Swinburne University of Technology acknowledges and respects the privacy of individuals.
Have you applied for a job at Swinburne?
Learn more about how we manage your personal information when you apply for a job at here at Swinburne University of Technology.
Multi-Factor Authentication at Swinburne
Multi-Factor Authentication (MFA) is an additional security step to verify your identity when you login to selected Swinburne applications and systems.
If you have any questions, issues or concerns (or wish to lodge a complaint in respect of a privacy matter) please contact Matthew Smith, Privacy Officer - Manager, Regulatory & Integrity, Governance and Assurance, on +61 3 9214 4592
We value your privacy
Swinburne University of Technology acknowledges and respects the privacy of individuals. We advise that much of the information that you may have provided to, or may be asked to provide, to Swinburne University of Technology is 'personal information'.
As a general rule, personal information is not released by Swinburne University of Technology to other organisations, except in response to legal requirements such as a subpoena, and information regarding an individual will not be disclosed to a third party without the individual's consent, except where the third party is directly acting as our agent.
Why we collect your information
This information is normally collected for the purposes of processing your application, registration or inquiry for a Swinburne University of Technology course, activity or interest group. Information that we collect will be used for keeping you informed of upcoming events, improving the student experience and assisting us in improving and marketing our services to you. For more information refer to the Privacy Collection Notice below.
Security of your information
Swinburne University uses and implements industry standards for the security and protection of information collected, and this information is securely stored and access is restricted to authorised personnel only, ensuring that your personal information is protected and safeguarded.
Access to your information
You have a right of access to, and alteration of personal information concerning yourself held by the University, in accordance with Government Legislation.
Our privacy guidelines and procedure
Download and view Swinburne University of Technology’s privacy guidelines, March 2014.
Privacy Collection Notice
To meet our public health obligations and as a condition of your entry onto campus, Swinburne is collecting data and implementing contact tracing at each campus. The University will collect your personal and health information (referred to collectively herein as ‘personal information’) as outlined in this notice.
In some instances, the University may share your personal information with:
- relevant Government Departments or agencies to meet mandatory reporting obligations relating to public health; or
- any third party service providers that are required to enable Swinburne to provide its educational, academic or support services to you.
The information you provide will be collected lawfully and fairly and in a non‐intrusive way. We will collect your personal information directly from you wherever possible. However, where this is not practicable, we may collect information you have provided through other lawful means (for example scanned QR codes, Wi-Fi logs).
Personal information that may be requested from you includes:
- your name and contact details
- student or staff identification number
- date and time of your visit
- location of visit
- temperature (if you have had your temperature checked)
- your vaccination status (see further information below)
Collection of vaccination status
Swinburne is asking all staff and students to confirm their vaccination status.
What evidence do we require?
The evidence we require depends on your COVID-19 vaccination status and whether any exemptions apply to you. Swinburne will collect personal information and records that may contain your Personal Information including:
- whether you are fully vaccinated, part vaccinated or unvaccinated at a given point in time;
- date of first dose (actual or planned);
- date of second dose (actual or planned);
- any exemptions that may apply.
How will this information be used?
Once you submit your evidence, we will validate it and make a record of your vaccination status.
We will only use this information for the purpose of confirming that you are able to attend campus or participate in University activities (and related health and safety matters).
If your program or course of study requires the involvement of an external third party, then Swinburne may share your Personal Information with this external third party. This sharing of your Personal Information will be limited to what is necessary to ensure you are able to continue to progress in your studies and access any related support services.
We will not otherwise use or disclose this information unless required or authorised by law.
What if you do not want to provide this information?
Having information about the vaccination status of our staff and students is critical to managing the health and safety of the Swinburne community. If you choose to not provide this information, we won’t know whether or not you are vaccinated and you may, for example, not be allowed to attend campus or otherwise participate in University activities.
Swinburne only collects personal information that is necessary for, or directly related to, one or more of Swinburne’s functions or activities. Personal information that Swinburne collects from staff, students, prospective students, past students, benefactors, research participants, and external contractors includes (depending on the services provided and accessed):
- names and other related contact details
- student identification numbers and official university email addresses
- emergency contacts
- photographic identification
- academic qualifications, history and progress
- information relating to entitlements to related educational government payments or support (e.g. HECS-HELP)
- complaints or misconduct details or information
- if engaging any health service, information necessary to deliver that service (e.g. medical history)
- other related personal information required for the effective management of the university.
