Privacy

Overview

To meet our public health obligations and as a condition of your entry onto campus, Swinburne is collecting data and implementing contact tracing at each campus. The University will collect your personal and health information (referred to collectively herein as ‘personal information’) as outlined in this notice.

In some instances, the University may share your personal information with: 

1. relevant Government Departments or agencies to meet mandatory reporting obligations relating to public health; or
2. any third party service providers that are required to enable Swinburne to provide its educational, academic or support services to you.
    

The information you provide will be collected lawfully and fairly and in a non‐intrusive way. We will collect your personal information directly from you wherever possible. However, where this is not practicable, we may collect information you have provided through other lawful means (for example scanned QR codes, Wi-Fi logs).

Personal information that may be requested from you includes: 

• your name and contact details
• student or staff identification number
• date and time of your visit
• location of visit
• temperature (if you have had your temperature checked)
• your vaccination status (see further information below)
   

Collection of vaccination status

Swinburne is asking all staff and students to confirm their vaccination status. 

What evidence do we require?

The evidence we require depends on your COVID-19 vaccination status and whether any exemptions apply to you. Swinburne will collect personal information and records that may contain your Personal Information including:

• whether you are fully vaccinated, part vaccinated or unvaccinated at a given point in time;
• date of first dose (actual or planned);
• date of second dose (actual or planned);
• any exemptions that may apply.
   

How will this information be used?

Once you submit your evidence, we will validate it and make a record of your vaccination status. 

We will only use this information for the purpose of confirming that you are able to attend campus or participate in University activities (and related health and safety matters).

If your program or course of study requires the involvement of an external third party, then Swinburne may share your Personal Information with this external third party. This sharing of your Personal Information will be limited to what is necessary to ensure you are able to continue to progress in your studies and access any related support services.

We will not otherwise use or disclose this information unless required or authorised by law.

What if you do not want to provide this information?

Having information about the vaccination status of our staff and students is critical to managing the health and safety of the Swinburne community. If you choose to not provide this information, we won’t know whether or not you are vaccinated and you may, for example, not be allowed to attend campus or otherwise participate in University activities.

Swinburne only collects personal information that is necessary for, or directly related to, one or more of Swinburne’s functions or activities. Personal information that Swinburne collects from staff, students, prospective students, past students, benefactors, research participants, and external contractors includes (depending on the services provided and accessed):

• names and other related contact details 
• student identification numbers and official university email addresses 
• emergency contacts 
• photographic identification 
• academic qualifications, history and progress 
• information relating to entitlements to related educational government payments or support (e.g. HECS-HELP) 
• complaints or misconduct details or information
• if engaging any health service, information necessary to deliver that service (e.g. medical history) 
• other related personal information required for the effective management of the university.
  

Swinburne generally collects information at enrolment or commencement of employment, when you access Swinburne’s IT systems, or when you participate in special activities or projects. Some special projects or activities may have their own collection notice, which is in addition to the information contained in this general collection statement (e.g. when accessing health services or using Swinburne’s IT services).

Swinburne will not collect sensitive information unless:

• you consent to the collection, and the information is reasonably necessary for, or directly related to, one or more of Swinburne’s functions or activities or 
• the collection of the information is required or authorised by or under an Australian law or a court/tribunal order (e.g. when providing government student support) or 
• the information is necessary to provide a health service to you.

Some of the main reasons Swinburne collects your information include:

• to correspond with you
• for administrative purposes
• for the purposes of undertaking university-commissioned research
• for the facilitation of student elections
• to meet legal obligations
• to inform you about your course or other university courses/events
• to confirm your entitlement to Commonwealth assistance
• to allocate a Victorian Student Number and update your personal information on the Victorian Student Register
• to verify your VET FEE-HELP, FEE-HELP or OS-HELP balance
• to facilitate or verify the allocation of a Commonwealth Higher Education Student Support Number (CHESSN).
   

What if you study a Swinburne University of Technology course, program or unit through a third party?

If you study a Swinburne University of Technology course, program or unit through a third party, such as partner or joint-venture providers, other service providers or education providers, your personal information may also be collected and used by such third parties in accordance with their privacy statements.

What happens if you elect to not provide my information?

Generally, you may elect to not provide Swinburne with your personal information. However, much of the personal information collected by Swinburne is necessary to provide you with educational services or access to government support. Without this information, Swinburne may be restricted in its ability to provide these services or support. In some cases, enrolment at Swinburne will not be possible without certain information provided.

Swinburne will only collect personal information by lawful and fair means.

Swinburne will generally collect personal information from you directly, unless: 

• you consent to the collection of the information from someone else; or 
• Swinburne is required or authorised by, or under, an Australian law, or a court/tribunal order, to collect the information from someone else; or 
• it is unreasonable or impracticable to get the information from you directly.
   

Swinburne stores personal information in both electronic and hard copy forms, and must comply with the requirements of the Victorian Public Records Act 1973. For more information in this regard, please visit the Public Record Office Victoria website.

