UTAS statement on personal information
Information covered by this statement
You do not need to reveal personally identifiable information to access and browse certain web pages, or to use certain functionality contained on the Sites. However, using the services, functionality or features related to the provision of online courses on the Sites does require you to provide personally identifiable information such as your name and email address. You are responsible for ensuring that any personally identifiable information that you provide to UTAS is accurate and kept up to date. Providing inaccurate information may result in some services and courses being unavailable and inaccessible to you.
What you consent to by using the Sites
What information is collected
Personally identifiable information (i.e. information that can identify you) is collected by UTAS when you register for a user account, participate in online courses, discussion lists and forums through the Sites, and when you communicate with course instructors or UTAS. Personally identifiable information about your performance in an online course may also be collected in aggregate form and at the individual participant level.
UTAS may track, collect and aggregate non-personal information (i.e. information that cannot identify you) such as pages that have been visited, when they were visited, the order in which they were visited, and which hyperlinks or other functionalities have been used on the Sites. UTAS may log the IP address, operating system, browser software and device type used by users of the Sites, and, from an IP address, UTAS may be able to determine a user’s internet service provider and the geographic location of that user’s point of connectivity. Information is also collected or may be collected through cookies and other typical web analytical tools and methods. Cookies are small data files that store information about a User's visit to a website. When you browse the Sites in the future, the data stored in the cookie can be retrieved by the Sites allowing for an improved and more personalised experience on the Sites. Most web browsers allow you to control how and whether cookies are accepted by that web browser. Instructions on how to reset a web browser so that cookies are rejected are usually found in the “Help” section of that web browser’s toolbar. Please understand that if you reject cookies from the Sites, many of the functions and conveniences of the Sites may not work properly.
How information is used and shared
Non-personal information is used in aggregate form to gain a better understanding of the educational needs of users and to improve services through analyses of the demographics and learning behaviours of online course participants and site users.
Personally identifiable information may be used to respond to your questions, provide you with courses and/ or services through the Sites, and as further provided in this Privacy Statement. In particular, your personally identifiable information may be used and disclosed as described below.
Communications with UTAS and course officials
When you contact UTAS and/ or the online course instructors, they may use the information provided by you to respond to your communication and/ or as described in this Privacy Statement.
Providing services to you
Personally Identifiable Information such as your email address and name will be used to provide you with a user account allowing you to participate in online courses, discussion lists and forums, and otherwise to administer online courses and related services to you.
Online Course Participation
Personally identifiable information that is collected from you will be used to process and manage your participation in online courses through the Sites, including without limitation, tracking your attendance, progress and stages of course completion, and to administer online course assessments such as assignments, quizzes, tests and exams. To the extent required to manage your participation in an online course, your personally identifiable information may be shared with course instructors and other persons who are designated by the course instructors to develop, edit, review or modify the course and/ or its content.
Forums and Discussion Lists
Forum posts by you containing personally identifiable information may be used to facilitate your continued use of the online course forums and may be reposted in future course offerings for reasons including without limitation as an exemplar in future courses or as feedback for marketing. Where a posting by you is reposted it will be de-identified unless consent is given by you to include your identifiable information (e.g. your username or name)
Postings (i.e. submissions made through the Sites) by you of information such as comments, coursework and other content which contain personally identifiable information will be shared with other course participants and users of the Sites where it is posted or communicated to a course forum, discussion list, or other portion of the Sites designed for public communications to other course participants or users of the Sites.
Personally identifiable information such as your email address may be used to send you updates about site maintenance, online course information and other services, products and events of UTAS, its affiliates and/or licensors.
Registration on the Thinkific Site
As a general rule, Thinkific will not give your data to third parties for direct marketing purposes without your permission. However, there are some important exceptions to this rule. You should check the Thinkific Privacy Statement for the full details of what information is collected by Thinkific and how it may be shared.
Links to external websites and services
The Sites may contain hyperlinks to websites and services that are not owned or operated by UTAS (“Third Party Sites”). No personally identifiable information from the Sites is disclosed by UTAS to Third Party Sites except as provided in this Privacy Statement. You acknowledge and agree that UTAS and the instructors of the online courses provided through the Sites are in no way responsible for the collection and use of your information by Third Party Sites. Please review the privacy policies of each Third Party Site before you use them and understand that if you use them it is at your own risk.
Changes to this Privacy Statement
You may contact UTAS in relation to any of your personal information collected when using UTAS websites by sending an email to firstname.lastname@example.org.
21 October 2016
Responsible Officer: General Counsel
Approved by: Vice-Chancellor
Approved and commenced: December, 2014
Review by: December, 2017
Relevant Legislation, Ordinance, Rule and/or Governance Level Principle: Personal Information Protection Act 2004 (Tas) Privacy Act 1988 (Cth) Archives Act 1983 (Tas) Right to Information Act 2009 (Tas)
Responsible Organisational Unit: Legal Services
The objective of this policy is to:
outline the University’s privacy obligations;
inform individuals of the manner in which the University collects, uses and discloses personal information.
This policy applies to all University staff, business units, divisions, faculties and entities.
