EMS Internal Privacy Notice
Effective Date: 2026-05-26
Applies to: All LKKS personnel with EMS access
Document owner: LKKS IT Administration
Purpose
The Equipment Management System (EMS) is an internal platform used by LKKS staff to manage equipment maintenance operations, including work requests, work orders, preventive maintenance schedules, and task assignments. EMS is accessible only to authorized LKKS personnel.
1. Data Collected
To support maintenance operations and account security, EMS stores limited work-related and account-related information for authorized users.
| Data | Description |
|---|---|
| Full name | Used for account identification and assignment records |
| Email address | Used for authentication, notifications, and audit identification |
| Role | Determines system access level (Admin, Manager, Engineer) |
| Position | Organizational context for records and assignments |
| Contact number | Operational contact for task and assignment communications |
| Audit log entries | Records of actions performed within EMS (see Section 3) |
| Login and security events | Records of authentication activity and security-related events |
2. Audit and Security Event Data
For security and accountability, the system records important account and authentication activity such as login attempts, password changes, and administrative actions:
- Successful and failed login attempts
- MFA verification and failure events
- Password changes and resets
- Account creation, deactivation, and updates
- Account security actions
- Security incidents flagged by administrators
Each audit record includes: user identifier, action type, timestamp, basic connection and device information, and relevant event details.
3. Purpose of Processing
Personal information processed by EMS is used exclusively for:
| Purpose | Basis |
|---|---|
| Maintenance operations | Assigning and tracking work requests, work orders, and PMS tasks |
| Accountability | Maintaining a record of who performed which actions within the system |
| Security monitoring | Detecting unauthorized access, credential misuse, and suspicious activity |
| Access management | Enforcing role-based permissions and session controls |
| Operational communications | Notifying personnel of task assignments and completions |
EMS does not use personal information for marketing, profiling, or any purpose unrelated to internal operations.
4. Access Controls
Access to personal information within EMS is restricted based on role:
| Role | Access |
|---|---|
| Admin | Full access to user accounts, audit logs, and security controls |
| Manager | Read access to user lists; no access to security audit logs |
| Engineer | Access to own profile and assigned work only |
Account creation is restricted to authorized LKKS IT Administrators. Users cannot self-register.
5. Retention Period
Personal information is retained only as long as necessary for operational, security, and legal purposes.
6. Security Measures
EMS implements the following technical controls to protect personal information:
6.1 Authentication and access
- Mandatory multi-factor authentication (MFA) for all staff accounts
- Brute-force protection with progressive account lockout
- Checks against known compromised passwords during password changes
6.2 Session controls
- Session invalidation on password reset and account deactivation
- Forced password replacement for administrator-issued temporary credentials
- Automatic redirect to password change for expired credentials
6.3 Audit logging
- Security-related events are logged with account, activity, and time information for monitoring and accountability purposes
- Audit logs are securely stored and may be monitored for security and operational purposes
6.4 Infrastructure
- Data is protected using industry-standard encryption
- Connections to EMS are encrypted using HTTPS (TLS)
7. Employee Rights
Under Republic Act 10173 (Data Privacy Act of 2012), LKKS employees whose personal information is processed by EMS have the right to:
7.1 Access
Request information about what personal data is held about them in EMS
7.2 Correction
Request correction of inaccurate personal information
7.3 Erasure or blocking
Request removal or blocking of personal data where processing is no longer necessary or lawful, subject to applicable retention obligations
7.4 Object
Object to the processing of personal data under certain circumstances
7.5 Be informed
Be notified of how their personal information is used (this notice fulfills that obligation)
To exercise any of these rights, contact the LKKS IT Administration or Data Protection Officer using the contact information below.
8. Contact
For questions about this notice, data privacy concerns, or to exercise your rights under RA 10173:
Data Protection Officer / IT Administration
LKKS
This notice applies to the EMS platform only. It covers internal staff data processed within EMS and does not govern data collected through other LKKS systems or platforms.