PRIVACY POLICY AND DATA CONSENT AGREEMENT

1. Introduction and Scope

This Privacy Policy and Data Consent Agreement ("Policy") governs the collection, processing, storage, and disposal of personal information by FinSpire ("we," "us," or "our"), a student organization, in relation to our webinar event scheduled for May 2, 2026.

By accessing our registration portal and submitting your personal information, you ("the Data Subject") acknowledge that you have read, understood, and expressly consented to the terms outlined in this Policy. If you do not agree with these terms, please do not proceed with the registration process.

2. Legal Basis for Processing

We process your personal information based on your explicit, informed, and voluntary consent, which serves as the lawful basis for data processing under Section 12(a) of the Data Privacy Act of 2012. Furthermore, data processing is conducted to fulfill our legitimate interest in organizing, managing, and evaluating educational events for the student community.

3. Categories of Personal Data Collected

We adhere to the principle of data proportionality. We only collect the minimum amount of personal data strictly necessary to fulfill the purposes stated in this Policy. Through our registration forms, we collect the following Personal Information:

• Full Legal Name
• Institutional Email Address (Restricted to .edu or .edu.ph domains to verify student status)
• Student Identification Number
• Course / Program of Study
• Current Year Level

4. Purpose and Use of Personal Information

The personal data collected will be processed exclusively for the following specified and legitimate purposes related to the May 2, 2026 webinar:

• Identity Verification and Registration: To verify your eligibility as a student and secure your slot for the event.
• Administrative Communication: To transmit essential event details, including meeting links, schedule adjustments, and confirmation notices.
• Credential Issuance: To accurately generate, record, and distribute electronic Certificates of Attendance upon successful completion of the webinar.
• Post-Event Evaluation: To process feedback, assess the educational impact of the webinar, and compile statistical reports (which will be anonymized in the final output).

5. Data Storage, Security, and Third-Party Processors

FinSpire acts as the Personal Information Controller (PIC) for the data collected.

• Processing Infrastructure: We utilize Google Workspace (specifically Google Forms and Google Sheets) for data collection and database management. By submitting your data, you consent to its processing through Google's cloud infrastructure, which employs industry-standard encryption.
• Organizational Security: Access to the master database is strictly restricted to authorized FinSpire organizing committee members who require access to perform their specific duties (e.g., the registration and certification committees).
• Non-Disclosure: We do not engage in the commercialization of personal data. Your information will not be sold, leased, traded, or shared with external third parties, sponsors, or marketing agencies under any circumstances.

6. Data Retention and Secure Disposal

In compliance with the principle of data minimization, your personal information will only be retained for the duration necessary to conclude all post-webinar administrative tasks.

Upon the successful distribution of all certificates and the finalization of our post-webinar evaluation report, all collected personal data will be subject to secure and permanent disposal.

This includes the permanent deletion of all Google Sheets, Google Forms responses, and any downloaded offline copies held by the organizing committee.

7. Zero-Cookie Policy and Automated Tracking

Our registration platform is designed with maximum privacy in mind. We explicitly declare a zero-cookie environment. We do not deploy first-party or third-party cookies, web beacons, pixel tags, or automated analytics trackers (such as Google Analytics) to monitor, profile, or track your browsing activities.

8. Rights of the Data Subject

Under the Data Privacy Act of 2012, you are entitled to the following rights regarding your personal data:

• Right to be Informed: The right to know whether your personal data shall be, are being, or have been processed.
• Right to Object: The right to object to the processing of your personal data, including processing for direct marketing, automated processing, or profiling.
• Right to Access: The right to reasonable access to your personal data that we hold.
• Right to Rectification: The right to dispute any inaccuracy or error in your personal data and have us correct it immediately.
• Right to Erasure or Blocking: The right to suspend, withdraw, or order the blocking, removal, or destruction of your personal data from our systems.
• Right to Damages: The right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data.
• Right to Data Portability: The right to obtain a copy of your data in an electronic or structured format.

9. Limitation of Liability

While FinSpire implements reasonable organizational and technical measures to safeguard your personal data, no method of digital transmission or electronic storage is entirely secure. By participating, you acknowledge the inherent risks of transmitting data over the internet.

10. Contact Information and Data Privacy Inquiries

For any inquiries, concerns, or requests to exercise your data privacy rights (including requests for data rectification or immediate deletion), please contact our designated representatives through the following official channels:

• Email: finspire804a@gmail.com
• Official Facebook Page: FinSpire Lead 804A

All requests will be reviewed and acted upon within a reasonable timeframe in accordance with applicable laws.