Privacy Statement

Compliance with RA 10173 - Data Privacy Act of 2012

1. Our Commitment

The MyEMCSM platform is committed to fully protecting your personal data privacy in accordance with the Data Privacy Act of 2012 (DPA). We strictly follow the principles of Transparency, Legitimate Purpose, and Proportionality in all processing activities.

2. Personal Data Collected

We collect information you provide electronically during registration or through inquiries:

• Identification: Full Name, Username, and Email Address.
• Security Data: Passwords, which are stored using one-way cryptographic hashing.
• Social Content: Professional details, friend network interactions, and slumbook entries.

3. Basis and Purpose of Processing

Your information is utilized for the following legitimate networking purposes:

• To enable social networking features, including friend requests and user search.
• To maintain secure user sessions and provide a personalized experience.
• To facilitate documentation of inquiries and solicit feedback on our services.
• To comply with legal obligations to which the platform is subject.

4. Data Security Measures

We maintain technical and organizational safeguards to protect your information's confidentiality and integrity:

• Injection Mitigation: We use prepared statements and parameter binding to neutralize SQL Injection vulnerabilities.
• XSS Protection: User-supplied data is sanitized using htmlspecialchars() or htmlentities() before being echoed back to browsers.
• Encryption: We utilize end-to-end encryption and secure one-way hashing algorithms for credentials.
• Access Control: Database access is restricted based on the Principle of Least Privilege.

5. Data Subject Rights

Under the DPA, you have the right to be informed regarding the processing of your information, access your profile, and request corrections or deletion of records.

6. Storage and Retention

Your files and records are stored in secure database environments. We retain your data only for as long as your account is active or as necessary to fulfill legal requirements.

We reserve the right to update this notice. Substantial changes will be reflected via system updates or advisories.