Swinburne generally collects information at enrolment or commencement of employment, when you access Swinburne’s IT systems, or when you participate in special activities or projects. Some special projects or activities may have their own collection notice, which is in addition to the information contained in this general collection statement (e.g. when accessing health services or using Swinburne’s IT services).
Swinburne will not collect sensitive information unless:
- you consent to the collection, and the information is reasonably necessary for, or directly related to, one or more of Swinburne’s functions or activities or
- the collection of the information is required or authorised by or under an Australian law or a court/tribunal order (e.g. when providing government student support) or
- the information is necessary to provide a health service to you.
Some of the main reasons Swinburne collects your information include:
- to correspond with you
- for administrative purposes
- for the purposes of undertaking university-commissioned research
- for the facilitation of student elections
- to meet legal obligations
- to inform you about your course or other university courses/events
- to confirm your entitlement to Commonwealth assistance
- to allocate a Victorian Student Number and update your personal information on the Victorian Student Register
- to verify your VET FEE-HELP, FEE-HELP or OS-HELP balance
- to facilitate or verify the allocation of a Commonwealth Higher Education Student Support Number (CHESSN).
What if you study a Swinburne University of Technology course, program or unit through a third party?
If you study a Swinburne University of Technology course, program or unit through a third party, such as partner or joint-venture providers, other service providers or education providers, your personal information may also be collected and used by such third parties in accordance with their privacy statements.
What happens if you elect to not provide my information?
Generally, you may elect to not provide Swinburne with your personal information. However, much of the personal information collected by Swinburne is necessary to provide you with educational services or access to government support. Without this information, Swinburne may be restricted in its ability to provide these services or support. In some cases, enrolment at Swinburne will not be possible without certain information provided.
Swinburne will only collect personal information by lawful and fair means.
Swinburne will generally collect personal information from you directly, unless:
- you consent to the collection of the information from someone else; or
- Swinburne is required or authorised by, or under, an Australian law, or a court/tribunal order, to collect the information from someone else; or
- it is unreasonable or impracticable to get the information from you directly.
Swinburne stores personal information in both electronic and hard copy forms, and must comply with the requirements of the Victorian Public Records Act 1973. For more information in this regard, please visit the Public Record Office Victoria website.
If Swinburne holds personal information about you that was collected for a particular purpose (the primary purpose), Swinburne will not use or disclose this information for another purpose (the secondary purpose), unless:
- you consented to the use or disclosure of the information; or
- you would reasonably expect Swinburne to use or disclose the information for the secondary purpose (does not apply to sensitive or health information).
Information collected may be disclosed to various external organisations, including:
government departments, such as the Australian Taxation Office, the Commonwealth Department of Education, the Department of Home Affairs, Skills Victoria and the Victorian Department of Education and Training
Skills Victoria may use the information for planning, administration, policy development, program evaluation, resource allocation, and reporting and/or research activities. Skills Victoria may also disclose information to its consultants, advisors, other government agencies and professional bodies and/or organisations. Students may also be contacted in relation to a National Centre for Vocational Education Research (NCVER) survey and/or an audit undertaken by the Commissioner for Privacy and Data Protection or their representatives
external organisations such as professional bodies, hospitals or government agencies, in connection with your studies
Commonwealth and state government agencies pursuant to obligations under the Education Services for Overseas Students Act 2000. (Personal information may include contact details, course enrolment details and changes, and the circumstances of any suspected visa breach)
Swinburne University of Technology may disclose your information to third parties, such as partner or joint venture providers, other service providers or other education providers in circumstances where you study a Swinburne University of Technology course, program or unit through such third parties. Your information may be disclosed for the purpose of improving the delivery of your Swinburne University of Technology course, program or unit.
External companies or individuals that have been engaged under legal contract to perform some of the University functions such as student surveys or academic services (including the provision of academic transcripts and official Swinburne University of Technology documentation in electronic form).
