Data Privacy Guidelines on the Use of Social Media and Other Digital Platforms
The following Guidelines are intended to direct the Louisian community in exercising caution and sound judgment in using social media and other digital platforms. These platforms include the SLU website, institutional and personal email communications, SLU Portal, chat and messaging applications, social media applications and other similar digital platforms.
These will supplement existing laws, policies, and guidelines that include the following:
-
- Data Privacy Act of 2012 (Republic Act 10173);
-
- Intellectual Property Code of the Philippines (Republic Act 8293);
-
- Anti-Bullying Act of 2013 (Republic Act 10627);
-
- Privacy Policy for Students and Students Applicants Seeking for Admission in SLU;
-
- Policies and Guidelines on Student Behavior during Online and Correspondence-based Learning;
-
- Distance Learning Code of Discipline for Pupils;
-
- Child Protection Policy;
-
- General Guidelines for Teachers;
-
- Special Guidelines for the Recognition / Renewal of Recognition of Student Organizations /
Publications for AY 2021 – 2022 and Conduct of Activity;
- Special Guidelines for the Recognition / Renewal of Recognition of Student Organizations /
-
- Data Privacy Guidelines on Flexible Learning for AY 2021-2022;
-
- Administrative Memo No. 35, s. 2019 (Strict Observance of Advisory No. 1, s. 2019);
-
- DPC Advisory No. 1 (Securing Confidential and Other Work-Related Information Through
Responsible Data Protection);
- DPC Advisory No. 1 (Securing Confidential and Other Work-Related Information Through
-
- Administrative Memo No. 12, s. 2019 (Social Media);
-
- Administrative Memo No. 33, s. 2019: (Protecting the Environment through the “Think Before You
Print” Campaign and Maximizing the Use of Email and Other Electronic Means of Communication);
- Administrative Memo No. 33, s. 2019: (Protecting the Environment through the “Think Before You
-
- DPC Advisory No. 2021-01 (Use of Electronic Signature).
I. Definition of Terms as used in this document:
-
- Digital Platforms are software-based online infrastructure that facilitate interactions and
exchange of information between users. These include Web portals, social media sites, as well as
messaging and media sharing platforms.
- Digital Platforms are software-based online infrastructure that facilitate interactions and
-
- Social Media Sites provide interactive platforms for the creation of user-generated content
and sharing of information through a social network.
- Social Media Sites provide interactive platforms for the creation of user-generated content
-
- Official Social Media Sites are created by specific units in SLU to represent a particular
office, school, or degree program. These provide its administrators a means to disseminate
information and connect with its virtual community. These official media sites must be coordinated
with the External Relation, Media & Communications, and Alumni Affairs (ERMCAA).
- Official Social Media Sites are created by specific units in SLU to represent a particular
-
- Institutional Social Media Accounts are accounts created to handle university-wide social media
posts. Managerial access is limited to authorized personnel.
- Institutional Social Media Accounts are accounts created to handle university-wide social media
-
- Institutional Accounts refer to any individual or office account that is managed under the
.sIu.edu.ph domain. Any other account is considered a Personal Account.
- Institutional Accounts refer to any individual or office account that is managed under the
-
- Personal Data refers to the definition under the Data Privacy Act of 2012 and includes
personal information, sensitive personal information, and privileged information.
- Personal Data refers to the definition under the Data Privacy Act of 2012 and includes
-
- Posts refer to content shared online that other users may view, react to, share, and comment on.
Posts may be in text, link, image, photo, audio, and video formats.
- Posts refer to content shared online that other users may view, react to, share, and comment on.
II. Privacy Settings
-
- Use the privacy settings available in social media sites and other digital platforms for both
institutional and personal accounts.
- Use the privacy settings available in social media sites and other digital platforms for both
-
- Teachers and parents should assist minors in setting up the privacy settings of their respective
accounts.
