Privacy Policy

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act) made many significant changes to the Privacy Act 1988 (Privacy Act). These changes commenced on 12 March 2014.

The Privacy Regulation 2013, made under the Privacy Act, also commenced on 12 March 2014.

The Privacy Act regulates the way in which organisations collect, use, disclose, keep secure and allow people access to their personal information. Stirling affirms the 13 Australian Privacy Principles (APP’s) from schedule 1 of the Act and will respect the dignity and privacy of all individuals with whom it is engaged.

This policy sets out two commitments to protect the personal and sensitive information that Stirling collects from students, staff, volunteers and donors and uses in order to carry out its educational and employment functions and activities. It also sets out some definitions and procedures to explain what these commitments mean in practice.

The two commitments are:

Stirling will not use or disclose any information collected about you for any purpose other than that for which you provided the information in the first place.
Your personal or sensitive information will not be given, sold or in any way transmitted to anybody (in Australia or overseas) who does not need it for the purpose for which you provided the information in the first place.
Here are some definitions and procedures.

1. Definitions of personal and sensitive information

1.1 Personal information relates to a living human being (a company is not a living human being, even though it may be recognised as a legal ‘person’ under the law). It is defined as information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion (e.g. name, address, e-mail address, telephone number, image, story, file notes). It includes all personal information, regardless of its source.

1.2 Sensitive information is a subset of personal information. It includes information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, sexual preferences or practices, criminal record, or health information. Stirling does collect some information of a sensitive nature; in particular Stirling records the religious affiliations of its students for statistical purposes and it collects other sensitive information about candidates for endorsed ministry with Churches of Christ.

2. Privacy awareness, openness and transparency

2.1 Stirling aims to foster a culture of respect for privacy and confidentiality and shall include a privacy and confidentiality module in all staff and volunteer induction programs

2.2 A Privacy Statement shall be posted on the Stirling web site and shall also be available in hard copy to any individual who requests it. Stirling reserves the right to charge a minimal fee for providing the Privacy Statement in hard copy.

2.3 On request, Stirling shall advise in a general manner, what sorts of personal information it holds, for what purposes, and how it collects, uses, displays and discloses that information.

3. Collection

3.1 Stirling will collect only that information necessary for the primary purpose of providing theological education to its students. Such information will be collected in a lawful and non-obtrusive way and will generally comprise:

• Name and contact details (including phone, fax and email).
• Tax file number for the purpose of administering the federal government’s education loan scheme (FeeHelp).
• Date of birth, nationality, residency status (for reporting to the Department of Education, Employment and Workplace Relations).
• Statistical information required from time to time by the Department of Education, Employment and Workplace Relations.
• Whether or not a student has a disability.
• Bank account details where direct payment or direct debit has been an agreed transaction.
• Credit and/or debit card details where payment is made for services via this facility.

3.2 Stirling will collect only that information necessary for the purpose of providing appropriate employment conditions to its employees. Such information will be collected in a lawful and non-obtrusive way and will generally comprise:

• Name and contact details (including phone, fax and email).
• Bank account details where direct payment or direct debit has been an agreed transaction.
• Tax file numbers where the individual is employed by Stirling for any purpose and for any length of time.

3.3 Stirling will collect only that information necessary for the purpose of receipting, taxation reporting and appropriate recording of donations received from individuals, churches, companies and other agencies. Such information will be collected in a lawful and non-obtrusive way and will generally comprise:

• Name and contact details.
• Bank account details where direct payment or direct debit has been an agreed transaction.
• Specified advice on distribution of funds

3.4 Stirling may also collect sensitive information for specific purposes (such as student surveys), but only with the consent (explicit or implicit) of the individual concerned.

3.5 Stirling shall only collect personal information by fair and lawful means and not in an unreasonably intrusive way.

3.6 At the time of, or as soon as practicable after, collecting information (whether through an employee, volunteer, consultant or agency) from an individual, Stirling shall ensure that the individual is aware of:

• Stirling’s identity and how to contact the organisation.
• their right to gain access to their information as recorded by Stirling.
• the purposes for which the information is collected.
• the organisations to which Stirling may disclose such information (e.g. University of Divinity).
• any legal obligations that require the individual to provide, or Stirling to collect, personal information (e.g. for AUSTUDY, FeeHelp or taxation purposes).
• the consequences, if any, if all or part of the information is not provided.

3.7 Apart from any legal requirements to disclose information, Stirling shall only disclose personal information to third parties that are prepared, by formal agreement, to provide surety that they are compliant with the APPs.

4. Use and Disclosure

4.1 Stirling will use and disclose personal information about an individual only for the purpose for which it is collected, unless consent has been obtained to use the information for additional purposes. Exceptions to this include where disclosure is:

• required by law
• reasonably necessary to assist a law enforcement agency
• required by affiliated agencies for the purpose of issuing academic statements
• handling mailed correspondence
• required by auditors, legal advisers, consultants or other agencies administering the academic records in the interest of the students.
• Stirling shall take reasonable steps to protect the personal information it holds from misuse, loss and unauthorised access, modification or disclosure.

Accordingly, Stirling shall ensure that:

• privacy and confidentiality training is provided to all staff
• access to information and information systems by all staff and volunteers is limited to that required by their current position or role
• all staff and volunteers adhere to the practice of securing paper records containing personal information at the end of each day or whilst their desks are unattended
• electronic information systems are protected by adequate security measures and protocols
• physical information and storage facilities are protected by adequate security measures and protocols.

4.2 Stirling shall take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed.

5. Personal Information Quality

5.1 Stirling will aim to ensure that all personal information received is kept accurately, completely and up to date. Staff, students, volunteers and donors will have access to their personal information at any time, be provided with appropriate procedures to alter that information when changed circumstances invalidate the data. Staff and students will have access to processes whereby perceived inaccuracies in personal records may be formally challenged.

5.2 If the individual and Stirling disagree about whether the information is accurate, complete and up-to-date, the matter shall be referred to the designated Privacy Officer for investigation and mediation. In cases where Stirling elects not to amend the information, the Privacy Officer shall provide reasons for not amending that information. If the information is amended, reasonable steps will be taken to inform relevant parties of the amendments.

5.3 Should an individual be dissatisfied with the decision of the Privacy Officer, he or she may lodge a complaint with the Australian Information Commissioner.

6. Result of an interference with privacy

6.1. If an individual believes that Stirling has interfered with their privacy they can complain to the Grievances Officer (ask the Principal or Registrar for information), who shall investigate and mediate a resolution.

6.2. If the individual and Stirling cannot resolve the complaint between themselves, the individual can complain to the Australian Information Commissioner, who may conciliate the complaint. As a last resort, the Commissioner can make a formal determination enforceable by the Federal Court.

6.3. The Commissioner may also investigate an act or practice that may be a breach of privacy even if there is no complaint.

7. Availability: A general privacy statement will be made available to all persons associated with the Stirling Theological College.

This will be effected by placing the policy on the Stirling web site. The policy statement publication should be readily available to all enrolled students as soon as possible after enrolment; all staff and volunteers as soon as possible after employment or recruitment, and all donors.