Swinburne may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:
Swinburne collected the information from the individual and
the individual would reasonably expect Swinburne to use or disclose the information for that purpose and
Swinburne provides a simple means by which the individual may easily request not to receive direct marketing communications from Swinburne and
the individual has not made such a request to Swinburne.
Swinburne may use or disclose sensitive information about an individual for the purpose of direct marketing if the individual has consented to the use or disclosure of the information for that purpose.
Emergency situations and criminal activity
Swinburne may disclose your information for a secondary purpose if it reasonably believes that the use or disclosure is necessary to lessen or prevent:
a serious and imminent threat to an individual's life, health, safety or welfare or
a serious threat to public health, public safety or public welfare and
the information is used or disclosed in accordance with guidelines, if any, issued or approved by the Victorian Health Services Commissioner.
Swinburne may disclose health information for a secondary purpose where it has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the health information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities and, if Swinburne, as a registered health service provider, would not be breaching confidence by such use or disclosure.
Swinburne may disclose health information for a secondary purpose where it reasonably believes that the use or disclosure is reasonably necessary for a law enforcement function by or on behalf of a law enforcement agency and, if Swinburne is a registered health service provider, the use or disclosure would not be a breach of confidence.
Before Swinburne discloses personal information about you to a person (the overseas recipient):
- who is not in Australia or an external territory and
- who is not Swinburne or the individual
Swinburne will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach Australian privacy laws in relation to the information.
For research students whose supervisor or examiner is located in a country other than Australia, your personal information may be sent electronically or through the mail to that individual in that country.
Some Swinburne IT systems use cloud computing services that are hosted in countries other than Australia. Depending on the service accessed, this could include selected countries in the Americas, Europe or the Asia-Pacific region.
Swinburne will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.
Subject to an overriding legal consideration, if Swinburne holds personal information about an individual, Swinburne will, on request by the individual, give the individual access to the information. Information can be requested from any Swinburne staff member. If you would like to lodge a Freedom of Information request, please contact Swinburne.
The University counselling and medical services may require an individual to pay a fee in relation to their request to access their health information. The fee will be set at the rate prescribed by the Health Records Regulations 2002.
Under Swinburne’s Privacy Guidelines, Swinburne is not required to give you access to your personal information if:
Swinburne reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety or
giving access would have an unreasonable impact on the privacy of other individuals or
the request for access is frivolous or vexatious or
the information relates to existing or anticipated legal proceedings between Swinburne and the individual, and would not be accessible by the process of discovery in those proceedings or
giving access would reveal the intentions of Swinburne in relation to negotiations with the individual in such a way as to prejudice those negotiations or
giving access would be unlawful or
denying access is required or authorised by or under an Australian law or a court/tribunal order or
Swinburne has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Swinburne’s functions or activities has been, is being or may be engaged in AND giving access would be likely to prejudice the taking of appropriate action in relation to the matter or
giving access would be likely to prejudice one or more enforcement-related activities conducted by, or on behalf of, an enforcement body or
- giving access would reveal evaluative information generated within Swinburne in connection with a commercially sensitive decision-making process.
Your right of correction
If Swinburne holds personal information about you and Swinburne is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, or you request Swinburne to correct the information, Swinburne will take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If you believe that Swinburne has breached Australian Public Service Privacy Principles or Australian privacy laws then you may either:
- lodge a written complaint within six (6) months of the time the complainant first became aware of the apparent breach or
- contact Swinburne’s Privacy Officer, Mr Matthew Smith, email@example.com, +61 3 9214 4592.
Your complaint will be reviewed and managed as set out in the Complaints Management Guidelines and the Reviews and Appeals Regulations.
External avenues of complaint
You may also contact the following organisations in regard to a complaint.
Office of the Australian Information Commissioner
1300 363 992
Fax +61 2 9284 9666
GPO Box 5218
Sydney NSW 2001
Commissioner for Privacy and Data Protection
1300 666 444
Fax 1300 666 445
GPO Box 24014
Melbourne VIC 3001
Contact for staff
If staff have any queries in relation to privacy at Swinburne University of Technology, please contact Governance and Assurance (login required).