The Australian Institute of the Certification of Inspection Personnel (AICIP) is bound to the Australian Privacy Principles (APPs) and the conditions protecting your personal information as set out in the Privacy Act 1988 and amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012. This Privacy Policy Statement (PPS) provides only a snapshot of how AICIP implements and observes the APPs. References in this PPS to ‘you’ are references to the individual reading it or submitting personal information to us. References to AICIP include each of our related parties in context. The small citations next to the relevant paragraphs headed ‘APP’ refer to the APP in the amended Act.
Summary of Policy Principles
This summary sets out the basic tenets of our protection principles which we employ across our businesses. To assist in understanding how our Policy works for you, this summary includes both specific membership issues as well as those applicable to visitors to and users of our website; invigilators; examiners; candidates; regulators; and other stakeholders. In all cases, you should refer to the Privacy Policy 2017 for express terms and conditions.
The APPs
APP 1 – Open and transparent management of PI
Our Privacy Policy, meets the new requirements of the amending Act and provides some information on forecasted amendments for 2018.
APP 2 – Anonymity and pseudonymity
If you want to communicate with us on a particular matter you may ask to remain anonymous or use a pseudonym provided that if we are collecting your personal information like your real name because we:
- need to verify membership with AICIP and your authority to act;
- need it to properly provide whatever service or advice you are seeking from us and it is impracticable for us to do that using a pseudonym or anonymity;
- to verify or assist you with passwords or other security matters or other technical services; or
- we are required or authorised by law or a court or tribunal to identify you.
APP 3 – Collecting solicited PI
For our membership, we are contractually committed to protect your confidentiality and we implement a number of governance measures to help protect your privacy when dealing with us. For that reason, we need to know that the information or advice we provide is going to the right person. Accordingly, it will be only in isolated cases (e.g. when we are doing industry wide surveys) that your personal information can be obscured by anonymity or pseudonymity.
AICIP only collect the personal information that we need to do what you want us to do (subject to any lawful requirements that compel us to collect more).
We collect the personal information that is reasonably necessary for us to efficiently professionally and relevantly provide you with our services and to give you the ease of access and opportunities to use other services we may have available from time to time.
We will only collect your personal information directly from you.
In that case notifying us of the changes you require you can use the form provided or make the changes through your login.
APP 4 – Unsolicited PI
Sometimes we receive personal information that we have not asked for directly from the individual (unsolicited). When that happens, we will determine whether that information could have been collected directly by us. If we could not have collected it directly, and the information is not part of a record (e.g. a document or record held by a government agency), then we are required to destroy it or de-identify it as soon as practicable (provided that would be lawful and reasonable to do in the circumstances).
APP 5 – Collection notices
However, if we determine that it was reasonable to have collected it directly then we will give you a notice or take steps to make you aware that we have so received it (sometimes called ‘collection notice’) and in particular:
- Who we are and how you can contact us
- If it is likely that you are not aware we have your personal information, the circumstances by which we came to collect it, and what that personal information is comprised of
- If the collection was a requirement or authorised by law, then we will identify the law and the circumstances which gave rise to us collecting it
- The purposes for which we collected and use it
- The consequences (if any) for you if we do not collect it
- Who we usually would disclose that information to and why
- How you can access it for verification alteration or removal and how and to whom you can complain if you are unhappy with the way we have handled your personal information.
In addition, we have to tell you if it is likely that this information will be disclosed to an overseas recipient, and if so which countries may be involved if that is practicable or at least make you aware of the fact.
APP 6 – Hold, Use, Disclose, and Purpose
If we hold your personal information for a particular purpose this is the primary purpose and we cannot use it for any other reason (a secondary purpose) unless:
- you have consented to that use or disclosure; or
- you would have reasonably expected it to be used for that secondary purpose.
We will always try and get your consent wherever practicable. We also try not to deal in sensitive information unless it’s necessary for the service we provide or we are compelled to do so for legal reasons. If we do have to collect your sensitive information then your written informed consent will be obtained before it’s disclosed.
If we collect personal information from one of our related parties or they collect it from us, then the primary purpose of the collector is considered to be the primary purpose for the related party. In this respect, as outlined in this summary and more fully in the Policy.
