United Marine Training Center, Inc. (“we” or “us”) is committed to the protection of your personal information and your privacy. This Personal Data Protection Policy (“Policy”), prepared in accordance with the Data Privacy Act 2012, sets out our personal data protection practices that are put in place to protect the personal information of our employees and trainees.
We may amend this policy at any time without prior notice and we will notify you of any such amendments via our website or by email.
1.1. Definition of Terms
- “You or Data Subject” – refers to our employees and trainees.
- “Personal Data and Processing” – shall have the meanings as set out under the Data Privacy Act 2012 and its implementing rules and regulations.
- “Principal” – refers to our clients and/or their representatives
- “Supplier or Agent” – refers to any of contractors and/or service providers.
1.2. Scope and Limitations
This policy is applicable to all our employees regardless of the type of employment, and trainees regardless of his/her training arrangement.
1.3. Collection of Personal Data
In the course of your employment and training with us, we shall request you to provide certain personal data as applicable including, but not limited to the following; rank, full name, photo, birth date, birthplace, age, nationality, religion, gender, marital status, address, email address, contact number(s), health, height, weight, travel documents (passport / seaman’s book), educational background, employment history, references, bank account number/s, SSS number, Philhealth number, and Pag-ibig number, including your relatives’ full name, birth date, age, relationship, address, email address, and contact number.
We shall collect such personal data from you when you:
- Contact us
- Submit your information to us personally, thru phone, email or online.
- Apply for, or commence your employment with us
- Respond/Participate in any of our marketing materials, surveys, events and other company/ training activities
- Provide feedback to us
We may also obtain your personal data from third parties whom we deal with or who are connected with you and from other sources where you have given your consent for the disclosure of information relating to you, and/or where otherwise permitted by law.
1.4. Purpose Collecting Personal Data
The personal data you provided will be processed by us for (but not limited to) the following purposes as applicable:
- For screening and selection or enrollment
- To process all documentations required for your employment or enrollment
- To provide information to our principal, suppliers, agents, Government Authorities and/or Embassies in order to transact and/or process applicable documentations and/or items required for your employment.
- For training and certification
- For immersion program (deployment, embarkation and disembarkation)
- For performance evaluation and career planning
- For payment of salaries, benefits, and government contributions
- To identify beneficiaries and/or next of kin
- For the establishment, exercise or defense of legal claims
- For recording, reporting, and historical and statistical purposes
- To comply with any other requirements that may be required by law.
1.5. Disclosure of your Personal Data
The personal data you have provided to us will be kept confidential. But for the purposes stated in this policy, you hereby consent and authorize us to share and/or disclose your personal data to the following parties:
- Our principal, Marlow Navigation Co. Ltd. their related companies, and/or their clients
- Companies and/or organizations that act as our suppliers, agents, contractors and/or service providers
- Government authorities and/or embassies
1.6. Personal Data Security
We will take all appropriate measures to protect your personal data from accidental or unlawful destruction, alteration, disclosure, misuse, unlawful processing; as well as protect you against any damages sustained due to such inaccurate, incomplete, outdated, false and unlawfully obtained or unauthorized use of your personal data.
We will not keep your personal data for longer than necessary, and we will take appropriate measures to remove or destroy records of your personal data as applicable in accordance with the Data Privacy Act 2012.
1.7. Personal Data Access and Correction
In accordance with the Data Privacy Act 2012, we may on a written request received from you, provide you with access to your personal information and consider a request for the correction of that data. In such circumstances, you may request for ‘Data Subject Request Form’ through:
Data Protection Officer
United Marine Training Center, Inc.
2120 Leon Guinto St. Malate, Manila, Philippines
Tel: 981-66-82
You may also send your feedback on any related issues at:
Email: dataprivacy@umtc.com.ph
2.1. Collection
The company collects personal data such as (but not limited to):rank, full name, photo, birth date, birthplace, age, nationality, religion, gender, marital status, address, email address, contact number, educational background, present employer, including his/her relatives’ full name, relationship, address and contact number.
The company collects such personal data such as (but not limited to): company addresses, and other information sent to the company via email or submitted by the company representative for delivering training certificates, billing statements and training results.
