Philippines Data প্রাইভেসি Act: একটি সম্পূর্ণ গাইড to Your Rights Under RA 10173
Understand your rights under the Philippines Data প্রাইভেসি Act (RA 10173). Learn how the NPC protects আপনার ব্যক্তিগত তথ্য and what to do when your data is misused.
Philippines Data প্রাইভেসি Act: একটি সম্পূর্ণ গাইড to Your Rights Under RA 10173
Every time you fill out a form at a clinic, register a SIM card, apply for a credit card, or sign up for a rewards program, you hand over personal information. In the Philippines, the Data প্রাইভেসি Act of 2012 (Republic Act No. 10173) governs how organizations collect, store, process, and protect that information.
Most Filipinos know the law exists but are unclear about what it actually means for them. এই গাইডে ব্যাখ্যা করা হয়েছে your rights in plain language.
কী হলো the Data প্রাইভেসি Act?
The Data প্রাইভেসি Act (DPA) is the Philippines' comprehensive data সুরক্ষা law. It was signed into law in 2012 and is enforced by the National প্রাইভেসি Commission (NPC). It applies to:
- All Philippine government agencies
- Private companies operating in the Philippines
- Foreign organizations processing data of Filipino citizens
- Individuals who process personal data for commercial purposes
The law covers all forms of personal information — digital files, paper documents, and any other medium.
Your 8 Rights Under the DPA
1. Right to Be Informed
You have the right to know that your personal data is being collected, the purpose of collection, how it will be processed, and who will have access to it. Organizations must tell you this before or at the time of collection.
2. Right to Object
আপনি পারেন refuse to have your personal data processed. আপনি পারেন also withdraw consent that you previously gave. If you object, the organization must stop processing your data unless they have a legal basis to continue.
3. Right to Access
আপনি পারেন request a copy of all personal information an organization holds about you. They must provide it within a reasonable timeframe.
4. Right to Rectification
If your personal data is inaccurate, incomplete, or outdated, আপনি পারেন demand that the organization correct it.
5. Right to Erasure or Blocking
আপনি পারেন request that your personal data be deleted or blocked from further processing when it is no longer necessary for the purpose it was collected, when you withdraw consent, or when it was unlawfully obtained.
6. Right to Damages
If you suffer damage due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data, you have the right to claim compensation.
7. Right to Data Portability
আপনি পারেন obtain your personal data in an electronic or structured format and transfer it to another organization.
8. Right to File a Complaint
If you believe your data প্রাইভেসি rights have been violated, আপনি পারেন file a complaint directly with the National প্রাইভেসি Commission.
কীভাবে Exercise Your Rights
| Action | কীভাবে Do It | Where |
|---|---|---|
| Request access to your data | Written request to the organization's Data সুরক্ষা Officer (DPO) | The organization that holds your data |
| Object to processing | Written notice to the organization | The organization's DPO |
| Request deletion | Written request citing the legal basis | The organization's DPO |
| File a complaint | Online complaint form | npc.gov.ph |
| Report a ডেটা লিক | Online report or email | complaints@প্রাইভেসি.gov.ph |
Common Violations You Should Know About
1. Excessive Data Collection
A restaurant asks for your full name, birthday, address, and phone number just to use their WiFi. This violates the proportionality principle — they are collecting more data than necessary for the service.
2. Sharing Data Without Consent
A bank shares your contact information with an insurance company without your explicit consent. You start receiving calls about products you never asked about.
3. Failure to Secure Data
A company stores customer records including government IDs on an unsecured server. The data gets leaked. The company is liable under the DPA for failing to implement reasonable security measures.
4. No প্রাইভেসি Notice
A website collects your email, name, and phone number without displaying a প্রাইভেসি notice explaining how the data will be used.
5. Unauthorized CCTV
A private establishment records you on CCTV without any notice and shares the footage with third parties for non-security purposes.
Penalties for Violations
The DPA imposes serious penalties:
- Unauthorized processing of personal data: 1 to 3 years imprisonment and PHP 500,000 to PHP 2,000,000 fine
- Negligence leading to unauthorized access: 1 to 3 years and PHP 500,000 to PHP 2,000,000
- Improper disposal of personal data: 6 months to 2 years and PHP 100,000 to PHP 500,000
- Unauthorized disclosure: 1 to 3 years and PHP 500,000 to PHP 1,000,000
Organizations that suffer ডেটা লিকes must notify the NPC and affected individuals within 72 hours.
Practical Tips for Protecting Your Data
- Read প্রাইভেসি notices before signing up for services — yes, actually read them
- Ask why when businesses request personal information. If it is not necessary for the service, আপনি পারেন refuse
- Minimize the data you share — use initials instead of full names when possible
- Request deletion of your data when you stop using a service
- Do not give photocopies of IDs unless absolutely necessary. Ask if showing the original is sufficient
- Report violations to the NPC — your complaint can lead to real consequences
- Check organizations' প্রাইভেসি policies on their websites before sharing data
Protecting Your Data in Daily Digital Life
Beyond formal complaints and legal rights, practical সুরক্ষা matters. When আপনাকে করতে হবে share sensitive personal information online — government IDs, tax documents, medical records — sending them through Messenger or email creates permanent copies that are vulnerable to hacking.
LOCK.PUB lets you create পাসওয়ার্ড-সুরক্ষিত, self-expiring links for sharing sensitive documents. The recipient enters a password to view the information, and it disappears after the set expiration. This is especially useful when sharing documents for job applications, apartment rentals, or bank transactions.
Key NPC Resources
- NPC Website: npc.gov.ph
- Complaints: complaints@প্রাইভেসি.gov.ph
- Hotline: (02) 8234-2228
- ডেটা লিক Notification: npc.gov.ph/breach-notification
উপসংহার
The Data প্রাইভেসি Act gives every Filipino powerful rights over their personal information. But rights only matter if you exercise them. The next time a business collects more data than necessary, shares your information without permission, or fails to protect your records, you have the legal tools to hold them accountable.
For everyday সুরক্ষা of sensitive information আপনাকে করতে হবে share, visit LOCK.PUB to create free এনক্রিপ্টেড links that keep your data in your control.
Keywords
You might also like
Malaysia PDPA Guide: Your প্রাইভেসি Rights Under the Personal Data সুরক্ষা Act
Understand your rights under Malaysia's Personal Data সুরক্ষা Act (PDPA). Learn what companies can and cannot do with your personal data, কীভাবে file complaints, and কীভাবে protect your প্রাইভেসি.
MyKad পরিচয় চুরি in Malaysia: How Your IC Number Gets Misused
Your MyKad IC number is more valuable than you think. Learn how identity thieves in Malaysia misuse IC numbers for loan fraud, SIM registration abuse, and more — and কীভাবে protect yourself.
PhilSys National ID and পরিচয় চুরি: কীভাবে সুরক্ষিত রাখবেন Your Philippine National ID
Learn কীভাবে protect your PhilSys National ID and Philippine Statistics Authority number from পরিচয় চুরি, data leaks, and fraudulent misuse.
Create your password-protected link now
Create password-protected links, secret memos, and encrypted chats for free.
Get Started Free