The Department of Information and Communications Technology (DICT), together and in coordination with the Inter-Agency Task Force for the Management of Emerging Infectious Diseases (IATF-MIED), the National Privacy Commission (NPC), DevelopersConnect Philippines, Inc. (DEVCON), and all participating government agencies respect your right to privacy and want you to be aware on how we collect, use, and share your personal data. This Privacy Policy covers our data processing practices and describes your data privacy rights under Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012, its Implementing Rules and Regulations, issuances of the NPC, and other relevant data protection and privacy laws (collectively referred to as Privacy Laws).


This Privacy Policy pertains to the applications submitted to the RapidPass System (RPS), or use related services offered through the RPS. The RPS comprises of three apps, namely RapidPass Registration, RapidPass Approver Dashboard, and RapidPass Checkpoint, all developed by DEVCON. These apps are designed to fast track the movement and access at designated checkpoints, to expedite the verification of identities and inspection of Allowed Persons Outside of Residence (APOR) and to reduce person-to-person contact with checkpoint officers (Services), thus, ensuring the success of the community quarantine.


What Data We Collect From You


The personal data to be collected from you when you apply via RPS Registration are the following:

  • Full name of the applicant;
  • APOR type/nature of work of the applicant;
  • Contact information (email address and mobile number);
  • Name of company/employer;
  • Valid government identification document (ID), and ID No. (i.e., Driver’s License, GSIS/SSS, UMID, PAG-IBIG, PhilHealth, Passport, Postal ID, PRC, PWD, Senior Citizen, TIN, Voter’s ID, or IATF ID);
  • Address of origin and destination; and
  • Reason for getting RapidPass.

For the RapidPass Checkpoint app, the following information are being collected:

  • Device’s International Mobile Equipment Identity (IMEI); and
  • Mobile Number of issued devices by the Department of Science and Technology (DOST).

In addition, Google Analytics automatically gathers the hypertext transfer protocol (HTTP) request of the user, browser/system information, and first-party cookies. See details of data collected by Google Analytics in this Google Analytics Guide

How We Collect Data From You

The applicants submit their RapidPass applications to participating government agencies having regulatory authority over their respective sectors (Approving Agencies). The Approving Agency will in turn process and upload the applications through the RapidPass Approver Dashboard.

Analytics

We use Analytics tools (Google Analytics, Power BI/Kibana, Jupyter, DBeaver, LibreOffice, DbVisualizer, RStudio, CartoDB, Einstein Analytics, Google Colab, QGIS, ArcGIS). These tools will help us analyze your use of the Services, including information like, how often you visit, events within the Services, usage, and performance data. We use these data to improve our services, and better understand how the services perform on different devices.

Why We Collect Your Data

We use your data for the following purposes:

  • To verify your identity and travel purpose when you apply for registration;
  • To issue a valid QR code that is electronically tied to your personal information and that will facilitate your travel through checkpoints and quarantine areas;
  • To ensure the accuracy and integrity of your records every time your RapidPass QR code is scanned at a checkpoint;
  • To facilitate communication with you;
  • To provide adequate security against fraud and abuse;
  • To measure website traffic and improve performance of the RapidPass platform.
  • To improve and update the platform and its Services;
  • To provide safety and security, as  may be required by law or as may be necessary; and
  • To restrict the installation of Checkpoint Apps on specific devices issued by DOST, hence IMEI  is collected.

Who We Share Your Data With

The personal data collected through the RPS is shared to DEVCON, the developer of the platform, and its authorized personnel to maintain, upgrade, or update the RPS, including the review, verification and analysis of the personal data you provided in the RapidPass application for the generation of the RapidPass QR codes.

Authorized personnel from each Approving Agency shall have access to RapidPass applications under their respective regulatory jurisdictions, including the personal data contained therein, for the verification, validation, and approval of each application.

At designated Quarantine Control Points (QCP), the Philippine National Police (PNP),  Armed Forces of the Philippines (AFP), the Department of Interior and Local Government (DILG), and other checkpoint personnel stationed thereat, shall scan the RapidPass QR code to determine the validity of the RapidPass, the identity of the user, and the user’s destination.

Other third-party service providers we share your information with and the specific information they have access to are the following:

  • Semaphore – is the SMS sending provider of the RPS to which we share your mobile number;
  • Mailgun – is the email sending provider to which we share your email address, first name, approval status, and link to the QR code;
  • Google Analytics – is the web analytics service provider of the RPS. It collects HTTP requests of the user, browser/system information and first-party cookies and are transmitted and stored on Google Servers. By downloading and installing an add-on by Google (located at https:/tools.google.com/dlpage/gaoptout), you can opt-out from this collection of information;
  • Microsoft Azure – is the cloud server provider of the RPS where all data and running apps are stored; and
  • Sterling Global Call Center, Inc. – is the business process outsourcing (BPO) service company engaged, which will be given access to personal data to address and answer your inquiries and concerns about the RPS.

Note that your personal data is only shared in cases where disclosure is mandatory under relevant laws, when immediate medical attention is required, or instances when you agree to such disclosure.

We shall never share, sell, or otherwise disclose your personal data to third parties outside of those enumerated above, except in instances when you have given your consent to the transfer or disclosure thereof.


How Your Data is Protected and Retained

In compliance with Privacy Laws, we implement reasonable and appropriate organizational, physical, and technical security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction thereof.

Please note that we shall only retain your personal data during the community quarantine, and until the implementation and operation of the RPS is directed to be ceased by the IATF-MEID. Once the implementation and operation of the RPS ceases, we shall immediately delete all personal data gathered through the RPS, including those which are shared with all participating government agencies and third-party service providers, and ensure that these are destroyed so as to prevent further processing by any other entity.