If Swinburne holds personal information about you that was collected for a particular purpose (the primary purpose), Swinburne will not use or disclose this information for another purpose (the secondary purpose), unless:

• you consented to the use or disclosure of the information; or 
• you would reasonably expect Swinburne to use or disclose the information for the secondary purpose (does not apply to sensitive or health information).
   

External organisations

Information collected may be disclosed to various external organisations, including:

• government departments, such as the Australian Taxation Office, the Commonwealth Department of Education, the Department of Home Affairs, Skills Victoria and the Victorian Department of Education and Training

• Skills Victoria may use the information for planning, administration, policy development, program evaluation, resource allocation, and reporting and/or research activities. Skills Victoria may also disclose information to its consultants, advisors, other government agencies and professional bodies and/or organisations. Students may also be contacted in relation to a National Centre for Vocational Education Research (NCVER) survey and/or an audit undertaken by the Commissioner for Privacy and Data Protection or their representatives

• external organisations such as professional bodies, hospitals or government agencies, in connection with your studies

• Commonwealth and state government agencies pursuant to obligations under the Education Services for Overseas Students Act 2000. (Personal information may include contact details, course enrolment details and changes, and the circumstances of any suspected visa breach)

• Swinburne University of Technology may disclose your information to third parties, such as partner or joint venture providers, other service providers or other education providers in circumstances where you study a Swinburne University of Technology course, program or unit through such third parties. Your information may be disclosed for the purpose of improving the delivery of your Swinburne University of Technology course, program or unit.

• External companies or individuals that have been engaged under legal contract to perform some of the University functions such as student surveys or academic services (including the provision of academic transcripts and official Swinburne University of Technology documentation in electronic form).
   

Direct marketing

Swinburne may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:

• Swinburne collected the information from the individual and

• the individual would reasonably expect Swinburne to use or disclose the information for that purpose and

• Swinburne provides a simple means by which the individual may easily request not to receive direct marketing communications from Swinburne and

• the individual has not made such a request to Swinburne.
   

Swinburne may use or disclose sensitive information about an individual for the purpose of direct marketing if the individual has consented to the use or disclosure of the information for that purpose.

Emergency situations and criminal activity

Swinburne may disclose your information for a secondary purpose if it reasonably believes that the use or disclosure is necessary to lessen or prevent:

• a serious and imminent threat to an individual's life, health, safety or welfare or

• a serious threat to public health, public safety or public welfare and

• the information is used or disclosed in accordance with guidelines, if any, issued or approved by the Victorian Health Services Commissioner.
   

Swinburne may disclose health information for a secondary purpose where it has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the health information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities and, if Swinburne, as a registered health service provider, would not be breaching confidence by such use or disclosure.

Swinburne may disclose health information for a secondary purpose where it reasonably believes that the use or disclosure is reasonably necessary for a law enforcement function by or on behalf of a law enforcement agency and, if Swinburne is a registered health service provider, the use or disclosure would not be a breach of confidence.

Before Swinburne discloses personal information about you to a person (the overseas recipient):

• who is not in Australia or an external territory and 
• who is not Swinburne or the individual
   

Swinburne will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach Australian privacy laws in relation to the information.

For research students whose supervisor or examiner is located in a country other than Australia, your personal information may be sent electronically or through the mail to that individual in that country.

Some Swinburne IT systems use cloud computing services that are hosted in countries other than Australia. Depending on the service accessed, this could include selected countries in the Americas, Europe or the Asia-Pacific region.

Swinburne will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.

Subject to an overriding legal consideration, if Swinburne holds personal information about an individual, Swinburne will, on request by the individual, give the individual access to the information. Information can be requested from any Swinburne staff member. If you would like to lodge a Freedom of Information request, please contact Swinburne.

The University counselling and medical services may require an individual to pay a fee in relation to their request to access their health information. The fee will be set at the rate prescribed by the Health Records Regulations 2002.

Under Swinburne’s Privacy Guidelines, Swinburne is not required to give you access to your personal information if:

• Swinburne reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety or

• giving access would have an unreasonable impact on the privacy of other individuals or

• the request for access is frivolous or vexatious or

• the information relates to existing or anticipated legal proceedings between Swinburne and the individual, and would not be accessible by the process of discovery in those proceedings or

• giving access would reveal the intentions of Swinburne in relation to negotiations with the individual in such a way as to prejudice those negotiations or

• giving access would be unlawful or

• denying access is required or authorised by or under an Australian law or a court/tribunal order or

• Swinburne has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Swinburne’s functions or activities has been, is being or may be engaged in AND giving access would be likely to prejudice the taking of appropriate action in relation to the matter or

• giving access would be likely to prejudice one or more enforcement-related activities conducted by, or on behalf of, an enforcement body or

• giving access would reveal evaluative information generated within Swinburne in connection with a commercially sensitive decision-making process.
   

Your right of correction

If Swinburne holds personal information about you and Swinburne is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, or you request Swinburne to correct the information, Swinburne will take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.