Privacy - AAAS
Responsible Officer Chief Executive Officer
Functional Owner Manager’s, Senior Training Coordinator
Quality and Risk Owner Quality & Compliance Manager
    1. Background

      Australian Academy of Advanced Skills (AAAS) is committed to ensuring the Privacy of all learner personal information and progress of training and assessment information is maintained effectively. AAAS does not share, rent or sell any personal information of our Learners or corporate clients. The security confidentiality of the information collected is protected under this policy of AAAS and complies with the Privacy Act 1988 (Commonwealth). This policy describes how AAAS collects, manages, uses, discloses, protects, and disposes of personal information in accordance with the thirteen Australian Privacy Principles (APPs) outlined in Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012.

    2. Scope

      The Privacy policy and procedure ensures that all Learner information is treated carefully and with security protocols in place. In addition, ONLY the applicable staff, government funding bodies and employers are given access to Learner personal information and training progress according to the National VET Regulator, Standards for RTOs 2015 and various State and Federal government Funded Training Contract conditions

    3. Compliance

      Standards for RTOs Clause 8.5:
      The RTO complies with Commonwealth, State and Territory legislation and regulatory requirements relevant to its operations.

    4. Policy


      Under the Privacy Act 1988 and Privacy Amendment (Enhancing Privacy Protection) Act 2012 (s6(1)), personal and sensitive information is defined as follows:
      – Personal information: “information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.”
      – Sensitive information: “(a) information or an opinion about an individual’s: (i) racial or ethnic origin, or (ii) political opinions, or (iii) membership of a political association, or (iv) religious beliefs or affiliations, or (v) philosophical beliefs, or (vi) membership of a professional or trade association, or (vii) membership of a trade union, or (viii) sexual preferences or practices, or (ix) criminal record, that is also personal information; or (b) health information about an individual; or (c) genetic information about an individual that is not otherwise health information; or (d) biometric information that is to be used for the purposes of automated biometric verification or biometric identification; or (e) biometric templates”.

Authority to collect and store information

Australian Academy of Advanced Skills (AAAS) is an approved Registered Training Organisation by the Australian Skills Quality Authority. This registration is issued under the authority of the National Vocational Education and Training Regulator Act 2011. This legislation requires Australian Academy of Advanced Skills (AAAS) to collect personal and sensitive information from its learners. This requirement is specified in the Data Provision Requirements 2020 which is one of five legislative instruments that AAAS must comply with as a condition of its registration.

The data provision requirements require AAAS to collect data from learners in accordance with the Australian Vocational Education and Training Information Statistical Standard (AVETMISS). This is a complex information standard that defines information about who the learner is, where the training is delivered and what they are studying. The Standards for Registered Training Organisations require AAAS to retain and store this information for up to 30 years and to report training activity to government agencies in accordance with mandatory reporting requirements.

Together these requirements form a statutory obligation to collect, store and report information of any learner participating in nationally accredited training. The publications referred to in this section can be accessed from the ASQA website.

Collection and use

AAAS collects personal information, either directly or indirectly, that is reasonably necessary for, or directly related to its delivery of the services it offers. Some of the information collected may be regarded as ‘sensitive’ as defined by the Privacy Act.

Solicited information

Contact information such as name, organisation, position, address, telephone, and email are collected for marketing, support services, mandatory reporting and for communicating with stakeholders as part of our day to day operation.

In addition to the training activity information collected, AAAS also collects, stores and reports information of satisfaction surveys, complaint handling of our learners and employers.

Names, addresses, phone numbers, emergency contact details, bank account details and other employment related information is collected from employees for the purpose of managing human resources. The management of staff personal information complies with this policy.

Collection methods

The AVETMIS Standard prescribes learner personal and sensitive information as well as training activity information. This information is collected directly from our learners using enrolment forms which may be paper based or electronic and other administrative forms including but not limited to complaint forms, recognition application, request for refund, transfer application, etc. All of this information is entered into our student management system and all hard copy records are retained within our learner files.

Survey responses are collected using our Employer and Learner Satisfaction Surveys from Student Management System, which are issued in both hard copy and electronic format. These survey results are provided to the Data Reporting Manager for its analysis and reporting. Survey forms completed in hard copy are retained in the learner files.

Enquiry information from prospective learners including personal contact information is collected directly from individuals who make data requests either by telephone, email, or in person.

AAAS collects its employee’s personal information individually on employment commencement.

Sensitive information

Personal information collected by AAAS that may be regarded as ‘sensitive’ under the Privacy Act includes:

– ‘Disability’ and ‘long‐term impairment status’ (health); and ‘indigenous status’, ‘language spoken at home’, ‘proficiency in spoken English’, ‘country of birth’ (implies ethnic/racial
origin). This information is specified in the AVETMISS data elements and is collected for the national VET data collections, national VET surveys, and may be collected for VET‐related research.

Direct marketing

AAAS respects an individual’s right not to receive marketing material and provides an option within communications and on its website for individuals to unsubscribe from receiving
marketing material. AAAS conducts its marketing communications and dissemination of service information in accordance with Australian Privacy Principle 7 (Direct marketing), the Spam Act 2003 (in respect of electronic communications), and the Do Not Call Register Act 2006.

AAAS does not make any ‘cold call’ for marketing its products and services.

Google Analytics and cookies

Google Analytics is a web service provided by Google Inc. Cookies are used to generate data on website activity and usage. The cookies, which include IP addresses, are transmitted to
and stored in Google servers in the United States where they are used to compile web‐use reports. Google may transfer this information to third parties, where required by law, or for information processing on its behalf. Google will not associate IP addresses with any other data held by Google. More information on Google’s privacy policy can be found at: It is possible to disable cookies by adjusting web‐browser setting and to opt‐out of Google Analytics
( Doing so, however, may affect web‐site functionality.

