Privacy Policy

The main purposes for which we collect, hold, use and disclose personal information are set out below.

• to provide proper schooling and care for our students
• to keep Parents and Guardians informed about their child's progress and wellbeing
• to provide proper administration of the College
• to promote the College and seek donations to the College or specific programs of the College including through direct marketing, campaigns (including online), events and competitions
• to perform research and statistical analysis
• to protect the security of our offices, staff, students, visitors and the property held on our premises
• to recruit staff and contractors.

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or:

• which are required or authorised by or under law (including, without limitation, privacy legislation); and
• for which you have provided your consent.

Direct marketing: We may use your personal information to let you know about our products and services (including promotions, campaigns and events), either where we have your express or implied consent, or where we are otherwise permitted by law to do so. We may contact you for these purposes in a variety of ways, including by mail, email, SMS or telephone.

Opting out: Where you have consented to receiving marketing communications from us, your consent will remain current until you advise us otherwise. However, you can opt out at any time, by:

• contacting us (either via the contact details provided on the communication received, or via the details at the end of this Policy)
• advising us if you receive a marketing call that you no longer wish to receive these calls
• using the unsubscribe facility that we include in our commercial electronic messages (such as newsletter emails and SMS) to opt out of receiving those messages.

Notification of source: If we have collected the personal information that we use to send you marketing communications from a third party, you can ask us to notify you of our source of information, and we will do so, unless this is unreasonable or impracticable.

The type of personal information that we collect and hold depends on the type of dealings you have with us. It includes but is not limited to:

• information about students (including photographs), parents and/or guardians (“Parents”), before, during and after the course of a student's enrolment at the College
• information about children and adults associated with participation in MLC’s publicly offered associated programs
• updates of the above information
• information about applicants for employment, staff members, volunteers and service providers
• information about people who send us an enquiry, provide us with feedback or make a complaint.

Methods of collection: We collect personal information in a number of ways, including:

• in person (for example, at College information mornings or at MLC’s Reception)
• through the MLC website and other website/s of those programs and activities directly associated with the College (for example MLC Gymnastics Club and MLC Music Academy websites)
• over the telephone
• through hard copy and electronic correspondence (such as letters, faxes and emails)
• on forms both hard copy and electronic (for example, Enrolment Application)
• through security cameras
• from third parties, including doctors and other health professionals.

Collection notices: Where we collect personal information about you, we will take reasonable steps to provide you with certain details about that collection (such as why we are collecting the information and who we may share it with).

Collection notices may provide more specific information than this Privacy Policy. The terms of this Privacy Policy are subject to any specific provisions contained in collection notices and in the terms and conditions of particular offers, products and services. We encourage you to read those provisions carefully.

Unsolicited information: Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement).

We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities). If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

When you visit our website or MLC associated program websites (“MLC websites”), some of the information that is collected about your visit is not personal information, as it does not reveal your identity.

Site visit information/Web Analytics: For example, we record your server address (IP address), the date, time and duration of your visit, the pages you visited, any documents you downloaded, the previous site you visited and the type of device, browser and operating system you used.

We use and disclose this information in anonymous, aggregated form only, for purposes including statistical analysis and to assist us to improve the functionality and usability of MLC websites. You are not individually identified, however we reserve the right to use or disclose this information to try to locate an individual where we reasonably believe that the individual may have engaged in any unlawful or inappropriate activity in connection with our websites, or where we are otherwise required or authorised by law to do so.

Cookies: A ‘cookie’ is a small string of information that a website transfers to your browser for identification purposes. The ‘cookies’ we may use do not identify individual users, although they do identify the user's internet browser.

MLC may use cookies on the MLC websites to hold sessional information. This information may be used to personalise your current visit to the MLC websites. MLC only uses non-persistent cookies. That is, they are held on your browser's memory only for the duration of your session.

Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used. There are also software products available that can manage cookies for you. If you disable the use of cookies on your web browser or remove or reject specific cookies from our websites or linked sites then you may not be able to gain access to all of the content and facilities on the MLC websites.

We will provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so. A pseudonym is a name or other descriptor that is different to an individual’s actual name.

For example, you can access our websites and make general phone queries without having to identify yourself.

In some cases however, if you don't provide us with your personal information when requested, we may not be able to provide you with the product or service that you are seeking.

