AHEIA is bound by the Privacy Act 1988 (Cth), which sets out a number of principles concerning the privacy of individuals.
This policy outlines the ways in which AHEIA might collect, retain, store, use, disclose, and otherwise deal with personal information.
This policy applies whenever personal information is being collected, stored, retained, used, disclosed, or otherwise dealt with by, on behalf of, and/or in connection with, AHEIA.
(a) expects personal information to be dealt with in a manner that is careful, responsible, and appropriate to the private nature of the information;
(b) acknowledges that the subjects of personal information held by AHEIA expect their information to be protected;
(c) will only collect and otherwise deal with personal information where it is reasonably necessary for it to do so; and
(d) will, at all times, comply with any applicable law.
4. Collection and use
Nature of collection and use
AHEIA collects and uses personal information, including:
(a) personal information relating to our staff, contractors, customers, suppliers, partners, members, and other higher education and research organisations; and
(b) personal information about the staff, students, customers, contractors, suppliers, and partners of our members and other higher education and research organisations.
Reasons for collection and use
AHEIA collects and uses personal information to:
(a) conduct research, including in relation to the higher education sector;
(b) provide services to our members, including professional services;
(c) provide learning, development, education and training to our members and any direct customers;
(d) make networking and related opportunities available to our members and their staff.
Collection and use only when necessary
(a) Personal information will only be collected and/or used where it is reasonably necessary for the purpose of performing a legitimate AHEIA function and/or otherwise attending to AHEIA business.
(b) Before collecting and/or using personal information, AHEIA will investigate whether it is possible to use de-identified information for a particular purpose, instead of collecting and/or using personal information.
Collection direct from subject where possible
(a) Whenever it is reasonably practicable to do so, AHEIA will collect personal information directly from the subject of that information.
(b) Where it is necessary to collect personal information from a source other than the subject, AHEIA will do so, wherever possible, with the consent of the subject.
(c) No person or entity is to provide AHEIA with personal information of a subject without first obtaining consent from the subject.
AHEIA will take all reasonable steps to keep personal information safe, secure, and confidential.
Any person who becomes aware of an actual or potential breach of the safety, security, and/or confidentiality of personal information held by or on behalf of AHEIA must, as soon as practicable, notify the Executive Director of that actual or potential breach.
AHEIA may store personal information:
(a) in hard copy and/or digital form;
(b) directly within its own possession or custody; and/or
(c) via the services of an information service provider (for example, via cloud storage).
Personal information held by or on behalf of AHEIA will be stored within Australia.
6. Access and correction
The subject of personal information held by AHEIA may request:
(a) a copy of that information; and
(b) correction of that information, if they believe the information is inaccurate and/or incomplete.
AHEIA will, upon receipt of a request for access and/or correction:
(a) Consider the request; and
(b) If the request is accepted, promptly attend to the request by providing access to and/or correcting the information; or
(c) If the request is denied, notify the subject of the reasons for denying the request.
AHEIA will not unreasonably refuse a request for access and/or correction.
7. Destruction and redaction
AHEIA will securely destroy and/or delete personal information as soon as reasonably practicable after:
(a) The personal information is no longer required by AHEIA to perform a legitimate AHEIA function; and
(b) AHEIA is no longer under any legal obligation, or otherwise required by law, to retain the personal information.
Any destruction and/or deletion of personal information shall be done in a manner that is appropriately secure and confidential (such as via a secure document destruction service as the case may require).
8. Seeking advice
AHEIA, and anyone acting for or on behalf of AHEIA, will seek legal and/or other professional advice if it/they are unsure about their obligations, or any other matter, relating to the collection, use, storage, disclosure, or other dealing with personal information.
Member means a member of AHEIA; and may also include former and/or prospective members.
Personal information means any information by which one or more people may be identified, whether or not the identifiable person/s are expressly named.
We, us, or AHEIA means the Australian Higher Education Industrial Association; and may also include require, we, us, or AHEIA also means staff, contractors, service providers, or other people acting on behalf of, or in the course of their employment or partnership with, AHEIA, to the extent that they are dealing with personal information.
You or subject means a person who is the subject of personal information to which this policy applies.
Version history and control
This policy is owned by the Executive Director and is administered by, among others as required, the Business Manger and the Director, HR.
The policy owner may authorise amendments to the policy.
This policy has had the following versions:
Date of change: 21 December 2023
Nature of change/s: Policy introduced
Authorised by: Executive Director
Call: 03 8611 0517
Post: AHEIA, Level 6, 303 Collins Street, Melbourne, VIC 3000 AUSTRALIA