2.2. Purpose
The company uses the personal data for (but not limited to) the following purposes:
-
- For the trainees
- Processing your related requirements
- Training and certification
- Photo for training certificates
- Recording, reporting, and statistical purposes
- In compliance with Principal requirements
- In compliance with any other requirements that may be required by law.
- For the employee
- Performance Evaluation
- Payment of wages and government contributions
- Identification of beneficiaries/next of kin for any legal claims
- Recording, reporting and statistical purposes
- In compliance with any other requirements that may be required by law
- For the trainees
2.3. Rights of the Data Subject
The company shall allow the data subject to access and/or obtain copy of their personal data whether processed or not in manual or electronic format. Under which case, the data subject may dispute any inaccuracy of the personal data. The Training Center shall update or correct the personal data in agreement with the data subject.
The data subject shall be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, and false and unlawfully obtained or unauthorized use of personal data.
The data subject may object the processing, or order the blocking, removal or destruction of their personal data. However by doing so, the company will not be able to fulfill any services related to their employment, including the purposes mentioned on above point no. 2.2.
As provided under the DPA, data subjects have the following rights in connection with the processing of their personal data: right to be informed, right to object, right to access, right to rectification, right to erasure or blocking, right to damages, right to complaint, transmissibility of rights of data subject and data portability.
- Right to be Informed
The data subject has the right to be informed whether personal data pertaining to him or her shall be, are being, or have been processed. The data subject shall be notified and furnished with information indicated hereunder before the entry of his or her personal data into the records of the company, or at the next practical opportunity:
- Description of the personal data to be entered into the system;
- Purposes for which they are being or will be processed, including processing for profiling, statistical or scientific purpose;
- Basis of processing, when processing is not based on the consent of the data subject;
- Scope and method of the personal data processing;
- The recipients or classes of recipients to whom the personal data are or may be disclosed or shared;
- Methods utilized for automated access, if the same is allowed by the data subject, and the extent to which such access is authorized, including meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data Subject;
- The identity and contact details of the DPO;
- The period for which the personal data will be stored; and
- The existence of their rights as data subjects, including the right to access, correction, and to object to the processing, as well as the right to lodge a complaint before the National Privacy Commission.
- Right to Object
The data subject shall have the right to object to the processing of his or her personal data, including processing for automated processing or profiling. The data subject shall also be notified and given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the data subject in the preceding paragraph.
When a data subject objects or withholds consent, the company shall no longer process the personal data, unless:
- The personal data is needed pursuant to a subpoena;
- The processing is for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which the data subject is a party, or when necessary or desirable in the context of an employer-employee relationship between the company and the data subject; or
- The personal data is being collected and processed to comply with a legal obligation.
- Right to Access
The data subject has the right to reasonable access to, upon demand, the following:
- Contents of his or her personal data that were processed;
- Sources from which personal data were obtained;
- Names and addresses of recipients of the personal data;
- Manner by which his or her personal data were processed;
- Reasons for the disclosure of the personal data to recipients, if any;
- Information on automated processes where the personal data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect the data subject;
- Date when personal data concerning the data subject were last accessed and modified; and
- The designation, name or identity, and address of the DPO.
- Right to Rectification
The data subject has the right to dispute the inaccuracy or rectify the error in his or her personal data, and the company shall correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the personal data has been corrected, the company shall ensure the accessibility of both the new and the retracted personal data and the simultaneous receipt of the new and the retracted personal data by the intended recipients thereof, provided that recipients or third parties who have previously received such processed personal data shall be informed of its inaccuracy and its rectification, upon reasonable request of the data subject.
- Right to Erasure or Blocking
The data subject shall have the right to suspend, withdraw, or order the blocking, removal, or destruction of his or her personal data from the company’s filing system.
- This right may be exercised upon discovery and substantial proof of any of the following:
- The personal data is incomplete, outdated, false, or unlawfully obtained;
- The personal data is being used for purpose not authorized by the data subject;
- The personal data is no longer necessary for the purposes for which they were collected;
- The data subject withdraws consent or objects to the processing, and there is no other legal ground or overriding legitimate interest for the processing by the company;
- The personal data concerns private information that is prejudicial to data subject, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;
- The processing is unlawful; or
- The data subject’s rights have been violated.