3. Policy Statement
The University is required to comply with the provisions of the Tasmanian Personal Information Protection Act (2004). In addition the provisions of the Commonwealth Privacy Act (1988) may apply:
where the University agrees to comply with that Act in a contract; or
to University owned companies.
4. Policy Provisions
4.1 Collection of Personal Information from an individual
4.1.1 The University collects Personal Information from staff, students and members of the public.
4.1.2 The University will collect Personal Information by lawful means.
4.1.3 The University will only collect Personal Information that is necessary for one or more of its functions or activities.
4.1.4 When collecting Personal Information, or as soon as possible afterwards, the University will provide the individual with a Privacy Statement. The Privacy Statement will outline the following:
a. That the University is collecting the Personal Information;
b. The individual’s rights to access the Personal Information;
c. The purpose of collecting the Personal Information;
d. Who will have access to the Personal Information;
e. Whether the University is disclosing the Personal Information to third parties;
f. The main consequences if all or part of the Personal Information is not provided;
g. Which division of the University to contact for information about the collection, use and disclosure of Personal Information; and
h. Any law that requires the University to collect the Personal Information.
4.2 Collection of Personal Information from a third party
If the University collects Personal Information about an individual from a third party it will take reasonable steps to ensure that the individual is made aware of the matters outlined in paragraph 4.1.4.
4.3 Use of Personal Information
The University will only use the Personal Information it collects for the purpose for which it was collected unless:
* the University obtains the consent of the individual to use the Personal Information for another purpose; or
* the University is permitted to use the Personal Information for another purpose under the Privacy Laws.
4.4 Disclosure of Personal Information
4.4.1 The University will disclose Personal Information to staff members who require that information for the performance of their duties.
4.4.2 The University will disclose Personal Information in accordance with the purpose for which it was collected.
4.4.3 The University will only disclose Personal Information to third parties with the consent of the individual unless:
* the disclosure is permitted or required by law; or
* the disclosure is necessary to lessen or prevent a serious risk to health safety or welfare of an individual.
4.4.4 Where the University is disclosing personal information to a third party, the University will enter into an agreement that binds the third party to the provisions of the Personal Information Protection Act 2004.
4.5 Data Quality
The University will take reasonable steps to ensure that it keeps Personal Information it holds, up to date, accurate and complete.
4.6 Data Security
The University will take reasonable steps to protect personal information from misuse, loss, disclosure and unauthorised access. The University will only dispose of Personal Information in accordance with the disposal schedules maintained under the Archives Act 1983 (Tas).
4.7 Access and Correction
4.7.1 An individual may make a request to access to their Personal Information. At first instance the request should be made to the relevant faculty or business unit. If access is refused, the individual may make an application for access to information under the Right to Information Act 2009 (Tas).
4.7.2 If the Personal Information held by the University is inaccurate, incomplete of misleading, the individual may request that it be updated or corrected. If the University decides not to make the requested amendment, it will notify the individual of that decision in writing within 20 working days of the request being made.
4.8 Unique Identifiers
The University assigns staff and students an identification number in order to carry out its functions efficiently. The University will not permit a third party to adopt or use a University assigned unique identifier for another purpose.
4.9 Disclosure outside Tasmania
The University may transfer personal information interstate or overseas where it is necessary for the operation of the University. Where the University transfers personal information outside Tasmania, it will comply with the requirements of the Privacy Laws and will ensure that the recipient is within a jurisdiction that has Privacy Laws comparable to Tasmania.
4.10 Sensitive Information and Health Information
The University will not collect Sensitive Information or Health Information unless the individual has consented or the collection is required or permitted by law.
Collection: Is the act of gathering, acquiring or obtaining Personal Information from any source, including third parties, by any means.
Health Information: Is defined in the Act as Personal Information or an opinion about the physical, mental or psychological health, a disability, an individual’s future wishes relating to the provision of health services, other information collected to provide or in providing a health service and genetic information.
Any information or opinion given orally or in any recorded format about an individual:
- whose identity is apparent or is reasonably ascertainable from the information or opinion;
- who is alive or has not been dead for more than 25 years.
Personal Information Custodian: Is defined in the Act to include the University of Tasmania.
Privacy Laws: Includes the Personal Information Protection Act 2004 (Tas) and the Privacy Act 1988 (Cth).
Privacy Statement: Is a Statement provided to an individual that outlines the purpose of collecting the information and the intended use and disclosure of the Personal Information.
Sensitive information: Is a particular type of Personal Information. Its full definition can be found in the Act. It includes information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual preference and criminal record, as well as information such as counselling and disability information.
The Act: The Personal Information Protection Act 2004 (Tas).
Unique Identifier: Means anything assigned by the University to identify an individual for its operations, other than a name or ABN. For the purposes of the University it includes student and staff ID numbers.
HOW WE PROTECT YOUR PRIVACY
We do not knowingly provide services or sell products to children. If you are below the age of 18, you may use our website only with the permission and active involvement of a parent or legal guardian. If you are a minor, please do not provide us or other website visitors with any personal information and do not use this website. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at email@example.com.
