RMIT uses personal including sensitive and health information to deliver our core functions, and comply with our obligations with respect to the provision of education and research. We use your information for the primary purpose for which it was collected, a related secondary purpose that you may reasonably expect (with the exception of sensitive or health information), as required by law, or with your permission or consent.
The laws in some jurisdictions require us to tell you about the legal ground we rely on to use or share your personal information. These legal grounds may include, but are not limited to, meeting our contractual commitments to you, for a legitimate interest, to comply with law, or to perform a public task. We will always consider your rights when using your personal information.
We may use and process your information for:
- Education and education support: admission, enrolment, content delivery and learning activities, assessment, graduation, services (e.g. library, wellbeing, support), mentoring, handling disputes, investigations, audits, data analysis and improvements, general administration and enquiry management.
- Research and research support: including participant data, administration and commercialisation.
- Community and industry engagement: website operation, addressing enquiries and requests, marketing, customer relations, mailing lists and newsletters, event invitations, alumni and donor relations.
- Employment and employee support: recruitment (including referees), payroll, health and safety, learning and development for staff and other Human Resources programs, contractors and volunteers.
- Operational management and finances: financial management, processing fees, IT security and management, data analysis, legal and professional services, analysing and improving our courses, educational opportunities, business and services.
- Infrastructure and facilities: access and management systems, CCTV, identity management, security and emergency response, including to lessen or prevent threats to safety.
- Transacting between RMIT entities to deliver and improve our services.
- For a secondary purpose or where otherwise permitted by law, such as the provision of information to government departments or agencies.
We may share your personal information with third parties where appropriate for the purposes set out above, including but not limited to:
- Financial institutes for payment processing;
- Regulatory, investigative, law enforcement or government bodies;
- Referees whose details are provided to us by job applicants;
- Other educational institutes and educational partners, some of which are overseas, including educational agents;
- Pre-enrolment testing providers;
- Our contracted service providers or partners, including overseas and local agents, information technology service providers (such as Adobe, Google and Microsoft), venues and event organisers, marketing and communication agencies, research and statistical analysis providers, call centres, hard copy and electronic mailing houses, professional advisers (such as recruitment advisers, auditors, accountants, insurers, and lawyers), and externally hosted applications and software subscriptions.
- As required or authorised by law; and
- Otherwise with your consent.
These recipient organisations and contracted service providers are required to keep personal information confidential and provide the same privacy safeguards as we do. Some of these recipients may be located outside of Victoria or Australia, which means that your personal information may be transferred interstate or overseas (trans-border), including but not limited to:
- the United States of America;
- other countries in Asia;
- countries in the European Union, such as the UK and Spain.
Where we transfer your personal information to a recipient outside of Victoria or Australia, we take reasonable steps to ensure the recipient handles the information in accordance with this Privacy Statement, our Policies, and the relevant privacy and Victorian health information principles.
Where appropriate, examples of third parties that RMIT provides personal information to and for what purposes are captured in more detailed privacy collection statements or notice, which are provided to you at the time your personal information is collected.