Go back to previous page

List of active policies

Name Type User consent
Data Privacy Policy Site policy All users

Data Privacy Policy

Summary

Overview

Our mission is to (1) provide quality Information and Communications Technology services and solutions to our stakeholders, (2) develop intangible products and services that would provide great value to people and organizations and (3) to collaborate with people around the world through Open Source Technology.

 

Nephila Web is the first and still at present the only Moodle Certified Services Provider in the Philippines. Our Moodle services focus on hosting, consultancy, training, support, and integrations.

Moodle is a fully customizable LMS that wraps around your vision, not the other way around. And as the only Certified Moodle Partner from Southeast Asia, we know how to make your vision real. Make the most of its modern features, reflect your branding, and manage learning performance easily, with the LMS that empowers the educational goals of more than 300 million users worldwide.

Full policy

Privacy Statement for the Learning Management System (LMS) CLIENTS

of Nephila Web Technology Inc. (NWTI)

Version 2.0

Published Date: March 14, 2024

 

Overview

Our mission is to (1) provide quality Information and Communications Technology services and solutions to our stakeholders, (2) develop intangible products and services that would provide great value to people and organizations and (3) to collaborate with people around the world through Open Source Technology.

 

Nephila Web is the first and still at present the only Moodle Certified Services Provider in the Philippines. Our Moodle services focus on hosting, consultancy, training, support, and integrations.

Moodle is a fully customizable LMS that wraps around your vision, not the other way around. And as the only Certified Moodle Partner from Southeast Asia, we know how to make your vision real. Make the most of its modern features, reflect your branding, and manage learning performance easily, with the LMS that empowers the educational goals of more than 300 million users worldwide.

 

Collection

Personal Data is collected from the Clients of NWTI that have inquired or availed of the Learning Management System (LMS) services of the company.

  • Full Name

  • Contact Information (Email Address, Contact Number, Address)

  • Employee Designation, Company Name

Personal Data of NWTI Clients are initially collected by the Marketing Department and shared with the LMS Team through email.  The Marketing Department collects these Personal Data through the following processes:

  • Submitted inquiries from prospective clients through NWTI’s Facebook Page, Email, Website, and Official Numbers

  • List of Attendees to Scheduled Meetings or Workshops

  • Event Registrations

  • Conducted Webinars

 

The following are also collected by NWTI to provide its LMS services, and these may include or lead to accessing Personal Data of other individuals that are related to the company’s Clients.  This additional information is collected by the LMS Team of NWTI.

  • Submitted Support Tickets

  • Submitted Content Resource Materials

  • Submitted Migration Requirements

  • A backup copy of the Client’s LMS Database

  • Recorded Live Training Sessions

  • Accomplished Hosting Application Forms

 

Use

NWTI, through its LMS Team, uses the collected Personal Data of Clients and other individuals to perform their various functions and processes:

  • Client Onboarding Process – Enrolling the clients in the Client Onboarding Course.

  • Moodle Training – Enrolling of participants to the NWTI Training Courses, and providing access to the LMS platform.

  • Support and Consultancy – To resolve raised issues and respond to submitted inquiries.

  • LMS Hosting Services – Provide server and Moodle Site.

  • LMS Administration – Provide access credentials to the platform and set up the LMS.

  • BMA Technical Workshop – Enroll the participants on the NWTI LMS platform to access the BMA Technical Workshop course and monitor the project's progress and update the client for details.

  • Content Development Services – Develop course materials for the Client.

  • Moodle LMS and Server Diagnostics Services – Diagnose Client servers and websites and provide recommendations.

  • Moodle Installation Services – Install Moodle on the Client’s servers or NWTI hosted servers.

  • Moodle Migration Services – Migrate all previous data from Client servers to NWTI hosted servers or others. 

  • Full-site Backup upon the end of Contract – Provide full site backup of Client’s Moodle LMS upon the end of Contract.

  • BMA Development and implementation endorsed to Moodle Pty Ltd-Australia. No personal data is collected or processed through the Branded Mobile App.

