Privacy Statement
- About Us
‘Watch Us Change the World’ is our statement of intent. It exists to instil courage in our young women to create the future they want to see for themselves. Since 1916, a Pymble education has equipped girls with the tools to achieve those dreams, while shaping them as influential and compassionate women. Girls at Pymble Ladies’ College are nurtured to be inquisitive, courageous, and determined, so they can make a difference that will positively change the world. Our campus sits on 50 acres of beautiful park-like grounds on Sydney’s upper North Shore. The College is a non-selective, independent school for girls from Kindergarten to Year 12, with Boarding available from Year - Data Protection Statement
We are committed to protecting your privacy. This statement describes how The College collects and uses personal information about people. The terms of this statement may change from time to time. We will provide any updated information on our website and alert you to the changes through our usual channels of communication. You can find the College Data Protection Policy via the following link: https://www.pymblelc.nsw.edu.au/wp-content/uploads/2021/02/Privacy-Policy.pdf.
- How and what Information we Collect
The type of information the College collects and holds may include (but is not limited to) personal information, including sensitive information, about:
-
- Students and parents and/or guardians ('Parents') before, during and after the course of the student's enrolment at the College, including:
- name, contact details (including next of kin), date of birth, gender, language background, previous school, religion, working with children check and drivers licence numbers
- parents’ education, occupation and language background
- medical information (e.g., details of disability and/or allergies, absence notes, medical reports and names of doctors)
- results of assignments, tests and examinations
- conduct and complaint records, or other behaviour notes, and school reports
- information about referrals to government welfare agencies
- counselling reports
- health fund details and Medicare numbers
- any court orders
- volunteering information
- photos and videos taken at College events, including fundraisers and alumnae networking and mentoring events
- the occupation, education, employment history and professional development of students after the course of their enrolment at the College.
- Students and parents and/or guardians ('Parents') before, during and after the course of the student's enrolment at the College, including:
-
- Job applicants, staff members, volunteers and contractors, including:
- name, contact details (including next of kin), date of birth and religion
- information on job application
- professional development history
- salary and payment information, including superannuation details
- medical information (e.g., details of disability and/or allergies and medical certificates)
- complaint records and investigation reports
- performance feedback
- leave details
- photos and videos at College events
- workplace surveillance information including but not limited to CCTV
- work emails and private emails (when using work email address) and Internet browsing history.
- Job applicants, staff members, volunteers and contractors, including:
-
- Other people who come into contact with the College, including name and contact details and any other information necessary for the particular contact with the College.
- Other people who come into contact with the College, including name and contact details and any other information necessary for the particular contact with the College.
- Personal Information You Provide and Information Provided by Others
The College will generally collect personal information held about an individual by way of forms filled out by Parents, students, staff or contractors, face-to-face meetings, interviews, emails and telephone calls. On occasions people other than Parents and students provide personal information. There are also instances where the College may be provided with personal information about an individual from a third party, for example a report provided by a medical professional or a reference from another school. - The purpose for which and how the College will use the personal information you provide
The College will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, by you or to which you have consented.
-
- Students and Parents: In relation to personal information of students and Parents, the primary purpose of collection is to enable the College to provide schooling for the student enrolled at the College, exercise its duty of care, and perform necessary associated administrative activities, which will enable students to take part in all the activities of the College. This includes satisfying the needs of Parents, the student and the College throughout the whole period the student is enrolled at the College.
The purpose for which the College uses personal information of students and Parents of those students includes:
- Students and Parents: In relation to personal information of students and Parents, the primary purpose of collection is to enable the College to provide schooling for the student enrolled at the College, exercise its duty of care, and perform necessary associated administrative activities, which will enable students to take part in all the activities of the College. This includes satisfying the needs of Parents, the student and the College throughout the whole period the student is enrolled at the College.
-
-
- To keep Parents informed about matters related to their daughter’s schooling through correspondence, newsletters and magazines
- Day-to-day administration of the College
- Looking after students' educational, social and medical wellbeing
- Seeking donations and marketing for the College; and
- To satisfy the College's legal obligations and allow the College to discharge its duty of care.
-
In some cases where the College requests personal information about a student or Parent, if the information requested is not provided, the College may not be able to enrol or continue the enrolment of the student or permit the student to take part in a particular activity.
In relation to the personal information of former College students, the College’s primary purpose of collection is to enable the College to organise and conduct networking and alumnae events, fundraisers, mentoring programs, and associated activities. Personal information held by the College may be disclosed to the College’s personnel, as well as other participants and third parties involved in such events, programs, and activities.
-
- Job applicants and contractors: In relation to the personal information of job applicants and contractors, the College's primary purpose of collection is to assess and (if successful) to engage the applicant or contractor, as the case may be.
