RMIT values the privacy of every individual and is committed to the responsible handling of personal information.
This Privacy Statement explains what personal information we gather and details how that information is used.
Types of personal information:
RMIT only collects information about you by lawful and fair means and in a non-intrusive way. RMIT collects personal, sensitive and health information as necessary for its core functions, including for educational, research, community and commercial purposes. We may collect personal information from:
The information we collect depends on how you interact with us and the purpose of that interaction. RMIT may collect sensitive information, including health information, in certain limited circumstances and for a specific purpose. RMIT also uses specific collection statements in connection with your engagement with us, such as the Staff Privacy Statement and the Student Privacy Statement.
When appropriate we provide a detailed privacy collection statement to you capturing the personal and heath information is collected and stating that RMIT provides your personal information to and for what purpose or as soon as practicable thereafter.
Your personal information is usually collected directly from you. In some cases, we may collect information from a third party, such as a government authority, agency, contractor, or other educational or research institutions. Where personal information is provided to us by a person other than you, it will be deleted or de-identified if not required, or you will receive a notice of its collection, its use and your rights as a data subject.
Where practicable, you may choose to remain anonymous when interacting with RMIT. However, remaining anonymous may affect your ability to access some RMIT services and systems. RMIT will let you know when this may affect your engagement with us.
RMIT uses personal including sensitive and health information to deliver our core functions, and comply with our obligations with respect to the provision of education and research. We use your information for the primary purpose for which it was collected, a related secondary purpose that you may reasonably expect (with the exception of sensitive or health information), as required by law, or with your permission or consent.
The laws in some jurisdictions require us to tell you about the legal ground we rely on to use or share your personal information. These legal grounds may include, but are not limited to, meeting our contractual commitments to you, for a legitimate interest, to comply with law, or to perform a public task. We will always consider your rights when using your personal information.
We may use and process your information for:
We may share your personal information with third parties where appropriate for the purposes set out above, including but not limited to:
These recipient organisations and contracted service providers are required to keep personal information confidential and provide the same privacy safeguards as we do. Some of these recipients may be located outside of Victoria or Australia, which means that your personal information may be transferred interstate or overseas (trans-border), including but not limited to:
Where we transfer your personal information to a recipient outside of Victoria or Australia, we take reasonable steps to ensure the recipient handles the information in accordance with this Privacy Statement, our Policies, and the relevant privacy and Victorian health information principles.
Where appropriate, examples of third parties that RMIT provides personal information to and for what purposes are captured in more detailed privacy collection statements or notice, which are provided to you at the time your personal information is collected.
RMIT applies safeguards and takes appropriate security measures to protect your personal information from misuse, loss, unauthorised access and disclosure.
Stored information is also archived in accordance with the Public Records Act 1973 (Vic), which determines when information should be retained or disposed. Reasonable steps are taken to destroy or permanently de-identify your personal information when it is no longer needed for any purpose.
Personal information may be stored in hard copy documents, as electronic data, or in RMIT software or systems, including cloud or other types of network or electronic storage. Some of the ways RMIT seeks to protect personal information include:
Where it is necessary to share your personal information with a contracted service provider or third-party, RMIT takes reasonable steps to ensure that there are appropriate safeguards, such as, legally binding and enforceable instrument, in place to protect your personal information.
RMIT operates in Australia and overseas, including Spain and Vietnam. Accordingly, we may need to share some of your information we collect about you between RMIT entities in these jurisdictions. For example, this could include the transfer of your information from an EEA country to Australia, and vice-versa.
RMIT takes reasonable steps to ensure that personal information held is accurate, complete and up-to-date. RMIT relies on you to provide us with accurate and current information in the first instance, and to notify us when your circumstances or details change.
You have certain rights to seek access to personal information we hold about you (including, in some cases, in portable form), and to obtain its correction, update, amendment or deletion in appropriate circumstances, regardless of your location. You also have rights to withdraw your consent or request that we restrict how your information is used.
You may seek access to personal information we hold about you or to update and correct your information. In some instances, you will be able to access and update your personal information yourself through online portals such as myRMIT. Otherwise, you may access and/or correct your personal information by directly contacting the area of RMIT that has the information in the first instance, or if unknown:
In some situations, access will not be appropriate, and you may be required to make a formal Freedom of Information request. The Freedom of Information Act (Vic) provides that where a document relating to the personal affairs of a person is released that person is entitled to request a correction where the information is inaccurate, incomplete, or out of date. Information about the Freedom of Information process at RMIT is available at the following link: https://www.rmit.edu.au/about/governance-management/compliance/foi.
In certain circumstances, you can:
To exercise these rights, please contact us. The rights and options described above are subject to limitations and exceptions under applicable law. In addition to those rights, you have the right to make a complaint. We encourage you to contact us first, and we will do our very best to resolve your issue.
RMIT may make a record of your visits to RMIT websites and log information for statistical and system administration purposes, including but not limited to:
RMIT collects cookies to enable the proper functioning and security of our websites, and to help us offer you a better browsing experience.
A cookie is a small text file that is sent to your device by means of your web browser. The information stored can be re-sent to our servers during a next website visit. A cookie file is stored in your web-browser and allow us or a third party to make a record of your visit to improve future visits to our websites. Cookies will not record your email passwords or your bank account details. Cookies do not harm your computer.
RMIT uses the following types of cookies:
1. Functional Cookies
2. Analytical Cookies
3. Marketing Cookies and Other Cookies
All personalised cookies including marketing cookies and other cookies are blocked for users visiting our website from the EU region.
If you leave an RMIT website and navigate to a third-party website, RMIT cannot be held responsible for the protection and privacy of any information that you provide to third party websites. Accordingly, we always encourage you to exercise caution and review the privacy statement applicable to the website you visit.
If you are concerned that RMIT may have breached its privacy obligations or this Privacy Statement, please contact us (see section 7). When contacting us, please provide as much detail as possible in relation to your issue or complaint.
RMIT takes privacy-related complaints very seriously and undertakes to resolve privacy complaints in a timely, fair and transparent way.
If you are not satisfied with our handling of your complaint, you may refer the issue to the Office of the Victorian Information Commissioner, the Health Complaints Commissioner for health information, or in some circumstances, the relevant supervisory authority in another jurisdiction.
Please feel free to contact us on (03) 9925 1161 or email firstname.lastname@example.org if you have any questions or concerns about this Privacy Statement or RMIT’s collection, use or disclosure of your personal information.
We may change this Privacy Statement without notice, particularly where there are new developments in our working practice or if there are changes in the relevant laws. Therefore, we encourage you to check back occasionally to see if anything has changed. The most recent substantive change to this Privacy Statement was made 16 September 2021.
Acknowledgement of Country
RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business - Artwork 'Luwaytini' by Mark Cleaver, Palawa.
Acknowledgement of Country
RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business.