In dealing with personal and sensitive information about individuals, DLS is bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). In relation to health records, DLS is also bound by the Health Records Act 2001 (Vic).
What is personal information?
Personal information: Personal information means information DLS holds about you from which your identity is either apparent or can be reasonably determined. Examples include names, addresses, telephone numbers, dates of birth. Personal information does not include health information.
Health information: Any information or opinion about the health or disability of an individual, an individual’s expressed wishes about the future provision of health services to him or her or a health service provided, or to be provided to an individual. Examples include health records, certificates, details of medical background, health assessment results.
Australian Privacy Principles (APPs): Principles established under the Privacy Act 1988 (Cth) that set out minimum standards on how organisations deal with the collection, security, use and disclosure, correction and storage of personal information and access to that information.
Sensitive information: Information relating to a person’s racial or ethnic origin, political opinions, religious beliefs or affiliations, trade union or other professional or trade association membership, philosophical beliefs, sexual orientation or practices or criminal record, that is also personal information; health information and biometric information about an individual.
Identifier: A number assigned to an individual to identify uniquely that individual for the purposes of an organisation’s work, e.g. a Medicare number. Unique identifiers are used to facilitate data matching. As data matching can reduce privacy, under the APPs organisations are prohibited from adopting government or authority identifiers as their own identifiers.
What kinds of personal information does DLS collect and how does DLS collect it?
DLS collects information from individuals to assist it in its work of advising and supporting Victorian Catholic schools. In compliance with the relevant legislation, DLS only collects information that is necessary in order for it to perform one or more of its functions or activities.
The type of information DLS collects and holds includes (but is not limited to) personal information, including health and other sensitive information, about:
- students and parents and/or guardians (parents) before, during and after the course of a student’s enrolment at the school
- job applicants, staff members, volunteers and contractors
- other people who come into contact with DLS.
DLS will generally collect personal information held about an individual by way of forms filled out by the individual, face-to-face meetings and interviews, emails and telephone calls. On occasions people other than the individual provide personal information.
DLS may receive parent information and information on students and staff of Victorian Catholic schools from schools.
In some circumstances DLS may be provided with personal information about an individual from a third party, for example a report provided by a school or by a medical professional or a reference from another employer.
Information collected by DLS website
When you look at DLS’s website, DLS’s Internet Service Providers (Catholic Network Australia, Internode and AARNET) makes a record of your visit and logs the following information for statistical purposes:
- your server address
- your top-level domain name (for example .com, .gov, .au, .uk, etc.)
- the date and time of your visit to the site
- the pages you accessed and the documents you downloaded
- the previous site you have visited
- the type of browser you are using.
Access to information collected
DLS will not make an attempt to identify users by their browsing activities. However, in the unlikely event of an investigation, a law enforcement agency or other government agency may exercise its legal authority to inspect DLS’s Internet Service Provider’s logs.
Use of information collected
DLS will only record your email address if you send DLS a message. Your email address will only be used for the purpose for which you have provided it and it will not be added to a mailing list or used for any other purpose without your consent.
DLS’s website does not provide facilities for the secure transmission of information across the Internet. Users should be aware that there are inherent risks in transmitting information across the Internet.
DLS’s website only uses session cookies and only during a search query of the website. DLS’s Internet Service Provider has assured DLS that no cookies are employed on this website except for those associated with the search engine. The website statistics for this site are generated from the web logs as outlined above.
On closing your browser the session cookie set by DLS’s website is destroyed and no personal information is maintained which might identify you should you visit DLS’s website at a later date.
(Cookies can be either ‘persistent’ or ‘session’-based. Persistent cookies are stored on your computer, contain an expiration date, and may be used to track your browsing behaviour upon return to the issuing website. Session cookies are short-lived, are used only during a browsing session and expire when you quit your browser.)
Exception in relation to employee records
How will DLS use the personal information you provide?
DLS will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.
Students and parents: DLS uses personal information on students and parents collected by DLS or provided by DLS to:
- assist with students’ learning and wellbeing
- satisfy DLS’s accountability and legal obligations and allow DLS to discharge its duty of care.