The AAAS web servers automatically log information such as server address, date and time of visit and web pages accessed. No personal information is recorded. These logs are used for
website management and improvement.

In the event of learner using AAAS device, we recommend to removes all personal information and cookies recorded in the device.

Unsolicited personal information

If AAAS should receive unsolicited personal information, it will be treated and managed according to the Australian Privacy Principles.

Notification of collection

AAAS for Training notifies individuals of the collection of their personal information before, or at the time of Enrolment collection, Notifications are in writing listed on the Application/Enrolment form

– Marketing – notification is provided on our website course application page. Individuals are also notified at the time of collecting personal information for events. A privacy notice
is provided in all AAAS marketing communications.

– Quality Indicator surveys – notification is provided in the letter of invitation to participate in the surveys and also at the time of collecting the information (online or by telephone).

– AAAS staff – Notification is provided on employment commencement.

Disclosure of personal information

AAAS does not disclose personal information other than for the purpose for which it was collected, or an individual has consented to a secondary purpose, or an individual would
reasonably expect this (such as receiving communications about upcoming events), or if
required by law.

AAAS may share personal information with the Commonwealth government in accordance
with Commonwealth contractual obligations. In these circumstances, AAAS will take reasonable steps to inform and seek consent from the individuals concerned and take all reasonable steps to ensure that the recipient handles the personal information according to the APPs.

AAAS does not sell its mailing lists to third parties for marketing purposes.

AAAS does not disclose personal information to overseas recipients. While people around the world can access material published on our website, no statistical or research publications
contain identifiable personal information.

Management of personal information

AAAS endeavours to ensure the personal information it collects and uses or discloses is accurate, up to date, complete and relevant.

AAAS routinely updates the information held in
its customer relationship management system. This includes confirming with learners who are returning for a new enrolment if their personal contact details have changed.

Access to and correction of personal information

Individuals may, subject to the exceptions prescribed by the Australian Privacy Principles, request access to and correction of their personal information where this is collected directly from individuals by AAAS.

AAAS does not charge for giving access to or for correcting personal information. Requests for access to or correction of personal information should be made in accordance with the
learner access to records policy.

Information retention and disposal

Personal information is held in electronic and paper format:

– Information collected from learner enrolment applications and survey responses is held in databases.

– Names and contact details of stakeholders are held with thein the student management
system and email contact lists.

– Names and contact details collected during the delivery of services may be held either in electronic form in AAAS document management system or in paper documents which are locked in cupboards and filing cabinets.

– Personal staff information is held within the HR
management, pay roll database.

– Backup copies of all electronic files held in AAAS systems are kept in the event of system failure/loss. All backup copies of system files are secured.

AAAS retains personal information for 30 years. When personal information is no longer
necessary for AAAS business functions, and it is lawful to do so, AAAS destroy the information.

Information security

AAAS takes active steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

– AAAS systems and internal network are protected from unauthorised access using
appropriate technologies. Most system data transferred over the internet is protected by Secure Socket Level protocol (SSL). The inherent risks associated with data transmission over the internet are, however, commonly acknowledged. Individuals, who do not wish to provide their personal information via the online website forms have the option of mailing this information to AAAS.

– Access to the student management system is protected through user log‐on and
password, and assignment of user access rights.

– All third-party providers used by AAAS to support its delivery of services are located within Australia and are required to be compliant with the Australian Privacy Principles and offer appropriate safeguards to protect personal information.

– AAAS premises and data storage systems are fully secured. AAAS practices clean‐desk
policy and locking workstations when working with personal information. Paper documents containing names and addresses are required to be locked away and shredded when destroyed. All hardware is properly ‘sanitized’ before disposal.

Notifiable Data Breach

AAAS will ensure that all individual learner enrolments in the nationally recognised
qualification are provided with their Unique Student Identifier (USI). In addition in case of data breach, AAAS would comply to the NDB (Notifiable Data Breach) scheme under the Australia Privacy Act 1988. In doing so, AAAS will:

      • Notify individuals whose personal information isinvolved in a data breach that islikely
        to result in serious harm including recommendations about the steps individuals should take in response to the breach
      • The Australian Information Commissioner (OAIC) must also be notified of eligible he
        data breaches
      • Please refer to the Office of the Australian Information
        Commissioner (OAIC) website for more information
      • For more information about AAAS’s policies and procedures, please refer to the
        Learner Information Handbook
    1. Quality and Continuous Improvement

      This policy and procedure is subject to systematic review, evaluation and improvement,
      including annual review and ongoing feedback from stakeholders.

    2. Related Forms and Documents

      • Application / Enrolment Form
      • Recognition Application Form
      • Identification Documents
      • Declaration/Consent forms (as relevant)
      • Course fee Invoice,
      • (NSW- TPP, ACT- Notification of Business (NOB); QLD- SRTO Notification)
      • Training Plan
Version Approved by Endorsed by Effective Date Review Date
2 Quality and Compliance Manager Chief Executive Officer 04th July 2022 04th July 2023
Version History
  • Version 1 – 16/04/2017 Annual review & updated the contents
  • Version 2 ‐ 04/07/2022 Approved
Course Type All
RTOs Australian Academy of Advanced Skills (45240)
Partner RTOs N/A

Find out more about the course

Get started with AAAS today!

Skip to content