Privacy Policy
last updated: December 2020
1. Purpose and nature
Mount Scopus Memorial College, Gandel Besen House Limited and Mount Scopus Memorial College Early Learning Limited (together, the College) recognise the importance of your privacy and the privacy of students. This Privacy Policy explains how the College intends to collect, store, use, disclose, protect and otherwise handle your personal information and the personal information of students having regard to the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act).
This Privacy Policy does not constitute a contractual representation, promise, guarantee or warranty by the College to you as to the manner in which the College will or may collect, store, use, disclose, protect or otherwise handle your personal information. Some matters are beyond the control of the College, such as third party malicious or criminal attacks.
The College may allow its related entities, such as its subsidiaries, and their employees, to use and process your personal information in the same way and to the same extent that the College is permitted to under this Privacy Policy. These related entities comply with the same obligations that the College has to protect your personal information under this Privacy Policy.
2. What is personal information?
Personal information is information or an opinion about you from which you can be reasonably identified.
3. Why does the College collect personal information?
The College collects personal information for the primary purpose of providing educational services and related pastoral care and extra-curricular services. This includes, but is not limited to:
· processing or assessing enrolment, bursaries, subsidies and fees;
· satisfying our legal obligations including our duty of care and child protection obligations;
· keeping parents informed as to College community matters, including through correspondence, newsletters and magazines;
· marketing, promotional and fundraising activities;
· supporting the activities of school associations such as the Alumni Association, including for use and disclosure in the Alumni archive database;
· managing enquiries to or from other education institutions regarding parents’ credit status in relation to payment of school fees (Fee Information);
· student behaviour and attendance (Student Details)
· supporting the activities of the School Parents and Friends Association;
· supporting community-based causes and activities, charities and other causes in connection with the College’s functions or activities;
· helping us to improve our day to day operations including training our staff; systems development; developing new programs and services; undertaking planning, research and statistical analysis;
· College administration including for insurance purposes;
· the employment of staff; and
· the engagement of volunteers.
The College may also use your personal information for secondary purposes closely related to this primary purpose. If the College does not collect your personal information, it may not be able to provide you or the student(s) with these services.
4. What personal information does the College collect?
The types of personal information collected by the College include:
(a) names;
(b) contact details (including address, email address, telephone number(s) and other contact details);
(c) sex;
(d) dates of birth;
(e) tax file numbers;
(f) banking details;
(g) credit status in relation to payment of school fees;
(h) student behaviour and attendance records;
(i) receipt of and eligibility for government benefits relevant to child care subsidies;
(j) images, photos and videos; and
(k) other information you provide to us.
The College expects you to only provide the College with personal information that is accurate, complete and up to date.
The College collects personal information from parents, students, prospective parents, prospective students, job applicants, staff, volunteers and others.
4.1 Sensitive Information
The personal information collected by the College may include sensitive information, which is defined in the Privacy Act as information or an opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Health information collected by the College includes medical records, disabilities, immunisation details and counselling reports.
The College will only use sensitive information:
(a) for the primary purpose for which it was obtained;
(b) for a secondary purpose that is directly related to the primary purpose;
(c) with your consent; or
(d) where required or authorised by law.
5. Personal information of students
The Privacy Act does not differentiate between adults and children. The Privacy Act does not specify an age after which students can make their own decisions regarding their personal information.
The College’s practice is to refer requests for personal information or consent to a student’s parents or carers. The College treats notices to parents as notices to students and will accept consents provided by parents as consent on behalf of a student.
However, the College understands that in some circumstances, particularly in relation to older students, it may be appropriate to directly seek personal information and consent from students.
There may be circumstances where a student of a certain age, maturity and understanding withholds consent and personal information held by the College will not be disclosed to parents, including circumstances where providing such information would impact on the privacy of others or undermine the College’s duty of care to the student.
6. How does the College collect your personal information?
The College will collect personal information only by lawful and fair means and not in an unreasonably intrusive manner. When you provide the College with personal information about yourself or your child you consent to the use, disclosure and handling of that personal information in accordance with this Privacy Policy and any subsequent amendments (see clause 13).
6.1 Collecting information from you
If it is reasonable and practical do to so, the College will collect personal information directly from you.
Depending on how you choose to interact with the College, the College may collect your personal information when you contact, or are contacted by, the College or its service providers by telephone, by email, through the College’s website, through financial transactions and surveillance activities such as CCTV, email monitoring, social media and other digital services, from photographers hired by the school, or from photos or videos take by school staff or volunteers, or when you complete a form or document and provide it to the College.
6.2 Collecting information from third parties
The College may also collect information about you or your child from other people (e.g. a third party administrator), another education provider or institution or independent sources. For example, the College may collect personal information about you from character referees in an employment context or from another education institution in an enrolment context.
However, the College will only do so where it is not reasonable and practicable to collect the information from you directly. If you are a parent of a prospective student of the College, you consent to the College contacting other education institutions that a prospective student has previously attended, to request and receive Fee Information and Student Details.
Where the College has collected your information from a third party, such personal information will be held, used and disclosed by the College in accordance with this Privacy Policy.
6.3 Collecting information from visits to the College’s website
The College may also collect information based on how you use its website, including through ‘cookies’, web beacons and other similar technologies.
Cookies are small text files that are transferred to your computer’s hard drive through your web browser to enable the College’s systems to recognise your browser and record non-personal information such as the date, time or duration of your visit and the pages accessed, for website administration, statistical and maintenance purposes (Cookie Information).