However, we cannot share your personal information with related parties if the purpose involves direct marketing unless you have requested or consented to it.
APP 7 – Direct Marketing
It is important that you be aware that the Act and particularly the APPs prohibit the use or disclosure of personal information for the purpose of direct marketing unless:
We have collected the data directly from you and you would reasonably expect us to use or disclose it for that purpose. In that case we will always provide you with an easy way of requesting us not to bother you again with any marketing material. This is in the form of a telephone call, an email, provided we can verify the caller. We will immediately take steps to remove you from marketing communications; or
We collected it from you (but you would never reasonably expect to receive marketing material from us or for your data to be disclosed for that purpose); or
We collected it from someone else; and
In either case you have consented to the use or disclosure or it’s impracticable to get your consent.
(In either of these instances we will offer you the same easy means of removing yourself from that marketing list and we will include a prominent statement in every such communication that you can request to be so removed.).
In all cases where we use or disclose personal information (whether for membership or otherwise) for the purposes of our own direct marketing or to facilitate another organisation’s direct marketing, you can always request that you be removed from the marketing list and or ask us not to disclose your data to the other organisation(s) for that purpose and also require us to tell you where we got the information from. There is no charge for you to action this right.
(Note that the Spam Act and the Do Not Call Register Act both continue to apply regardless of the APPs.)
APP 9 – Government identifiers
AICIP does not use government identifiers (e.g. Medicare numbers, Tax File Numbers, etc) for the purpose of identification of individuals.
APP 10 – Quality of PI held
APP 11 – Security
APP 12 – Access
APP 13 – Correction
We use strict protocols to guard the integrity and quality of and access to the personal information we collect or hold. We review our service providers’ contracts to ensure as far as practicable that they have implemented the security measures appropriate to reasonably protect us and you from misuse, interference and loss and particularly from unauthorised access amendment or disclosure. In particular, credit card and financial information is held under strict security until able to be deleted or destroyed: unless you tell us to do so, we do not retain such information for future transactions.
We have implemented procedures that facilitate the destruction or de-identification of personal information when it is no longer necessary for the purposes for which it was collected (unless it is needed for legal reasons).
Accessing your personal information for verification amendment or removal can be effected in any of the ways mentioned above including emailing the AICIP Administration; calling our office, or through the Contact Us form on the website. Quality assurance, security and risk management are all continuously being monitored and enhanced or improved as technology and regulation change.
There is no charge for this service and we promise to action your request as promptly as possible (subject only to the usual qualifications like legal compulsion or compliance obligations).
PART 111C – Notifiable breaches
This new Part 111C of the Act deals with notifiable breaches of the Act. AICIP has already instigated some internal controls and processes to address the identification and notification rules that will apply to us as an entity subject to the Act. While specific guidelines have yet to issue in respect of compliance with this Part 111C, the intention is for AICIP to ensure that in both cases where it controls the PI and where the control is vested in a third party (e.g. servers or data storage are based overseas) eligible data breaches are promptly managed in accordance with following general requirements of the Act:
- ‘eligible data breaches’ will be notified to the Information Commissioner and to relevant individuals in connection with the PI affected.
- notification is mandatory where serious harm to any of the individuals is likely. The threshold tests which trigger the notice obligations are based on an objective test of what a reasonable person would conclude.
- An ‘eligible data breach’ occurs when, in respect of personal information, the following conditions are satisfied:
- there is unauthorised access to, or unauthorised disclosure of, the information, or where the information is lost, unauthorised access to, or unauthorised disclosure of, the information, is likely to occur; and
- a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to which the information relates (in the case of lost information assuming that unauthorised access or unauthorised disclosure were to occur).
- There are some important exceptions to notification:
- where remediation is taken that has reduced the risk of serious harm.
- Where legal enforcement obligations or secrecy provisions apply
- If a notifiable breach occurs which is not subject to an exception or exemption, then we must issue the notification of breach to the individuals affected. Where the actual identity of a single individual is not the issue (i.e. where a group of individuals or a class of persons may have been subject to a breach) then the statement will be published on our website and in any other format required by the OAIC without identifying the individuals themselves.