Privacy Policy

Personal Information

1. Purpose

The purpose of this policy is to:

  • ensure that employees, contractors and volunteers of JCTS understand their obligations under applicable legislation when dealing with Personal Information;
  • enable those who interact with JCTS to understand what types of Personal Information we collect, and what we do with such information in performing our functions and to comply with our privacy obligations; and
  • set out JCTS’s obligations in relation to responding to complaints about potential privacy breaches.

JCTS is committed to protecting the privacy of the Personal Information we collect and receive. We have a strong commitment to maintaining the security and integrity of Personal Information within our care.

JCTS takes active steps to comply with applicable legislative obligations relevant to privacy.

2. Application

This policy applies to all employees, contractors and volunteers of JCTS and any member of the public who provides information.

3. Types of Information held by JCTS

JCTS will hold a variety of types of Personal Information about its stakeholders, employees, contractors, volunteers and interested parties. Information which JCTS may routinely gather as part of its normal operations includes for example:

  • People’s names, addresses, birthdates and gender;
  • Contact details including email addresses and phone numbers
  • Areas of specific interest and memberships;
  • Employee salaries, super contributions, personnel records and performance information;
  • Business prices, quotes, invoices and contracts

3.1 Personal Information

Personal Information is information or an opinion whether true or not, about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.

For example, a person’s home address or their telephone number, will be Personal Information.

3.2 Sensitive Information

Sensitive Information is a type of Personal Information. Sensitive Information includes health and genetic information and information about racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record and some types of biometric information.

For example, a person’s self-identification as Aboriginal and or/Torres Strait Islander, or a person’s status as an atheist or a person’s conviction for theft will all be Sensitive Information.

3.3 Health Information

Health Information is a type of Sensitive Information. Health Information includes health and genetic information about a person.

For example, an employee’s medical certificate for a day of sick leave, or a record of a person suffering a workplace injury will be Health Information.

4. The Purposes for which JCTS collects, holds, uses and discloses Personal Information

JCTS collects, holds, uses and discloses Personal Information as a result of carrying out its normal operations consistent with the purposes and functions under its Constitution as reasonably necessary. These purposes and functions include for example:

  • operational functions related to the services provided to members such as admission, administration, disciplinary functions and technical support;
  • matters related to collegiality such as participation in peer groups, specific interest networks, events and activities;
  • purposes described in the Objects of the JCTS in Clause 2 of the Constitution;
  • JCTS governance such as board secretariat, compliance, audit and policy; and
  • business as usual corporate functions such as finance, contracting, media and communications, marketing campaigns, publications, research, innovation, events management, IT, advisory functions, website maintenance and improvement and advocacy.

5. The Kind of Personal Information we Collect and Hold

The kind of Personal Information we collect and hold about individuals depends on the circumstances of collection and the nature of the dealings with JCTS.

For example, if a person:

  • is an JCTS subscriber, we collect information including name, address, contact number, gender, date of birth, address, email address and other information related to their interest with JCTS;
  • registers for a JCTS workshop or program, we collect demographics, current employer information, training to date, and other information relevant to administration of the program;
  • works for the JCTS, we collect contracting details including your Australian Business Number, tax file number and superannuation details where relevant and other information related to your engagement;
  • applies for a job with JCTS, we collect the information included in an application for employment, including a cover letter, resume, contact details and referee reports; or
  • is a member of the general public who contacts the JCTS who elects not to rely on anonymity or pseudonymity, we may collect contact address details, usually including but not limited to email addresses and phone numbers and details about the reason for the contact. If a website visitor fills out a form, then other details may also be collected depending on the form.

In all cases where we collect Personal Information, we seek to keep it updated and accurate.

5.1 Sensitive Information

The JCTS’s policy is only to collect Sensitive Information where it is reasonably necessary for our functions or activities and either:

  • the individual has consented; or
  • we are required or authorised by or under law to do so.

For example, we may collect:

  • information about an individual’s membership of other professional associations;
  • information about dietary requirements or mobility needs when we conduct examinations or events such as conferences and seminars.

6. How we Collect and Hold Personal Information

6.1 Methods of collection

JCTS only collects Personal Information by lawful and fair means. If it is reasonable and practicable, we will collect Personal Information we require directly from the individual.

