- Contact Information
- Our obligations
- What is Personal Information?
- Collection of Personal Information
- Use of Personal Information
- Disclosure of Personal Information
- Use of government related identifiers
- Access to and Correction of Personal Information
- Quality, Storage and Security of Personal Information
- Publishing Personal Information on the Deakin College Website
- Grievance and Review Procedures
- Further Information
- Changes to this Policy
1.1 Deakin College's role as an education provider requires it to collect, store, use and disclose personal information relating to its students, staff and other clients. Deakin College is committed to protecting the privacy of your personal information.
2. Contact Information
2.1 The overall responsibility for protecting the privacy of all personal information held by Deakin College resides with the College Director and Principal, with the day to day management delegated to the Quality and Compliance Manager. The Quality and Compliance Manager is the first point of contact for privacy queries, including if you require general information about Deakin College's privacy obligations, if you wish to make a request to access and/or amend your personal information and for if you wish to make a complaint about a possible breach of privacy.
2.2 The contact details for the Director Quality and Student Administration are set out below:
- Quality and Compliance Manager
Deakin College at Deakin University, 70 Elgar Road, Building LA, Level 4, Burwood VIC 3125
Telephone: (03) 9244 5269
International Telephone: +61 3 9244 5269
3. Our obligations
Deakin College is required to comply with the APPs in the Privacy Act. The APPs regulate the manner in which personal information is handled throughout its life cycle, from collection, to use and disclosure, storage, access and disposal.
3.1 In some circumstances, Deakin College is also required to comply with:
- 3.1.1 Applicable State and Territory health privacy legislation (including the Victorian Health Records Act 2001) when it collects and handles health information in the relevant jurisdiction.
- 3.1.2 The Spam Act 2003 (Cth) and Do Not Call Register Act 2006 (Cth).
4. What is Personal Information?
Personal information is defined as any information (including an opinion), whether true or not, and whether recorded in a material form or not, about an individual who is either identified by the information or could be reasonably identifiable.
5. Collection of Personal Information
5.1 How does Deakin College collect personal information about you?
- 5.1.1 Deakin College collects personal information through a variety of lawful and fair means including:
- (a) on hard copy forms;
- (b) by email;
- (c) over the telephone;
- (d) through written correspondence;
- (e) in person.
- 5.1.2 Deakin College will collect personal information directly from you, if this is reasonable and practical. All information collected is for the purposes of the functions or activities of Deakin College, or where required by law.
- 5.1.3 Unsolicited personal information
If Deakin College receives personal information about you which it has taken no active steps to collect, Deakin College may keep that information if the Privacy Act permits it to do so. If it does not, the information will be destroyed or de-identified, provided it is lawful and reasonable to do so.
If it is practicable to do so, Deakin College may provide you with the option of communicating with us either anonymously or using a pseudonym. However, where this is not practicable (for instance, when you are enrolling with Deakin College), Deakin College will require you to provide us with fully identifying information.
5.3 What types of personal information will Deakin College collect about you?
- 5.3.1 The type of personal information which Deakin College collects about you will depend on the type of dealings you have with Deakin College, and may include your name, phone number, email address, address, nationality, date of birth, and educational history.
- 5.3.2 Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection. Sensitive information includes health and genetic information and information about racial or ethnic origin, political opinions or religious beliefs and affiliations. Deakin College only collects sensitive information where it is reasonably necessary for our functions or activities and either:
- (a) the individual has consented; or
- (b) we are required or authorised under law to do so.
5.4 For what purposes does Deakin College collect and hold information about you?
- 5.4.1 Personal information may be collected by Deakin College in the following instances:
- (a) when an enquiry is lodged through the Deakin College online enquiry service;
- (b) when a person applies for admission to Deakin College;
- (c) when a person enrols for a course or unit offered by Deakin College; and
- (d) when a person applies for employment at Deakin College.
- 5.4.2 Sensitive information may also be collected by Deakin College in the following instances:
- (a) information about the disability support needs of individual students, to assist with special needs and to develop disability access plans where appropriate; and
- (b) health information that may be relevant to an individual student's failure to achieve a satisfactory course outcome.
- 5.4.3 When a person visits the Deakin College website, a record is logged of the visit and the following anonymous information is retained for Deakin College’s statistical purposes:
- (a) the Internet Protocol (IP) address from which the request is received;
- (b) the date and time that the request is received by the Deakin College server;
- (c) the pages, documents and files requested;
- (d) the address of the resource which provided the link followed, if any, to the Deakin College website;
- (e) the type of browser and, in some case, the operating system used; and
- (f) in some instances, data sent to its website from web forms (eg. search terms).
- 5.4.4 This information is used and disclosed by Deakin College in anonymous, aggregated form only, for purposes including statistical analysis and to improve the functionality and usability of Deakin College websites. Although you are not identified, Deakin College reserves its right to use or disclose this information to try and locate an individual where we reasonably believe that the individual may have breached the Student Code of Conduct (see policies) or otherwise engaged in any unlawful or inappropriate activity in connection with the Deakin College website or where we are otherwise required or authorised by law to do so.
