Privacy Policy

 

Last updated: 1 January 2026

AVSE-TESOL is committed to providing quality training and assessment in accordance with the National Vocational Education and Training Regulator (Compliance Standards for NVR Registered Training Organisations and Fit and Proper Person Requirements) Instrument 2025. As such, AVSE-TESOL is required to comply with Federal law regarding privacy and confidentiality of students, staff and contractors.

The purpose of this policy is to outline how AVSE-TESOL complies with the Privacy Act 1988 and the Australian Privacy Principles (APPs).

Feel free to reach out to AVSE-TESOL directly for further information: peter@avse.edu.vn

 

Policy Statement

AVSE-TESOL is committed to complying with obligations under the Privacy Act 1988 and the associated Australian Privacy Principles (APPs), specifically in the way it collects, uses, secures and discloses personal information. AVSE-TESOL is committed to safeguarding any confidential information obtained by the RTO.

AVSE-TESOL will ensure:

  • It maintains and provides a current Privacy Policy
  • Information gathered for the express purpose of training and assessment matters will not be disclosed unless prior written consent is provided by the individual concerned, except as required by law
  • The secure storage of all records
  • The confidentiality of all information maintained on records
  • Prompt notification to affected individuals in the event of a data breach that is likely to result in serious harm

 

Definitions

Personal Information

Personal Information is defined in the Privacy Act 1988 to mean “information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  1. whether the information or opinion is true or not; and
  2. whether the information or opinion is recorded in a material form or not.”


Sensitive Personal Information

Sensitive Personal Information is defined in the Privacy Act 1988 to mean “information or an opinion about an individual’s” that is also personal information, such as:

  • racial or ethnic origin
  • political opinions
  • membership of a political association
  • religious beliefs or affiliations
  • philosophical beliefs
  • membership of a professional or trade association
  • membership of a trade union
  • sexual orientation or practices
  • criminal record
  • health information
  • genetic information
  • biometric information that is to be used for the purpose of automated biometric verification or biometric identification


Legislative Compliance

AVSE-TESOL abides by the Privacy Act 1988 and the associated 13 Australian Privacy Principles (APPs) which came into force on 12 March 2014 and set out standards, rights and obligations for the handling, holding, accessing and correction of personal information (including sensitive information).

Under Section 20 of the 2025 Standards, AVSE-TESOL must ensure that personal information is collected, used and disclosed in accordance with all applicable privacy laws, and that it complies with all applicable requirements under the Student Identifiers Act 2014.

 

Procedures

PART 1 – Open and Transparent Management of Personal Information

AVSE-TESOL will:

  1. Ensure that personal information is managed in an open and transparent way
  2. Take reasonable steps to implement practices and procedures that facilitate dealing with enquiries or complaints from individuals regarding compliance with the Australian Privacy Principles (APPs)
  3. Ensure that it maintains an up-to-date policy about the management of personal information
  4. Ensure that the AVSE-TESOL Privacy Policy contains the following information:
  • The kind of information that is collected and held
  • How the information is collected and held
  • The purposes for which information is collected, held, used and disclosed
  • How an individual may access their personal information that is held by AVSE-TESOL and seek correction of such information as necessary
  • How an individual may make a complaint about a breach of the APPs and how AVSE-TESOL will deal with such a complaint
  • Whether AVSE-TESOL is likely to disclose personal information to overseas recipients, and if so, the countries in which such recipients are likely to be located
  • Provide the Privacy Policy free of charge and in such form as is appropriate and reasonable

 

Anonymity and Pseudonymity

 

AVSE-TESOL will:

  1. Respect that individuals may not wish to identify themselves when making enquiries about AVSE-TESOL products and services
  2. Require full personal details as required by law and for identification purposes from students upon enrolment


PART 2 – Collection of Personal Information


Collection Principles

  1. AVSE-TESOL will not collect personal information unless that information is necessary for one or more of its functions or activities, or is required by law.
  2. AVSE-TESOL is required by law to collect, hold, use and supply personal information in accordance with the National VET Provider Collection Data Provision Requirements.
    1. AVSE-TESOL will take reasonable steps at or before the time of collection to ensure that individuals are aware of:
    2. Who we are and how to contact us
  • How to gain access to their own information
  1. The purpose for which the information is being collected
  2. Any organisation to which we would normally disclose information of that kind
  3. Any law that requires the particular information to be collected
  • The main consequences for the individual if all or part of the information is not provided


