Privacy

UOW is committed to protecting the privacy of each individual’s personal and health information as required under the NSW Privacy and Personal Information Protection Act 1998 (PPIPA) and the Health Records and Information Privacy Act 2002 (HRIPA). In addition to these obligations, UOW is actively taking steps to comply with the principles of the Privacy Act 1988 (Cth), the European Union General Data Protection Regulation (GDPR) and other best practice privacy legislation in relation to UOW’s activities.

UOW uses cookies to identify user traffic patterns on its website. Information collected from cookies is used for statistical analysis purposes so that UOW can provide you with a website that best meets your needs. It may also be used as a basis for targeting online advertising. A cookie in no way provides access to your computer or any information about you, other than the data you choose to share with UOW.

Some UOW sites may use cookies for authentication purposes or to personalise your web experience. For example, a cookie within the UOW Course Finder will remember the courses you previously viewed.

UOW also uses Google cookies for remarketing to advertise online. When you visit our website, our web server will drop a cookie on your browser. If you leave our website and visit another website which is part of the Google network, you may be served our advertisement.

How to disable cookies

Your web browser will have an option you may select that will block cookies. Below are links to information about popular web browsers and how to block cookies using them.

Information collected online by UOW

When you visit UOW’s website, our servers may collect the following information:

  • your IP address
  • browser type
  • operating system
  • pages viewed while browsing UOW’s website
  • dates and times of the visit.

We use this information for statistical purposes and to help us improve our services. We may also use this information for marketing purposes.

Where your personal information is collected while visiting our site, we will provide you with details about the purpose for collecting it including how it will be used, whether it’s required by or under law and if it’s to be disclosed to any other party. We will only use your personal information for the purpose for which you provided it or a directly related purpose.

Online security

UOW has a number of security measures in place to protect against IT security risks. These include firewalls, network intrusion detection and virus scanning. Refer to UOW’s IT policies for further information.

Some UOW sites can only be accessed with a login name and password to ensure that only authorised users are able to access personal information. You should ensure that your password is kept securely and not accessible by others.

Links to other websites

External sites that are linked to or from the UOW site are generally not under our control or responsibility. If you decide to access linked third-party websites, you are encouraged to review their privacy policy, terms of use and content.

UOW is committed to protecting the privacy of each individual’s personal and health information as required under the NSW Privacy and Personal Information Protection Act 1998 (PPIPA) and the Health Records and Information Privacy Act 2002 (HRIPA).  In addition to these obligations, UOW is actively taking steps to comply with the principles of the Privacy Act 1988 (Cth) and the European Union General Data Protection Regulation (GDPR) which may apply in certain circumstances in relation to UOW’s activities.

The management of personal and health information by UOW is detailed in its Privacy Policy and Privacy Management Plan which are available on UOW’s privacy homepage at https://www.uow.edu.au/privacy. These resources outline UOW’s privacy obligations and explain the various ways that the privacy principles are applied to our functions and activities.

 UOW's Privacy Information Sheet provides a summary of the information protection principles that UOW must comply with when handling your personal and health information.

Collection

UOW collects your personal and/or health information for lawful purposes that are directly related to UOW's functions or activities.  When UOW collects your personal and/or health information, you will be informed as to why it is being collected, what will be done with it, whether it's required by law or is voluntary and your rights of access to and correction of that information.

UOW prepares privacy statements when collecting information from you in order to outline the reasons for the collection and the way that UOW intends to handle that information. Please see the Privacy Statement section on this page for the relevant privacy statements. For example:

  • The Student Privacy and Disclosure Statement lists the intended use/disclosure of personal and/or health information collected from students. This Statement also provides details of how students can request access or seek amendments to their personal and/or health information.
  • The Privacy Collection Statement for Recruitment and Employee Records provides details of the types of information collected from employees and/or prospective employees, how that information is held and used by UOW,  circumstances where it may be disclosed and details of how the employee can access his/her record.
  • The Privacy Statement for UOW's alumni, donors and members of the community provides details of the way that it connects with and handles the information of its alumni, donors and community when engaging with UOW.

Protection of information

UOW takes all reasonable steps to protect your personal and/or health information against loss, misuse, unauthorised access, modification or disclosure. 

UOW's Data Breach Response Plan provides a consistent set of procedures that UOW will follow in the event of a data breach. This plan will ensure that appropriate steps are taken to respond promptly and appropriately, in accordance with the NSW Information and Privacy Commission best practice.

Use and Disclosure

UOW will only use or disclose your personal and/or health information for the purpose for which it was collected, for a directly related purpose or as otherwise required, permitted or authorised by law.

For example, in limited circumstances,

  • UOW may use your personal information to contact you in the event of an emergency or crisis.
  • a court or similar body has ordered the information’s release, or
  • it is reasonably necessary to disclose your personal and/or health information to deal with or to prevent or lessen a serious and imminent threat to the life or health of any individual.

The University is dedicated to the secure and compliant management of the data it holds, as required under privacy legislation, UOW policies and procedures.

UOW staff should visit the Data Breach Intranet page

What is a data breach?

A data breach occurs when data (whether held in digital or hard copy) is subject to unauthorised access, unauthorised disclosure or is lost in circumstances where the loss is likely to result in unauthorised access or unauthorised disclosure.

How to make a report of a Data Breach

Any individual who becomes aware of an actual or suspected data breach is to notify the University at:

  • The University’s Service Desk on +61 2 4221 3000 or at Home Page - IMTS Service Portal or
  • Information Compliance Unit at icu-enquiry@uow.edu.au or +61 2 4221 4368 (during office hours) and/or
  • For Staff, their appropriate Line Manager.

How will UOW respond?

Information on how the University manages data breaches is available in the Data Breach Policy, Data Breach Response Plan and Privacy Management Plan.

Where a data breach is likely to result in serious harm to an individual, UOW will comply with the requirements of the Mandatory Notification of Data Breach Scheme under the Privacy and Personal Information Protection Act 1988 (PPIPA).

Public Notification Data Breach Register

Under the MNDB Scheme, UOW is required to publish and maintain a Public Notification Register in circumstances where it has not been reasonably practicable to directly notify any or all of the individuals affected by a data breach.  The notification and details relating to the breach will remain published for a period of at least 12 months.

The UOW staff intranet page provides details of the kinds of data breaches that may amount to an eligible data breach, the actions to be taken in response to a data breach and measures to be taken to prevent future data breach.

The NSW Information Privacy Commissioner has established resources for citizens to improve their understanding about the scheme, their rights and what they can expect now the scheme is in place, available here.

Register of Public Notifications (as specified under s59O):

UOW Data Breach Identifier/reference

Date of Breach

Date UOW became aware of data breach

Description of data breach

Type of data breach

Currently, there are no public notifications

 

 

 

 

 

 

 

 

 

Any student, staff member or member of the public who is concerned about how their personal or health information is being handled by UOW should contact one of UOW's privacy officers.

The Privacy Officer will discuss your concerns or complaints and endeavour to reach a suitable resolution, referring to any existing UOW policies or complaint handling guidelines.

How to make a formal complaint

If you wish to make a formal request for a review of UOW's conduct in the handling of your personal or health information, please complete our complaints form and then submit to the University's Information Compliance Unit via email - icu-enquiry@uow.edu.au

Contact


Information Compliance Unit