Privacy is a serious issue. This page tells you how Trinity College deals with your personal data and its security.
This Statement relates to Trinity College (ABN 39 485 211 746) and to the Trinity College Foundation (ABN 80 463 885 316) (we, us, our).
At Trinity College we recognise that your privacy is very important to you; it is to Trinity College as well. During the course of conducting our activities, we collect personal information provided by and about people that is necessary for us to provide our services.
We believe that this Privacy Statement will address any potential concerns you may have about how personal information you provide to Trinity College is collected, held, used, corrected, disclosed and transferred. You can obtain more information, upon request, about the way we manage the personal information that we hold. If you seek any further information please contact us in one of the ways set out below.
WHAT IS PERSONAL INFORMATION?
By personal information we mean information or an opinion whether true or not and whether recorded in a material form or not, about a person whose identity is apparent or can reasonably be ascertained. When we refer to personal information, 'personal information' in this Privacy Statement, we are also referring to 'health information' and 'sensitive information'.
Health information is a subset of personal information that is generally afforded a higher level of privacy protection. Health information relates to the health or disability of an individual, the provision of health services to the individual or the individual’s expressed wishes about the provision of health services.
Sensitive Information is another subset of personal information that is generally afforded a higher level of privacy protection. It includes information about racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, sexual preferences or practices, criminal record and some types of biometric information.
We are bound by, and committed to complying with the Information Privacy Principles (IPPs) set out in the Privacy and Data Protection Act 2014 (Vic).
The IPPs regulate the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, storage, accessibility and disposal.
We are also required to comply with more specific privacy legislation in some circumstances, such as the Health Records Act 2001 (Vic) when we collect and handle health information.
Our aim is to both support, and ensure that we comply with, the Information Privacy Principles that form the basis of laws introduced to strengthen privacy protection for the general public.
COLLECTION AND DATA QUALITY
In the course of our activities we collect and hold personal information about present students, their parents/guardians, alumni, staff and other individuals. This information is required to assist us in providing courses of study and services which enable us to fulfil our mission.
We will only collect personal information from you by lawful and fair means, without being unreasonably intrusive.
Where reasonable and practicable we will only collect personal information about an individual from that individual.
In some circumstances, we may be provided with personal information about an individual from a third party, for example, by a present student about a parent. In such cases, the person supplying the information should, at that time, also provide confirmation that this has been done with the permission of the individual concerned. On request from that individual, the College will confirm what information has been collected, the purpose of its collection, the organisations to which the information is usually disclosed, the main consequences if the information is not provided and the individual’s rights of access to the information.
At or before the time we collect personal information from you we will take reasonable steps to inform you why we are collecting that personal information, who else we might disclose that personal information to, and what will happen if you do not provide personal information to us. Once we hold personal information we will take reasonable steps to keep it accurate, secure, complete and up-to date.
From time to time, we may take photographs and make audio and/or audiovisual recordings of students, alumni and their guests at our events and/or on our grounds and we may collect information relating to the identity of the individuals appearing in the photographs and/or recordings.
We will not collect sensitive information about you without your consent, unless:
- the collection is required by law, or is necessary to prevent or lessen a serious or imminent threat to the life or health of any individual, and you are not physically or legally able to provide consent; or
- the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.
As Trinity’s residential agreement is with the resident, any and all private information is communicated to the resident alone. Trinity College does not usually disclose private information to any other parties, including parents or guardians, without consent from the resident themselves.
USE AND DISCLOSURE
We will only use and disclose your personal information when it is lawful and reasonable to do so. We will also only use and disclose your personal information for the purpose for which it was collected, or a purpose related to (or, in the case of health or sensitive information, directly related to) the purpose for which it was collected or as authorised by law.
Personal information concerning enrolled students will be provided to the University of Melbourne and designated authorities such as government departments, the Tuition Assurance Scheme and the ESOS Assurance Fund Manager as required.
You should be aware that others receiving this information may not have privacy policies equivalent to ours, but unless you inform us in writing that you withdraw your consent, we will assume that we do have your consent to provide such information to other third parties to facilitate the provision of our services to you. In circumstances where you expressly withdraw your consent, this may impact how we are able to provide our services to you.
Your personal information will only be used for the purpose for which it was collected, unless when you consent to us using that information for another purpose, or where it is permitted or required by law, or where we reasonably believe it is necessary on health or public safety grounds or desirable on other grounds to use the information for another purpose.
Personal information supplied to Trinity College may be used by its staff in conducting the business of the Trinity College. Such uses include matters related to student administration, provision of services and the dissemination of information to staff, prospective and current students and remaining in contact with people who have had an affiliation with us.
