University of New England Privacy Statement

UNE Policy

 

UNE Policy The University will collect personal information, manage and use it, and disclose it in a way that complies with relevant legislation. The NSW State Information Protection Principles*(1) and the National Privacy Principles*(2) will underpin all aspects the University's dealings with personal information. This policy shall apply to the University, its controlled entities and its affiliated bodies*(3).

The following statements are intended to communicate simply and clearly the University's intentions; a more comprehensive statement is found in the UNE Privacy Management Plan.

In collecting personal information the University will:

  • only collect information for lawful purposes related to its function;
  • only collect the information that is necessary and by lawful means;
  • where possible only collect personal information that is provided by the individual to whom the information relates, collecting in a way that is not personally intrusive;
  • where information is provided by someone else, ensure that collection has been authorised by the individual concerned, or by someone who is legally authorised to provide it on their behalf; and
  • notify the individual concerned that personal information is being collected, either at the time of collection or as soon as practicable afterwards.

The University will declare to individuals from whom information is collected:

  • the purpose for collecting the personal information;
  • whether or not the collection is voluntary and any consequences for not providing it;
  • how the information is to be held and the intended recipients;
  • the name and address of any agency used to collect information on the University’s behalf; and
  • how individuals can obtain access to their information, check it for accuracy and completeness, and make application to correct it.

The University will manage personal information responsibly by:

  • taking reasonable steps to ensure that personal information held is relevant to the purpose for which it was collected, accurate, up to date and not misleading;
  • retaining personal information for no longer than necessary; then disposing of it securely in accordance with approved methods;
  • protecting it from loss or unauthorised access, use, disclosure, or misuse; and from unauthorised modification;
  • taking reasonable steps to prevent its disclosure without authorisation by external service providers; and
  • only disclosing personal information outside the University or its affiliated bodies where:
    • its disclosure has been consented to by the individual to whom it relates; or
    • its disclosure is required by law and requested in an authorised written form; or
    • it is reasonably believed to be necessary to prevent or lessen a serious threat to life or health of any person.

*(1) In the Privacy and Personal Information Protection Act 1998 (NSW)
*(2) In the Privacy Act 1988 (Commonwealth) as amended in the Privacy Amendment (Private Sector) Act 2000
*(3) Controlled entities and affiliated bodies are listed in the UNE Privacy Management Plan

Approved by the Vice Chancellor on the 28th November 2001

D01/1473