Purpose
Australian Institute of Entrepreneurship (AIE) is committed to providing quality training and assessment in accordance with the Standards for Registered Training Organisations (SRTOs 2015). As such, it is required to comply with Federal law regarding Privacy and confidentiality of employees, clients and contractors.
The purpose of this policy is to outline how AIE complies with the Privacy Act 1988 and Australian Privacy Principles (APPs) 2014 and the ESOS Act 2000 to protect and utilise only in the light of its primary purpose while collecting, using and disclosing the personal information of its students, staff and stakeholders.
The thirteen (13) Australian Privacy Principals are:
Australian Privacy Principle 1—open and transparent management of personal information
Australian Privacy Principle 2—anonymity and pseudonymity
Australian Privacy Principle 3—collection of solicited personal information
Australian Privacy Principle 4—dealing with unsolicited personal information
Australian Privacy Principle 5—notification of the collection of personal information
Australian Privacy Principle 6—use or disclosure of personal information
Australian Privacy Principle 7—direct marketing
Australian Privacy Principle 8—cross‑border disclosure of personal information
Australian Privacy Principle 9—adoption, use or disclosure of government related identifiers
Australian Privacy Principle 10—quality of personal information
Australian Privacy Principle 11—security of personal information
Australian Privacy Principle 12—access to personal information
Australian Privacy Principle 13—correction of personal information
AIE students’ personal information will be collected by fair and lawful means which is necessary for the purpose of enrolment and function of AIE and the Institute is committed to ensuring the confidentiality and security of the information provided.
Scope
This policy applies to all students, staff and any person involved with AIE. The collected information will be either in electronic or in hard copy format.
Responsibility
The CEO will be responsible for implementation and monitoring of this policy and will ensure that all the staff members are aware of this policy and its underpinning legislative requirements and comply with it all the times.
AIE will take privacy issues seriously and will stay committed to protect the privacy of individuals. This includes personal, health, financial and other confidential information which is necessary for AIE to carry out its functions;
Policy Statement
AIE collects information solely for the purpose of operating as a Registered Training Organization under the Australian Quality Training Framework. The information provided by students, to the Institute may be made available to Commonwealth and State agencies, the Tuition Assurance Scheme and Fund Manager of the ESOS Assurance Fund, pursuant to obligations under the ESOS Act 2000 (as amended 1st January 2007) and the National Code of Practice. The Institute is required, under S19 of the ESOS Act 2000, to tell the Department about: changes to student’s personal and contact details, course enrolment details and changes, any breach by students of student visa conditions relating to course progress or disciplinary action taken by the Institute. This information includes personal and contact details, course enrolment details and changes, and the circumstance of any suspected breach by the student of a student visa condition. It is a requirement of the Australian Quality Training Framework that students can access personal information held by the Institute and may request corrections to information that is incorrect or out of date. Apply in writing to the Training Manager if you wish to view your own records.
Student’s privacy is important to AIE and all the all the personal & private information collected about you will be treated as confidential. Reasonable steps will be taken to protect individual’s information from loss, misuse or unauthorised disclosure or destruction. The right to privacy is a value that is highly regarded.
AIE will ensure:
- It maintains and provides a current Privacy Policy;
- Information gathered for the express purpose of training and assessment matters will not be disclosed to a third party unless prior written consent is provided by the individual concerned, except that required by law;
- The secure storage of all records;
- The confidentiality of all information maintained on records.
Policy Principles
Legislation
AIE, although not required to, chooses to abide by the Privacy Act 1988 and associated 13 Australian Privacy Principles (APPs).
The APPs came into force on 12 March 2014 and set out standards, rights and obligations for the handling, holding, accessing and correction of personal information (including sensitive information).
AIE is however required to abide by the ESOS act 2000.
Underpinning Principles
Personal Information is defined in the Privacy Act 1988 to mean “information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not
Sensitive Personal Information is defined in the Privacy Act 1988 to mean “information or an opinion about an individual’s” that is also personal information, such as:
- racial or ethnic origin; or
- political opinions; or
- membership of a political association; or
- religious beliefs or affiliations; or
- philosophical beliefs; or
- membership of a professional or trade association; or
- membership of a trade union; or
- sexual orientation or practices; or
- criminal record
Procedures
Consideration of the Privacy/ Managing Personal Information
AIE endeavours to balance the rights of privacy with the need to be accountable and transparent in its dealings.
AIE manages student’s personal information by:
- Ensuring that personal information is managed in an open and transparent way.
- Take reasonable steps to implement practices and procedures that will facilitate dealing with enquiries or complaints from individuals regarding compliance with the Australian Privacy Principles (APPs).
- Ensure that Privacy Policy contains the following information:Ensure that it maintains an up-to-date policy about the management of personal information.
