Privacy Values

We are committed to maintaining the privacy of all personal information given to us and our practices protect the privacy of your information and act in your best interests. You have a right to know how we collect, use and disclose personal information and that it remains accurate, confidential and secure.

Privacy as the default 

• privacy by design is embedded in our business practices and in the design and architecture of its systems
• business processes and system initiatives, revisions, or upgrades will be consistent and compliant with mandatory requirements, including the Australian Privacy Principles and associated policies 
• third party entities authorised under the Student Identifiers legislative framework to collect and use USIs must meet the privacy requirements of the Student Identifiers legislative framework.

Transparent and Visible

We:

• give individuals reasonable notice of information, policies and practices for collecting, using, disclosing, retaining and disposing of personal information
• expect entities authorised to collect, use and disclose information about individuals under the Student Identifiers legislative framework to publish privacy notices clearly informing individuals about the purposes and scope of information collected.

Accountable

We:

• maintain a compliance program of regular audits, reviews and assessments of access (by our staff and other authorised entities) of our operations and systems
• monitor and keep adequate records of compliance efforts, privacy infringements and breaches.

Care and diligence

We:

• handle any requests or complaints with care and diligence
• appropriately destroy personal information in accordance with the student identifiers legislative framework and any Australian Government retention requirements
• keep personal information in a way to protect it from misuse, interference and loss and from unauthorised access, modification or disclosure and always in accordance with mandatory requirements.

Respectful

We:

• respect the privacy and rights of all individuals in all aspects of business and treat all personal and sensitive data as confidential 
• adequately inform Individuals about the processing of their personal data, their rights and access to that data.

Ethical

We will act with integrity in:

• dealing with personal and sensitive information and data that is collected, used or disclosed in the assignment and verification of USIs or as a result of the Transcript Service
• collecting, using, disclosing, and retaining only the minimum amount of information about individuals as necessary for the specified purpose.

Find out more

• Privacy policy
• Our privacy obligations

The information you provide through the USI application process: 

• is collected by the Student Identifiers Registrar for a number of purposes 
• may be disclosed to a number of organisations, departments, regulators and other persons where it is reasonably necessary for the purposes of performing functions or exercising powers 
• will not otherwise be disclosed without their consent unless authorised or required by or under law. 

Detailed information on the use of your information can be found in Division 5 - Collection, use or disclosure of student identifiers of the Student Identifiers Act 2014 and in our Privacy Policy 

Privacy policies and complaints 

Students can find out more about how the Student Identifiers Registrar collects, uses and discloses their personal information: 

• in the Student Identifiers Registrar’s Privacy Policy  
• by emailing the Registrar  
• by calling 1300 857 536 or from outside Australia +61 2 6218 0994

The Student Identifiers Registrar’s Privacy Policy contains information about: 

• how students can access and seek correction of the personal information held about them 
• how to make a complaint about a breach of privacy by the Registrar in connection with the USI 
• how complaints are handled 

The student can also make a complaint to the Information Commissioner about an interference with privacy pursuant to the Privacy Act 1988. This includes the misuse or interference of or unauthorised collection, use, access, modification or disclosure of USIs. 

These entities may apply for a USI on behalf of a student under sub-section 9(2) of the Student Identifiers Act 2014: 

• Registered Training Organisations (RTO) 
   
• VET admission bodies 
   
• registered Higher Education Providers 
   
• Tertiary Admission Centres 

If your organisation is eligible, you are required to give the student a privacy notice explaining how their personal information will be used. 

Privacy notice for your students 

To help you meet this requirement, we have developed a Privacy Notice you can give to students. 

Privacy text to include in enrolment forms 

Use the following suggested text in your enrolment forms to: 

• seek authorisation to apply for a USI on behalf of a student 
   
• advise students of their privacy rights and requirements 

Privacy text for RTO enrolment forms 

From 1 January 2015, we [insert RTO name] can be prevented from issuing you with a nationally recognised VET qualification or statement of attainment when you complete your course if you do not have a Unique Student Identifier (USI).  Get your USI now at www.usi.gov.au/create-your-USI/ 

If you would like us [insert RTO name] to apply for a USI on your behalf you must authorise us to do so and declare that you have read the suggested text for inclusion in enrolment form. 

I [NAME] …………………………………………………………………………………………..authorise 

[insert RTO name]…………………………………………………………………………………. to apply pursuant to sub-section 9(2) of the Student Identifiers Act 2014, for a USI on my behalf. I have read and I consent to the collection, use and disclosure of my personal information as outlined by the Student Identifiers Registrar. 

[SIGNATURE]                               [DATE] 

Privacy text for higher education enrolment forms 

By 2023, all higher education students will need to have a USI if they expect to receive their award in 2023 or beyond. This includes all students who started before 2021, as well as, all international onshore students. Get your USI now at www.usi.gov.au/create-your-USI/ 

If you would like us [Higher Education Provider or Tertiary Admission Centre] to apply for a USI on your behalf you must authorise us to do so and declare that you have read the relevant privacy information.  

 I [NAME] …………………………………………………………………………………………..authorise 

[insert HEP or TAC name]…………………………………………………………………………………. to apply pursuant to sub-section 9(2) of the Student Identifiers Act 2014, for a USI on my behalf. I have read and I consent to the collection, use and disclosure of my personal information pursuant to the information detailed within the Privacy Notice. 

[SIGNATURE]                               [DATE] 

Relevant privacy legislation 

If you are an Australian Privacy Principle (APP) entity bound by the Privacy Act 1988 or an entity bound by State or Territory Privacy legislation:  

• consider whether your organisation is bound by any privacy legislation and what your obligations would be under this legislation 
   
• seek independent legal advice about your privacy obligations

If your organisation contravenes sections 11, 16 or 17 of the Student Identifiers Act 2014, then pursuant to section 23 of the Act:  

• your organisation will be considered to be an APP entity bound by the Privacy Act 1988 
   
• the contravention may be subject to investigation by the Information Commissioner 

Where your organisation is bound by Commonwealth or State or Territory Privacy legislation, you may need to tell students how their information is stored and protected, such as:  

• secure server at the education or training provider 
   
• third-party server in the cloud 
   
• if hard-copy – in a locked file/cupboard