- Teachers and parents should assist minors in setting up the privacy settings of their respective
-
- Privacy settings do NOT offer complete protection of private information. As people can still
take screenshots of posts and comments, as well as download or make copies of pictures and videos
and forward the data to others, caution must be made in ensuring that the contents of the
email/message/post shall not include sensitive data or information. Take note that information
deleted by a user may still be archived by the site.
- Privacy settings do NOT offer complete protection of private information. As people can still
-
- Ensure that any post made online is in accordance with the privacy settings that was intended
for it (e.g., public, closed group).
- Ensure that any post made online is in accordance with the privacy settings that was intended
-
- Keep the passwords to all personal and institutional accounts private. Avoid security risks and
leaks by using strong passwords. Do not use as password, personal information such as date of
birth, TIN number, or any similar information. Change passwords regularly and use secure
authentication measures, whenever these are provided.
- Keep the passwords to all personal and institutional accounts private. Avoid security risks and
III. Use of Digital Platforms by SLU Personnel
A. Posting of Content Online
-
- Posting of content with Personal Data online must comply with the principles of transparency,
legitimate purpose, and proportionality (General Data Privacy Guidelines on Flexible Learning, Data
Privacy Act of 2012). (This online posts include files that are shared online, such as Google Documents or Spreadsheets, which contain personal information that are not intended for the individuals who are given access to the file.)
- Posting of content with Personal Data online must comply with the principles of transparency,
-
- Observe intellectual property and copyright laws when posting documents, photos, or
videos.
- Observe intellectual property and copyright laws when posting documents, photos, or
-
- Respect the ideas of others. Do not post an idea or point that is directly lifted from the post
or email of someone else without the author’s consent. Proper attribution must be given to the
author.
- Respect the ideas of others. Do not post an idea or point that is directly lifted from the post
-
- University proprietary information (e.g., financial data, internal communication and business
transactions) should not be shared online.
- University proprietary information (e.g., financial data, internal communication and business
-
- University news or events that are a matter of public record may be shared in one’s personal
social media network.
- University news or events that are a matter of public record may be shared in one’s personal
-
- Personal data collected in one’s official capacity and/or during an official activity must
not be used for personal purposes or shared in one’s personal social media network without adhering to the provisions of this document.
- Personal data collected in one’s official capacity and/or during an official activity must
-
- When social media is used in the conduct of one’s official duties, SLU personnel must ensure
that proper behavior and appropriate representation of the University is exhibited accordingly.
- When social media is used in the conduct of one’s official duties, SLU personnel must ensure
-
- An individual who identifies oneself as an SLU employee and states opinions online must ensure
that it is made clear that such views do not represent the views of SLU, its management and its
affiliates.
- An individual who identifies oneself as an SLU employee and states opinions online must ensure
-
- Should there be any uncertainty regarding adherence to the principles of transparency,
legitimate purpose, and proportionality, advice must be sought from his/her Head of Office or the
Data Protection Office (DPO).
- Should there be any uncertainty regarding adherence to the principles of transparency,
-
- Personnel who inadvertently view confidential information pertaining to fellow Louisians
through digital platforms should not disclose these information and should report the incident
immediately to one’s head of office or the DPO.
- Personnel who inadvertently view confidential information pertaining to fellow Louisians
B. Official Social Media Sites
-
- Any post made in official social media sites of SLU must be authorized by the
personnel-in-charge. The contents of the post shall be subject to the guidelines in Section A.
- Any post made in official social media sites of SLU must be authorized by the
-
- Official SLU social media sites and institutional social media accounts must be duly
administered by either the Head of Office or any personnel designated by the Head of Office. These
sites must be duly recognized by ERMCAA. These must be set up so that they are identifiable as
official sites and distinguishable from similar non-official sites.
- Official SLU social media sites and institutional social media accounts must be duly
-
- Administrators of official social media sites are responsible for ensuring that the content is
kept updated, relevant, and accurate. Posts must be constructed clearly and distinctly to avoid
misinterpretation. Any errors should be corrected as soon as the discovery of the error is made.
