Privacy Policy

Introduction

Educational Assessment Australia (EAA) is a prime provider of quality educational measurement and assessment services in Australia, New Zealand, Asia and the Pacific region. It has been involved in educational measurement in Australia since 1967 and is the largest independent provider of school tests in the region.

EAA is one of the five principal business units within UNSW Global, the international education, training and consultancy arm of the University of New South Wales (UNSW). UNSW Global is a wholly-owned subsidiary of UNSW.

Purpose

EAA is committed to providing the highest levels of customer service. Implicit in this is the protection of personal privacy.

Policy

This policy sets out EAA's Privacy Protection Principles. These are the principles that EAA has adopted in order to protect information about individuals. These principles deal with the collection, use and disclosure of personal information, as well as access to information and intrusion issues.

It also sets out the principles that EAA will adopt when considering the introduction of new technology or services.

Much of this policy appears in the UNSW Global Privacy Policy which reflects details contained in the UNSW Privacy Management Plan.

Legislation

Educational Assessment Australia is covered by the Federal Privacy (Private Sector) Amendment Act 2000. The Act sets out privacy principles that regulate the way EAA deals with personal information.

General

Personal Information

Personal information is information that relates to an identifiable person and includes, for example, names, addresses, phone numbers, photographs, dates of birth, passport numbers, student admission or ID numbers, Medicare numbers and tax file numbers.

Identification

As a general practice, information regarding students, consultants, contractors, customers or staff is not disclosed to a third party without that individual's consent. In the case of an emergency or in exceptional circumstances such as a legal requirement, the General Manager or a delegated officer, at his or her discretion, may authorise the release of personal information.

Access to Personal Information

EAA has in place mechanisms and normal administrative practices which allow the routine handling of requests for access to information, such as statements of results or for alterations to information such as changes of address.

An individual may request access to their personal information or for their personal information to be amended so that it is accurate, complete and not misleading.

As EAA is a division of UNSW Global, the Privacy Officer at UNSW Global is the point of contact for requests for access to or alteration of, personal information under the Act.

Contact

The Privacy Officer can be contacted by:

Email: NSGPrivacy@unsw.edu.au
Telephone: (61 2) 9385 3166 between 9.00 and 5.00 Monday to Friday
Mail:
UNSW Global,
Library Concourse,
UNSW Sydney NSW 2052

Complaints

A person who has a complaint in relation to a privacy matter is entitled to request UNSW Global to carry out an internal review.

An application for an internal review must be made in writing, with a return address, to the Privacy Officer, UNSW Global, Library Concourse, UNSW Sydney NSW 2052, within 6 months of the time the applicant becomes aware of a contravention of the Privacy Policy. The applicant should identify the conduct which is the basis for the application, and be as specific as possible about the details of the grievance.

Fees

There are no fees for lodging an application but fees may be charged for the conduct of the review on the same basis as those allowed under the Freedom of Information Act 1989. Payment may be required in advance.

Review

In most cases the Privacy Officer will conduct an internal review. Another officer of UNSW Global may deal with the review if the Privacy Officer is substantially involved in the matter, or if the subject of the matter would be more appropriately dealt with by someone other than the Privacy Officer. Internal reviews will be completed as soon as is reasonably practicable and within 60 days of the application being received by the Privacy Officer. Applicants will be advised of the finding of the internal review within 14 days of completion of the internal review.

The Privacy Commissioner will be notified by the UNSW Global Privacy Officer within 14 days of receiving an application for internal review and will be kept informed of the progress of the review through an interim briefing 30 days after the internal review has commenced. A summary of findings, which may include proposed actions, will also be provided to the Commissioner within 14 days of the completion of the internal review.

Result of a Review
As a result of the internal review, UNSW Global may do one or more of the following:

Take no further action on the matter;
Make a formal apology;
Take such remedial action as it thinks appropriate;
Provide undertakings that the conduct will not occur again;
Implement administrative measures to ensure that the conduct will not occur again.

An applicant who is not satisfied with the findings of the UNSW Global review or the action taken by UNSW Global, or because the review was not completed within the 60-day period, may apply to the Administrative Decisions Tribunal for a review of the conduct which was the subject of the application.

The Privacy Commissioner

Complaints can also be made directly to the Privacy Commissioner. However, individuals are encouraged to make a complaint to UNSW Global in the first instance. This gives UNSW Global the opportunity to resolve the complaint and be made aware of matters sooner that may need to be addressed within UNSW Global.

Others

Where EAA's agents, contractors or service providers are required to refer to this document, references to 'EAA' are to be taken to include references to those agents, contractors or service providers.

Privacy Principles

Collection

EAA will only collect personal information directly from the individual and it will be reasonably necessary for the purpose it is being collected. The method of information collection will be lawful, fair and not unreasonably intrusive.

The individual will be informed as to why their personal information is being collected, what will be done with it, the consequences of not supplying it (if any) and their right of access to, and correction of, the information.

Use and Disclosure

EAA will not use personal information for any purpose (the secondary purpose) other than the primary purpose of collection, unless it could be reasonably expected to be used for the secondary purpose, the individual has consented, there is an opt out option (applies to direct marketing), it is necessary for health research, there is a threat to life or health, it is required or authorised by law, or it is reasonably necessary for law enforcement.

Data Quality

EAA will take reasonable steps to ensure personal information is accurate, complete and up-to-date.

Security

EAA will take reasonable steps to protect personal information from misuse, loss or unauthorised access, modification or disclosure. Personal Information will be disposed of securely when it is no longer of use.

Openness

EAA has a policy on handling personal information. Reasonable steps will be taken to inform people how their personal information is handled and make the information available on request.

Access and Correction

An individual has the right of access to their personal information, unless there is a threat to life or health or other people's privacy, the request is frivolous or vexatious, there are legal proceedings in train, negotiations would be prejudiced, access is unlawful, denying access is required or authorised by law, it would prejudice investigation of an unlawful activity or law enforcement or for national security reasons.

If access is denied a reason will be given.

Identifiers

A government identifier cannot be used as the organisation's identifier. For example, Medicare numbers or Tax File numbers cannot be used as an EAA identification number.

Anonymity

Where lawful and practicable, EAA will do business with people without requiring identification. For example, EAA will not require a person visiting our website to provide us with personal information, until they make a request which requires information in order to meet their request.

Trans-border data flows

EAA cannot send personal information out of the country, unless the recipient is subject to information privacy laws substantially the same, the individual consents, it is necessary to perform the contract between the individual and the organisation or reasonable steps have been taken to ensure the recipient will deal with the information in line with policies in Australia.

Sensitive Information

EAA can only collect sensitive information if the individual has consented, collection is required by law, there is a threat to life or health or in relation to legal proceedings. Sensitive information is information about an individual's racial or ethnic origin, political opinions, membership of a political associations, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.

Online Activities

While users of the EAA website are covered by the same privacy principles, EAA undertakes some additional agreements:

We destroy all identifying credit card numbers and expiry dates after the transaction has been completed.
We do not use credit card details for any other purpose. However, we do retain your name and address to ensure all transactions are processed correctly and the appropriate service is delivered. From time to time we may use the name and address to inform you of new publications or information.
EAA customers are covered by other appropriate fair trading and retail laws.

<< Back to website

EAA is a not-for-profit business unit of UNSW Global, the international education and training consultancy arm of the University of New South Wales.