AWS Cloud Club - UPHSL Banner

Privacy Policy

Effective Date: October 2025

The AWS Learning Club – UPHSL (AWSLC) recognizes and upholds the fundamental right of data privacy. In compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA), and its Implementing Rules and Regulations, AWSLC is committed to protecting the personal data it collects, processes, and stores.

This Privacy Policy describes how AWSLC collects, uses, stores, shares, and protects personal data obtained through membership registration, event participation, and related activities conducted through https://awslc.uphsl.edu.ph ("Website") and official forms administered by duly authorized AWSLC officers.

Personal Data Collected

AWSLC may collect personal data including, but not limited to, the following:

  • Full name
  • Email address
  • Educational institution and affiliation
  • Contact information
  • Event registration and attendance details

Purpose of Processing

Personal data is processed solely for legitimate and lawful purposes, including:

  • Membership registration and verification
  • Event, workshop, and seminar organization and administration
  • Communication of announcements, updates, and event-related information
  • Documentation, reporting, and internal organizational records

Methods Utilized for Automated Access

AWSLC utilizes automated systems such as online registration forms, cloud-based databases, and email communication platforms to facilitate the collection, storage, and management of personal data. These automated processes are used strictly for administrative and organizational purposes and do not involve automated decision-making or profiling that would produce legal or similarly significant effects on data subjects.

Sharing of Personal Data

By registering with AWSLC and consenting to this Privacy Policy, data subjects authorize AWSLC to share personal data with authorized AWSLC officers and members strictly for purposes related to the planning, organization, and implementation of official AWSLC activities.

Personal data may likewise be shared with event partners or sponsors when necessary for legitimate event-related purposes. AWSLC does not disclose personal data to third parties except as expressly stated in this Privacy Policy or as permitted under Sections 12 or 13 of the Data Privacy Act of 2012.

Risks Involved

Risk refers to the potential for incidents that may result in harm or prejudice to data subjects or the organization, including unauthorized access, use, disclosure, alteration, or loss of personal data.

AWSLC implements reasonable and appropriate physical, technical, and organizational measures to mitigate risks and protect personal data. However, absolute security cannot be guaranteed due to potential threats such as cyberattacks, malware, ransomware, computer viruses, or unauthorized access to manual records.

Data Protection and Security Measures

AWSLC adopts generally accepted data privacy and information security standards to safeguard personal data. These measures include, but are not limited to:

  • Access control mechanisms for digital and physical records
  • Data encryption and classification where appropriate
  • Technical safeguards to prevent accidental, unlawful, or unauthorized access, use, modification, or disclosure

Storage and Retention

Personal data collected by AWSLC is stored in secure, cloud-based systems utilizing Supabase, a managed cloud database service. AWSLC ensures that appropriate technical and organizational safeguards are in place to protect personal data stored in the cloud.

Personal data shall be retained only for as long as necessary to fulfill the purposes for which it was collected. Unless a longer retention period is required by applicable laws or regulations, personal data shall be retained for a maximum period of two (2) years, after which it shall be securely deleted, anonymized, or otherwise disposed of in accordance with this Privacy Policy.

Disposal

Physical records containing personal data shall be disposed of through secure shredding. Digital records shall be permanently deleted or rendered irretrievable using appropriate technical methods. In all instances, disposal procedures are implemented to prevent unauthorized access or recovery of personal data.

All member data will be deleted at the end of every academic year to ensure data minimization and compliance with retention policies.

Rights of a Data Subject

In accordance with the Data Privacy Act of 2012, data subjects are entitled to the following rights:

  • Right to be Informed regarding the processing of their personal data
  • Right of Access to personal data processed by AWSLC
  • Right to Rectification of inaccurate or incomplete personal data
  • Right to Erasure or Blocking of personal data when legally warranted
  • Right to Object to the processing of personal data based on consent or legitimate interest
  • Right to Data Portability, allowing secure transfer of personal data

Data subjects may claim compensation for damages arising from the inaccurate, unlawful, or unauthorized processing of personal data. Complaints may be filed with the National Privacy Commission (NPC) in cases of data privacy violations.

Changes to this Privacy Policy

AWSLC reserves the right to amend or update this Privacy Policy at any time. Data subjects shall be provided with a revised version when substantial changes are made. Previous versions shall be retained and made available upon request.

Feedback and Contact Information

For inquiries, concerns, or requests regarding this Privacy Policy or the exercise of data subject rights, you may contact:

AWS Learning Club – UPHSL

📧 awslc.uphsl@gmail.com