CQUniversity is committed to protecting user privacy. The University understands and appreciates that visitors and users of this website are concerned about their privacy and the confidentiality and security of personal information that may be provided.

CQUniversity complies with the Information Privacy Act 2009 Qld (IP Act) and takes its obligations under the IP Act seriously. The IP Act provides individuals with a legally enforceable right of access to, and amendment of, their own personal information held by the University, unless this would, on balance, be contrary to the public interest.

The IP Act specifies 11 Information Privacy Principles (IPPs) which govern how and when personal information may be collected, handled, stored, accessed, amended, managed, transferred, used, and disclosed.

CQUniversity actively releases information in accessible, readable and helpful formats and is committed to continuing this practice. The University does not publicly release data that includes personal information about identifiable people. The University endeavours to keep personal information secure, up-to-date, and relevant, and will only use it for the purpose/s for which it was collected.

Collection, use and disclosure of information

Purpose

CQUniversity is committed to protecting personal privacy and recognises that students, staff and vendors have a reasonable expectation that the University will protect and appropriately manage the personal information it holds about them. The IPPs contained in the IP Act set the standard for the use and management of personal information collected by or provided to CQUniversity.

This collection, use and disclosure statement explains how and why the University collects, uses and discloses personal information. It should be read in conjunction with the University’s Privacy Policy and Procedure.

This statement provides examples of the types of personal information collected, how it’s used and when the University will disclose such personal information. Not every example of the collection, use and disclosure of personal information is contained in this statement.

Why CQUniversity collects personal information

CQUniversity collects personal information, including sensitive information, about prospective and current students, parents, guardians and care-providers, next of kin, staff, alumni, volunteers, and contractors. The overall purposes of collecting this information are to:

  • enable the University to deliver education, research and other services
  • meet the wider functional needs of the University, including financial management, legal accountability, and national reporting requirements, and
  • meet the requirements of legislation and external government agencies.

How CQUniversity collects personal information

CQUniversity takes all reasonable steps to ensure that the personal information collected is:

  • necessary and lawful for the University’s purposes
  • relevant to the purpose of collection
  • collected in a fair way, without unreasonable intrusion, and
  • as up-to-date, complete, and secure as possible.

CQUniversity’s preferred source of personal information is the individual concerned. However, there are other important sources of personal information, which may include (but are not limited to) the following:

Sources of information about students

  • schools, admissions centres and equivalent overseas bodies
  • other tertiary institutions, and
  • information technology records.

Sources of information about staff

  • previous employers and referees nominated by prospective and current staff members
  • academic assessors
  • external and internal medical and rehabilitation documentation
  • promotion and performance review assessments
  • information technology records, and
  • student and staff feedback.

Where the University collects personal information about an individual from a third party, it will take all reasonable steps to ensure that the individual has been made aware of the collection.

Use and disclosure of your personal information

CQUniversity will take all reasonable steps to ensure that personal information is protected against loss, unauthorised access, modification or disclosure, and other misuse and will destroy or permanently de-identify personal information if it is no longer needed.

Personal information collected and held by the University will only be accessed and used by people employed or engaged by the University as required in the fulfilment of their duties and in a manner consistent with the original purpose.

Information may be used or disclosed to organisations outside the University where permitted by the Information Privacy Act 2009. It may also be used or disclosed for secondary purposes in certain circumstances, but only if:

  • the secondary purpose is directly related to the primary purpose of collection and the individual would reasonably expect the use or disclosure of the information for the secondary purpose
  • the University reasonably believes that the use or disclosure is necessary to lessen or prevent a serious and imminent threat to an individual's life, health or safety or a serious threat to public health or public safety
  • the University has reason to suspect that unlawful activity has been, is being, or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons, authorities or agencies, or
  • the use or disclosure is required or specifically authorised by law (e.g. court or law enforcement).  The University will comply with such requests and is not obligated to notify you of such disclosure.

Access to personal information

The Information Privacy Act 2009 provides individuals with a legally enforceable right of access to, and amendment of, their own personal information held by the University, unless this would, on balance, be contrary to the public interest.

Individuals requesting access to their own personal information can do so by completing a valid Right to Information and Information Privacy Access Application Form and emailing it to privacyrti@cqu.edu.au or posting it to:

Coordinator Records and Privacy
Governance
CQUniversity Australia
554 – 700 Yaamba Road
NORMAN GARDENS QLD 4701

NOTE: An Access charge may be applied to the Information Privacy Access Application in accordance with the IP Act.

 

Access charges are the cost of giving the applicant access to a document, for example the cost of photocopies. There is no cost for providing access to a document in electronic form, such as by email or on a disc.

For further information on charges please refer to the Office of the Information Commissioner.

Individuals and public seeking access to information not containing personal information can do so via a Right to Information request in accordance with the Right to Information Act (2009) (‘RTI Act’).

For further information please visit our Right to Information page.

Amendment to personal information

Under the Information Privacy Act 2009, you may apply for an amendment to a document that contains your personal information, if that document contains information that is inaccurate, incomplete, out of date or misleading.

Your application should specify:

  • what particulars you wish amended
  • why you believe the information to be incomplete, incorrect, out-of-date or misleading
  • the amendments you wish to make, and
  • your address and telephone number so you can be advised of the result of your application.

Individuals requesting amendment to their own personal information can do so by completing a valid Information Privacy Personal Information Amendment Application and emailing it to privacyrti@cqu.edu.au or posting it to:

Coordinator Records and Privacy
Governance
CQUniversity Australia
554 – 700 Yaamba Road
NORMAN GARDENS QLD 4701

Privacy complaints

If an individual believes that the University has not dealt with their personal information in accordance with the Information Privacy Act 2009 or the Privacy Policy and Procedure a complaint may be made to the University.

A complaint must be made in writing and include:

  • an address of the complainant
  • give details about how their privacy has been breached, and
  • be made within 12 months of the occurrence of the breach.

Complaints that are made more than 12 months after the occurrence of the breach may not be able to be investigated, due to the difficulty in obtaining reliable evidence because of the length of time that has passed.

Complaints can be emailed to privacyrti@cquedu.au or posted to:

Coordinator Records and Privacy
Governance
CQUniversity Australia
554 – 700 Yaamba Road
NORMAN GARDENS QLD 4701

Privacy complaints will be acknowledged within five working days from the date the complaint is received.



CQUniversity may, from time to time, update its Information Privacy Policy and/or Collection, Use and Disclosure Statement to ensure they remain appropriate to changing laws, technology and the University environment.