Purpose and Rationale
As a Registered Training Organisation (RTO), Aveling is required to collect and manage personal information for enrolment, training delivery, certification, and reporting purposes. This includes data shared with government agencies such as ASQA, NCVER, and the USI Registry.
Aveling is committed to ensuring all personal information collected and/or held is handled appropriately, lawfully, openly and transparently, in accordance with all relevant legislation. This Privacy Policy outlines the principles and procedures that guide the collection, use, storage, and disclosure of personal information within our organisation.
The primary objective of this policy is to safeguard the privacy of individuals by ensuring that personal information is managed in compliance with the Privacy Act 1988, the Australian Privacy Principles (APPs), the Student Identifiers Act 2014, and the Standards for RTOs 2025. It aims to protect the rights of learners, staff, and stakeholders while enabling Aveling to deliver high-quality vocational education and training services.
This approach is based on best practice principles for data protection and privacy management. It ensures that Aveling meets its legal and ethical obligations while maintaining trust and transparency with all individuals whose data we handle.
Scope
This policy refers to all information collected by Aveling, our Employees, Contractors and Associated Entities regarding learners, clients, consultants, job applicants, employees, contractors and other individuals.
Statement
Aveling ensures it complies with the Standards for RTOs 2025, including Compliance Requirements Sections 12, 17 and 20.
Aveling adheres to quality management principles and the requirements of the ISO 9001 Standard.
Responsibilities
| Department | Responsibilities |
| All Aveling Employees, Contractors and Associated Entities | have a responsibility to ensure an understanding of this policy, and related legislation, to ensure all information is collected, stored and disseminated in the correct manner. |
Definitions
| Terms | Definitions |
Australian Privacy Principles (APP) | Are legally binding principles which are the cornerstone of the privacy protection framework in the Privacy Act. The APPs set out standards, rights and obligations in relation to handling, holding, accessing and correcting personal information. |
| Personal information | Personal information includes a broad range of information, or an opinion, that could identify an individual. What is personal information will vary, depending on whether a person can be identified or is reasonably identifiable in the circumstances.
For example, personal information may include: - an individual’s name, signature, address, phone number or date of birth
- sensitive information
- credit information
- employee record information
- photographs
- internet protocol (IP) addresses
- voice print and facial recognition biometrics (because they collect characteristics that make an individual’s voice or face unique)
- location information from a mobile device (because it can reveal user activity patterns and habits).
|
| Sensitive information | Sensitive information is personal information that includes information or an opinion about an individual’s: - racial or ethnic origin
- political opinions or associations
- religious or philosophical beliefs
- trade union membership or associations
- sexual orientation or practices
- criminal record
- health or genetic information
- some aspects of biometric information.
Generally, sensitive information has a higher level of privacy protection than other personal information. |
Policy
Aveling is required to collect, use, store and disclose a range of personal information on learners, employees and a range of other stakeholders.
Aveling only collects personal information that is necessary for, or directly related to, one or more of Aveling’s functions or activities. Personal information that Aveling collects from staff, learners, prospective learners, past learners, and external contractors includes (depending on the services provided and accessed):
- Names and other related contact details
- Learner identification numbers and email addresses
- Emergency contacts
- Photographic identification
- Academic qualifications, history and progress
- Information relating to entitlements to related educational government payments or support (e.g. Centrelink)
- Complaints or misconduct details or information
- Other related personal information required for the effective management of Aveling
Aveling generally collects information at enrolment, or when learners participate in special activities or projects.
Aveling will not collect sensitive information unless:
- the person consents to the collection, and the information is reasonably necessary for, or directly related to, one or more of Aveling’s functions or activities; or
- the collection of the information is required or authorised by or under an Australian law or a court / tribunal order.
Some of the main reasons Aveling collects information includes:
- To correspond with people
- For administrative purposes
- To meet legal obligations
- To inform learners about their course or other courses/events
What happens if a person elects to not provide their information?
Generally, people may elect to not provide Aveling with personal information. However, much of the personal information collected by Aveling is necessary to provide people with training services. Without this information, Aveling may be restricted in its ability to provide these services or support. In some cases, enrolment at Aveling will not be possible without certain information provided.
How personal information is collected and held
Aveling will only collect personal information by lawful and fair means.
Aveling will generally collect personal information from people directly, unless:
- they consent to the collection of the information from someone else; or
- Aveling is required or authorised by, or under, an Australian law, or a court/tribunal order, to collect the information from someone else; or
- it is unreasonable or impracticable to get the information from the person directly.
Aveling stores personal information in both electronic and hard copy forms; and must comply with government legislation and regulation with regards to this storage.
