The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act) made many significant changes to the Privacy Act 1988 (Privacy Act). These changes commenced on 12 March 2014.
The Privacy Regulation 2013, made under the Privacy Act, also commenced on 12 March 2014.
As a Registered Training Organisation (RTO) we are required to collect and record information about you, including your personal information. Your personal information is protected by the Privacy Act and 13 Australian Privacy Principles (APPs). Below is a brief explanation of how these principles relate to the personal information collected by CEG – Training Partnerships.
Australian Privacy Principle 1 – Open and transparent management of personal information
When completing an enrolment form, information is provided to you about why we are collecting personal information and how your information will be used
Our student handbook (available on our website) provides a written statement regarding the protection of your personal information. Copies can be requested free of charge by calling us
on 1300 885 697
We invite your questions and concerns regarding your personal information. The Compliance Manager is our Privacy Officer and can be contacted by
calling 1300 885 697 or by email to firstname.lastname@example.org
Australian Privacy Principle 2 – Anonymity and pseudonymity
From January 1st 2014 it is mandatory that all RTO’s collect and provide demographic and study information from all enrolling students. This information is provided to the National Centre for Vocational Education Research (NCVER) however, this information is provided separately to your personal information and therefore provides anonymity via how NCVER uses the collected data.
This information may be provided directly or via the applicable state training authority.
From January 1st 2015 onwards it is mandatory that every person undertaking nationally accredited training has a Unique Student Identifier (USI). This requirement prevents any RTO from accepting an enrolment in any name other than the legal name specified on the provided identification or associated with the provided USI number. For more information regarding the USI scheme you can visit: http://www.usi.gov.au/Pages/default.aspx.
For the above reasons it is not possible for an RTO to permit a student to remain anonymous or use a pseudonym.
Australian Privacy Principle 3 – Collection of solicited personal information
The collection of your personal information is necessary for RTO operations and required under the following legislation/policies:
Student Identifiers Act 2014
Standards for NVR Registered Training Organisations (RTO) 2015
Student Identifiers Regulation 2014
State training authority guidelines and legislation
Sensitive information, such as your personal or financial situation is not generally essential so the recording of this type of information only occurs with your consent and if it is deemed necessary. For example, recording this information may be necessary to justify a request to delay or suspend your involvement in government funded or subsidised training or explain absences from scheduled classes.
The information we collect will be mostly collected only from you. Some information may be provided to us from a government agency. For example, if you sign a contract of training and we are the appointed RTO we will receive a notification of the appointment. The collection of that personal information is subject to your informed consent when collected by that agency.
Australian Privacy Principle 4 – Dealing with unsolicited personal information
With the possible exception of information provided to us by a government agency specifically related to your enrolment/student records, CEG – Training Partnerships does accept or record unsolicited personal information.
Australian Privacy Principle 5 – Notification of the collection of personal information
When completing an enrolment form the enrolment form provides information regarding the collection of your personal information and how it is used.
The Student Handbook also provides this information.
Australian Privacy Principle 6 – Use of disclosure of personal information
The personal information collected from you will only be used for the purpose it was collected. This means:
If a copy of an identification document was collected solely for the purposes of establishing or verifying your Unique Student Identifier (USI) we will confidentially destroy and dispose of the received copy once the USI has been established.
If evidence of entitlement for a concession discount was obtained, this information will only be provided to the funding body applicable however, details of your concessional entitlement will remain on file for the period we are required to hold it.
We will not sell, provide or release your personal information to any other person, business or government agency unless we have your permission to do so, it is essential for your protection or that of others (e.g.: medical emergency whilst attending class) or it is required under law.
Australian Privacy Principle 7 – Direct marketing
When enrolling you are provided with the option to “Opt Out” of receiving marketing correspondence.
Regardless of your decision at the time of enrolment you may advise us at any time that you do not wish to receive marketing materials.
We will do all things reasonable to ensure that once you have indicated that you do not want to receive marketing materials that our records are updated immediately to reflect this.
Australian Privacy Principle 8 – Cross-border disclosure of personal information
We will not provide your personal information to any person, entity or agency outside of Australia.
Australian Privacy Principle 9 – Adoption, use or disclosure of government related identifiers
All students will be issued with a unique student number by the RTO. This number will not be your USI or any other government related identifier.
Australian Privacy Principle 10 – Quality of personal information
We will do all things reasonable to ensure your records remain accurate and up to date.
We request that when your personal information changes that you contact us to update your records.
Australian Privacy Principle 11 – Security of personal information
The personal information we collect is recorded electronically on a database that is protected from correction or access through employment of reasonable security measures.
Any hard copy records held by us remain secure by means of monitored alarm and physical access restrictions.
Once we are no longer legally required to hold your personal information your records will be securely destroyed.
Australian Privacy Principle 12 – Access to personal information
You may request access to records held by us. Wherever possible, this access will be provided within 30 days of the request.
Prior to providing this access we will take reasonable precautions to ensure the access is provided only to you.
If you give permission for a third party to access your records we must first receive written authority from you to do so. This authority must clearly identify yourself by providing your full name, address and date of birth. It must also clearly identify the third party you are authorising access to and the reason why you are authorising the access.
If a third party contacts us to request access to your records we will deny the access if there is no authorisation in place.
Further to the above, if the requesting third party is a government agency we will first verify the agency’s authority to access your information. This may be verified by contacting you directly to ask your permission or verifying that the requesting agency has authority under law.
Australian Privacy Principle 13 – Correction of personal information
If we believe your personal information is inaccurate or out of date we will contact you or your authorised representative to verify this and correct our records where necessary.
Ensuring that you understand your rights and obligations regarding your personal information is important to us. The Compliance Manager is our Privacy Officer and can be contacted by
calling 1300 885 697 or by email to email@example.com