- The kind of information that is collected and held;
- How the information is collected and held;
- The purposes for which information is collected, held, used and disclosed;
- How an individual may access their personal information that is held by and seek correction of such information as necessary;
- How the individual may make a complaint about a breach of the APPs and how AIE will deal with the complaint (see P6 Complaints and appeals policy and procedures)
- Whether AIE is likely to disclose personal information to overseas recipients, and if so the countries in which such are likely to be located.
- Provide the Privacy Policy free of charge and in such form as appropriate, and as is reasonable.
Anonymity and pseudonymity
AIE will respect that individuals may not wish to identify themselves when making enquiries on products and services; however, AIE require full personal details as required by law and for identification purposes from clients.
Collection and use of Personal Information
AIE will not collect personal information from you unless that information is necessary for one or more of its functions or activities or is required by law. AIE advises that it is required by law to collect, hold, use and supply personal information, in accordance with the National VET Provider Collection Data Provision Requirements. Any information supplied by students to AIE will only be used to provide information about study opportunities, to enable efficient administration, and to maintain proper academic records. Only authorised personnel will have access to this information. All the information collected is governed by the APPs (2014).
AIE will take reasonable steps at or before the time of collection to ensure that you are aware of:
- Who we are and how to contact us;
- How to gain access to your own information;
- The purpose for which the information is being collected;
- Any organisation to which we would normally disclose information of that kind;
- Any law that requires the particular information to be collected;
- The main consequences for the individual if all or part of the information is not provided.
AIE collects information from you in the following ways:
- When you register your interest on line, apply for enrolment, request certain services or products, or otherwise contact or do business with us.
- Information may be collected from enrolment forms, certified documents, telephone calls, faxes, emails, letters sent by you.
- Information may be collected from third parties, such as other training providers, regarding confirmation of training and ongoing professional development that you have attended, as permitted by you.
- Should AIE collect information about you from a third party we will take reasonable steps to ensure that the individual is or has been made aware of the matters listed above except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.
Dealing with Personal Information
AIE will act lawfully and in a fair and nonintrusive way. AIE will ensure that the personal information that it collects is accurate, up to date, complete and relevant.
AIE will not use or disclose personal or sensitive information for any purpose other than what it was collected for, unless the relevant person has provided written consent to use or disclose that information in circumstances that are different to those for which it was collected.
The circumstances where an exception may occur are:
- Where the use or disclosure of this information is required or authorised by or under an Australian law or a court/tribunal order;
- The individual would reasonable expect to use or disclose the information for the secondary purpose;
- A permitted health situation exists in relation to the use or disclosure of the information by AIE ;
- A permitted general situation exists in relation to the use or disclosure of the information by AIE ;
- AIE reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.collects your personal information so as to:
- Process applications;
- Manage your enrolment;
- Record and maintain your details;
- Administering training programs;
- Record and maintain details of your ongoing training and assessment;
- Provide you with details regarding client services, benefits, and training opportunities;
- Notify you about upcoming events and opportunities;
- Gain feedback from you;
- Communicate with you;
- Report to relevant authorities as required by law.
Direct Marketing: AIE may use personal information (specifically your name and relevant address details) and information about your preferences for direct marketing (i.e. the communication channels which you prefer for receiving direct marketing from us and the types of products and services in which you are interested in) so as to let you know about our services and benefits, where we have your written consent.
AIE will also provide an opt-out and/or unsubscribe method that is easily accessible for individuals to request not to receive direct marketing communications.
Cross Border Disclosure: AIE does not disclose personal information to overseas recipients unless prior written approval is received by the individual who the personal information relates.
Adoption, use or disclosure of Government Related identifiers: It is required by law (Student Identifier Act) to collect, maintain and report to relevant Government agencies the individual’s Unique Student Identifier (USI) number in accordance with the National VET Provider Collection Data Provision Requirements. This information may be shared with:
- Commonwealth and State/Territory government departments and agencies and statutory bodies performing functions relating to VET for:
- The purpose of administering and auditing VET, VET providers and VET programs;
- Education related policy and research purposes; and
- To assist in determining eligibility for training subsidies
- VET regulators to enable them to perform their VET regulatory functions;
- VET admissions Bodies for the purpose of administering VET and VET programs,
- Current and former Registered Training Organizations to enable them to deliver VET courses to the individual, meet their reporting obligations under the VET standards and government contracts and assist in determining eligibility for training subsidies;
AIE will not disclose the Unique Student Identifier (USI) number for any other purpose, including on any Certification documents you receive.
AIE must not adopt the Unique Student Identifier (USI) number as its own identifier of the individual.
Payment details/Credit Card Authorisation: In circumstances, where the student chooses to make payments using a credit card, they may do so only upon filling the credit card authorisation form. The authorisation form is viewed and processed by the Administration department.