- The DPO may notify third parties who have previously received such processed personal data that the data subject has withdrawn his or her consent to the processing thereof upon reasonable request by the data subject.
- Right to Damages
The data subject may claim compensation if he/she suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, considering any violation of his/ her rights and freedoms as data subject.
- Right to Complaint
If the data subject feel that his / her personal information has been misused, maliciously disclosed, or improperly disposed, or that any of his/ her data privacy rights have been violated, he/she have the right to file a complaint with the NPC.
- Transmissibility of Rights of Data Subject
The lawful heirs and assigns of the data subject may invoke the rights of the data subject to which he or she is an heir or an assignee, at any time after the death of the data subject, or when the data subject is incapacitated or incapable of exercising his/her rights.
- Data Portability
Where his or her personal data is processed by the company through electronic means and in a structured and commonly used format, the data subject shall have the right to obtain a copy of such data in an electronic or structured format that is commonly used and allows for further use by the data subject. The exercise of this right shall primarily take into account the right of data subject to have control over his or her personal data being processed based on consent or contract, for commercial purpose, or through automated means. The DPO shall regularly monitor and implement the National Privacy Commission’s issuances specifying the electronic format referred to above, as well as the technical standards, modalities, procedures and other rules for their transfer.
The company ensures that personal data under its custody are protected against any accidental or unlawful destruction, alteration, disclosure, misuse, as well as against any other unlawful processing.
The company will implement appropriate security measures in storing personal data in secure facilities and paper-based files, and uses various processes such as (but not limited to):
- In a lockable storage room with controlled access, or
- In a locked drawer or filing cabinet, or
- Use of access levels and computer passwords protected to identify and limit access.
- Automatic expiration and change of passwords at regular intervals.
The company retains personal data depending on the documentation classification after the data subject’s last transaction with the company, as it may need to resolve issues, answer to possible local and/or international queries from authorities, and/or comply with any legal requirements under applicable laws.
The company shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, termination of contract or other contractual relations. Personal data under the custody of the company shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.
Personal Data Protection Policy
United Marine Training Center, Inc. (“we” or “us”) is committed to the protection of your personal information and your privacy. This Personal Data Protection Policy (“Policy”), prepared in accordance with the Data Privacy Act 2012, sets out our personal data protection practices that are put in place to protect the personal information of our employees and trainees.
We may amend this policy at any time without prior notice and we will notify you of any such amendments via our website or by email.
1.1. Definition of Terms
- “You or Data Subject” – refers to our employees and trainees.
- “Personal Data and Processing” – shall have the meanings as set out under the Data Privacy Act 2012 and its implementing rules and regulations.
- “Principal” – refers to our clients and/or their representatives
- “Supplier or Agent” – refers to any of contractors and/or service providers.
1.2. Scope and Limitations
This policy is applicable to all our employees regardless of the type of employment, and trainees regardless of his/her training arrangement.
1.3. Collection of Personal Data
In the course of your employment and training with us, we shall request you to provide certain personal data as applicable including, but not limited to the following; rank, full name, photo, birth date, birthplace, age, nationality, religion, gender, marital status, address, email address, contact number(s), health, height, weight, travel documents (passport / seaman’s book), educational background, employment history, references, bank account number/s, SSS number, Philhealth number, and Pag-ibig number, including your relatives’ full name, birth date, age, relationship, address, email address, and contact number.
We shall collect such personal data from you when you:
- Contact us
- Submit your information to us personally, thru phone, email or online.
- Apply for, or commence your employment with us
- Respond/Participate in any of our marketing materials, surveys, events and other company/ training activities
- Provide feedback to us
We may also obtain your personal data from third parties whom we deal with or who are connected with you and from other sources where you have given your consent for the disclosure of information relating to you, and/or where otherwise permitted by law.
1.4. Purpose Collecting Personal Data
The personal data you provided will be processed by us for (but not limited to) the following purposes as applicable:
- For screening and selection or enrollment
- To process all documentations required for your employment or enrollment
- To provide information to our principal, suppliers, agents, Government Authorities and/or Embassies in order to transact and/or process applicable documentations and/or items required for your employment.