- 5.4.5 Some sections of the Deakin College website use standard industry technologies, for example, ‘cookies’. A cookie is a small string of information that a website transfers to your browser for identification purposes. Any information collected from the Deakin College website is session information that is collated for analysis, evaluated and published in reports that show Deakin College usage patterns. Popular areas of the website are identified in order to improve and develop the website and its services. Deakin College also uses software programs to monitor network traffic and to identify unauthorised attempts to upload or change information, or otherwise cause damage.
- 5.4.6 Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used. There are also software products available that can manage cookies for you. Rejecting cookies can, however, limit the functionality of the Deakin College website.
6. Use of Personal Information
6.1 Deakin College collects personal information for the primary purpose of providing its services to individuals. Personal information may be collected for purposes related, or ancillary to, the primary purpose of collection. This includes:
All reasonable steps are taken to destroy hard copies of personal information that are obsolete or no longer required by Deakin College. Destruction of personal information is undertaken by secured means.
- 6.1.1 administering and managing the services provided by Deakin College to prospective and current students, including admission, enrolment, education, billing, maintaining information technology systems, customer service and data storage;
- 6.1.2 marketing the services of Deakin College and its related entities to prospective, current and past students;
- 6.1.3 guiding students in their study options;
- 6.1.4 providing student counselling services;
- 6.1.5 conducting surveys;
- 6.1.6 conducting research for service improvement purposes and to compile statistics and analyse trends;
- 6.1.7 recruiting and managing employees and contractors;
- 6.1.8 processing payments;
- 6.1.9 the administration of Commonwealth education assistance programs under the Higher Education Support Act 2003 and guidelines made under that Act (including FEE-HELP); and
- 6.1.10 the regulation of student visas and Australian immigration laws generally under the Education Services for Overseas Students Act 2000, the National Code of Practice for Providers of Education and Training to Overseas Students 2007, the Migration Act 1958 and the Migration Regulations 1994.
6.2 Deakin College will only use and disclose personal information about a person for the purposes provided in this policy, where consent is given to Deakin College to do so, or as otherwise required or authorised by law. If Deakin College collects information about you from a third party (for example, an authorised parent or spouse that is authorised to act on your behalf or any of Deakin College’s contractors who supply us with a service), we will take reasonable steps to make sure that you are made aware of:
- 6.2.1 our identity and how to contact us;
- 6.2.2 the purposes for which we are collecting the information;
- 6.2.3 whether the collection is required or authorised by or under an Australian law;
- 6.2.4 the third parties to which we would normally disclose information of that kind;
- 6.2.5 whether any of those third parties are located overseas and, if practicable to specify, the countries in which they are located;
- 6.2.7 if you may not be aware that we have collected the information, the facts and circumstances of the collection.
7. Disclosure of Personal Information
7.1 Deakin college may disclose personal information about a student to third parties for the purposes set out above in heading 6, including:
- 7.1.1 to Deakin College representatives (agents) acting on a student’s behalf;
- 7.1.2 to Deakin University for the purposes of transferring academic results or information on students to determine eligibility for transfer into the second year bachelor degree;
- 7.1.3 to any other educational institutions that provide access to units and other resources through Deakin College or that any student is eligible for admission to;
- 7.1.4 to Navitas Limited and its affiliates; and
- 7.1.5 to Deakin College’s contractors including financial institutions, print and mail houses and debt collectors.
7.2 Deakin College may also disclose personal information about a person to third parties not contemplated in this policy if:
- 7.2.1 Deakin College reasonably believes that the disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety;
- 7.2.2 Deakin College has reason to suspect that unlawful activity or misconduct of a serious nature that relates to Deakin College's functions or activities has been, is being or may be engaged in and Deakin College reasonably believes that the disclosure is necessary in order for appropriate action to be taken;
- 7.2.3 Deakin College reasonably believes that the disclosure is reasonably necessary to assist in locating a person who has been reported as missing; or
- 7.2.4 the disclosure is required by law, regulation or a court / tribunal body.
7.3 Deakin College may be required to collect, use and disclose personal information when each student is admitted and enrolled with the College in order to meet its obligations under a range of legislative requirements. Examples of the entities Deakin College may disclose personal information and the types of personal information disclosed include:
- 7.3.1 Department of Education - statistical information about student enrolment, educational background, country of birth, or if a student has requested financial assistance with tuition fees;
- 7.3.2 Australian Taxation Office (ATO) - in relation to FEE-HELP where a person may defer fee payment through the taxation system, their tax file number will be disclosed;
- 7.3.3 Department of Education under the obligations of the Education Services for Overseas Students (ESOS) Act 2000;
- 7.3.4 Department of Immigration - reporting requirements in respect of matters relating to students on overseas student visas under the Migration Act 1958 and the Migration Regulations 1994;
- 7.3.5 Centrelink - enrolment information on domestic students accessing Centrelink benefits;
- 7.3.6 Allianz Global Assistance - where overseas students purchase Overseas Student Health Cover (OSHC) through Deakin College; and
- 7.3.7 Tuition Protection Scheme - tuition assurance for overseas students.