We may share your personal information with third parties where appropriate for the purposes set out under Why we collect personal information, including but not limited to:

• students
• parents and guardians of students
• other educational institutions, statutory organisations, and government
• health professionals
• third parties providing services to the College including visiting teachers, sport and other co-curricular
• third parties undertaking compliance reviews or audits of the College
• coaches and teachers
• financial institutions for payment processing
• recipients of our newsletters and magazines
• referees whose details are provided to us by job applicants
• The MLC Old Collegians’ Club and the MLC Parents’ Association
• our contracted service providers, including:
• delivery and shipping providers
• providers of photographic services
• information technology and data storage providers
• function and event organisers
• marketing and communications agencies that assist the College in marketing or fund raising
• market research and statistical analysis providers
• mail houses
• external business advisers (such as recruitment advisors, auditors and lawyers)

In each case, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.

The College respects every Parent’s right to make decisions concerning their child’s education. Generally, the College will refer any request for consent and notices in relation to the personal information of a student to the student’s Parents or Guardians. The College will treat consent given by Parents or Guardians as consent given on behalf of the student, and notice to Parents or Guardians will serve as notice given to the student.

Parents or Guardians may seek access to personal information held by the College about them or their child by contacting the Privacy Officer. However, there will be occasions when access is denied. Such occasions would include where release of the information would have an unreasonable impact on the privacy of others or where the release may result in a breach of the College’s duty of care to the student. The College may, at its discretion, on the request of a student grant that student access to information held by the College about them, or allow a student to give or withhold consent to the use of their personal information, independently of their Parents or Guardians. This would normally be done only when the student involved has reached 18 years of age, but the College could do so in other circumstances when the maturity of the student and/or the student’s personal circumstances so warranted.

We may disclose personal information to third parties located overseas in the following situations:

• to parents or guardians of students whose permanent or temporary address is overseas
• to third parties assisting in the planning or delivery of overseas tours or exchanges

In each case, we will comply with the requirements of the Privacy Act 1998 (Cth) and the APP's that apply to cross border disclosures of personal information.

We will not:

use a government related identifier of an individual (such as a Medicare number or driver's licence number) as our own identifier of individuals; or otherwise use or disclose such a government related identifier, unless this is permitted by the Privacy Act (for example, use of an identifier to verify an individual's identity or uses or disclosures required or authorised by or under an Australian law).

We hold personal information in a number of ways, including in hard copy documents, electronic databases, email contact lists, and in paper files. We take reasonable steps to:

make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant; protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs.

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or telephone number.

Security: The steps we take to secure the personal information we hold include website protection measures (such as firewalls and anti-virus software), security restrictions on

access to our computer systems (such as login and password protection), controlled access to our corporate premises, policies on document storage and security, personnel security (including restricting access to personal information on our systems to staff).

Website security: While we strive to protect the personal information and privacy of users of our websites, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact the Privacy Officer by telephone or post (details at the back of this Policy).

If you are a registered user of our websites, you can also help to protect the privacy of your personal information by maintaining the confidentiality of your username and password and by ensuring that you log out of the website when you have finished using it. In addition, if you become aware of any security breach, please let us know as soon as possible.

Third party websites: Links to third party websites that are not operated or controlled by MLC are provided for your convenience. We are not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Please contact our Privacy Officer (details below) if you would like to access or correct the personal information that we hold about you. We may ask you to verify your identity before processing any access or correction requests, to make sure that the personal information we hold is properly protected.

Complaints

If you have a complaint about how we have collected or handled your personal information, please contact our Privacy Officer (details below). Our Privacy Officer will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter in a timely manner.

If you are unhappy with our response, you can refer your complaint to the Office of the Australian Information Commissioner or, in some instances, other regulatory bodies, such as the Victorian Health Services Commissioner or the Australian Communications and Media Authority.

Please contact us if you have any queries about the personal information that MLC holds or the way we handle your personal information.

Mail: Methodist Ladies’ College
Attention: Privacy Officer
207 Barkers Road
KEW VIC 3101 AUSTRALIA

Email: privacy@mlc.vic.edu.au or Telephone: +61 3 9274 6333

Further general information about privacy is available on the website of the Office of the Australian Information Commissioner or by calling the OAIC's enquiry line at 1300 363 992.

This Policy will be regularly reviewed and updated to take account of new laws and technology, changes to MLC’s operations and practices, and to ensure the Policy is appropriate for the changing MLC environment. The current version will be posted on our website and a copy may be obtained by contacting our Privacy Officer (details above).