The Sorsogon State University (SorSU) fully commits to protect the personal information and sensitive personal information of all data subject and hereby adheres to faithfully observe all its duties and responsibilities as personal information controller or processor under Republic Act No. 10173, otherwise known as the Data Privacy Act (DPA) of 2012.

All the pertinent provisions of DPA, especially the general data privacy principles of Transparency, Legitimate Purpose, and Proportionality are strictly followed by SorSU in every stage leading to collection, processing, and storage.

To ensure the integrity, confidentiality, and availability of personal data and to protect the information against any possible risk, SorSU adopts a series of organizational, physical, and technical security measures based on generally accepted data privacy and information security standards. We store files containing personal information in our database which is controlled and can only be accessed by the authorized personnel of Information and Communication Technology Unit.

Suppose the personal information of the data subject has been maliciously disclosed, misused, improperly disposed, or the data subject suffered damages due to an erroneous, false, or unlawfully obtained personal data thereby violating his/her rights, he/she may promptly inform the SorSU for the latter to take appropriate measures to address the incident, without prejudice to the right of the data subject to file a complaint before the National Privacy Commission.