The Administrative officer upon processing the payment, secures the information in a locked cabinet which is in turn placed in a secured room. Only Administrative officer will have the key access to the room and the cabinet.
The credit card authorisation form is retained only for the length of the course enrolment plus one year, post which they must be destroyed by document disposal professionals. A corresponding entry of the disposal needs to be maintained in the document disposal register.
Refer – ‘Records Management and Timelines Policy’
Integrity of Personal Information
AIE will take steps, as are reasonable, to ensure that the personal information it:
- Collect is accurate, up to date and complete;
- Uses or discloses, is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.
Security of personal information
AIE will take steps, as are reasonable in the circumstances to:
- Protect the information from misuse, interference and loss as well as unauthorised access, modification or disclosure.
- Destroy the information or to ensure that the information is de-identified.
- Wherever possible, it will collect information directly from its students rather than from third parties.
Disclosure of Personal Information
Personal information about student(s) studying with AIE may be shared with Australian Government and designated authorities. This information includes personal and contact details, course enrolment details and changes and, for international students, the circumstances of any suspected breaches of the student’s visa conditions.
AIE will not disclose any personal information of a student, except as permitted under these policies. AIE will not disclose personal information to a person, body or agency (other than the individual concerned) unless:
- The individual concerned has expressly or implicitly consented to the disclosure in writing; or
- The person disclosing the information believes on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to the life or health of the student or of another person; or
- The disclosure is required or authorised by or under law; or
- The disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue, or for the protection of the interests of the government, statutory authority or statutory office – holder as an employer; or
AIE will disclose information for the purpose of the protection of public revenue. AIE will include a note of the disclosure in the record containing that information. Personal information may be shared with other Colleges where students enrol or apply to enrol.
In case of work-based training components and practical placement, AIE may require to notify Host Organisation (including approved entity, serviced providers of employer, agents or their authorised contractors) of any concerns, issues or opportunities relating to the practical placement, including student course progression.
Access to, and correction of, Personal Information
A student may access their own personal information held by AIE at no charge. Individuals will be advised of how they may access or obtain a copy of their personal information within 30 days of receiving the individual’s written request.
AIE allows students to apply for and receive personal information that AIE holds about students according to the above requirements. The request should be lodged in writing, addressed to the Administrative officer, providing full details of the student’s name, ID number and details of the specific information required.
However, in some circumstances, AIE may not permit access to individuals for their personal information. If this is ever the case, AIE will provide full details for the legal reasons for this decision. These may include that believes:
- That giving access to the information would pose a serious threat to the life, health or safety of the individual, or to public health or public safety; or
- Giving access would have an unreasonable impact on the privacy of other individuals; or
- The request for access is frivolous or vexatious; or
- The information relates to existing or anticipated legal proceedings between and the individual, and would not be accessible by the process of discovery in those proceedings; or
- Giving access would reveal the intentions of in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
- Giving access would be unlawful; or
- Denying access is required or authorised by or under an Australian law or a court/tribunal order; or
- AIE has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to functions or activities has been, is being or may be engaged in;
- Giving access would be likely to prejudice the taking of appropriate action in relation to the maters; or
- Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- Giving access would reveal evaluative information generated within in connection with a commercially sensitive decision-making process.
AIE does not charge a fee for access to personal information. The exception is re-prints of certification documentation previously supplied.
AIE will make all reasonable efforts to ensure that personal information recorded by AIE is up to date. If a student believes that the personal information retained by AIE is out of date or otherwise misleading or inaccurate, the student may request that AIE amend his or her personal information. AIE will amend the information, if it is found that the information is out of date, misleading or inaccurate.
If AIE corrects and updates personal information about an individual that AIE previously disclosed to another education provider and the individual requests the Institute (AIE) to notify the other provider of the correction, then AIE will take steps that are reasonable in the circumstances, to provide that information unless it is impractical or unlawful to do so.
If AIE refuses to correct the information as requested by the individual, AIE will give a written notice to a student that sets out:
- the reasons for the refusal; and
- the mechanisms available to complain about the refusal; and
- any other matter prescribed by the regulations.
With regard to the correction of personal information held:
AIE should be satisfied that information is inaccurate, out of date, incomplete, irrelevant or misleading, AIE will take such steps as reasonable to correct the information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading. AIE will not charge students for making the request, for correcting the personal information or for associating the statement with the personal information.
Records Management
All personal information and records are maintained in accordance with Records Management Policy. (See Records Management Policy)
Monitoring and Improvement
All Privacy practices are monitored by the CEO and areas for improvement identified and acted upon. (See Continuous Improvement Policy)
Complaints
Students have the right to complain if they believe that believe their privacy has been breached. Students can access complaints and appeals policy available on AIE’s website or can contact students support office.