Privacy and Data Protection Policy
2. Collection of Personal Information
We will collect Personal Information as follows:
2.1 Key Personal Information we may collect
The Personal Information we collect may include:
- your name;
- contact information, including email address;
- details of your device, browser, domain name and IP address, and the details of any website you linked from to the website;
- course progress (i.e. which courses are completed, what results are attained, and how this compares to the cohort generally);
- other relevant additional information that we require; and
- Personal Information from you that you submit in the course of your interaction and/or engagement with us, such as when you:
- submit a form on our website;
- email us or interact with our social media accounts;
- enrol and/or attend an education/speaking event or conference that we provide ;
- make a customer service enquiry; and
- subscribe to our email list to receive newsletters and updates.
You agree that we may collect Personal Information about you from a third party where this is efficient, reasonable, or necessary. For example, if you are a student, we may collect Personal Information about you the institution at which you are studying, have studied, or have applied to study.
2.2 Other information we may collect through our website
We collect Personal Information from your use of our website. We also collect Personal Information from your device for the purposes of understanding how you use our website and improving our products and services to you. This Personal Information is collected by:
- Using cookies;
- Collecting website use information, including user location, and internet protocol (IP) addresses; and
Cookies are small text files placed on your device to collect standard Internet log information and visitor behaviour information. Cookies do not collect any identifiable information about you but will identify your device. If required to by any applicable privacy laws, we will ask for your consent when placing cookies on your device. You can disable cookies by setting your browser to not accept them. If you disable cookies, you may not be able to use all of the features on our website.
3. How Personal Information may be used
3.1 We will only use your Personal Information for purposes that are directly related to our business activities, and when it is necessary for or directly related to such purposes.
3.2 We may use Personal Information to:
- Provide you with our products and services, including customising documents and providing self-assessment results;
- Respond to enquiries, requests, feedback, or customer service related activities;
- Improve the functionality of our website to give a better user experience;
- Communicate with you about our products, services, and business-related activities, including promotional offers;
- Protect and/or enforce our legal rights and interests, including defending any claim; and
- Comply with applicable privacy laws and regulations, and for any other purpose authorised by you, or applicable privacy laws.
4. Storage and security of Personal Information
4.2 Your Personal Information will be stored securely by VMC and by third party service providers on our behalf.
5.1 If there are additional purposes (other than those identified above) for which we propose to use your Personal Information, the purposes will be specifically notified to you and your consent requested to the proposed use, either when we collect your Personal Information for that specific use or when that additional purpose arises (if it does so after the Personal Information has already been collected).
5.2 We will give you the option to decline to provide your Personal Information or to decline to allow us to use that Personal Information for the purposes for which we have proposed to use it provided that as doing so does not prevent us from meeting our legal obligations under applicable privacy laws.
6. Disclosing Personal Information
6.1 We do not sell or rent your Personal Information to any third party without permission.
6.2 We may disclose your Personal Information to:
- third party service providers, suppliers, and contractors with whom we conduct ordinary business;
- if you are a student, the institution at which at which you are studying, have studied, or have applied to study; and
- other persons, including government agencies or regulatory bodies, as required or authorised by law.
- take steps to ensure that we have reasonable grounds to believe that the overseas agency receiving the Personal Information is subject to privacy protections that, overall, provide comparable safeguards to those provided under the applicable privacy laws; or
- enter into a binding contractual agreement with the overseas agency receiving the Personal Information confirming that it will protect the Personal Information in a way that, overall, provides comparable safeguards to those provided under the applicable privacy laws; or
- obtain the your express authorisation to disclose your Personal Information overseas after expressly informing you that the overseas agency may not be required to protect the information in a way that, overall, provides comparable safeguards to those provided under the applicable privacy law.
7. Retention of Personal Information
7.1 We will retain Personal Information that we collect for as long as it is required for the purposes for which it was collected. Once Personal Information is no longer required, we will securely destroy it or otherwise delete all identifying details so that only anonymised data is retained.
8. Accuracy, accessing, correcting and erasing Personal Information
8.2 You have the right to request:
- access to your Personal Information held by us;
- correction of your Personal Information held by us; or
- that we erase, or restrict the processing of, your Personal Information held by us, under certain conditions.
8.3 We may charge you our reasonable costs of providing to you copies of or correcting your Personal Information.
8.4 If you would like to exercise your rights in respect of your Personal Information, please contact the relevant individual at your education provider and ask them to liaise with our Privacy Officer at email@example.com regarding access to, or correction or erasure of, your Personal Information.
Data deletion requests will be fully implemented in up to 30 days after request, once backups are deleted after their retention period expires.
9. Mandatory reporting of notifiable privacy breaches
9.1 We have an active management plan for actual, likely, and suspected privacy breaches, including a data incident response plan as required by applicable privacy laws.
9.2 If your Personal Information is involved in a privacy breach which we reasonably believe is notifiable / must be reported in accordance with applicable privacy laws (a Notifiable Privacy Breach), we will inform the affected individual/s and report the Notifiable Privacy Breach to the relevant supervisory authorities as required by applicable privacy laws (such as supervisory authority in the relevant European Union Member State).
11. Contacting us or making a complaint
11.3 The Privacy Officer will investigate any complaints that are received and respond to you as soon as possible.
11.4 If you are not satisfied with how we have handled your complaint, you can contact the relevant supervisory authority.