- Administrators of official social media sites are responsible for ensuring that the content is
-
- Administrators should ensure that professionalism is exercised in the tone and
content of posted information. Furthermore, extra care must be given in formulating private
messages and replies to comments made on such postings as these are a reflection of the author, the unit being represented by the site, and the University.
- Administrators should ensure that professionalism is exercised in the tone and
-
- Administrators and/or authorized personnel must monitor comments so that replies can be made in
a timely manner. Consider providing a comment policy so that users are aware of what types of
comments may not be appropriate. Use available comment administrator features of the site as
necessary.
- Administrators and/or authorized personnel must monitor comments so that replies can be made in
-
- ERMCAA is the Office of the University that handles official external communications such as
website posting, institutional and university-wide social media posting, and the like. Any
communication that is intended to be officially posted and recognized must be coordinated with the
Director of ERMCAA.
- ERMCAA is the Office of the University that handles official external communications such as
IV. Communication and Collaboration in the Conduct of Classes
-
- Digital communications between the faculty and students are done primarily through the official
platforms designated for Online-Based Learning (OBL) and Correspondence-Based Learning (CBL)
modalities.
- Digital communications between the faculty and students are done primarily through the official
-
- There must be an explicit arrangement between the students and faculty members regarding
alternative modes of communication and submission. The appropriate protocols regarding these
should be strictly observed (Data Privacy Guidelines on Flexible Learning). Faculty members are
responsible for ensuring that student submissions and Personal Data transmitted and processed using non-official digital platforms and social media are kept secure and confidential.
- There must be an explicit arrangement between the students and faculty members regarding
-
- The Faculty may use social media as a means for conducting class activities as long as these are
in line with the learning objectives of the subject/course.
- The Faculty may use social media as a means for conducting class activities as long as these are
-
- Announcements made to students using non-official digital platforms should be an option in
addition to the official LMS and communication platforms.
- Announcements made to students using non-official digital platforms should be an option in
-
- The following alternative options for online communications are currently available for use. It
is recommended that Signal be used for sensitive personal information such as grades. Messenger
should be the last option for sending Personal Data. Should there be new or alternative tools, the
utilization of these must be coordinated by the faculty member with the respective Head of Office.
- The following alternative options for online communications are currently available for use. It
Instant Messaging (ranked from highest to lowest security level) | Communication and Collaboration (ranked from highest to lowest security level) |
Signal Telegram Viber Messenger |
Discord Slack Microsoft Teams |
V. Use of Digital Platforms by Students
A. Posting of Content Online
-
- Posting of content with Personal Data online must comply with the principles of transparency,
legitimate purpose, and proportionality (General Data Privacy Guidelines on Flexible
Learning, Data PfiVOC/ Act of 2012).
- Posting of content with Personal Data online must comply with the principles of transparency,
-
- Observance of intellectual property and copyright laws when posting documents, photos or videos
must be strictly complied with.
- Observance of intellectual property and copyright laws when posting documents, photos or videos
-
- Instructional materials, in whole or in part, should not be posted or shared online without the
written consent of the faculty in charge. Consent of other faculty and students involved may also
be needed for other learning resources such as recordings of online classes.
- Instructional materials, in whole or in part, should not be posted or shared online without the
-
- Respect the ideas of others. Do not post an idea or point that is directly lifted from the post
or email of someone else without the author’s consent. Proper attribution must be given to the
author.
- Respect the ideas of others. Do not post an idea or point that is directly lifted from the post
-
- Students should adhere to the provisions of the Student Handbook and other
applicable student policies and guidelines in relation to the content they post online.
- Students should adhere to the provisions of the Student Handbook and other
-
- Ensure that posts do not violate the Child Protection Policy and the Anti-Bullying Act
of 2013.