7.4 Direct Marketing
- 7.4.1 Where we have your express or implied consent, or where we are otherwise permitted by law, we may use your personal information to send you information about the services we offer, as well as other information (including enrolment reminders, study suggestions, and invitations to our surveys). We may send this information in a variety of ways, including by mail, email, SMS and telephone.
- 7.4.2 You can opt out of receiving these communications at any time, in the following ways:
- (a) unsubscribe links; or
- (b) SMS reply ‘STOP’.
- 7.4.3 Deakin College will not disclose or externally publish personal information to third parties who are not related to Deakin College to allow them to direct market their products or services without the relevant person's consent.
7.5 Cross-Border disclosure of Personal Information
- 7.5.1 Deakin College will always comply with the requirements of the Privacy Act that apply to cross border disclosures of personal information.
- 7.5.2 Deakin College may also use a cloud-based service located in Chicago and Hong Kong to store and process personal information.
8. Use of government related identifiers
8.1 Deakin College will not adopt any government related identifier (such as your tax file number, or Medicare number) as our own identifier for you, unless this is permitted by the Privacy Act.
8.2 Deakin College collects the tax file numbers of domestic students who are accessing FEE-HELP, for the purposes of disclosing this information to the Australian Taxation Office.
8.3 Deakin College will not otherwise use or disclose a government related identifier unless this is permitted by the Privacy Act.
9. Access to and Correction of Personal Information
9.1 Any person may request access to the personal information held by Deakin College about them and to request its correction.
9.2 Students of Deakin College
If you are a student of Deakin College, you can review and amend the personal information held about you by Deakin College by logging on to your student portal or by contacting the Quality and Compliance Manager.
9.3 Individuals who are not students of Deakin College
- 9.3.1 If you are not a student of Deakin College, you can obtain access to your personal information held by Deakin College by contacting the Quality and Compliance Manager using the contact details set out in section 2 of this Policy. Deakin College will generally provide you with access to your personal information, subject to some exceptions permitted by law. We will generally provide access in the manner you have requested, provided it is reasonable and practical for us to do so. Deakin College may charge a fee to cover our reasonable costs of locating the information and providing it to you.
- 9.3.2 If we decide not to provide you with access to the personal information we hold about you, we will provide you with a written notice explaining why we have decided not to give you access and how you may make a complaint about our refusal to do so.
- 9.3.3 You can also contact the Quality and Compliance Manager to seek correction of any personal information held by Deakin College about you. If you ask us to correct personal information held about you (or if we determine that personal information held about you is inaccurate, out of date or incomplete), we will take reasonable steps to correct the information. If we correct personal information about you and we have previously provided the information to another organisation that is subject to the Privacy Act, you may ask us to notify that other organisation and we will take reasonable steps to do so.
- 9.3.4 If you ask us to correct personal information that we hold about you and we decide not to do so, we will provide you with a written notice explaining why we decided not to correct the information and how you may make a complaint about our refusal to do so. In addition, you may ask us to attach a statement to the record of personal information stating that the information is out of date, incomplete, inaccurate or misleading, we will generally do so, subject to our legal requirements.
- 9.3.5 We will not charge you for making a request to correct your personal information.
- 9.3.6 Except in the case of more complicated requests, Deakin College will endeavour to respond to access and correction requests within 30 days.
10. Quality, Storage and Security of Personal Information
10.1 Data quality and accuracy
- 10.1.1 Deakin College takes reasonable steps to make sure that any personal information it collects, uses and discloses is accurate, up to date, complete and (in the case of use or disclosure) relevant.
- 10.1.2 Please help us to keep your personal information accurate and up to date, by letting us know about any changes, such as to your email address or phone number. As noted above, if you are an enrolled student, you may log on to your student portal to update your contact and other personal information.
10.2 Security of personal information
- 10.2.1 Deakin College takes reasonable steps to protect against loss, interference, and misuse, and from unauthorised access, modification or disclosure of all personal information under its control, as required by law.
- 10.2.2 All personal information that is stored on Deakin College's server is password protected.
10.3 Destruction of personal information
Deakin College takes all reasonable steps to destroy personal information that is obsolete or no longer required by Deakin College. Destruction of personal information is undertaken by secured means.
11. Publishing Personal Information on the Deakin College Website
11.1 Deakin College will only publish personal information on its website if that information has been collected for this purpose, and only with the knowledge and consent of the individual concerned.
11.2 When giving such consent, an individual should be aware that information published on Deakin College’s website is accessible to millions of users from all over the world, that it will be indexed by search engines and that it may be copied and used by any web user. This means that once the information is published on our website, Deakin College will have no control over its subsequent use and disclosure.
11.3 Names and email addresses of Deakin College staff appearing on the website are provided with their knowledge and consent.
11.4 Under no circumstances will Deakin College sell or receive payment for licensing or disclosing personal information.
11.5 Where there are links to other sites on the Deakin College website, Deakin College is not responsible for the privacy practices of those businesses or organisations or for the content of those websites.
12. Grievance and Review Procedures
13. Further Information
14. Changes to this Policy