This Policy provides a summary of the way in which the Catholic Schools NSW (CSNSW) manages personal information.This policy does not apply in respect of employee records of CSNSW employees.
The kind of information we collect
The personal information we collect, hold and use include, but are not limited to:
- acting as an Approved System Authority in accordance with the Australian Education Act (AEA) and its Regulations;
- ensuring that funding for NSW Catholic Schools is distributed in accordance with relevant legislation;
- complying with Governmental obligations at both Federal and State level with regards to Federal and State funding;
- supporting Catholic School Agencies;
- liaising with Catholic School Agencies, particularly in relation to grant administration;
- liaising and developing cooperative links with other groups for the advancement of education;
- acting as a facilitator for opportunities to collaborate with Catholic School Agencies on education related matters and fostering a culture whereby educational leadership can meet and engage in common areas where joint approaches can be developed;
- responding to the needs of parents, students and school communities relating to the activities of Catholic Schools NSW;
- acting as an advocate for Catholic Schools;
- developing reporting frameworks for use by Catholic School Agencies in relation to efficiency and effectiveness;
- assisting Catholic School Agencies in the development of education policies, research materials, benchmarking and information sharing which contribute to the:
- enhancement of the quality of education in Catholic Schools; and
- maintenance of the Catholic identity in education,
- marketing, promotional and fundraising activities;
- helping us to improve our day-to-day operations including training our staff;
- systems development; developing new programs and services; undertaking planning, research and statistical analysis;
- general administration including for insurance purposes;
- the employment of staff; and
- the engagement of volunteers
We will only use or disclose sensitive or health information for a secondary purpose if you would reasonably expect us to use or disclose the information and the secondary purpose is directly related to the primary purpose.
We may share personal information to related bodies corporate, but only if necessary for us to provide our services.
How we collect and store your Personal Information
The collection of personal information depends on the circumstances in which CSNSW is collecting it. If it is reasonable and practical to do so, we collect personal information directly from the individual.
CSNSW collects personal information through specific forms (e.g. Job Application Form or Health Information Disclosure Form), as well as by email, letters, notes, via our website, over the telephone, in face-to-face meetings, through financial transactions and through surveillance activities such as the use of CCTV security cameras or email monitoring.
We may also collect personal information from other people (e.g. a third-party administrator, referees for prospective employees) or independent sources. However, we will only do so where it is not reasonable and practical to collect the personal information from the individual directly.
We may collect information based on how individuals use our website. We may use ‘’cookies’’ and other data collection methods to collect information on website activity such as the number of visitors, the number of pages viewed and the internet advertisements which bring visitors to our website. This information is collected to analyse and improve our website, marketing campaigns and to record statistics on web traffic. We do not use this information to personally identify individuals.
CSNSW may be provided with personal information without having sought it through our normal means of collection. This is known as “unsolicited information” and is often collected by:
- Misdirected postal mail – Letters, Notes, Documents;
- Misdirected electronic mail – Emails, electronic messages;
- Employment applications sent to us that are not in response to an advertised vacancy;
- Additional information provided to us which was not requested.
Unsolicited information obtained by CSNSW will only be held, used and or disclosed if it is considered to be personal information that could have been collected by normal means and is relevant to our primary purposes. If that unsolicited information could not have been collected by normal means or is not relevant then we will destroy, permanently delete or de-identify the personal information as appropriate.
CSNSW stores Personal Information in a variety of formats including, but not limited to:
- hard copy files;
- personal devices, including laptop computers;
- third party storage providers such as cloud storage facilities; and
- paper based files.
CSNSW takes all reasonable steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.
These steps include, but are not limited to:
- Restricting access and user privilege of information by employees depending on their role and responsibilities.
- Ensuring employees do not share personal passwords.
- Ensuring hard copy files are stored in lockable filing cabinets in lockable rooms. Employee access is subject to user privilege.
- Ensuring access to CSNSW’s premises are secured at all times.
- Implementing physical security measures around the work premises to prevent break-ins.
- Ensuring our IT and cyber security systems, policies and procedures are implemented and up to date.
- Ensuring employees comply with internal policies and procedures when handling the information.
- Undertaking due diligence with respect to third party service providers who may have access to personal information, including customer identification providers and cloud service providers, to ensure as far as practicable that they are compliant with the APPs or a similar privacy regime.
- The destruction, deletion or de-identification of personal information we hold that is no longer needed or required to be retained by any other laws.
Our public website may contain links to other third-party websites outside of CSNSW. CSNSW is not responsible for the information stored, accessed, used or disclosed on such websites and we cannot comment on their privacy policies.
Access to your personal information
You may submit a request to us to access the personal information we hold, or request that we change the personal information. Upon receiving such a request, we will take steps to verify your identity before granting access or correcting the information.
If we reject the request, you will be notified accordingly. Where appropriate, we will provide the reason/s for our decision. If the rejection relates to a request to change personal information, an individual may make a statement about the requested change and we will attach this to their record.
Making privacy complaints
You can make a complaint about how CSNSW manages personal information, including a breach of the APPs or the Health Privacy Principles, by notifying us in writing as soon as possible. We will respond to the complaint within a reasonable time (usually no longer than 30 days) and we may seek further information in order to provide a full and complete response.
CSNSW does not charge a fee for the handling of complaints.
If you are not satisfied with our response, you may refer the complaint to the OAIC. A complaint can be made using the OAIC online Privacy Complaint form or by mail, fax or email.
A referral to OAIC should be a last resort once all other avenues of resolution have been exhausted.
You can contact Catholic Schools NSW by:
- Visiting www.csnsw.catholic.edu.au
- Emailing firstname.lastname@example.org
- Calling (02) 9287 1555
- Facsimile (02) 92646308
- Writing to our Privacy Officer at:
PO Box 20768
World Square NSW 2002
Level 9, Polding Centre
133 Liverpool Street Sydney
Changes to our privacy and information handling practices
Wonder is the desire for knowledge - St Thomas Aquinas