- Ensure that posts do not violate the Child Protection Policy and the Anti-Bullying Act
-
- University news or events that are a matter of public record may be shared in one’s
personal social network.
- University news or events that are a matter of public record may be shared in one’s
-
- Students who come across university proprietary information (e.g., financial data, internal
communication and transactions) should not share these online.
- Students who come across university proprietary information (e.g., financial data, internal
-
- Students who inadvertently view confidential information pertaining to fellow
Louisians through digital platforms should not disclose these information and should report the
incident immediately to authorized personnel (e.g., teacher / instructor, LAC, department head).
- Students who inadvertently view confidential information pertaining to fellow
B. Social Media Sites of School Organizations and Publications
-
- Social media sites of school organizations and publications must be duly administered by its key
officers, in coordination with their faculty advisers. These sites must be set up so that they are
identifiable as the official sites for the organization or publication. These sites must be duly
recognized by ERMCAA.
- Social media sites of school organizations and publications must be duly administered by its key
-
- Student organizations and university/school publications should comply with the Office of
Student Affairs (OSA) guidelines related to posts made on their social media sites and the
implementation of their activities. (Special Guidelines /or the Recognition / Renewal of
Recognition of Student Organizations / Publications for AY 2021 – 2022 and Conduct of Activity)
- Student organizations and university/school publications should comply with the Office of
VI. Email Communications
-
- Email communications by personnel in their official capacity should be sent using their institutional accounts.
-
- The use of appropriate tone and content when sending messages through email but be strictly
complied with. Ensure that messages are sent only to their intended recipients.
- The use of appropriate tone and content when sending messages through email but be strictly
-
- If an email message contains Personal Data, ensure that it adheres to the principles of
transparency, legitimate purpose, and proportionality. The integrity of the data being shared
should be checked prior to sending.
- If an email message contains Personal Data, ensure that it adheres to the principles of
-
- Be careful about forwarding messages. These may contain a set of email addresses and
private messages that should not be seen by the intended recipients. Use sound judgment in deciding when it is more appropriate to send messages (based on forwarded information and/or attachments) that originate from the sender.
- Be careful about forwarding messages. These may contain a set of email addresses and
-
- Do not capture images or videos of email communications from other parties and post these
online. Create an original message or post if it is based on communication that comes from an email
message.
- Do not capture images or videos of email communications from other parties and post these
-
- Use the blind carbon copy (bcc) to address multiple recipients, unless addressing a closed group
that frequently communicates with each other. This protects the privacy of emails and avoids the
inadvertent sending of replies to everyone in the list.
- Use the blind carbon copy (bcc) to address multiple recipients, unless addressing a closed group
-
- When replying to an email that is sent to multiple recipients, check whether the reply is
intended only for the sender or for all recipients. Choose the appropriate option before clicking
on the send button.
- When replying to an email that is sent to multiple recipients, check whether the reply is
-
- For email blast requests to TMDD, the following protocol is to be followed:
a. Accomplish the Request Form for Email Blast. This form includes the nature of the request, the
purpose of the request, contents of the message, and information about attachments, if any.
b. Clearance from the Head of Office must be obtained.
c. The email will be prepared and sent by the designated personnel upon approval of the TMDD
Director.
d. When in doubt regarding the information that will be disseminated, consult the DPO for assistance.
- For email blast requests to TMDD, the following protocol is to be followed:
-
- Communication with sensitive content must be sent in confidential mode to ensure protection of
sensitive information from unauthorized or accidental sharing. The confidential mode allows the
setting of message expiration dates, revoking message access at any time and requiring a
verification code by text in order to open the message.
- Communication with sensitive content must be sent in confidential mode to ensure protection of
-
- Ensure that file attachments that contain sensitive personal information are password-
protected prior to sending.
- Ensure that file attachments that contain sensitive personal information are password-
VII. SLU Logo
The SLU logo must not be modified or used online for personal purposes. The Head of Office shall be
informed of the use of the SLU Logo by the faculty and staff.