GOVPH

Data Privacy Statement

The National Meat Inspection Service (NMIS) is an attached agency to the Department of Agriculture which is a specialized regulatory and the country’s sole national controlling and competent authority on all matters pertaining to meat inspection and hygiene both for locally produced and imported meat. 

In accordance with the provisions of the Data Privacy Act of 2012, we commit and protect handling your personal data transparently — informing you of the purpose, controller, and rights involved — limiting processing to lawful, declared purposes, and ensuring only data adequate and necessary for those purposes is used.

1. Personal Data Collected and Manner of Collection

We collect the following personal data manually or electronically when you submit to us your inquiries or requests:

• Full Name
• Contact Information (email, phone number, address)
• Signature
• Sensitive Information (age, ethnicity)
• Government-Issued ID details

2. Basis for Processing of Personal Data

• To comply with legal obligations mandated by the NMIS under Republic Act No. 9296 as amended by R.A. 10536 (Meat Inspection Code of the Philippines)
• To support NMIS’s regulatory oversight — monitoring compliance, conducting audits, and securely storing accreditation, license, and certification records to uphold public health and meat product safety standards. 
• To process with consent from the data subject
• To solicit feedback for the improvement of services we provide
• To process personal data as prescribed by law

3. Use for Processing of Personal Data

• We assess and process applications for various NMIS services, using your personal data to ensure proper evaluation and compliance.
• We verify the authenticity of submitted documents and qualifications.
• We communicate with your appointed representatives regarding updates, requirements, and application status.
• We monitor and audit compliance with NMIS standard and regulations to maintain operational integrity.
• We securely store records of accredited entities for regulatory, oversight, and audit purposes.
• We securely retain accreditation, license, and certification records — including Meat Inspection Certificate (MIC) or Certificate of Meat Inspection (COMI), License to Operate (LTO), and License to Import (LTI) — for reporting, auditing, and regulatory accountability.

4. Purpose for Processing of Personal Data

• We process your personal data to enable NMIS to evaluate and grant accreditation to meat establishment operations — ensuring that applications are assessed fairly and consistently.
• We require your personal data to issue License to Import (LTI) and ensure compliance with DA administrative orders and NMIS procedures for importers — such as attending orientation sessions, submitting documentation, and passing required evaluations.
• We process data to issue Certificates of Meat Inspection (COMI/MIC) for imported and locally slaughtered meat, ensuring products meet health standards before storage, distribution, or export.
• We validate foreign meat establishments and exporters, processing their data during accreditation based on international standards, ensuring traceability and integrity of inbound and outbound meat products.

5. Methods Utilized for Automated Access

The NMIS website utilizes Joomla built -in monitoring tool , to monitor and analyze website traffic. Joomla’s built-in monitoring tools are designed primarily for administrator and system-level oversight — not full website traffic analytics.

1. As part of this automated analysis, the following web traffic data may be collected and processed:

• Administrator action logs
• User who performed the action (username, ID)
• Type of action:
• Login / logout
• Created / edited / deleted content
• Created / deleted user accounts
• Changed system settings
• Timestamp of each action
• Item involved (e.g., article title, menu item, user ID)
• IP address (if enabled)

2. Session Data

Purpose: Tracks currently logged-in users and session info

      Data Collected:

• Logged-in frontend/backend users
• Session creation time
• Session expiration time
• User ID and username
• IP address (in session table if logging enabled)

6. Disclosure of Personal Data

Your personal data remains strictly private unless disclosure is permitted under Sections 12 or 13 of the Data Privacy Act:

Whenever we disclose your data, we ensure:

• Transparency about what data is shared (e.g. third-party, stakeholders)
• Clarity on who receives it (e.g., government agencies, auditors)
• Accountability by explaining why we disclose—unless legally prohibited

7. Risks Involved

While NMIS takes strong security measures to safeguard your personal data, certain risks remain inherent in processing activities:

• Unauthorized Access or Breach: Even with encryption and access controls, data may be exposed through cyberattacks (e.g., malware, phishing), system flaws, or weak credentials.
• Accidental Loss or Disclosure: Human errors—like misdirected emails or misplaced files—can lead to unintended data exposure, even within secure environments.
• Data Integrity Issues: Incorrect data entry, system errors, or processing glitches may alter personal data, affecting its accuracy or completeness.
• Cross-border Transfer Risks: If we send data to recipients outside the Philippines, we must ensure equivalent protections—otherwise, data may be subject to weaker privacy laws.
• Non-Compliance Consequences: Failure to follow the Data Privacy Act—like not registering systems, lacking a DPO, skipping breach notifications, or mishandling sensitive data—can result in fines, criminal charges, or enforcement actions by NPC.

8. Data Protection and Security Measures

• We implement organizational, physical, and technical security measures based on generally accepted data privacy and information security standards, as follows:
• Organizational measures such as established data protection policies, employee training and awareness, data sharing agreement and incident response and breach notification procedures
• Physical measures such as access restrictions, visitor management, surveillance system, environmental control, power and utility protection, and equipment disposal
• Technical measures such as data encryption, network security, end point protection, access logging and monitoring, and backup and disaster recovery 

9. Storage, Retention and Disposal

• We store files (manually or electronically) containing personal data in our secure storage locations, computer systems and when necessary, on cloud-based services with third-party providers — ensuring all environments are protected with administrative, technical, and physical safeguards.
• Retention period in accordance with R.A. 9470, which requires government agencies to follow approved NAP and NMIS Records Disposition Schedule, unless a longer retention period is mandated by law or required by NMIS.
• We apply disposal procedures to ensure that personal data and sensitive information are securely and irreversibly destroyed when no longer needed or have reached retention period.  Disposal shall have an approved Authority from the NAP.

10. Rights of a Data Subject

NMIS values and uphold the rights of the data subject: 

• To information
• To access
• To rectification 
• To erasure or blocking 
• To object
• To data portability
• To damages
• To file a complaint 

11. Changes to the Privacy Notice

NMIS may update this privacy notice from time to time and will publish an updated version whenever there are changes. 

12. How to contact/feedback NMIS

Any inquiry or request on this statement may be addressed to:

or