- For training and certification
- For immersion program (deployment, embarkation and disembarkation)
- For performance evaluation and career planning
- For payment of salaries, benefits, and government contributions
- To identify beneficiaries and/or next of kin
- For the establishment, exercise or defense of legal claims
- For recording, reporting, and historical and statistical purposes
- To comply with any other requirements that may be required by law.
1.5. Disclosure of your Personal Data
The personal data you have provided to us will be kept confidential. But for the purposes stated in this policy, you hereby consent and authorize us to share and/or disclose your personal data to the following parties:
- Our principal, Marlow Navigation Co. Ltd. their related companies, and/or their clients
- Companies and/or organizations that act as our suppliers, agents, contractors and/or service providers
- Government authorities and/or embassies
1.6. Personal Data Security
We will take all appropriate measures to protect your personal data from accidental or unlawful destruction, alteration, disclosure, misuse, unlawful processing; as well as protect you against any damages sustained due to such inaccurate, incomplete, outdated, false and unlawfully obtained or unauthorized use of your personal data.
We will not keep your personal data for longer than necessary, and we will take appropriate measures to remove or destroy records of your personal data as applicable in accordance with the Data Privacy Act 2012.
1.7. Personal Data Access and Correction
In accordance with the Data Privacy Act 2012, we may on a written request received from you, provide you with access to your personal information and consider a request for the correction of that data. In such circumstances, you may request for ‘Data Subject Request Form’ through:
Data Protection Officer
United Marine Training Center, Inc.
2120 Leon Guinto St. Malate, Manila, Philippines
Tel: 981-66-82
You may also send your feedback on any related issues at:
Email: dataprivacy@umtc.com.ph
Processing of Personal Data
2.1. Collection
The company collects personal data such as (but not limited to):rank, full name, photo, birth date, birthplace, age, nationality, religion, gender, marital status, address, email address, contact number, educational background, present employer, including his/her relatives’ full name, relationship, address and contact number.
The company collects such personal data such as (but not limited to): company addresses, and other information sent to the company via email or submitted by the company representative for delivering training certificates, billing statements and training results.
2.2. Purpose
The company uses the personal data for (but not limited to) the following purposes:
-
- For the trainees
- Processing your related requirements
- Training and certification
- Photo for training certificates
- Recording, reporting, and statistical purposes
- In compliance with Principal requirements
- In compliance with any other requirements that may be required by law.
- For the employee
- Performance Evaluation
- Payment of wages and government contributions
- Identification of beneficiaries/next of kin for any legal claims
- Recording, reporting and statistical purposes
- In compliance with any other requirements that may be required by law
- For the trainees
2.3. Rights of the Data Subject
The company shall allow the data subject to access and/or obtain copy of their personal data whether processed or not in manual or electronic format. Under which case, the data subject may dispute any inaccuracy of the personal data. The Training Center shall update or correct the personal data in agreement with the data subject.
The data subject shall be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, and false and unlawfully obtained or unauthorized use of personal data.
The data subject may object the processing, or order the blocking, removal or destruction of their personal data. However by doing so, the company will not be able to fulfill any services related to their employment, including the purposes mentioned on above point no. 2.2.
As provided under the DPA, data subjects have the following rights in connection with the processing of their personal data: right to be informed, right to object, right to access, right to rectification, right to erasure or blocking, right to damages, right to complaint, transmissibility of rights of data subject and data portability.
- Right to be Informed
The data subject has the right to be informed whether personal data pertaining to him or her shall be, are being, or have been processed. The data subject shall be notified and furnished with information indicated hereunder before the entry of his or her personal data into the records of the company, or at the next practical opportunity:
- Description of the personal data to be entered into the system;
- Purposes for which they are being or will be processed, including processing for profiling, statistical or scientific purpose;
- Basis of processing, when processing is not based on the consent of the data subject;
- Scope and method of the personal data processing;
- The recipients or classes of recipients to whom the personal data are or may be disclosed or shared;
- Methods utilized for automated access, if the same is allowed by the data subject, and the extent to which such access is authorized, including meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data Subject;
- The identity and contact details of the DPO;
- The period for which the personal data will be stored; and
- The existence of their rights as data subjects, including the right to access, correction, and to object to the processing, as well as the right to lodge a complaint before the National Privacy Commission.
