THE BEACON ACADEMY DATA PRIVACY NOTICE

Academic Year 2025–2026
Effective July 2025

 

1. Introduction

The Beacon Academy (“Academy”, “we”, “our”, “us”) respects and upholds your right to privacy. We are committed to protecting personal data in compliance with the Data Privacy Act of 2012 and applicable regulations issued by the National Privacy Commission (NPC).

This Privacy Notice explains how we collect, use, process, store, share, retain, and dispose of personal data of the following data subjects:

• • Applicants (students and employees)
  • Students
  • Parents and guardians
  • Alumni
  • Faculty members
  • Employees and administrators
  • Job applicants
  • Contractors, suppliers, and service providers
  • Donors and benefactors
  • Visitors and guests

2. Personal Data We Collect

We collect personal data necessary and relevant to our legitimate educational, administrative, and operational functions.

 

A. From Student Applicants and Parents/Guardians

• • Full name, address, email, contact numbers
  • Date and place of birth
  • Citizenship, passport/visa information (if applicable)
  • Academic records and disciplinary records
  • Interview and admissions test results
  • Medical and health records
  • Family background information
  • Financial records for scholarship/aid applications
  • Professional assessments (learning, socio-emotional)

B. From Enrolled Students

• • Academic performance and attendance records
  • Class schedules and participation records
  • Co-curricular and extra-curricular records
  • Disciplinary records
  • Health and clinic records
  • Photos, videos, and event participation records
  • CCTV footage within campus premises

C. From Alumni

• • Academic history
  • Graduation details
  • Contact information
  • Career updates (if voluntarily provided)
  • Donation history (if applicable)

D. From Employees, Faculty, and Administrators

• • Personal identification information
  • Government-issued numbers (TIN, SSS, PhilHealth, Pag-IBIG)
  • Employment records
  • Payroll and tax information
  • Performance evaluations
  • Training records
  • Health and emergency contact information
  • Background check results (if applicable)

E. From Job Applicants

• • Resume/CV
  • Educational and employment history
  • References
  • Interview notes
  • Background screening information

F. From Suppliers, Contractors, and Service Providers

• • Business registration information
  • Contact details
  • Tax identification information
  • Banking details for payment
  • Contracts and transaction records

G. From Website Users

• • IP address
  • Browser type
  • Device information
  • Cookies and analytics data

H. From Visitors on Our Campus

• • Full Name
  • Identification

3. Manner of Collection

Personal data may be collected through:

• • Online and paper-based application forms
  • Employment forms
  • Interviews and assessments
  • Enrollment and registration processes
  • CCTV systems installed within school premises
  • Email and written correspondence
  • Website forms and cookies
  • Government agencies or institutions when required by law
  • Third-party service providers (e.g., scholarship foundations, background check providers)

4. Purpose and Legal Basis for Processing

We process personal data for the following purposes:

A. Primary Purposes

• • Admissions evaluation and enrollment
  • Academic instruction and student development
  • Scholarship and financial aid processing
  • Employee recruitment and management
  • Payroll and tax compliance
  • Campus security and safety
  • Compliance with legal and regulatory requirements

B. Secondary Purposes

• • Alumni relations and networking
  • Research and statistical reporting
  • Institutional development
  • Marketing and promotion of school activities
  • Fundraising and donor engagement

Legal Basis for Processing

Processing is based on:

• • Contractual necessity
  • Compliance with legal obligations
  • Protection of vital interests (life, health, safety)
  • Performance of tasks in the public interest
  • Legitimate interests of the Academy
  • Consent, where required by law

Sensitive personal information is processed strictly in accordance with the DPA and applicable regulations.

5. Disclosure and Sharing of Personal Data

We may disclose personal data to:

• • Government agencies (e.g., DepEd, BIR, BI, DFA, NPC)
  • Scholarship donors and benefactors
  • Partner schools and universities
  • Competition and sports organizations
  • Service providers under data sharing or outsourcing agreements
  • Courts and law enforcement authorities
  • Insurance providers
  • IT and cloud service providers

All third parties are required to implement appropriate data protection safeguards.

6. Automated Processing and Profiling

The Academy does not engage in automated decision-making or profiling that produces legal effects or significantly affects data subjects.

Certain automated systems (e.g., student information systems, payroll systems, website analytics) may process data for administrative efficiency. These systems are subject to appropriate safeguards.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

• • Improve website functionality
  • Analyze website traffic
  • Enhance user experience

Users may disable cookies through browser settings.

8. Data Retention

We retain personal data only for as long as necessary, including:

• • Student academic records: permanently, as required by education regulations
  • Financial records: at least ten (10) years, in compliance with tax laws
  • Employment records: in accordance with labor laws
  • CCTV footage: typically 30–60 days unless required for investigation
  • Applicant records (unsuccessful): up to two (2) years unless consent for longer retention is given

After the applicable retention period, records are securely disposed of unless further retention is required by law.

9. Storage and Security Measures

We implement organizational, physical, and technical security measures, including:

• • Secure servers and encrypted databases
  • Password-protected systems
  • Role-based access controls
  • Locked filing cabinets for physical records
  • Secure data transmission protocols
  • Confidentiality agreements for employees
  • Data processing agreements with third parties
  • Regular review of data access permissions

10. Risks and Safeguards

While we implement reasonable safeguards, risks such as unauthorized access, data breaches, cyberattacks, or accidental disclosure may still occur.

To address these risks, we maintain:

• • Data breach response procedures
  • Incident reporting mechanisms
  • Access restrictions
  • Regular system monitoring

In the event of a notifiable data breach, we will comply with NPC reporting requirements.

11. Secure Disposal

Personal data is disposed of through:

• • Secure shredding of paper records
  • Permanent deletion of electronic files
  • Degaussing or destruction of storage devices
  • Anonymization where appropriate

12. Your Rights as a Data Subject

Under the Data Privacy Act, you have the right to:

• • Be informed
  • Access your personal data
  • Object to processing
  • Correct inaccurate data
  • Erase or block data (when applicable)
  • Withdraw consent
  • Data portability
  • File a complaint with the National Privacy Commission
  • Claim damages (where applicable)

To exercise your rights, contact our Data Protection Officer.

13. Data Protection Officer

Data Protection Officer
Caterina Ledesma
The Beacon Academy
Cecilia Araneta Parkway
Biñan, Laguna, Philippines 4024
Email: info@beaconacademy.ph
Phone: (+632) 425 1326

You may also contact the National Privacy Commission through its official channels.

14. Links to External Websites

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

15. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Changes will be posted on our website with a revised effective date.