JCTS collects Personal Information in a number of standard ways, including:

  • by email or other electronic means such as websites, cookies, mobile applications or other electronic systems;
  • over the telephone including recordings;
  • through written correspondence including letters, faxes, hard copy emails, applications, registration and other forms, examinations, and surveys;
    in person;
  • through surveillance cameras in our premises;
  • from third parties, including:
    • Regional Training Organisations and other educational providers and contractors that assist us in running our educational programs (including organising and conducting assessments);
    • Past and current employers, medical educators and supervisors;
    • Australian Government Authorities such as the Commonwealth Department of Health, Medicare, ASIC and the ATO;
    • Professional associations such as the Medical Board of Australia (MBA);
    • insurers in relation to professional indemnity insurance;
    • public sources, such as telephone directories, membership lists of business, professional and trade associations, public websites, ASIC searches, bankruptcy searches and searches of court registries;
    • indirectly, through social media sites like Facebook, LinkedIn, Google and others (to whom you have provided consent).

6.2 Collection notices

Where JCTS collects Personal Information directly from an individual, JCTS’s policy is to take reasonable steps to notify them, including:

  • our identity and how to contact us;
  • the purposes for which we are collecting the information;
  • whether the collection is required or authorised by law or a court or tribunal order;
  • the third parties (or types of third parties) to whom we would normally disclose information of that kind;
  • whether any information will be held or accessed overseas and, if practicable to specify, the countries; and
  • the fact that this Privacy Policy contains information about how to access and correct Personal Information and make privacy complaints (and how we will deal with those complaints).

We do this at or before the time of collection, or as soon as practicable afterwards.
JCTS will generally include these matters in a collection notice. For example, where Personal Information is collected on a paper or website form, we will generally include a collection notice, or a clear link to it, on the form.

Collection notices may provide more specific information than this Privacy Policy in relation to particular collection of Personal Information. The terms of this Privacy Policy are subject to any specific provisions contained in collection notices and in the terms and conditions of particular offers, products and services. We encourage you to read those provisions carefully.

Where JCTS collects information about an individual from a third party, our policy is to take reasonable steps to make sure that the individual is made aware of the collection details listed above and, if unaware that that we have collected the information, of the fact and circumstances of the collection.

6.3 Unsolicited Personal Information

Unsolicited Personal Information is Personal Information JCTS receives that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement).

Unless the unsolicited Personal Information is reasonably necessary for one or more of our functions or activities, JCTS’s approach is to destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

7. Use and Disclosure of Personal Information

7.1 Use of Personal Information

Personal Information is kept until we are no longer legally obliged to keep it, or when the need for the Personal Information has passed (at which point it will be destroyed, deleted or de-identified). Our purpose for collecting Personal Information will to a degree depend on the interaction with us.

Personal Information may be collected to respond to enquiries or comply with other legal obligations.

Other than in limited circumstances that are prescribed by law, we will not use an individual’s Personal Information without consent. Permitted exceptions, include where we are legally required to disclose, or to protect the personal safety of any individual or the public.

7.2 Use of Website Information

We routinely collect Personal Information and other information from visitors to our website through the use of cookies, identifiers for mobile devices and other electronic means. This information is used to improve website functionality, provide better services to members and the public and to inform marketing campaigns related to our core functions described in clause 4. The JCTS website utilises Google Analytics which stores the JCTS identifier for authenticated users along with JCTS website addresses visited where a website visitor has consented to their information being collected due to their having an existing google account. Upon entry to the site, visitors can change the settings to opt in or out of data collection and analysis.

This link will provide you with more information about how Google uses data when you use our partners’ sites or apps.

7.3 Disclosure of Personal Information to Third Parties

Under JCTS’s policy, Personal Information will not be disclosed without consent, other than in certain limited circumstances. Those circumstances include where the disclosure is required or authorised under a legal obligation or where the individual might reasonably expect disclosure. It may therefore be necessary to disclose Personal Information to bodies such as the Commonwealth Department of Health, , ASIC and the ATO, or other bodies to enable the JCTS to carry out its functions.