 

Storage, Retention, and Disposal

The LMS Team of NWTI has specific Retention and Disposal Policies that govern the storage and eventual destruction of Personal Data that it processes.  The following is a list of Personal Data and their respective retention periods:

Personal Data

Retention Period

Learning Management Site for Training Purposes

When there is a deletion request.

LMS Hosting Clients data are retained until end of contract

List of Participants to Training or Workshops (Email)

Retained only for the current year, then deleted
LMS Hosting Clients data are retained until end of contract

List Client Contacts (Google Sheets)

Retained throughout the duration of the service; Deleted after 1 month of contract expiration

Recorded Live Training Sessionsa    

Retained 6 months after the end of training session and deleted afterwards

LMS Hosting Clients recording are retained until end of contract

Training Summary Reports

Deleted 3 months after delivery of the report to the organization

Submitted Tickets in Desk Ticketing System

Deleted 5 years after the last update of the ticket

Submitted inquiries (Email)

Deleted 5 years after the last update of the email thread

Accomplished Hosting Application Forms

Retained only for the current year, then deleted

List of users added to the LMS platform

Permanent; Deleted upon user request

List of BMA Technical Workshop Participants

Permanent; Deleted upon user request

URL containing Content Resource Materials

Deleted upon delivery of the materials to client

Content Resource Materials

Deleted upon delivery of the materials to client

Submitted Contact Person information (Email)

Retained throughout the duration of the service; Deleted after 1 year of contract expiration

Client backup files

Deleted immediately upon client confirmation that they have the backup files

Sent URLs to Client backup files (Email)

Deleted immediately upon client confirmation that they have the backup files

BMA Development and Implementation

Deleted upon completion of the BMA development

 

Security Measures

The following are the security measures that the NWTI LMS Team has implemented to protect Client Personal Data in its custody and to align its LMS services and processes with the tenets of Republic Act No. 10173 (DPA of 2012).

  • Implemented Consent Forms for all processes involving collecting Client Personal Data.

  • Applying encryption standards when sending or transmitting electronic documents containing Client Personal Data.

  • Contracts with External Partners, Speakers, Trainers, and System Providers include elements of Personal Data Sharing.

  • Has the strict implementation of accessibility for LMS personnel covering LMS databases, Client backup files emails, submitted Client Content Resource Materials, and the Desk Ticketing System.

 

Disclosure and Sharing

External disclosure of Client Personal Data are performed for the following processes:

  • Moodle Training – Participants’ Data are disclosed to participant’s respective external Speakers or Trainers.

  • Names of individual clients, client contact persons, and email addresses were shared to Moodle headquarters-Australia for Royalty reporting purposes.

  • Support and Consultancy – NWTI uses the Teamwork Desk Ticketing System as its platform for the submission of raised issues or inquiries. The name and email address of the contact person are used for the account registration.

  • BMA - Name of contact person, email address, employee designation, and company name were shared with Moodle Pty Ltd Australia for the BMA development and implementation.

 

Data Subject Rights

Clients of NWTI have the right to request access to their respective Personal Data that the company is processing about them.  If the Personal Data is found to be incorrect, incomplete, or irrelevant, Clients have the right to request for correction and/or destruction of their Personal Information in the custody of the company.

A detailed description of your rights as individuals under Republic Act No. 10173 (or the Data Privacy Act of 2012) can be found in:

URL: https://privacy.gov.ph/know-your-rights/

These rights can be exercised by sending NWTI an e-mail.  If the request is submitted by a person other than the Client, without providing evidence that the request is legitimately made on the Client’s behalf, the request is rejected.  Please note that any identification information provided to NWTI will only be processed following the purposes stated in this Privacy Notice, and to the extent permitted by applicable laws.

 

Data Privacy requests, concerns, or inquiries may be sent to:

Jennie May V. Alvarez, CPA

Data Protection Officer (DPO)

Philippine Social Science Center, Commonwealth Ave.

Diliman, Quezon City, Philippines

T: (+632) 3453-7347 

M: +63 9175878851

E: dpo@nephilaweb.com.ph

Back to top