No copies of your data shall be shared with the PNP, AFP, the DILG, the Department of National Defense (DND), any other government agency or instrumentality, and third-party service providers. The data privacy law forbids other entities and even government agencies from using your data for any other purpose, without your consent.

As with any internet-enabled system, there is always a risk of unauthorized access, so it’s important to protect your device and to immediately contact us if you suspect any unauthorized access to your device.

Your Data Privacy Rights

In accordance with Privacy Laws, we are committed to upholding your rights in relation to your personal information.

You have the right to request a copy of your personal data, to correct or modify or erase your personal information from our systems, databases, and processes. You also have the right to withdraw your personal data from the RPS.


Contact Us
If you have any questions, concerns, or disputes regarding our Privacy Policy, or should you wish to get in touch with us to exercise your right to access your data, withdraw your consent to the collection and processing of your personal information, or to implement correction, modification, or erasure of your personal data, you may get in touch with us through the means provided below:

 

PERSONAL INFORMATION CONTROLLER (PIC)

(With regard to applications under their respective regulatory jurisdiction)

 

Department of Agriculture (DA)

da@rapidpass.gov.ph

 

Quezon Memorial Cir Elliptical Rd Underpass, Diliman, Quezon City, Metro Manila

Banko Sentral ng Pilipinas (BSP)

bsp@rapidpass.gov.ph

 

A. Mabini St. cor. P. Ocampo St., Malate Manila, Philippines 1004

Department of Trade and Industry (DTI)

dti@rapidpass.gov.ph

 

Trade & Industry Building 361 Senator Gil J. Puyat Avenue, Makati City, Metro Manila, Philippines 1200

Civil Aviation Authority of the Philippines (CAAP)

caap@rapidpass.gov.ph

 

MIAA Road, Pasay City

Overseas Workers Welfare Administration (OWWA)

owwa@rapidpass.gov.ph

 

2nd Floor STWLPC Bldg., #33 Sen. Gil Puyat Avenue, Pasay

Department of Information and Communications Technology—Postal Regulation Division (DICT-PRD)

dict_prd@rapidpass.gov.ph

 

DICT Bldg., C.P. Garcia Avenue, U.P. Diliman, Quezon City

Department of Labor and Employment (DOLE)

dole@rapidpass.gov.ph

 

7th Floor, DOLE Building, Intramuros, Manila

Department of Energy (DOE)

doe@rapidpass.gov.ph

 

Department of Energy, 2F PNOC Building V, Energy Center, Rizal Drive, 34th St, Taguig, 1632 Kalakhang Maynila

Department of the Interior and Local Government (DILG)

dilg@rapidpass.gov.ph

 

DILG-NAPOLCOM Center, EDSA, corner Quezon Avenue, West Triangle, Quezon City, Philippines 1104

Department of Social Welfare and Development (DSWD)

dswd@rapidpass.gov.ph

 

DSWD Building, Constitution Hills, Batasan Complex, Quezon City, PH 1126

Department of Foreign Affairs (DFA)

dfa@rapidpass.gov.ph

 

2330 Roxas Boulevard, Pasay City, Philippines

Department of Tourism (DOT)

dot@rapidpass.gov.ph

 

The New DOT Bldg., 351 Sen. Gil Puyat Avenue 1200, Makati, City

Presidential Communications Operations Office (PCOO)

pcoo@rapidpass.gov.ph

 

2nd Flr. New Executive Bldg., Malacañang Compound

Department of Health (DOH)

doh@rapidpass.gov.ph

 

San Lazaro Compound, Tayuman, Sta. Cruz, Manila, Philippines 1003

National Telecommunications Commission (NTC)

ntc@rapidpass.gov.ph

 

BIR Rd, Diliman, Quezon City

Metropolitan Waterworks and Sewerage System (MWSS)

mwss@rapidpass.gov.ph

 

4th Floor, Administration Building, MWSS Complex, 489 Katipunan Avenue, Balara, Quezon City, 1105

Department of Transportation (DOTr)

dotr@rapidpass.gov.ph

 

The Columbia Tower, Brgy. Wack-wack, Ortigas Avenue, 1555 Mandaluyong City, Philippines/

Apo Court Along Sergio St., Clark Freeport Zone, Pampanga 2009

Philippine Ports Authority (PPA)

ppa@rapidpass.gov.ph

 

PPA Corporate Bldg. Bonifacio Drive, South Harbor, Port Area, Manila 1018, Philippines

Securities and Exchange Commission (SEC)

sec@rapidpass.gov.ph

 

Secretariat Building, PICC Complex, Roxas Boulevard, Metro, Manila

Bureau of Customs (BOC)

boc@rapidpass.gov.ph

 

G/F OCOM Building, 16th Street, South Harbor, Port Area, Manila

Office of Civil Defense (ODC)

ndrrmc@rapidpass.gov.ph

 

81 15th Ave., Murphy, Cubao, Quezon City, 1109 Metro Manila

 

PERSONAL INFORMATION PROCESSOR (PIP)

 

Department of Information and Communications Technology (DICT)

dict@rapidpass.gov.ph

 

C.P Garcia Ave., Diliman, Quezon City, Philippines 1101

Devconnect Philippines, Inc. (DEVCON)

dctx@devcon.ph


Amihan Innovation Center, 26th Floor Orient Square Building Rd 1605, Emerald Ave, Pasig, Metro Manila