties except as necessary
for the proper execution of processes related to a declared purpose, or the use or disclosure is reasonably
necessary, required or authorized by or under law. For purposes of the event, we use and share your
information as permitted or required by law to pursue our legitimate interests as an organization,
including a variety of academic, non-academics, administrative, historical, and statistical purposes.

Sharing of Information
For purposes of the event the Organization will share your personal data with our event partners and other
partners that are necessary in the execution of the event. However, NFJPIA only use personal data for the
purpose disclosed in this document and may not use it for any other purpose.

Validity
NFJPIA, particularly the Secretariat Department stores personal data in both online drives and local
storage, such as Google Drive, One Drive, Cloud, etc. and physical document storage facilities. Personal
data and health data are retained for five (5) federation years from the date of acquisition. Subject to
applicable laws, rules and regulations, the data subject may request personal data to be deleted from the
Organization’s systems, databases, and hard copies within a reasonable requested date.

Rights of Data Subject

Data subjects have the following rights: right to be informed; right to object; right to access; right to
rectify or correct erroneous data; right to erase or block; right to secure data portability; right to indemnify
for damages; and right to file a complaint. The organization’s decisions to provide access, consider
requests for correction or erasure, and address objection to process personal data as it appears in the
organization’s official records, are always subject to applicable and relevant laws and/or the DPA, its IRR
and other issuances of the NPC.

Information Protection
NFJPIA implements all appropriate technical and organizational measures necessary in order to ensure a
level of security, as required pursuant to the Data Protection Act and other measures necessary in order
for the organization to comply with the security requirements set out in the Agreement or that are
otherwise required by other prevailing law. NFJPIA undertakes to inform the data subject of the technical
and organizational measures, which it will implement to protect the personal data being processed. If the
processor of data makes changes that could affect the protection of personal data, the data subject shall be
informed of this well in advance before such changes are implemented.

Data Incident
Any data security incident or breach that comes to the knowledge of NFJPIA will be recorded and
reported as required by law. The organization will take all necessary and reasonable steps to address such
incident or breach and mitigate any negative effect of such incident or breach. If there is strong suspicion
that an incident affects your personal information, NFJPIA will notify you of such incident in an
appropriate manner.

Contact Information
Should you have any inquiries, feedback, and/or complaints, you may contact:
DANICA ROSE C. MANDI
RVP FOR MEDIA & COMMUNICATIONS
r9vpcommunications.nfjpia2122@gmail.com
0935-426-2345

CONSENT

By signing this Data Privacy Agreement, you consent to the collection, generation, use, processing,
storage, and retention of your personal data by the organization for the purpose(s) described in this
document. Please ensure that you have completely read and understood the terms above before signing.

You also authorize the Organization to disclose your information to accredited/affiliated third parties or
independent/non-affiliated third parties, whether local or foreign, in the following circumstances:
• As necessary for the proper execution of processes related to the declared purpose; and
• The use or disclosure is reasonably necessary, required or authorized by or under law.

From time to time, it may be necessary for the Organization to revise this document. Any revision made
to this document shall be communicated via posting in the Organization website or via email. Any change
will not be applied and will not alter how the Organization handles previously collected personal data
without obtaining your consent, unless required by law.

Moreover, I have read this form, understood its contents and consent to the processing of my personal
data. I understand that my consent does not preclude the existence of other criteria for lawful processing
of personal data and does not waive any of my rights under the Data Privacy Act of 2012 and other
applicable laws.

Signed by:

NAME NAME NAME

Local Chapter Local Chapter Local Chapter

NAME NAME NAME

Local Chapter Local Chapter Local Chapter

NAME
Local Chapter

Date

Noted by:
Jhon Philip D. Sarmago
Regional Council President

Fate A. Bendong
Regional Vice President For Non-Academics

Russel Ross S. Tan, CPA

Regional Non-Academic Adviser