Purpose. The BHRC Document Management System (DMS) is an internal platform used for receiving, managing, tracking, processing, and archiving official documents, communications, and records within the Bangsamoro Human Rights Commission. Your personal data is used to create and manage your user account and to enable secure, role-based access to digital records.
Personal Data Collected. Full name, nickname, office/section, position, BHRC-issued ID/Office ID, email address, contact number, username, encrypted password, profile photo (optional), and system-generated metadata such as IP addresses, timestamps, device information, and activity logs (login, upload, download, routing, and release actions).
Legal Basis. Data processing is performed pursuant to the Commission’s mandate under the Bangsamoro Administrative Code and is consistent with the Data Privacy Act of 2012 (RA 10173), BHRC data protection policies, and applicable government regulations.
Use and Disclosure. Your data is used for authentication, authorization, workflow routing, audit trails, and internal reporting. Access to documents is governed by your office role. External disclosure occurs only when legally required (e.g., subpoenas, FOI requests, court orders) and subject to proper authorization.
Data Security. The DMS implements technical, organizational, and physical security controls such as access restrictions, encrypted connections, secure logs, change tracking, and routine system monitoring. Users are required to maintain the confidentiality of their credentials and the integrity of documents handled inside the system.
Data Retention. Documents, logs, and account information are retained based on BHRC records schedules, legal requirements, and operational needs. When no longer necessary, data is securely deleted, archived, or anonymized in accordance with the BHRC Records Disposition Policy.
Your Rights. You may request access to or correction of your personal data, and where applicable request data portability, objection, or withdrawal of consent, subject to operational and legal limitations. Requests may be filed with the BHRC Data Protection Officer (DPO).
User Responsibilities.
- Use the BHRC DMS strictly for authorized, official government functions.
- Do not download, share, or disclose confidential or restricted documents without proper authority.
- Protect your credentials and do not share your account with anyone.
- Immediately report suspected breaches, unauthorized access, or system misuse to the System Administrator or BHRC ICT Unit.
- Follow BHRC’s Acceptable Use Policy, Records Management Guidelines, and confidentiality rules at all times.
Consent. By clicking “I Agree,” you confirm that you understand the conditions stated above and voluntarily consent to the processing of your personal data for legitimate DMS-related purposes within the BHRC.