Privacy Policy

Privacy Statement

Personal information collected by WorldSkills Australia is protected by the Privacy Act 1988 (Cth) (Privacy Act).  Personal information is any information or an opinion that identifies you or is reasonably identifiable and includes sensitive and health information.

WorldSkills Australia recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information.

This document is our Privacy Policy and it describes how and why we collect your personal information, how we use it, and what controls you have over our use of it.

What is your personal information?

Essentially “personal information” means any information that can be used to personally identify you.

This may include your name, address, telephone number, email address and profession or occupation.  If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information and protected in accordance with this policy.

What personal information do we collect and hold?

We may collect the following types of personal information:

  • Name;
  • Mailing or street address;
  • Email address;
  • Telephone number/s;
  • Any other contacts detail you wish to provide;
  • Age or birth date;
  • Profession, occupation or job title;
  • Details of the programs, events, competitions or activities you may wish to participate in;
  • Ways you may wish to volunteer and contribute to meeting the strategic priorities of WorldSkills Australia and the promotion of excellence in Vocational Training and Education;
  • Financial information (such as credit card information) in order to receive payment for donations or any applicable fees and charges relating to the participation in WorldSkills Australia programs, events, competitions or activities;
  • Information you provide to us through surveys or online contacts;
  • Information about potential supporters, sponsors or members from information that is publicly available to help us develop our corporate partnerships;
  • Information for statistical purposes about services provided and demographic data, so we can tailor the information and services we provide to our supporters; and
  • Any additional information relating to you that you provide to us directly through our websites or online presence, through our representatives or otherwise.

We may also collet some information that is not personal information because it does not identify you or anyone else.  For example, we may collect anonymous answers to surveys or information about how users use our website.

What is sensitive information?

“Sensitive Information” (a type of personal information), means information or an opinion about an individual’s race or ethnic origins, political opinions and association, religious beliefs or affiliations, philosophical beliefs, sexual preferences or practices, trade or professional associations and memberships, union membership, criminal record, health or genetic information or biometric information.

What sensitive information do we collect and hold?

There are very few circumstances where we collect sensitive information – for example, as part of information collected about directors, employees, volunteers or competitors for company and human resource management purposes or to facilitate your requirements when participating in one of our activities, programs, events or competitions.  Where such information is collected, we will only do so if you have provided your consent or where required by law.

How do we collect your personal information?

We collect your personal information directly from you in most cases, where reasonable and practicable.  When collecting personal information from you, we may collect in ways including:

  • Through your access and use of our website;
  • During conversations between you and our representatives; or
  • When you complete a registration application, expression of interest form or donations form; or
  • When the law requires

We may also collect personal information from third parties including;

  • Law enforcement agencies and other government entities where this is authorised or required by law.

For what purposes do we collect, hold, use and disclose your personal information?

WorldSkills Australia collects your personal information so that we can perform our social enterprise activities that look to promote and build a skills culture, celebrate excellence and showcase vocational education and training. We do this by engaging in research, promoting skills, building careers, focusing on education and skills training in Australia, fostering international cooperation and development, and running skills competitions and leadership programs.

We collect hold, use and disclose your personal information to enable you:

  • To participate in our programs, activities, events and competitions; or
  • To facilitate your volunteering with WorldSkills Australia to positively influence the lives of others; or
  • To partner with you to enable to fulfil our social enterprise objectives and showcase your support of our objectives; or
  • To facilitate your donation, sponsorship or other monetary contribution to support us in fulfilling our objectives.

In order to continue to provide and improve these services, programs, events and competitions to you as a participant, volunteer or supporters, we require your personal information, in particular:

  • To provide news, information, services to you and to send communications requested by you;
  • To answer enquiries and provide advice about existing and new programs, events, competitions and opportunities;
  • To conduct activities including providing personal information to contractors, service providers or other third parties when necessary;
  • For the administrative, marketing, planning, quality control and research purposes of WorldSkills Australia, its contractors or service providers or it corporate partners;
  • To process and respond to any complaint made by you; and
  • To comply with any law, rule, regulation, lawful and binding determination, decision or direction or a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).

What happens if we can’t collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen:

  • We may not be able to provide you with information about activities, events and programs you may be interested in;
  • You may not be able to participate in WorldSkills Australia activities or advance to the next level of participation;
  • We may be unable to tailor the content of our websites to your preferences and your experience of our website may not be as enjoyable or useful.

Do we disclose your personal information to anyone outside Australia?

We may (with your consent) disclose your personal information outside Australia to enable you to participate in WorldSkills Australia’s, WorldSkills International’s, WorldSkills member nations or WorldSkills Australia affiliated organisations programs, activities, events or competitions that are conducted overseas.

WorldSkills Australia attempts to take all reasonable steps and makes necessary enquiries to ensure the protection of your personal data in these circumstances has been considered.

In giving your consent, you acknowledge these overseas recipients may not be required to comply with the same laws or to the same standards as those in Australia.  In providing someone else’s personal information to us, you warrant that you do so with their consent including to overseas disclosure on these terms.

