Privacy Notice

The Government of the City of Pagadian, with principal address at City Hall, Pagadian City, Zamboanga del Sur, Philippines, is the personal information controller (PIC) for this portal under the meaning of Section 3(h) of RA 10173 (Data Privacy Act of 2012).

This Notice covers the public portal at pagadian.govportalsolutions.com and all subdomains and sub-paths under it operated by the Municipal Government.

Depending on which service you use, we may collect the following:

• Contact details — name, email address, mobile number, postal address.
• Identification numbers — only where strictly required by a transaction (e.g. PhilSys number, OSCA/PWD ID for assistance applications).
• Application-specific data — supporting documents you upload, application narratives, civil-status information for social services.
• Account credentials — for City staff and authorised users only.
• Technical data — IP address, browser type, pages visited, timestamps. Logged for security, accessibility, and performance monitoring.

We do not collect sensitive personal information (race, religion, political affiliation, health, sexual orientation) unless the specific service explicitly requires it and you provide consent.

We use your personal information only for the purposes that justified its collection, including:

• Processing your specific request, application, or transaction with the City.
• Verifying eligibility for assistance programs (AICS, OSCA, PWD ID, Solo Parent, 4Ps endorsements).
• Responding to your FOI request under EO 02 s.2016.
• Communicating status updates by SMS or email.
• Generating statistical reports (anonymised) for planning and DILG/DBM compliance.
• Auditing and protecting the portal against fraud, abuse, and cyber incidents.

We may share your information with the following, only as necessary for the purpose:

• Other City offices with a legitimate role in your transaction (e.g. CSWD ↔ HR for AICS verification).
• National government agencies with statutory authority (DSWD, DILG, BIR, COA, NPC).
• Service providers we contract for specific functions (e.g. SMS gateway, payment-vendor sandbox), bound by data-sharing agreements.

We do not sell or rent personal information. We do not share data with third parties for marketing purposes.

Retention periods follow the National Archives of the Philippines Act (RA 9470) records-disposition schedule applicable to LGUs, and at minimum:

• Active service records — for the duration of the service plus 10 years (per LGU records policy).
• Financial transaction records — 10 years (COA audit requirement).
• Web access logs — 90 days for security analysis, then anonymised aggregates.
• FOI request records — 5 years (EO 02 s.2016 reporting).

Under Sections 16–18 of RA 10173, you have the right to:

To exercise any of these rights, contact the DPO (Section 9 below).

We implement organisational, physical, and technical security measures commensurate with the risks involved, including:

• Role-based access control on every administrative endpoint.
• HTTPS encryption in transit; password hashing at rest.
• Audit logs of access to personal information.
• Regular review of staff privileges and offboarding procedures.
• Physical safeguards at City Hall for paper records and on-site servers.

If you suspect a personal-data breach involving City systems — for example unauthorised access to your records, or unintended disclosure — please contact the DPO immediately. We follow NPC Circular 16-03 (Personal Data Breach Management):

• Internal notification within 24 hours of discovery.
• NPC notification within 72 hours for breaches likely to result in real risk of serious harm.
• Affected data subjects notified individually where applicable.