- Right to Object
The data subject shall have the right to object to the processing of his or her personal data, including processing for automated processing or profiling. The data subject shall also be notified and given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the data subject in the preceding paragraph.
When a data subject objects or withholds consent, the company shall no longer process the personal data, unless:
- The personal data is needed pursuant to a subpoena;
- The processing is for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which the data subject is a party, or when necessary or desirable in the context of an employer-employee relationship between the company and the data subject; or
- The personal data is being collected and processed to comply with a legal obligation.
- Right to Access
The data subject has the right to reasonable access to, upon demand, the following:
- Contents of his or her personal data that were processed;
- Sources from which personal data were obtained;
- Names and addresses of recipients of the personal data;
- Manner by which his or her personal data were processed;
- Reasons for the disclosure of the personal data to recipients, if any;
- Information on automated processes where the personal data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect the data subject;
- Date when personal data concerning the data subject were last accessed and modified; and
- The designation, name or identity, and address of the DPO.
- Right to Rectification
The data subject has the right to dispute the inaccuracy or rectify the error in his or her personal data, and the company shall correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the personal data has been corrected, the company shall ensure the accessibility of both the new and the retracted personal data and the simultaneous receipt of the new and the retracted personal data by the intended recipients thereof, provided that recipients or third parties who have previously received such processed personal data shall be informed of its inaccuracy and its rectification, upon reasonable request of the data subject.
- Right to Erasure or Blocking
The data subject shall have the right to suspend, withdraw, or order the blocking, removal, or destruction of his or her personal data from the company’s filing system.
- This right may be exercised upon discovery and substantial proof of any of the following:
- The personal data is incomplete, outdated, false, or unlawfully obtained;
- The personal data is being used for purpose not authorized by the data subject;
- The personal data is no longer necessary for the purposes for which they were collected;
- The data subject withdraws consent or objects to the processing, and there is no other legal ground or overriding legitimate interest for the processing by the company;
- The personal data concerns private information that is prejudicial to data subject, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;
- The processing is unlawful; or
- The data subject’s rights have been violated.
- The DPO may notify third parties who have previously received such processed personal data that the data subject has withdrawn his or her consent to the processing thereof upon reasonable request by the data subject.
- Right to Damages
The data subject may claim compensation if he/she suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, considering any violation of his/ her rights and freedoms as data subject.
- Right to Complaint
If the data subject feel that his / her personal information has been misused, maliciously disclosed, or improperly disposed, or that any of his/ her data privacy rights have been violated, he/she have the right to file a complaint with the NPC.
- Transmissibility of Rights of Data Subject
The lawful heirs and assigns of the data subject may invoke the rights of the data subject to which he or she is an heir or an assignee, at any time after the death of the data subject, or when the data subject is incapacitated or incapable of exercising his/her rights.
- Data Portability
Where his or her personal data is processed by the company through electronic means and in a structured and commonly used format, the data subject shall have the right to obtain a copy of such data in an electronic or structured format that is commonly used and allows for further use by the data subject. The exercise of this right shall primarily take into account the right of data subject to have control over his or her personal data being processed based on consent or contract, for commercial purpose, or through automated means. The DPO shall regularly monitor and implement the National Privacy Commission’s issuances specifying the electronic format referred to above, as well as the technical standards, modalities, procedures and other rules for their transfer.
Storage, Retention, Destruction and Disposal
The company ensures that personal data under its custody are protected against any accidental or unlawful destruction, alteration, disclosure, misuse, as well as against any other unlawful processing.
The company will implement appropriate security measures in storing personal data in secure facilities and paper-based files, and uses various processes such as (but not limited to):
- In a lockable storage room with controlled access, or
- In a locked drawer or filing cabinet, or
- Use of access levels and computer passwords protected to identify and limit access.
- Automatic expiration and change of passwords at regular intervals.
The company retains personal data depending on the documentation classification after the data subject’s last transaction with the company, as it may need to resolve issues, answer to possible local and/or international queries from authorities, and/or comply with any legal requirements under applicable laws.
Disclosure and Sharing
The company shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, termination of contract or other contractual relations. Personal data under the custody of the company shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.