Online Activity and Social Media

WorldSkills Australia uses Google Analytics to track visits to our websites, and to track the effectiveness of our websites, like visits, length of visit, viewed pages and the technical capabilities of visitors to our websites.  While this data is mostly anonymous, sometimes we will connect it to you, for instance in personalising webpages, or prefilling a form with you details.  For more information on our analytics tools, read Google’s Privacy Policy.

You can also engage with WorldSkills Australia through social media channels, like Facebook, Twitter, Instagram, LinkedIn and other social media channels that WorldSkills Australia choses to use from time to time.  You can always control how you receive content through each website’s setting.

Cookie Policy

We may send cookies, or small pieces of information, to your web browser to collect information on your browsing session.  Our cookies do not collect information, but may be used for:

  • Recording preferences that you specify on our websites;
  • Providing general visitor and customer analytics for internal reference;
  • Conducting research to improve our content, programs and online services; or
  • Supporting security measures, such as requiring you to re-login to a site after your account has been inactive.

If you do not wish to receive cookies you may disable these in your web browser, however please note that doing so may affect our websites’ ability to function properly.

We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, provide relevant content to users, monitor fraudulent activity, and gather broad demographic information.

Unsubscribe

If we send you information by email concerning content that you did not expressly request, we will provide you with an email address by which you may request no future notices from that email. You can also unsubscribe by using the unsubscribe link contained in the email.

 

Links to other websites

WorldSkills Australia’s websites may contain links allowing you to access third party websites. We make no representations or warranties and are not responsible for the content that appears on those sites and does not necessarily endorse those sites. Please consult those sites’ individual privacy policies in order to determine how they treat information.

 

Security

WorldSkills Australia takes reasonable steps to ensure your personal information is protected from misuse, loss and form unauthorised access, modification or disclosure.  We use a number of measures to protect your personal information including a network system firewall that is designed to protect information held within our computer network.  We may hold your information in either electronic or hard copy form.  Personal information is destroyed or de-identified when no longer needed.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online.  We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet.  Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

Cvent


Secure Data Centers – All Cvent data centers have DDOS mitagation in place and a fault-tolerant mode. That means the system will continue to operate if a part of the process fails. If the whole system fails, a failover is set up to take over the primary system. Customer data is also backed up regularly across different geographic locations using SAN and Tapes. Each of our facilities are fully equipped with multiple tiers of physical access and environment controls specific to the SSAE16 – SOC1 Type II process.

Data Locations:

  • Primary data center, Co-location facility in Ashburn, Virginia and AWS East Coast
  • Backup data center, Co-location facility in Portland, Oregon and AWS West Coast

Secure Applications – Customer data is encrypted at rest via AES-256 and transmitted using 256-bit Transport Layer Security (TLS) protocol, supporting up to version 1.2. All passwords are also protected by salting and storing it with one-way hashing. This means each password has a randomized string attached to it, then an algorithm is used to convert the password into a fixed string of characters.

Secure Payments – Cvent is certified Level 1 compliant to the PCI Data Security Standards (DSS). This means Cvent has undergone an onsite audit by a third-party Qualified Security Assessor. You can even download our certificate. All Payment processing is hosted on HTTPS pages. Any financial report generated in Cvent will only show the last four digits of registrants’ card numbers. Accounts with multiple users can further control who sees what.

Any field designed to contain sensitive personal information is encrypted. These include:

  • Credit card number (including those collected through the travel credit card form)
  • Date of Birth
  • National ID
  • Passport ID
  • Social Security Number
  • ADA Accessible

 

The Cvent platform has been designed to retain event data and interactions over the life of a customer’s contract with Cvent.

Cvent currently has the functionality to support any individual data subjects request for Access, Portability or Right to be Forgotten.

 

Your right to access and correct information

WorldSkills Australia takes all reasonable steps to ensure that your personal information which we collect, use or disclose is accurate, complete and up to date.  You have the right to access the personal information we hold about you.  If the information we hold is not accurate, complete or up to date, you can ask us to modify our records.

 

We will consider if the information requires amendment.  If we do not agree that there are grounds for amendment then we will give you a written reason why we disagree and add a note to the information stating you disagree with it.

 

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentially.  If that happens, we will give you written reasons for any refusal.

 

What is the process for complaining about a breach of privacy?

If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.

Our procedure for investigating and dealing with privacy breached is an internal review.  You may be contacted to seek further information to your initial complaint, if needed.  At the conclusion of that review, you will be provided with a written account of the outcome and any measures we propose to take to address defects in our processes.

At any time, if you wish to have the matter considered externally, you may complain to the office of the Australian Information Commissioner via the details found on the Commission website: www.oaic.gov.au

Contact Information

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please use the contact link on our website or contact us using the details set out below.

We will treat your requests or complaints confidentially.  Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.  We will aim to ensure that your complaint is resolved in timely and appropriate manner.

WorldSkills Australia

Level 7, 379 Collins Street
MELBOURNE VIC 2000
Telephone: (03) 9249 1000
Email: info@worldskills.org.au

 

Changes to our privacy policy

We may make changes to this Privacy Policy from time to time, to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. The latest very of this policy will always be available on our website.

 

September 2018.