Collection Methods

AVSE-TESOL collects information in the following ways:

  • When individuals register their interest online, apply for enrolment, request certain services or products, or otherwise contact or do business with AVSE-TESOL
  • Information may be collected from enrolment forms, certified documents, telephone calls, emails, letters and online submissions
  • Information may be collected from third parties, such as other training providers, regarding confirmation of training and ongoing professional development that individuals have attended, as permitted by the individual


Third Party Collection

Should AVSE-TESOL collect information about an individual from a third party, AVSE-TESOL will take reasonable steps to ensure that the individual is or has been made aware of the matters listed above, except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.

 

PART 3 – Use and Disclosure of Personal Information


Primary and Secondary Use

  1. AVSE-TESOL will not use or disclose personal or sensitive information for any purpose other than what it was collected for, unless the relevant person has provided written consent to use or disclose that information in circumstances that are different to those for which it was collected.
  2. Exceptions to the above principle may occur where:
    1. The use or disclosure of this information is required or authorised by or under an Australian law or a court/tribunal order
    2. The individual would reasonably expect AVSE-TESOL to use or disclose the information for the secondary purpose
  • A permitted health situation exists in relation to the use or disclosure of the information by AVSE-TESOL
  1. A permitted general situation exists in relation to the use or disclosure of the information by AVSE-TESOL
  2. AVSE-TESOL reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement-related activities conducted by, or on behalf of, an enforcement body


Purposes for Collection

AVSE-TESOL collects personal information to:

  • Process applications
  • Manage enrolments
  • Record and maintain student details
  • Administer training programs
  • Record and maintain details of ongoing training and assessment
  • Provide students with details regarding student services, benefits and training opportunities
  • Support student wellbeing in accordance with the 2025 Standards
  • Notify students about upcoming events and opportunities
  • Gain feedback from students
  • Communicate with students
  • Report to relevant authorities as required by law


Direct Marketing

AVSE-TESOL:

  1. May use personal information (specifically name and relevant contact details) and information about individual preferences for direct marketing purposes to inform individuals about AVSE-TESOL services and benefits, where AVSE-TESOL has consent
  2. Provides an opt-out and/or unsubscribe method that is easily accessible for individuals to request not to receive direct marketing communications


Cross-Border Disclosure

AVSE-TESOL does not disclose personal information to overseas recipients unless prior written approval is received from the individual to whom the personal information relates.


Government Related Identifiers

AVSE-TESOL:

  1. Is required by law (Student Identifiers Act 2014) to collect, maintain and report to relevant Government agencies each individual’s Unique Student Identifier (USI) number in accordance with the National VET Provider Collection Data Provision Requirements
  2. Will not disclose the Unique Student Identifier (USI) number for any other purpose, including on any Certification documents issued
  3. Must not adopt the Unique Student Identifier (USI) number as its own identifier of the individual

PART 4 – Integrity of Personal Information


Quality of Personal Information

AVSE-TESOL will take steps, as are reasonable, to ensure that the personal information it:

  1. Collects is accurate, up-to-date and complete
  2. Uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant


Security of Personal Information

AVSE-TESOL will take steps, as are reasonable in the circumstances, to:

  1. Protect personal information from misuse, interference and loss as well as unauthorised access, modification or disclosure
  2. Destroy or de-identify personal information when it is no longer needed for any purpose for which it may be used or disclosed under the APPs

Security measures include but are not limited to:

  • Password-protected systems and secure file storage
  • Limited access to personal information on a need-to-know basis
  • Regular security audits and updates to information management systems
  • Staff training on privacy obligations and data security
  • Physical security measures for paper-based records


Data Breach Notification

In the event of a data breach that is likely to result in serious harm to an individual whose personal information is involved in the breach, AVSE-TESOL will:

  1. Notify the individual as soon as practicable
  2. Notify the Office of the Australian Information Commissioner
  3. Take reasonable steps to remediate the breach and prevent future occurrences
  4. Document the breach and response actions taken

PART 5 – Access to, and Correction of, Personal Information


Access to Personal Information

  1. AVSE-TESOL provides all students with electronic access to their own personal records, where the individual can update and maintain their own personal information.
  2. In some circumstances, AVSE-TESOL may not permit access to individuals for their personal information. If this is the case, AVSE-TESOL will provide full details of the legal reasons for this decision.
  3. These circumstances may include where AVSE-TESOL believes that:
    1. Giving access to the information would pose a serious threat to the life, health or safety of the individual, or to public health or public safety
    2. Giving access would have an unreasonable impact on the privacy of other individuals
  • The request for access is frivolous or vexatious
  1. The information relates to existing or anticipated legal proceedings between AVSE-TESOL and the individual, and would not be accessible by the process of discovery in those proceedings
  2. Giving access would reveal the intentions of AVSE-TESOL in relation to negotiations with the individual in such a way as to prejudice those negotiations
  3. Giving access would be unlawful
  • Denying access is required or authorised by or under an Australian law or a court/tribunal order
  • Giving access would be likely to prejudice one or more enforcement-related activities conducted by, or on behalf of, an enforcement body
  1. Giving access would reveal evaluative information generated within AVSE-TESOL in connection with a commercially sensitive decision-making process

 

Response Timeframes

When dealing with requests for access to personal information, AVSE-TESOL will:

  1. Respond to requests for access within 30 days of the request, if from an individual, and within a reasonable time, if the request is from an organisation
  2. Provide access to the information in the manner requested, if it is reasonable and practicable to do so


Fees for Access

AVSE does not charge a fee for requesting access to personal information under privacy law. However, where permitted by law, AVSE may charge a reasonable, non-excessive fee for providing access. If so, the applicant will be informed of the applicable fee in advance.


Correction of Personal Information

With regard to the correction of personal information held:

  1. Should AVSE-TESOL be satisfied that information is inaccurate, out-of-date, incomplete, irrelevant or misleading, AVSE-TESOL will take such steps as are reasonable to correct the information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading
  2. Should AVSE-TESOL refuse to correct information, AVSE-TESOL will give written notice to the individual that sets out:
    1. The reason for refusal
    2. The mechanisms available to complain about the refusal
  • Any other matter prescribed by the regulations

 

Responsibilities

The Managing Director ensures that:

  • All staff are made aware of this policy and its underpinning legislative requirements, and comply with this policy at all times
  • All students have access to and awareness of this policy
  • Privacy compliance is monitored and maintained
  • Any privacy breaches are addressed promptly and appropriately

All staff are responsible for:

  • Handling personal information in accordance with this policy
  • Maintaining confidentiality of personal information
  • Reporting any suspected privacy breaches to the Managing Director immediately


Records Management

All personal information and records are maintained in accordance with the Records Management Policy.

 

Complaints and Appeals

Individuals who believe that AVSE-TESOL has breached their privacy may lodge a complaint in accordance with the Feedback, Complaints and Appeals Policy. Complaints regarding privacy matters will be investigated promptly and fairly.

If an individual is not satisfied with the outcome of an internal complaint, they may escalate the matter to the Office of the Australian Information Commissioner (OAIC).

 

Monitoring and Continuous Improvement

All practices relating to privacy are monitored by the Managing Director and areas for improvement are identified and acted upon in accordance with the Continuous Improvement Policy.

This policy is reviewed at least annually or when:

  • Changes occur to relevant legislation
  • A significant privacy breach occurs
  • Feedback indicates the policy requires revision
  • ASQA provides updated guidance on privacy requirements


Related Policies

  • Records Management Policy
  • Feedback, Complaints and Appeals Policy
  • Continuous Improvement Policy
  • Student Support and Wellbeing Policy
  • Information and Transparency Policy


Further Information

For further information about privacy and the handling of personal information:

  • Office of the Australian Information Commissioner: www.oaic.gov.au
  • Privacy Act 1988: www.legislation.gov.au