POLICY IS PART OF OUR TERMS AND CONDITIONS OF USE
THE TYPE OF INFORMATION WE COLLECT FROM YOU
Like most places on the Internet, simply by visiting our website you automatically tell us certain information. This includes basic information such as your IP address, when you visited, the website from where you came prior to visiting us, the website where you go when you leave our website, your computer’s operating system, location data, and the type of web browser that you are using. Our website automatically records this basic information about you.
We may also collect any data that you provide us by posting it at our website or by e-mail, including information by which you might be personally identified such as name, postal address, e-mail address, and telephone number, and/or any other contact or personally identifiable information.
Registered Accounts / Application Users. If you have a registered account and are a user of applications provided by us, you may voluntarily provide, and we may collect and store, additional information related to the registered account, including but not limited to: your email address, name and contact information, any API key provided by you or images you choose to upload.
You can always choose not to provide us with information. However, if you do withhold information, you may not be able to make use of some or all of our website’s services and features.
Some transactions between you and our website may involve payment by credit card, debit card, checks, money orders, and/or third party online payment services. In such transactions, we will collect information related to the transaction as part of the course of doing business with you, including your billing address, telephone number, and other information related to the transaction.
We may also obtain information from third parties, for example, our business partners, third-party suppliers, and customers.
Students and subscribers to your courses. If you offer courses publicly or otherwise and any person registers for a course or account or are a user of applications provided by us by by you through the Thinkific platform (“learners”), they may voluntarily provide, and we may collect and store, additional information related to the learner, such as: their email, activities within the Thinkific platform and within your courses and any additional information they choose to provide.
Some transactions between learners and our website or your courses or school may involve payment by credit card, debit card, checks, money orders, and/or third party online payment services. In such transactions, we will collect information related to the transaction as part of the course of doing business with you, including a billing address, telephone number, and other information related to the transaction.
We may also obtain information from third parties, for example, our business partners, third-party suppliers, and customers.
WHAT WE DO WITH YOUR INFORMATION
We use your information to operate our business activities. For example, we may use this data to contact you about changes to our website, new services, or special offers, provide you with notices about your account, resolve disputes, troubleshoot issues, enforce our website’s terms and conditions, to carry out our obligations and enforce our rights arising from contracts entered into between you and us, to protect our business interests and the interests and rights of third parties, and to fulfill any other purpose for which you provide data.
As a general rule, we will not give your data to third parties for direct marketing purposes without your permission. However, there are some important exceptions to this rule that are described in the following paragraphs and the paragraphs above.
We may, in our sole discretion, provide information about you to comply with a court order, law or legal process, to law enforcement or other government officials for purposes of fraud investigations, alleged intellectual property infringement, or any other suspected illegal activity or matters that may expose us to legal liability or infringe on our rights or the rights of third parties.
We may provide information about you to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us about our website users is among the assets transferred.
We may disclose aggregate data about our website’s visitors to advertisers or other third parties.
From time to time, we may use third party suppliers to provide services on our website. If a supplier wants to collect information about you through this website, you will be notified. We restrict the way third party suppliers can use your information.
We will share information with third parties to fulfill the explicit purpose for which you provide it. For example, we will post information that you enter into our blog’s comment system to our blog; share information where you give consent; and use information for the purpose that is disclosed by us when you provide the information; we share information with third parties who assist us in operating our business; for example if we use an email-service-provider, we may provide your email to such vendor to assist us in sending email communications.
USER NAMES AND PASSWORDS
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a username and password for access to certain parts of our website, you are responsible for keeping the username and password confidential. Do not give your password to anyone. If you enter a section of our website that requires a password, you should log out when you leave. As a safety precaution, you should also close out of your web browser completely and re-open it before viewing other parts of the Internet.
ACCESSING AND CORRECTING YOUR INFORMATION
If you have a customer account with us, you can review and change your personal information by logging into the website and visiting your account profile page. You may also send us an e-mail at firstname.lastname@example.org to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
YOUR VOLUNTARY DISCLOSURE OF INFORMATION TO THIRD PARTIES WHO ARE NOT OUR SUPPLIERS
You may choose to provide personal information to website visitors or other third parties who are not our suppliers. Please use caution when doing so. The privacy policies and customs of these third parties determine what is done with your information.
We may use autoresponders to communicate with you by e-mail. To protect your privacy, we use a verified opt-in system for such communications and you can always opt-out of such communications using the links contained in each autoresponder message. If you have difficulties opting out, you may contact us by sending an e-mail to email@example.com, or sending us mail to the address listed below.
DO NOT TRACK
This website does not monitor for or behave differently if your computer transmits a “do not track” or similar beacon or message.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website, including the illegal acts of third parties (such as criminal hacking).
If you are concerned about the topic covered by this policy, you should read it each time before you use our website. Any questions or concerns about this policy should be brought to our attention by sending an e-mail to firstname.lastname@example.org, or one of the methods provided under Contact Information, and providing us with information relating to your concern.
Thinkific Labs Inc.
#110 – 328 W Hastings St.