In the case of contracted service providers, the JCTS may disclose Personal Information to the service provider and the service provider may in turn provide us with Personal Information collected from an individual in the course of providing the contracted products or services.

We will not ordinarily disclose Personal Information to anyone outside of Australia. Where the JCTS is permitted to disclose Personal Information to an overseas organisation, it will take all reasonable steps to ensure that organisation complies with the Australian Privacy Principles under the Privacy Act 1988 (C’th). The JCTS will also advise any individual of the countries where the Personal Information is to be disclosed if practicable.

8. Direct Marketing

To receive direct marketing, people choose to “opt in” which provides consent to use their information. Where we have consent, JCTS may use Personal Information it has collected for receiving direct marketing from the JCTS. For example, where the JCTS has consent, we may send individuals information about JCTS products and services, and promotions and offers relating to the products and services of other organisations.

Unless an individual has given us consent, we will not provide, rent or sell information to other organisations so that they can direct market.

8.1 Communication of Consent

An individual may communicate consent or withdrawal of a previous consent to the JCTS’s use of their Personal Information for direct marketing in writing, verbally or electronically. The JCTS will clearly identify when an individual is choosing to consent or withdraw consent to receive direct marketing.

9. Data Quality and Security

The JCTS stores Personal Information in a number of ways, including in electronic databases and contact lists, and in paper files held in secure drawers and cabinets. Paper files may also be archived in boxes and stored offsite in secure facilities.

The JCTS’s policy is to take reasonable steps to:

  • make sure that the Personal Information that we collect, use and disclose is accurate, up to date and complete and in the case of use and disclosure relevant;
  • protect the Personal Information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  • destroy or de-identify information that is no longer required.

An individual can also help us keep information up to date by letting us know about any changes to Personal Information, such as email address or phone number. The steps we take to secure the Personal Information we hold include ICT security (such as endpoint detection response, anti-virus software, event monitoring, encryption, firewalls, authentication and authorisation controls), secure office access, personnel security and training and workplace policies.

10. Access and Correction of Personal Information

An individual has a right to request access to the Personal Information that JCTS holds about them and also to request its correction.

Some information may be directly accessed and amended through the JCTS website.

For any Personal Information that cannot be accessed and corrected through the website, you can contact admin@jcts.org.au to access or correct the Personal Information that we hold. We may ask to verify an individual’s identity before processing any access or correction requests to ensure that the Personal Information we hold is properly protected.

JCTS will provide access to Personal Information subject to some exceptions permitted by law, including protecting others’ privacy. We may provide access in the manner requested provided it is reasonable and practicable for us to do so. We may however charge a fee to cover our reasonable costs of locating the information and providing it.

In the case of JCTS employees, the employee must make a written request for access to HR. Employees may take notes from or photocopy material in their personnel file but must not remove any documents permanently.

If an individual asks JCTS to correct Personal Information that we hold about them, or if we believe the Personal Information we hold is inaccurate, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.

If JCTS corrects Personal Information about an individual, and we have previously disclosed that information to another agency or organisation that is subject to the Privacy Act 1988 (C’th), the individual may ask us to notify that other entity. If so, the JCTS’s policy is to take reasonable steps to do so, unless this would be impracticable or unlawful.

Except in the case of more complicated requests, JCTS will endeavour to respond to access and correction requests within 30 days.

If JCTS refuses an access or correction request, or if we refuse to give access in the manner requested, we will provide an individual with a written notice setting out:

  • the reasons for our refusal (except to the extent that it would be unreasonable to do so); and
  • available complaint mechanisms.

In addition, if we refuse to correct Personal Information in the manner requested, an individual may ask us to include in the information a statement that the individual considers the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

11. Complaints

For complaints about how JCTS has collected or handled Personal Information, please contact JCTS directly (details below).

We will endeavour in the first instance to deal with the complaint and take any steps necessary to resolve the matter within 10 working days.

If the complaint can’t be resolved at the first instance, we will ask the individual to email admin@jcts.org.au and provide details of the date, time and circumstances of the matter that is being complained about, how you believe privacy has been interfered with and how you would like your complaint resolved (Complaint).
We will endeavour to acknowledge receipt of the Complaint within five business days of receiving it and to complete our investigation into the complaint in a timely manner. This may include, for example, gathering the facts, locating and reviewing relevant documents and speaking to relevant individuals.