Using and disclosing personal information
If Aveling holds personal information about a person that was collected for a particular purpose (the primary purpose), Aveling will not use or disclose this information for another purpose (the secondary purpose), unless:
- the person consented to the use or disclosure of the information; or
- the person would reasonably expect Aveling to use or disclose the information for the secondary purpose.
If Aveling receives personal Information from an individual that we have not solicited and we could not have obtained the information by lawful means, we will destroy or de-identify the information as soon as practicable and in accordance with the law.
External organisations
- Information collected may be disclosed to various organisations, including:
- government departments such as the Department of Education, the Unique Student Identifier (USI), The National Centre for Vocational Education Research (NCVER), Australian Quality Skills Authority (ASQA);
- external organisations such as professional bodies and business partners.
Direct marketing
Aveling may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:
- Aveling collected the information from the individual; and
- the individual would reasonably expect Aveling to use or disclose the information for that purpose.
Aveling may use or disclose sensitive information about an individual for the purpose of direct marketing if:
- the individual has consented to the use or disclosure of the information for that purpose.
Emergency situations and criminal activity
Aveling may disclose personal information for a secondary purpose if it reasonably believes that the use or disclosure is necessary to lessen or prevent:
- a serious and imminent threat to an individual’s life, health, safety or welfare; or
- a serious threat to public health, public safety or public welfare.
Overseas disclosures
Before Aveling discloses personal information about a person to an overseas recipient:
- who is not in Australia or an external Territory; and
- who is not Aveling or the individual;
Aveling will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach Australian Privacy Laws in relation to the information.
Accessing and seeking correction of personal information
Aveling will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant. Subject to an over-riding legal consideration, if Aveling holds personal information about an individual, Aveling will, on request by the individual, give the individual access to the information.
Aveling is not required to give a person access to their personal information if:
- Aveling reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
- giving access would have an unreasonable impact on the privacy of other individuals; or
- the request for access is frivolous or vexatious; or
- the information relates to existing or anticipated legal proceedings between Aveling and the individual, and would not be accessible by the process of discovery in those proceedings; or
- giving access would reveal the intentions of Aveling in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
- giving access would be unlawful; or
- denying access is required or authorised by or under an Australian law or a court / tribunal order; or
- Aveling has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Aveling’s functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated within Aveling in connection with a commercially sensitive decision-making process.
Right of correction
If Aveling holds personal information about a person and Aveling is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, or, the person requests Aveling to correct the information, Aveling will take such steps (if any), as are reasonable in the circumstances, to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.
Complaints about a breach of the Privacy Laws
If a person believes that Aveling has breached privacy laws then they may either:
- Lodge a written complaint in accordance with Aveling’s Complaints process; or
- Contact Aveling directly on (08) 9379 9999.
The complaint will be reviewed and managed as set out in Aveling Complaints process.
External avenues of complaint
Office of the Australian Information Commissioner
www.oaic.gov.au
Telephone: 1300 363 992
Post:
Sydney Office
GPO Box 5288 Sydney NSW 2001
Further information
More information on privacy issues in Australia may be obtained by visiting the Office of the Australian Information Commissioner who are the independent national regulator for privacy and freedom of information – https://www.oaic.gov.au/
Breach of Policy
Activities undertaken by an Aveling Employee or Contractor which represent a failure to meet the obligations in this policy may be deemed as misconduct or serious misconduct, resulting in:
- Disciplinary action, up to and including termination of employment or contract; or
- Civil or criminal penalties as provided by law.
Related Legislation
Disclaimer
Aveling is not liable for any loss, damage, costs, liability or other form of contribution for any confidential or personally identifiable information accessed by a third party, where it is not due to negligence of Aveling, its agents, suppliers, contractors, related corporate bodies, affiliates or associated parties, to the extent permitted by law.
As such Aveling cannot guarantee the security of any data disclosed on-line. Individuals accept the inherent security implications of dealing on-line over the Internet and will not hold Aveling or its agents or suppliers responsible for any breach of security.
Please note: Aveling uses cookies to analyse information about how visitors are using our site and what services they’re interested in. The collected information is anonymous and logs data like the number of visitors to the site, where the visitors came from to get to the site and the pages they visited on the site. Your name and other personal information is never made available to Aveling through the use of cookies.
Aveling website may contain links to other websites. Aveling is not responsible for the privacy practices or the content of other websites.
Content
Content contained within the Aveling website includes all text, graphics, user interfaces, trademarks, logos, videos or artwork, knowledge base articles, white papers and software code.
Amendments
We may change this policy from time to time to address new issues and reflect changes on our site. We will post those changes on our site (and such changes become effective upon posting) so that you will know what information we collect, how we might use that information, and whether we disclose that information to anyone.
Revision date: October 2025
Popular courses
Courses by Category 
Courses by industry