Definitions

Personal Information

Personal information is information or an opinion about an individual whose identity is apparent or can reasonably be ascertained. Personal information can be in any format (paper, electronic, visual, audio) and does not have to be recorded in a material form.

Access

The University will take reasonable steps to enable individuals to ascertain what personal information they are storing, why they are storing it and what rights they have to access it (IPP 6). You may request access to the personal information we hold about you without unreasonable delay or expense (IPP 7). As a general rule the University will endeavour to be as open as possible in its dealings with people on whom it holds personal information. There are however some constraints on the University in both providing information as to whether it holds personal information and on providing access to that information.

In the first instance the response of the University will depend on the way the information is stored. Where there is an index or readily accessible database the University will use informal procedures to confirm or deny the existence of personal information. In cases, where indexing is poor or non-existent or where a more thorough investigation is required the University may determine that the enquiry is more appropriately dealt with under the Government Information (Public Access) Act 2009 .

Please contact us if you would like more information on how to request access to your personal information. If we are unable to meet your request for access, we will let you know why.

For more information about our privacy practices, please see the University Privacy Management Plan.

Collect

The University will collect information lawfully and ensure the information is directly related to a function or activity of the University and necessary for that purpose (IPP1).

The University will collect information directly from you unless you have authorised collection from someone else or you are a minor (IPP2).

The University will collect your personal information in an open manner (IPP3).

The University will ensure the personal information we collect from you is relevant, accurate, up to date and not excessive (IPP4).

Correct

Individuals have a right to update, correct, delete or add personal information to ensure that it is accurate, relevant, up-to-date, complete and not misleading (IPP 8).

Where the University decides that it is not prepared to make the amendments requested, it will if requested, take reasonable steps to attach to the information any statement provided by the applicant.

Where personal information is amended, the University will notify, as far as is practicable, the recipients of that information that it has been amended.

Please contact us if you would like more information on how to request access to your personal information. If we are unable to meet your request for access, we will let you know why.

For more information about our privacy practices, please see the University Privacy Management Plan.

Disclose

The University will only disclose your information with your consent or if you were told at the time they collected it from you that they would do so. The University can also disclose your information if it is for a related purpose and we don't believe that you would object. Your information can also be used without your consent in order to deal with a serious and imminent threat to any person's health or safety (IPP 11).

The University cannot disclose your sensitive personal information without your consent, for example information about your ethnic or racial origin, political opinions, religious or philosophical beliefs, health or sexual activities or trade union membership. It can only disclose sensitive information without your consent in order to deal with a serious and imminent threat to any person's health or safety (IPP 12).

Stored

Security of your personal information (IPP5).

The University will ensure that everything reasonably within its power is done to prevent unauthorised use or disclosure of your personal information.

Personal information that we hold on our systems is protected through the use of secure passwords and other security procedures. We also maintain physical security procedures to manage and protect the use and storage of paper records containing personal information. Access to personal information is limited to those who specifically need it to conduct their business responsibilities.

We will keep your information so that we can continue to provide the services you have requested from us and will retain your personal information for no longer than is necessary. We will take reasonable steps to destroy or permanently de-identify personal information in accordance with any requirements for the retention and disposal of personal information.

Use

The University will take reasonable steps to ensure that all personal information used by them is relevant and accurate (IPP 9).

The University will only use the personal information it holds for the purpose for which it was collected or for a directly related purpose unless consent has been given or in order to deal with a serious and imminent threat to any person's health or safety or where another rule applies (IPP 10).