In most cases, we expect that complaints will be investigated and a response provided within 30 days of receipt of the Complaint. If the matter is more complex and our investigation may take longer, we will write and let you know, including letting you know when we expect to provide our response.

Our response will set out:

  • JCTS findings; and
  • what action, if any, JCTS will take to rectify the situation.

If an individual is unhappy with our response, a complaint can be made to the Office of the Australian Information Commissioner.

12. Retention of Personal Information

All Personal Information that has been collected from by JCTS will be kept for the time that is relevant to the purpose for which the Personal Information is to be used and for as long as required by applicable law.

When the Personal Information that we collect is no longer required, we destroy, delete or de-identify it in a secure manner.

In the case of JCTS job applicants, all job applications and interview notes are retained for a period of six months after which they are securely destroyed. If an applicant consents, the JCTS may retain applications and interview notes for a longer period for consideration of further positions.

13. Further information

Please contact JCTS for any queries about the Personal Information that we hold or the way we handle that Personal Information. Our contact details for privacy queries and complaints are set out below.

For queries about the application or interpretation of this Policy or the APPs more generally, or if you are unsure as to whether particular information can be disclosed, please contact JCTS.

Joint Colleges Training Services Pty Ltd
100 Wellington Parade
East Melbourne VIC 3002
Australia
E: admin@jcts.org.au

14. Amendment of This Policy

From time to time, our policies are reviewed and may be revised. We reserve the right to update or amend this Policy at any time. We will notify of any changes by posting an updated version of the Policy on our website. The amended statement will be effective on and from its uploading.

The General Manager or Deputy General Manager may make amendments at any time.

15. Responsibilities

General Manager – Responsible for approval of policy and amendments.

Deputy General Manager – Responsible for implementing this policy and making Minor Amendments.

All parties – Must comply with the policy.

16. Glossary

Major Amendment – An amendment which materially changes the operation of the policy which is not otherwise a Minor Amendment.

Minor Amendment – An amendment to style, to correct grammatical mistakes, to change overall formatting, to make updates which do not materially change meaning, or any other amendment, which in the opinion of the xx, does not materially alter the operation of the policy.

Personal Information – Personal Information is information or an opinion whether true or not, about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.

17. Related Documents, Legislation and Policies

Privacy Act 1988 (C’th)
Spam Act 2003 (C’th)
Do Not Call Register Act 2006 (C’th)
General Data Protection Regulation ((EU) 2016/679)

Compliance
This policy complies with all relevant legislation, in particular:
• Privacy Act 1988 (C’th);
• Spam Act 2003 (C’th); and
• Do Not Call Register Act 2006 (C’th)
• General Data Protection Regulation ((EU) 2016/679).

Guidance
Guidance may be issued by the Chief Operating Officer regarding compliance with this policy.

18. Policy Review and Currency

This policy is to be reviewed:

  • No later than 2 years from the last approval date; or
  • Following any significant legislative change affects this policy; or
  • Within 6 months following any significant operational or policy change decided by the CEO.

Uses

We only use your personal information for the purposes for which you give it to us and for related, internal management purposes. While we do have a mailing list we will not collect your data for the purpose of a mailing list without asking for your consent.

We do not give information about you to other government agencies, organisations or anyone else unless one of the following applies:

  • you have consented
  • you’d expect us to or we have told you we will
  • it is required or authorised by law
  • it will prevent or lessen a serious and imminent threat to somebody’s life or health or the disclosure is reasonably necessary for law enforcement or for the protection of public revenue.

We analyse non-identifiable website traffic data to improve our services.

Your choices

You may access personal information that we hold about you or you can ask us to correct personal information we hold about you.

We abide by the Information Privacy Principles of the Privacy Act 1988. Our website follows the Privacy Commissioner’s Guidelines for Federal and ACT Government Websites.

Scroll to Top

Aboriginal and Torres Strait Islander people should be aware that this website contains images, voices and names of those returned to the dreaming.