FEUR Library

1. Introduction

FEU Roosevelt Marikina is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Notice explains how we collect, use, store, and protect your personal data through our Library Management System (LMS).

FEU Roosevelt has continually evolved to meet the changing educational landscape, and as the institution embraces digital transformation and expands its repository of both physical and electronic resources, there is a critical need for an efficient, integrated library system.

By using our Library Management System, you consent to the collection and use of your personal information as described in this notice. This Privacy Notice is compliant with the Data Privacy Act of 2012 (Republic Act No. 10173).

2. Personal Information We Collect

2.1 Account Information

We collect personal information necessary for account creation and management:

Name: First name and last name
ID Number: A unique identifier for each user (student, faculty, or staff)
Password: Stored as hashed values for security
Email Address: For notifications and communication (overdue alerts, hold notifications)
Phone Number: Optional contact details as mentioned in our system design

2.2 Transaction Information

We collect information related to your library transactions:

Borrowing History: Records of all books borrowed
Return Status: Status of returned books and due dates
Fines and Fees: Records of any penalties or fees associated with overdue, lost, or damaged books
Contact Details: Information stored in our Book_Borrowing table for transaction records

Note: The system does not provide digital or soft copies of library materials. Users can only access information about the availability and status of physical items.

3. How We Process Your Information

User Authentication

The system processes ID numbers and passwords to verify a user's identity during login sessions.

Account Management

Personal data is processed to create new accounts, update profile details, and manage user roles and permissions.

Borrowing and Returning

The system processes user ID numbers and book information to track who has borrowed which book and when it is due. Data is updated upon return.

Notifications and Communications

User contact information (email) is processed to send automated alerts for overdue books, available books, and library announcements.

Reporting and Analytics

Personal information, often in an aggregated or anonymized form, is processed to generate reports on:

Library usage patterns and statistics
Resource popularity and demand
User activity and system performance
Decision-making support for library administration

4. Data Security Measures

The system is designed with security in mind, implementing comprehensive organizational, physical, and technical security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Organizational Security Measures

Data protection and security policies are in place
Users/staff processing personal data are under strict confidentiality agreements
Inventory of processing systems including this Library Management System
Regular staff training and periodic updates on data handling procedures

Physical Security Measures

Policies and procedures to monitor and limit access to the system
Clearly defined duties, responsibilities, and schedules for data handling personnel
Physical access controls to servers and workstations
Secure backup and workstation protection measures

Technical Security Measures

Password hashing and encryption for sensitive data fields
Role-based access control limiting access to authorized personnel only
Personal data encrypted while in transit and at rest
Regular testing, assessment, and evaluation of security measures
Policies and procedures for data recovery and incident response
Pre-defined API parameters with built-in validations
Regular system accuracy testing and periodic information reviews

5. Your Rights as a Data Subject

Under the Data Privacy Act of 2012, you have the following rights regarding your personal information. Data subjects are aware of these rights and how they can be exercised:

1

Right to be Informed

You have the right to know how your personal data is being processed, including the nature, purpose, and extent of processing.

2

Right to Access

You can request access to your personal data that we process and obtain copies of such data.

3

Right to Correct

You can request correction of inaccurate or incomplete personal data.

4

Right to Object

You can object to the processing of your personal data under certain circumstances.

5

Right for Erasure or Blocking

You can request deletion or blocking of your personal data when legally permissible.

6

Right to File a Complaint

You can file a complaint with the National Privacy Commission regarding data privacy violations.

7

Right to Damages

You can seek compensation for damages resulting from violations of your privacy rights.

8

Right to Data Portability

You can request your personal data in a structured, commonly used format for transfer to another controller.

Note: Some limitations may apply based on legal requirements, academic record-keeping obligations, or active library transactions.

6. Data Retention

Your personal data will be retained for as long as necessary to fulfill the purposes outlined in this privacy notice or as required by applicable laws and institutional policies.

Research and Capstone Data

Data collected through Google Forms for research evaluation and capstone projects will be owned by FEU Roosevelt even after researchers complete their studies.

All data gathered will be retained internally by FEU Roosevelt in their collection of theses and capstones.

Library System Data

Account information, transaction records, and system data are retained according to institutional data governance policies.

Retention periods are determined by FEU Roosevelt Marikina's discretion and academic requirements.

Data Disposal: It is up to the discretion of FEU Roosevelt Marikina on how they will dispose of personal data when it is no longer needed for legitimate purposes.

7. Data Transfer and Disclosure

Internal Data Transfer

Personal data collected through our Library Management System will be transferred to FEU Roosevelt Marikina for institutional use and compliance with academic policies.

Transfer Process

The transfer process ensures that all data shared complies with institutional data protection policies and relevant privacy regulations, including the Data Privacy Act of 2012.

Third-Party Involvement

Third parties may be involved in our data processing activities, including:

Technology Vendors: For hosting and infrastructure services
Google Services: For Forms data collection and related services
Academic Partners: For legitimate educational and research purposes

Timeline: Project plans allow sufficient time for third-party reviews and sign-offs, typically a few weeks to a month depending on contractual obligations.

Data Storage Location: Personal data is stored within the Philippines in accordance with local data protection requirements and institutional policies.

8. Contact Us

If you have questions, concerns, or requests regarding this Privacy Notice or our data practices, please contact us. Data subjects are provided information about how to contact the organization's responsible personnel:

Data Protection Officer

IT Head

FEU Roosevelt Marikina

Information Technology Department

privacy@feur.edu.ph

Data protection inquiries

School Administration

School Admin

Academic Affairs Office