Carramar is committed to protecting employee, client and student privacy and confidentiality in line with Federal Privacy legislation. This Policy focuses on our commitment to protecting the privacy of our clients and students, and outlines the various ways in which we ensure this protection. For the purpose of this Policy, personal information is described as follows:
‘Personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not 
Personal information will not be used in any way other than those outlined in this Policy, and any other ways that might reasonably be expected.
This policy is published on the Carramar website to ensure it is accessible by all clients and customers.
TYPES AND USES OF PERSONAL INFORMATION
From time to time we need to collect personal information in order to conduct business whether from consumers, merchants, business contacts, website users or contractors.
Our policy is to use personal information collected only for the business purpose for which it was collected, and not for any other purpose. This information can include your e-mail address, name, address, telephone number, bank account details as applicable. We do not collect personal information that we do not need.
We collect all personal information in writing, either from an employment application and personal details form, or an enrolment form, directly from the person whom the information is about. (Where applicable information may be collected from the parent or guardian of a student under the age of 18.)
Your personal information is used in the following ways:
- Client information - this tells us more about who you are and how to contact you.
- Email correspondence - used to raise and respond to issues and inquiries of all types.
- Transactions - showing electronic funds transfer information.
We will not sell, rent or trade personal information about you to or with others.
As an education provider, we are required to collect personal information from students in order to process enrolments and obtain the information required to provide suitable training and assessment services. The information collected includes general personal details which are reasonably necessary to enrol in and undertake the course. Information collected from students may include details of any relevant disability or health issue that may affect the student’s ability to undertake training and/or assessment activities.
We will seek the consent when collecting sensitive information about individuals such as health information, or information about racial or ethnic background, or criminal record if the collection of the information is reasonably necessary.
Where applicable information may also be required to comply with AVETMISS standards as specified by government regulators. Personal information collected through the enrolment form or through other means will be passed on to government regulators as per legal data collection requirements. This personal information may also be accessed for the purposes of an audit by ASQA.
Personal information collected may be disclosed to third parties to whom we outsource specialised functions. In these circumstances we take steps to ensure that those contractors comply with the Australian Privacy Principles when they handle personal information about you and are authorised only to use personal information in order to provide the services or to perform the functions required by us. The only other time we would make disclosures of personal information is when we are required to do so by law, or if the disclosure is permitted under the Privacy Act 1988.
We do not accept any advertising on our web site and therefore have no other information reporting requirements to any third party.
We ensure that when necessary personal information is transmitted using password protected or other encrypted methods in line with our information security policy.
If we receive unsolicited information, we will determine if the information is required to carry out our functions. If we determine that the information is not required, and does not form part of a necessary record, then we will ensure that the information is destroyed or de-identified as soon as practicable.
HOW IS YOUR PERSONAL INFORMATION STORED?
Carramar stores most personal information in a secure server on-site. We take steps to ensure that the personal information held is secure from unauthorised access, destruction, use, modification or disclosure. This includes internal audit procedures and restricted staff access to information. We only permit personal details to be accessed by authorised personnel.
Paper-based records are limited as much as possible. Where paper-based records exist these are kept in a locked filing cabinet on the premises.
As a Registered Training Organisation, we are required to retain digital records of qualifications and statements of attainment for 30 years.
YOUR RIGHT OF ACCESS AND CORRECTION
Under the Privacy Act 1988, you have the right to seek access to information which we hold about you (although there are some exceptions to this). You also have the right to ask us to correct information about you which is inaccurate, incomplete or out of date.
If you wish to exercise your right under the Privacy Act 1988 to seek access to the personal information that Carramar holds about you, or if you believe that personal information about you is not accurate, complete or up to date, you should contact us, including the details of your request for correction (if applicable).
Please note that the personal information we hold about you will be information that you have provided to us.
We will assume (unless you tell us otherwise) that your request relates to our current records about you. To provide you with access to "current" personal information, we would ordinarily provide you with a copy of the relevant personal information from our databases.
We may charge you for the cost of providing this type of access, but this will depend on the scope of your request.
CHANGES TO YOUR PERSONAL INFORMATION
You may update, edit or delete the personal information you have shared with Carramar at any time by contacting our office.
ONLINE COLLECTION OF PERSONAL & NON PERSONAL INFORMATION
No personal information is stored on our server, unless authorised by the sender. If authorised, the only information stored is first and last name, email address, state and country.
ADDITIONAL PRIVACY INFORMATION & HOW TO CONTACT US
For further information about privacy issues, see the Australian Federal Privacy Commissioner’s website at www.privacy.gov.au.
Ph.: 07 3832 7727
 Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (Amending Act)