Privacy Policy

Last updated: May 20, 2020

DOST ("us", "we", or "our") operates the https://s-pass.ph/ website (the "Service"), S-PaSS and S-PaSS mobile applications.

This page informs you of our policies regarding the collection of personal information; its purpose/use; the basis of processing information; its storage; the log data; the scan history; retention; data disclosure/share; destruction/disposal; service providers; security (risk involved and how data is protected); links to other sites; children’s privacy; camera access; cookies; rights of data subject; and contact detail when you used our Service.

Collection of Personal Information

Data is collected through online. While using the Service, we may ask you to provide us certain personally identifiable information that can be used to contact or identify you. This personal identifiable information of traveler may include travelers’ name, address, sex, mobile number, and email address. Age and Identification Card information are optional only if the LGU required so. Only travelers whose destination is restricted or passing through restricted area/s need to register in the Service. Status of LGU destination is provided and updated by the service through the respective LGUs.

Travel permit applications may require photo IDs, RT-PCR test results, and other Government documents indicated by the destination local government units. Images uploaded as attachments to travel permit applications are compressed and overlapped with a watermark to prevent fraud and to add security to the traveler’s private information.

No information will be collected until users agreed to the terms and conditions provided in our privacy policy and have given their consent.

Purpose/Use of Collecting Personal Information

Such collected data is for the purpose of identification and proper coordination to the place of destination of a traveler. It is to ensure smooth onset of travel knowing that different province, city, municipality has its own different travel policy. Name is collected for identification purposes only; address is gathered to establish the residency and to determine the proper jurisdiction of the returning traveler; sex is collected to properly address the traveler, contact number is asked for communication services to prevent fraud on your account and to cater its need to the proper LGU; and email address is collected for security purposes such as resetting password. Age and identification card is optional only. Those information are adequate and necessary to obtain travel pass permit.

Also, we collect your information to track bugs, errors, and usage statistics. In case of any security incident or data breach, we may also use your information in our investigation report to the National Privacy Commission.

Basis of Processing

The bases of processing of such information are: Sec 2(b) of E.O. No. 168 which mandates the Inter-Agency Task Force for the management of emerging infectious disease; Presidential Proclamation No. 1021 which extending the period of State of Calamity throughout the Philippines until September 21, 2021; and AITF Resolution No. 101 which approved uniform travel protocols for local government units which adopts DOST VI S-Pass Ph system.

Storage

Data is stored through cloud backup. Physical server is stored in a cloud facility. Backup Server being used is a cloud commercial in Singapore.

Log Data

We collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.

Scan History

When a traveler’s QR code is scanned using our mobile scanner app, their travel information is being verified for its authenticity. The current date, time and location of the mobile scanner app account is collected and stored on our database for a maximum of 15 days and will be visible to authorities using the service. To enable this feature, travelers will be asked if they allow the information to be accessed by S-PaSS digital scan history timeline feature.

Retention

Scan history data are handled with the highest degree of confidentiality and shall be retained in the backend for a maximum of 15 days.

Travel Permits information and attachments are also handled with the highest degree of confidentiality and shall be retained in the backend for a maximum of 5 days after the expected travel arrival date indicated in the permit.

Users may request to delete their data at any given time throughout the retention period by contacting us.

Data Disclosure/Share

The data is not disclosed to any other organization. The Service was adopted by the AITF as a tool to a uniform travel protocols for local government units. Nevertheless, the personal information being shared to LGU whose status is restricted are the following:

Date of Application
Date of Travel Departure & Arrival
Place of Origin & Destination
Means of Transportation
Means of Transportation
Contact Number
Attached Documents (Requirements per may vary per LGU)

These are necessary and adequate to issue travel pass permit to a traveler.

Destruction/Disposal

The data is disposed through termination of virtual server. The process is being managed in-house who will facilitate the destruction of the data. But the users can completely delete their registered data within the platform. Should the user wish to delete or to destroy his/her personal information or to withdraw consent in the processing of personal information, they may do so by logging in and deactivating account.

Service Providers

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties do not have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Security (Risk Involved and How Data is Protected)

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Preventive measures are given to eradicate risks involved in the Service.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Notice of every site you visit.

Children's Privacy

Our Service does not address anyone under the age of 13 ("Children").

We do not collect personally identifiable information from children under 13. Any information supplied by the children upon our knowledge will be deleted immediately by our servers. Parents/Guardian/Any person with legal capacity must contact us if inadvertently supplied information to the Service.

Camera Access

Our Service requires camera access in order to scan and read QR codes and other travel information. Our access to users’ camera is strictly not for saving or collecting any photos or videos.

User can decline the browser or mobile device for camera access or to indicate its usage. However, this may restraint some usage of the Service.

Cookies

The Service use cookies to improve its feature. Only necessary for the operation of website are stored. For all types of cookies, the service requested your permission.

Rights of Data Subject

The traveler whose destination status is restricted or unrestricted but passing through restricted area according to LGU Travel Policy has the following rights: Right to be informed; Right to object; Right to access; Right to correct; Right for erasure or blocking; Right to file a complaint; Right to damages; and Right to data portability.

Changes To This Privacy Notice

We may update our Privacy Notice from time to time. We will notify you of any changes by posting the new Privacy Notice on this page.

You are advised to review this Privacy Notice periodically for any changes. Changes to this Privacy Notice are effective when they are posted on this page.

Contact Us

You can reach us [email protected], 0998 535 4217, facebook.com/spassph/