The College engages in fundraising activities from time to time. Information received may be used to make an appeal to students or parents; it may also be disclosed to organisations that assist in the College’s fundraising activities solely for that purpose.
Job applicants, staff members and contractors: In relation to personal information of job applicants and contractors, DLS’s primary purpose of collection is to assess and (if successful), engage the applicant or contractor.
In addition, DLS uses personal information of job applicants and contractors for the purpose of:
- administering the individual’s employment or contract, as the case may be
- for insurance purposes
- to satisfy DLS’s legal obligations, for example in relation to child protection legislation.
Volunteers: DLS may also obtain personal information about volunteers to assist DLS in its functions or to conduct associated activities to enable DLS to conduct its functions.
Marketing: DLS undertakes marketing activities to promote the future growth and development of the school. DLS may collect personal information for marketing purposes. DLS will never share this information with any third party marketing lists or organisations.
Who might DLS disclose personal information to and store your information with?
DLS may disclose personal information, including sensitive information, held about an individual to:
- the Catholic Education Office Melbourne
- government departments
- people providing services to DLS, including specialist visiting teachers, counsellors
- recipients of DLS print and online publications such as newsletters and magazines
- anyone you authorise DLS to disclose information to
- anyone to whom we are required to disclose the information by law.
Sending and storing information overseas
DLS may disclose personal information about an individual to overseas recipients, for instance, to facilitate a school exchange. However, DLS will not send personal information about an individual outside Australia without:
- obtaining your consent (in some cases this consent will be implied)
- otherwise complying with the Australian Privacy Principles or other applicable privacy legislation.
How does DLS treat sensitive information?
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law.
Management and security of personal information
DLS and DLS’s staff are required to respect the confidentiality of students’ and parents’ personal information and the privacy of individuals. DLS has in place steps to protect the personal information DLS holds from misuse, interference and loss, unauthorised access, modification or disclosure by use of various methods, including locked storage of paper records and password access rights to computerised records.
Access and correction of personal information
Under the Commonwealth Privacy Act and the Health Records Act 2001 (Vic.) an individual has the right to obtain access to any personal information which DLS holds about them and to advise DLS of any perceived inaccuracy. There are some exceptions to this right set out in the act. Students will generally be able to access and update their personal information through their parents, but older students may seek access and correction themselves.
There are some exceptions to these rights set out in the applicable legislation.
To make a request to access or update any personal information DLS holds about you or your child, please refer to the contact details below.
DLS may require you to verify your identity and specify what information you require. DLS may charge a fee to cover the cost of verifying your application and locating, retrieving, reviewing and copying any material requested. If the information sought is extensive, DLS will advise the likely cost in advance. If DLS cannot provide you with access to that information, you will be provided with a written notice explaining the reasons for refusal.
Consent and rights of access to the personal information of students
- DLS respects every parent’s right to make decisions concerning their child’s education.
- Generally, DLS will refer any requests for consent and notices in relation to the personal information of a student to the student’s parents. DLS will treat consent given by parents as consent given on behalf of the student, and notice to parents will act as notice given to the student.
- As mentioned above, parents may seek access to personal information held by DLS about them or their child by contacting the DLS Deputy Principal of Pastoral Care and Organisation (see contact details below). However, there will be occasions when access is denied. Such occasions would include where release of the information would have an unreasonable impact on the privacy of others, or where the release may result in a breach of DLS’s duty of care to a staff member or student.
- DLS may, at its discretion, on the request of a student, grant that student access to information held by DLS about them, or allow a student to give or withhold consent to the use of their personal information, independently of their parents. This would normally be done only when the maturity of the student and/or the student’s personal circumstances so warranted.
Enquiries and complaints
If you would like further information about the way DLS manages the personal information it holds, or wish to complain that you believe that DLS has breached the Australian Privacy Principles, please contact DLS Privacy Officer:
Deputy Principal of Pastoral Care & Organisation
De La Salle College
1318 High Street Malvern, 3144 Australia
Phone (03) 9508 2100
DLS will investigate any complaint and will notify you of a decision in relation to your complaint as soon as is practicable after it has been made.
Last updated: 19/12/2014