- Job applicants and contractors: In relation to the personal information of job applicants and contractors, the College's primary purpose of collection is to assess and (if successful) to engage the applicant or contractor, as the case may be.
-
- Volunteers: The College obtains personal information about volunteers who assist the College in its functions or conduct associated activities, such as alumni associations, to enable the College and the volunteers to work together.
- Volunteers: The College obtains personal information about volunteers who assist the College in its functions or conduct associated activities, such as alumni associations, to enable the College and the volunteers to work together.
-
- Marketing and fundraising: The College treats marketing and seeking donations for the future growth and development of the College as an important part of ensuring that the College continues to provide a quality learning environment in which both students and staff thrive. Personal information held by the College may be disclosed to organisations that assist in the College fundraising, for example, the College's Foundation or alumni organisation or on occasions external fundraising organisations. Parents, staff, contractors and other members of the wider College community may, from time to time, receive fundraising information. College publications, like newsletters and magazines which include personal information, may be used for marketing purposes.
- Marketing and fundraising: The College treats marketing and seeking donations for the future growth and development of the College as an important part of ensuring that the College continues to provide a quality learning environment in which both students and staff thrive. Personal information held by the College may be disclosed to organisations that assist in the College fundraising, for example, the College's Foundation or alumni organisation or on occasions external fundraising organisations. Parents, staff, contractors and other members of the wider College community may, from time to time, receive fundraising information. College publications, like newsletters and magazines which include personal information, may be used for marketing purposes.
- Who might the College disclose personal information to and store your information with?
-
- The College may disclose personal information including sensitive information held about an individual for educational, administrative and support purposes. This may include to:
- Other schools and teachers at those schools
- Government departments (including for policy and funding purposes)
- Medical practitioners
- People providing educational, support and health services to the College, including specialist visiting teachers, sports and other coaches, psychologists and volunteers
- Providers of specialist advisory services and assistance to the College, including in the area of human resources, child protection and students with additional needs
- Providers of learning and assessment tools
- Assessment and educational authorities, including the Australian Curriculum, Assessment and Reporting Authority (ACARA) and NAPLAN Test Administration Authorities (who will disclose it to the entity that manages the online platform for NAPLAN)
- Agencies and organisations to whom we are required to disclose personal information for education, funding and research purposes
- People providing administrative and financial services to the College
- Recipients of College publications, such as newsletters and magazines
- Students’ parents or guardians
- Anyone you authorise the College to disclose information to; and
- Anyone to whom we are required or authorised to disclose the information to by law, including child protection laws.
- The College may disclose personal information including sensitive information held about an individual for educational, administrative and support purposes. This may include to:
-
- Sending and storing information overseas: The College may disclose personal information about an individual to overseas recipients, for instance, to facilitate a school exchange. However, the College will not send personal information about an individual outside Australia without:
- Obtaining the consent of the Parent and/or individual (in some cases this consent will be implied) or
- Otherwise complying with the Australian Privacy Principles or other applicable privacy legislation.
- Sending and storing information overseas: The College may disclose personal information about an individual to overseas recipients, for instance, to facilitate a school exchange. However, the College will not send personal information about an individual outside Australia without:
-
- The College may use online or 'cloud' service providers to store personal information and to provide services to the College that involve the use of personal information, such as services relating to email, instant messaging and education and assessment applications. Some limited personal information may also be provided to these service providers to enable them to authenticate users that access their services. This personal information may be stored in the 'cloud' which means that it may reside on a cloud service provider's server which may be situated outside Australia. An example of such a cloud service provider is Google. Google provides the 'Google Workspace for Education' including Gmail, and stores and processes limited personal information for this purpose. College personnel and the AIS and its service providers may have the ability to access, monitor, use or disclose emails, communications (e.g. instant messaging), documents and associated administrative data for the purposes of administering the ‘Google Workspace for Education’ and ensuring its proper use. This would be the same for Microsoft Office applications.
- The College may use online or 'cloud' service providers to store personal information and to provide services to the College that involve the use of personal information, such as services relating to email, instant messaging and education and assessment applications. Some limited personal information may also be provided to these service providers to enable them to authenticate users that access their services. This personal information may be stored in the 'cloud' which means that it may reside on a cloud service provider's server which may be situated outside Australia. An example of such a cloud service provider is Google. Google provides the 'Google Workspace for Education' including Gmail, and stores and processes limited personal information for this purpose. College personnel and the AIS and its service providers may have the ability to access, monitor, use or disclose emails, communications (e.g. instant messaging), documents and associated administrative data for the purposes of administering the ‘Google Workspace for Education’ and ensuring its proper use. This would be the same for Microsoft Office applications.
- Management, Security, and Handling of Sensitive and Personal Information
-
- Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless the individual agrees otherwise, or the use or disclosure of the sensitive information is allowed by law.
- Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless the individual agrees otherwise, or the use or disclosure of the sensitive information is allowed by law.
-
- College staff are required to respect the confidentiality of students' and Parents' personal information and the privacy of individuals.
- College staff are required to respect the confidentiality of students' and Parents' personal information and the privacy of individuals.
-
- The College has in place steps to protect the personal information the College holds from misuse, interference and loss, unauthorised access, modification or disclosure by use of various methods including locked storage of paper records and password access rights to computerised records.
- Enquiries and Complaints
For further information about the way the College manages the personal information it holds, or to raise a concern if there is a belief that the College has breached the Australian Privacy Principles, contact should be made with the Principal on (02) 9855 7799, by email to principal@pymblelc.nsw.edu.au or by mail to: Principal PO Box 136, NORTH RYDE BC NSW 1670.
Pymble Connections Social Sign In: Privacy Notice
This privacy notice provides you with details of how we (Aluminati Network Group Ltd) collect, process and store your personal data when you access the Aluminate service (the ‘Service’) via this third-party application (‘App’).
LAWFUL BASIS AND PURPOSE OF PROCESSING
Aluminati processes your data in order to perform its contract, with the institution or organisation, to provide you with the Service. We will process your information for the following purposes;
- To verify your details in order to provide you with access to the Service
- To improve your onboarding experience onto the Service
- To increase your accessibility to the Service
We will only use your personal data for the purposes listed above unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing. We may process your personal data without your knowledge or consent where this is required or permitted by law.
By accessing the Service through this App, you agree to the collection and use of information in accordance with this privacy policy.
If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (www.ico.org.uk) however we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
Email: privacy@aluminati.net
Tel: 01638 676 232
WHAT PERSONAL DATA WE COLLECT
Personal data is any information capable of identifying an individual and does not include anonymised data. We may ask you to provide us with or automatically collect certain personally identifiable information that can be used to contact or identify you, including:
- Identity & Contact Data may include your first name and last name
- Contact Data may include your email address
- Technical Data may include your cookie data, information such as your device's internet protocol address (e.g., IP address), browser type, browser version, the time and date of your visit, unique device identifiers and other diagnostic data
We do not collect any sensitive data about you including details about your race or ethnicity, religious beliefs, sexual orientation, political opinions, trade union membership, health, criminal convictions and offences.
YOUR RIGHTS
For data processed under the lawful basis of ‘performance of a contract’, you;
- DO have the right to; be informed, request access, data portability, data rectification, restriction processing, erasure if there is no overriding ‘legitimate interest’ for continuing to process the data
- DO NOT have the right to object
To exercise these rights please email privacy@aluminati.net. We will likely have to request information from you to confirm your identity in order to ensure we are following instructions from the actual data subject concerned. No fee is payable for the exercise of these rights unless the request is clearly unfounded, repetitive or excessive in which case we may also legally refuse your request.
For more information on individual rights under the GDPR, go to the following site: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr
You have the right to lodge a complaint to the supervisory authority (the Information Commissioners Office); if you believe we are processing your data unfairly.
DISCLOSURES OF YOUR PERSONAL DATA
We may have to share your personal data with third parties including:
- Our service providers who provide IT, hosting and system administration services
- Professional advisers including lawyers, bankers, auditors, insurers, financial advisers and corporate finance advisers who provide consultancy, banking, legal, insurance, accounting and financial services
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
- Third parties to whom we sell, transfer, or merge parts of our business or our assets
- We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
INTERNATIONAL TRANSFERS
We make active efforts to engage in service providers who are based within the European Economic Area (EEA). Where this is not possible, we may need to engage service providers resulting in your personal data being transferred outside the EEA. Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
In addition to the above, your data may be temporarily transferred outside of the EEA during the course of our staff travelling abroad with personal data (for example meeting contact information and emails). There are appropriate safeguards in place to ensure the protection of your data - including encryption rendering the data unreadable in the case of loss or theft.
DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
DATA RETENTION
We will only retain personal data for as long as we need to fulfil the specified purposes we have collected it for as well as for satisfying legal, accounting, audit, or reporting requirements.
By law, for tax purposes, we have to keep certain data about our customers for six years after they cease being customers.
COOKIES & THIRD PARTY LINKS
We use cookies as described in the section above on how we use your data. If you choose to disable cookies in your browser certain parts of our service will cease to function.
Links from our website or other communications may link to third-party destinations over whom we have no control and do not take responsibility for their privacy statements or behaviours. Please read the privacy notice of these sites to understand their data policies.
Name and contact details of the data controller and data protection officer
Data Controller: Aluminati Network Group Ltd.
Address: Hyperion House, The Oaks, Newmarket, Suffolk, CB8 7XN
Data Protection Officer: Daniel Watts
Contact Details: privacy@aluminati.net
