Privacy Notice

4Ps Compliance Monitoring and Cash Grant System (CMCGS) · Pursuant to Republic Act No. 10173 (Data Privacy Act of 2012) and NPC Circular 16-01.

1. Who we are

This system is operated by the Department of Social Welfare and Development (DSWD) Pantawid Pamilyang Pilipino Program (4Ps) field office. The Personal Information Controller (PIC) is the DSWD Field Office; the designated Data Protection Officer (DPO) is reachable at the contact details posted in the office bulletin board and on dswd.gov.ph.

2. Personal data we process

  • Identity: name, DSWD control number, date of birth, gender, relationship to household head.
  • Contact: mobile number (encrypted at rest), address (province, municipality, barangay).
  • Program data: household composition, compliance records (health, education, FDS, F1KD), supporting documents, non-compliance cases, cash grant releases and withholds.
  • Account data: username, hashed password, role, login activity (audit log).

3. Why we process it (lawful basis)

Processing is necessary to fulfill DSWD's mandate under Republic Act No. 11310 (4Ps Act) and its IRR — namely monitoring conditional cash transfer compliance, computing grants, and managing non-compliance cases. This is a function of a public authority under Sec. 12(e) and Sec. 13(b)/(f) of RA 10173; consent is not the legal basis but data subject rights still apply.

4. Who can see your data

  • Assigned Municipal Link, Provincial Link, Provincial Operations Officer, and System Administrator — strictly limited to their assigned municipalities/province.
  • You (the beneficiary) — via the "My Status" portal after login.
  • DSWD national reporting on aggregated, non-identifying basis.

We do not sell or share personal data with private third parties.

5. How long we keep it

Beneficiary records are retained while the household is active in the 4Ps program and for ten (10) years after exit, in line with DSWD records-disposition schedules and the National Archives of the Philippines guidelines. Audit logs are kept for twenty-four (24) months and then pruned automatically. One-time SMS codes expire in ten (10) minutes and are not persisted to the database.

6. How we protect it

  • Mobile numbers encrypted at rest (Laravel encrypted cast, AES-256-CBC).
  • Passwords stored as bcrypt hashes; reset codes hashed in cache.
  • Role-based access control with municipality-scoped queries (no cross-municipality leakage).
  • HTTPS enforced in production; secure, HTTP-only, SameSite session cookies; encrypted session payloads.
  • HSTS, Content-Security-Policy, X-Frame-Options: DENY, Referrer-Policy, Permissions-Policy headers.
  • Full audit log of create / update / delete operations on personal data (Spatie ActivityLog).
  • Forced password change on first login and after admin reset; per-user and per-IP rate-limiting on password recovery.

7. Your rights under RA 10173

You may exercise the following rights (Sec. 16):

  • Be informed — this notice.
  • Access — view your records via "My Status" after login.
  • Data portability — download your records as JSON via "My Status → Download My Data".
  • Correct inaccurate data — contact your assigned Municipal Link.
  • Object to processing, or request erasure / blocking where permitted by law (the 4Ps statutory mandate may override).
  • Lodge a complaint — file with the DSWD DPO; unresolved complaints may be elevated to the National Privacy Commission (privacy.gov.ph).

8. Data breach

Suspected or confirmed personal data breaches are escalated to the DSWD DPO. Where a breach is likely to give rise to real risk to data subjects, the NPC and affected data subjects will be notified within 72 hours of discovery, in line with NPC Circular 16-03.

9. Changes to this notice

This notice may be updated when our processing activities change. The latest version is always available at /privacy.

Last updated: May 15, 2026.

Back to Login