Examples of instances when personal information about you may be disclosed are:
- informing Centrelink of your enrolment details if you are in receipt of payments;
- releasing statistical information to the Department of Home Affairs (DHA);
- releasing statistical information to the Federal Department of Education (DET (Commwth));
- releasing statistical information to the Victorian Department of Education (DET Victoria)
- informing the Australian Taxation Office of your taxation liabilities;
- check aspects of your immigration status in Australia through DHA's Verification of Evisa Online (VEVO);
- assisting the police with personal information about you if you are alleged to have been involved in a criminal offence; and
- when we publish newsletters, publications, brochures and other materials (in print and online) which include photographs and/or recordings of students, alumni and/or their guests at our events and/or on our grounds, they may disclose information that identifies those students, alumni and/or guests (including by printing the name(s) of individuals in the photographs or recordings).
ACCESS AND CORRECTION
Please contact our Privacy Officer if you would like to access or correct the personal information that we hold about you. We may ask you to verify your identity before processing any access or correction requests, to make sure that the personal information we hold is properly protected.
We will generally provide you with access to your personal information, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (eg by providing photocopies or allowing a file to be viewed), provided it is reasonable and practicable for us to do so. We may however charge a fee to cover our reasonable costs of locating the information and providing it to you.
If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.
Except in the case of more complicated requests, we will endeavour to respond to access and correction requests within 45 days.
What if we do not agree to your request for access or correction?
If we do not agree to your access or correction request, or if we do not agree to give you access in the manner you requested, we will provide you with a written notice setting out the reasons for our decision (except to the extent that, having regard to the grounds for refusal, it would be unreasonable to do so), and available complaint mechanisms.
In addition, if we refuse to correct personal information in the manner you have requested, you may ask us to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, and we will take reasonable steps to do this in such a way that will make the statement apparent to users of the information.
DATA SECURITY AND STORAGE
The College holds personal information on electronic and paper based records.
We take all reasonable steps to ensure that the personal information we hold is accurate and complete and that it is protected from unauthorised access, modification, disclosure, misuse and loss, and to destroy or permanently de-identify personal information we no longer need.
We will not assign unique identifiers or adopt as our own any identifiers that you may provide to us, such as TFNs or Medicare numbers, unless the assignment of identifiers is necessary to enable us to carry out any of our functions efficiently.
Wherever it is lawful and practicable, individuals have the option of not identifying themselves when contacting us. The nature of the business carried on by us means that, generally, it is not possible for us to provide services to student or staff members in an anonymous way.
TRANSFERING INFORMATION OUTSIDE OF VICTORIA
From time to time, we may need to send information outside of Victorian where it is necessary to do so, for example, where a student has a parent who lives interstate or overseas.
When we transfer personal information to third parties or outside Victoria, we use secure arrangements to protect the information. We will only transfer personal information outside Victoria after taking reasonable steps to satisfy ourselves that the recipient of the personal information is bound to comply with equivalent privacy obligations to those applying to us.
We are committed to providing to the Trinity College community and to other parties whose personal information we hold, a fair and responsible system for the handling of their complaints.
If at any time you have any complaints in relation to privacy, please contact our Privacy Officer via the details below or submit a complaint form. We will seek to address any concerns that you have through our complaints handling processes, but if you wish to take matters further you may refer your concerns to the Office of the Australian Information Commissioner.
CHANGE OF POLICY
We may change this Statement from time to time without prior notice.
Or by post:
Trinity College and Trinity College Foundation
100 Royal Parade
Telephone: 03-9348 7100
Facsimile: 03-9348 7610
ADDITIONAL PRIVACY INFORMATION
Further information on privacy may be obtained by visiting the web site of the Office of the Victorian Information Commissioner (OVIC) at https://www.cpdp.vic.gov.au.
This form is to assist you in making a complaint about the handling of personal information under the Privacy and Data Protection Act 2014 (Vic) by the Trinity College. The Privacy and Data Protection Act 2014 (Vic) states that the person complaining must first complain to the organisation involved (in this case, Trinity College) before a complaint can be made to the Victorian Privacy Commissioner. Complaints can be made against the following:
- An agency or organisation handling your information.
- A contracted service provider of an Agency.
For the protection of everyone’s privacy we can accept only complaints made by the persons involved or an authorised representative. Therefore, if you wish to complain on behalf of another person, please provide proof of authority to do so.
To assist our staff, it is important that all the required information is legible. If more space is required, please attach additional pages. Use of this form, however, is optional. If you would like to fill in a paper form manually, you can download one here.
We will use the information you provide on this form to investigate and conciliate your privacy complaint against Trinity College. We will only disclose the information you give us to those areas within council that may have information relevant to your complaint. In the event of a challenge to the decision made by Trinity College, it may be required to disclose this information to the Victorian Privacy Commissioner or a court.
Revised statement approved by Board 23 May 2018