We use cookies to provide you with a more consistent experience across our services. No attempt is made by the College to use Cookie Information to personally identify you. However, if Cookie Information is linked with personal information as set out above, this Cookie Information becomes personal information and will be treated in the same manner as the personal information to which it has been linked.
You can remove or reject cookies by adjusting the settings on your web browser. Please note that some parts of the College’s website may not function fully for users that disable cookies.
6.4 Unsolicited information
If the College receives personal information that it has not requested and determines that the personal information received is not reasonably necessary to provide its services, the College will take all lawful and reasonable steps (if any) to de-identify or destroy that personal information.
7. How does the College hold your personal information?
The security of your personal information is important to the College. Accordingly, the College takes reasonable steps to protect your personal information from misuse, loss and unauthorised access, modification or disclosure. These steps include the implementation of the following safeguards including the provision of information in relation to what processes apply - e.g. password protected databases, staff training, system firewalls, internal information security policies, restricting access to school data bases, levels of security clearance, training staff, lockable filing cabinets, security measures to protect College grounds.
In relation to personal information collected about parents and students, the College will retain personal collected until the later of the expiry of seven years after all children in the same family have completed Year 12, or when all children in the same family have otherwise permanently left the College (including by cancelled enrolment), or all fees and other amounts payable to the College in respect of those children have been paid in full.
The College will take reasonable steps to permanently de-identify or responsibly destroy personal information if it is no longer needed for the purpose for which the information was used or disclosed, where it is lawful for the College to do so.
The College’s data security practices have been adopted with a view to protecting the data held by the College. Notwithstanding this, individuals should be aware that there are inherent risks associated with the transmission of data over the internet and other mediums. Accordingly, the College cannot guarantee any transmission will be completely secure.
8. How does the College use your personal information?
The College may hold, use or disclose your personal information so that it can administer and provide educational services that you request.
The College may also hold, use or disclose your personal information to:
(a) consider any concern or complaint that you raise against the College or to manage any legal action between you and the College;
(b) prevent or investigate any actual or suspected fraud, unlawful activity or misconduct; or
(c) comply with any relevant laws, regulations, codes of practice and court orders.
9. How is personal information disclosed to others?
The College does not sell, rent or trade personal information to, or with third parties.
The College may disclose your personal information to third parties in limited circumstances, including to government agencies, external providers that perform services on behalf of the College, other parents including another parent with whom you share parental responsibility for a student, visiting teachers, counsellors and coaches, persons who access school databases including the Alumni archive, and to other education institutions that contact the College after you or a student has left the College to obtain information regarding Fee Information and/or Student Details.
The College may also disclose your information to its staff, the College’s Executive Committee, Bursary Committee and Finance Committee (being committees whose membership includes both parent representatives and senior staff representatives), on a need to know basis, for the purposes described in clause 3.
The College’s website may contain certain links to other websites. The College does not share your personal information with those websites and it is not responsible for the privacy practices applying in respect of those websites.
The College regularly takes photos and videos of the College’s students and students’ activities. These images are sometimes used for publicity purposes such as in school newsletters, in the press or for use in brochures or other materials promoting the College. On occasion the College shares these images with partner organisations when the College considers this to be in the interest of promoting the College. Parents who do not wish to have images of their children used for publicity purposes will need to notify the college of writing, using the contact details in clause 12 below.
9.1 Cross-border disclosure
The College may transfer your personal information to an entity which is in a foreign country to assist the College in providing its educational services.
If personal information is shared overseas, the College must take reasonable steps to ensure that the overseas entity is APP compliant, unless an exemption applies. One of these exemptions is when the College obtains prior consent to such disclosure from parents and students after expressly informing them that the obligation to ensure APP compliance will not apply to any disclosures given with such consent. However, including this statement in the privacy policy itself would not be sufficient to imply consent. If the College proposes to use this exemption, consent will need to be directly obtained from the individual at the time the personal information is collected, or at some later time. Otherwise, the College will to take reasonable steps to ensure the overseas party is complying with the APPs.
10. How you may access or correct your personal information
You may contact the College to request access to the personal information it holds about you at any time. You may also ask the College to correct information about you that you may believe is inaccurate, incomplete or out of date.
Please contact the College using the contact details set out in clause 12. The College will need to verify your identity before giving you access to, or correcting, your personal information. The College will respond to the request within a reasonable period after the request is made. There is no charge to make a request, however the College may charge a reasonable fee to cover the administrative costs of retrieving your personal information.
In certain circumstances, the College may refuse, or be unable, to correct or provide you with access to your personal information. In these circumstances, the College will write to you to explain the reasons why this is the case.
11. How you may complain if you have concerns about how the College has managed your personal information
If you have a complaint related to how the College has managed your personal information, please contact the College using the contact details set out in clause 12. The College may ask you to place your concerns in writing so that its compliance staff can fully understand and investigate your complaint.
The College will provide you with an estimated response timeframe in relation to your complaint. The College will endeavour to resolve the complaint as soon as reasonably practicable.
If a complaint remains unresolved, or you are not satisfied with the College’s resolution of the complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au to have the complaint heard and determined.
12. How to contact us
If you have any questions about this Privacy Policy or the College’s management of your personal information, please contact the College on:
Attention: Sue Templeman, Risk & Compliance Manager
Tel: 03 9834 0024
Email: stempleman@scopus.vic.edu.au
13. Changes to the College’s privacy policy and information handling practices
This Privacy Policy is subject to change at any time so we encourage you to review this Privacy Policy at regular intervals. If the College changes this Privacy Policy an updated version will be posted on the College’s website to notify you of this change. By continuing to use the College’s services after that time you will be deemed to have accepted any changes to its Privacy Policy.