In recognition of the constitutional and inherent right of people to privacy, the University of the Philippines Diliman (“UP Diliman”) advances its commitment to protect and uphold the privacy of personal information through this UP Diliman Privacy Policy for Contract Counterparties.

This Policy is a derivative of and subject to the UP Diliman Privacy Policy at

I. Who are covered by this Policy?

This Policy governs UP Diliman Contract Counterparties, Partners, Subcontractors, Outsourcees, Licensors, Licensees, Lessors, Lessees, Vendors, Purchasers and Customers (“Contract Counterparties”) whose personal information, sensitive personal information and privileged information (“Personal Data”) are processed by UP Diliman.

II. Why are Personal Data processed?

UP Diliman processes Personal Data to –

(1) Perform its obligations, exercise its rights, and conduct its associated functions as:

  1. an instrumentality of the government;
  2. a higher education institution and the national university;
  3. a juridical entity with its own rights, interests and internal and external affairs.

(2) For each particular unit of UP Diliman, conduct all acts reasonably foreseeable from and customarily performed by similar bodies.

III. What Personal Data are processed?

UP Diliman processes Personal Data of Contract Counterparties including but not limited to:

  • Personal details such as name, birth, gender, civil status and affiliations;
  • Contact information such as address, email, mobile and telephone numbers;
  • Employment information such as government-issued numbers, position and functions;

UP Diliman processes other Personal Data of Contract Counterparties necessary for the following purposes (the “Purposes”):

(1) Timely realization of UP Diliman’s legitimate rights, interests, obligations and responsibilities in law, contract, equity or public policy;

(2) Compliance with the spirit and intent of UP Diliman in engaging the counterparty involved.

(3) Application and verification purposes;

(4) Records and account creation, update and maintenance purposes;

(5) Security and community affairs purposes; and

(6) Purposes necessary for UP Diliman to perform its obligations, exercise its rights, and conduct its associated functions as a higher education institution, an instrumentality of the government, and as a juridical entity with its own rights, interests and internal and external affairs.

IV. How does UP Diliman process Personal Data and how long are Personal Data retained?

UP Diliman processes and retains Personal Data as necessary for the Purposes in accordance with:

(1) The Data Privacy Act of 2012, National Archives of the Philippines Act of 2007 and their Implementing Rules and Regulations;

(2) Policies, guidelines, and rules of the UP System and UP Diliman on data privacy, research and ethical codes of conduct; and

(3) Executive and regulatory issuances such as those on Freedom of Information.

V. Where are Personal Data stored and how are these transmitted?

Personal Data are stored in physical and electronic “Data Processing Systems” of UP Diliman as defined under National Privacy Commission Circular No. 17-01. Personal Data are transmitted in accordance with Chapter III of the Data Privacy Act of 2012 and Rule V of its Implementing Rules and Regulations.

VI. What are the rights and responsibilities of Contract Counterparties?

The rights and responsibilities of Contract Counterparties are governed by the UP Diliman Data Subject Rights and Responsibilities.

VII. Effectivity and Definition of Terms

The effectivity of this policy and the definition of terms used here are those used in the UP Diliman Privacy Policy.

VIII. The Data Protection Officer

For data protection concerns or to report privacy incidents, please contact the UP Diliman Data Protection Officer by visiting

error: Content is protected !!