AWS Logo
Community Day Logo

Privacy Policy

Effective Date

This Privacy Policy is effective starting 9 November 2024.

Introduction

The AWS User Group Davao (“AWSUG Davao”) is committed to fully protecting your personal data in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA). This Privacy Policy details the manner in which AWSUG Davao processes personal data collected through your registration and attendance in the AWS Community Day Davao (“Community Day”) through https://community.awsug.ph/2024/davao.html and forms during the Event. In all instances, we assure you that processing your personal data will strictly follow the provisions of DPA, especially the general data privacy principles of transparency, legitimate purpose, and proportionality.

Personal Data Collected

We collect the following personal data from you when you register for the Event:

  • Name
  • Email Address
  • Company/University
  • Phone Number
  • City of Residence

Basis, Use, and Purpose for Processing of Personal Data

When you register for the Event, we obtain your consent to process your personal data. We process your personal data for the following purposes:

  • For documentation and processing of inquiries and requests for the Event;
  • To solicit feedback;
  • For documentation and processing of inquiries and requests for the Event;
  • To comply with a legal obligation to which AWSUG Davao is subject;
  • To comply with the requirements of public order and safety or to fulfill the functions of public authority;
  • To provide the appropriate action that a data subject may require concerning their data privacy rights.

Payments for registration for the Event are handled by payment services providers. We will process the personal data in your payment transaction only to the extent necessary for confirming your payments and dealing with queries relating to such payments. We may also process personal data without your consent, such as when processing is allowed under Section 12 of the DPA.

Methods Utilized For Automated Access

AWSUG Davao uses Techtix, a third-party service by UP Mindanao Society of Programmers and Refined Computer Scientists (SPARCS), where you can provide your personal data to register for the Event, to help AWSUG Davao determine the Event page’s engagement, and to improve the Event services and features. This service uses cookies.

Sharing of Personal Data

By registering for the Event and agreeing to this Privacy Policy, you consent to AWSUG Davao sharing your personal information with any member of AWSUG Davao for purposes of organizing the Event. You also expressly consent to AWSUG Davao sharing your personal data with the Event sponsors. For more information about the Event sponsors, please visit https://community.awsug.ph/2024/davao.html.Personal data processed by AWSUG Davao is not shared with any other party unless stated in this Privacy Policy, or such disclosure is allowed under Section 12 or 13 of the DPA.

Risks Involved

Risk refers to the potential of an incident to result in harm or danger to a data subject or organization. Risks may lead to the unauthorized collection, use, disclosure, or access to personal data. It includes risks involving the confidentiality, integrity, and availability of personal data or the risk that processing will violate the general data privacy principles and the rights of data subjects. AWSUG Davao ensures that adequate physical, technical, and organizational security measures are in place to protect your personal information's confidentiality, integrity, and availability. However, this does not guarantee absolute protection against certain risks involving the processing of personal data, such as when systems are exposed to targeted cyberattacks, malware, ransomware, and computer viruses or when manual records are accessed without authority. Nevertheless, adequate policies are in place to ensure appropriate security incident management in line with the DPA.

Data Protection and Security Measures

We safeguard the confidentiality, integrity, and availability of your personal information by maintaining a combination of organizational, physical, and technical security measures based on generally accepted data privacy and information security standards. Among the measures we implement are the following:

  • Policies on access control in both digital and physical infrastructures to prevent unauthorized access to personal information;
  • End-to-end encryption and data classification whenever suitable;
  • Technical measures to protect our computers and databases against accidental, unlawful, or unauthorized usage, interference, or access.

Storage and Retention

We store files containing personal information in our computers and servers, which are kept in a secure environment. We may also store your personal information with AWS. We shall ensure that proper measures are adopted to protect your information. Personal data shall be stored in a database for two (2) years after inquiries and requests are acted upon. After which, records shall be disposed of securely. Other categories of data may be kept longer than two (2) years when its retention period is determined by other relevant laws and regulations.

Disposal

Physical records shall be disposed of through shredding. In all instances, our manner of disposal shall ensure that the personal information shall no longer be retrieved, processed, or accessed by unauthorized persons.

Rights of a Data Subject

Under the DPA, you have the right to be informed regarding processing the personal information we hold about you. Further, you may be entitled to request:

  • Access to personal data we process about you. It is your right to obtain confirmation on whether or not data relating to you are being processed;
  • Rectification of your personal data. This is your right to have your personal data corrected if it is inaccurate or incomplete;
  • Erasure or order blocking of your personal data whenever warranted;
  • The right to object if the personal data processing involved is based on consent or on legitimate interest;
  • The right to data portability through which you may obtain and electronically move, copy, or transfer your data securely for further use.

You may claim compensation if you believe you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data or for violating your rights and freedoms as a data subject.

Changes to the Privacy Notice

AWSUG Davao reserves the right to update or revise this privacy notice at any time and will provide a new privacy notice whenever there are substantial changes. Prior versions of the privacy notice shall be retained by AWSUG Davao and shall be provided to data subjects upon request.

Feedback on our Privacy Notice

If you have suggestions or comments regarding our Privacy Policy, please contact us at hello@awsugdavao.ph.