1. About GPEx
- the kinds of personal information that we collect and hold;
- how and why we collect and hold personal information;
- the purposes for which we collect, hold, use and disclose personal information;
- when and with whom we share personal information;
- how you can access and amend personal information; and
- how you can complain about our handling of personal information.
4. What personal information is and what personal information we collect
- your name, date of birth and gender;
- your residential and work addresses;
- your personal and work telephone numbers;
- your personal and work email addresses;
- your occupation;
- your academic and employment history; and
- in respect of the programs we deliver, your program progression and assessment outcomes.
5. Information you give to us
We may collect personal information directly from you:
- through email;
- during face-to-face interviews and discussions;
- over the telephone;
- when you enquire about, or enrol in, one of our programs or courses; or
- during the delivery of your training.
You have no obligation to provide any information to us. However, failing to do so may impact on our ability to deliver our programs or courses to you and it may limit our ability to otherwise interact with you. If you provide us with personal information about other individuals (for example, an emergency contact’s details), we rely on you to:
- do so only with their consent;
6. Information we collect from other sources
We may also collect personal information about you:
- from third parties where it is unreasonable or impracticable to collect personal information directly from you; or
- from publicly available sources of information.
If we collect your personal information from someone other than you, we will take reasonable steps to:
- make you aware that we will collect, or have collected, personal information from another source; and
- inform you about what we will do with this personal information.
7. How we use personal information
Our business is to provide you with education and training services, as well as related services and products. In order to do that effectively, we use personal information for a range of different purposes, including:
- to verify your identity;
- to allow you to access and use our online systems (including our Websites);
- to communicate with you;
- to provide you with the information, products and/or services that you request from us;
- to assist with the delivery of our programs;
- to administer and promote our programs;
- to personalise your experience on our Websites;
- to provide support and updates;
- to monitor and assess your performance and training needs;
- to assess whether our programs are meeting your needs;
- to perform research and analysis (including whether our programs meet the needs of our students broadly);
- for the quality improvement of our existing and new products (including programs) and services;
- for our internal business purposes; and
- subject to your consent, other purposes which we will notify you of from time to time.
We do not sell your personal information to third parties.
8. Organisations we disclose to
Sometimes, we disclose your information to our related entities or individuals or organisations outside of GPEx. Common situations in which we disclose personal information include:
- disclosing personal information to service providers who provide services to us or on our behalf in connection with our training solutions;
- disclosing your personal information to the Department of Health and professional colleges (such as the Royal Australian College of General Practitioners and Rural and the Australian College of Rural and Remote Medicine), in connection with your professional training and accreditation;
- disclosing personal information with other organisations as directed by you (for example, in connection with employment applications);
- disclosing personal information to our contractors and other service providers (for example, in connection with external clinical teaching visits, to data management contractors, and to marketing and promotional contractors);
- where we are legally authorised or required to do so (including disclosing information to courts, tribunals, dispute resolution bodies, or law enforcement and national security agencies); or
- if we believe the disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety.
9. Do we send personal information overseas?
In some cases, we may disclose personal information overseas, such as to our providers of cloud services and website hosting services. These organisations may be based, or have servers, outside Australia. We will only disclose your personal information in compliance with the Privacy Act and the APPs and we will take reasonable steps to ensure that those organisations protect the personal information they receive from us.
10. Can you request to deal with us without identifying yourself?
In most cases, we need to know who you are in order to process and/or manage your application, enquiry, training or request. You can request to deal with us anonymously or by using a pseudonym in relation to certain matters; for example, when making a complaint, unless we need to know your identity in order to investigate the complaint (such as in relation to a particular service provided by a training service provider). If it is practicable to deal with us anonymously or under a pseudonym, we will take reasonable steps to ensure that the information that you provide to us anonymously or under a pseudonym is not able to be linked with other information that we may hold about you. If you wish to deal with us anonymously or under a pseudonym, please contact our Privacy Officer using the contact details below.
11. How to access your personal information
We will provide you with access to personal information about you which is held by us, subject to the exceptions in the Privacy Act (for example, we may refuse to give you access to your personal information if giving access would have an unreasonable impact on the privacy of other people, or if your request for access is frivolous or vexatious). Before giving you access to any information, we will require you to verify your identity in a manner that is reasonable in the circumstances and also to specify the personal information you wish to access. If we refuse to give you access to personal information, we will provide you with reasons for our refusal. For example, if we are not satisfied as to the identity of the requester. You will not be charged for lodging a request to access personal information. Requests for access to personal information should, in the first instance, be directed to our helpdesk firstname.lastname@example.org or by calling 1300 473 972 who will refer the request to an appropriate person within our organisation.
12. How to update your personal information
We will take reasonable steps to ensure that personal information about you which is held by us is accurate, up to date, complete and relevant. We encourage you to contact us as soon as possible in order to update any personal information we hold about you. If we update or amend personal information about you that we previously disclosed to another entity, and you request that we notify that entity, we will take reasonable steps to give that notification. If we refuse to update personal information, we will provide you with the reasons for our refusal.
13. How we keep your personal information secure
We use several physical and electronic security measures to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. For example, we restrict physical access to our offices, and we use a combination of security containers, firewalls, secure databases, computer user identifiers and passwords to protect personal information held by us. Emails you send to us are screened by our email security systems and may be viewed by our authorised information technology personnel and service providers for security purposes. All personal information collected and stored by us is held for a specified period of time, prior to eventual destruction. Time requirements for retention of personal information are at times statutory in nature or, required under contract, or necessary for procedural fairness as determined by us. We maintain an active Retention and Destruction schedule setting out retention times for personal and other information. We regularly consider and review information collected to ensure that we do not collect excessive or irrelevant personal information. Subject to applicable laws and our internal policies, we take reasonable steps to destroy or de-identify personal information about you when we no longer need it.
14. Automated Information Collection
When you visit our Websites, our server makes a record of that visit and logs the following information:
- your server address;
- the date and time of the visit to the site;
- the pages accessed and documents downloaded;
- the previous site visited; and
- the type of browser used.
The data listed above is collected to facilitate website and system administration, including:
- the prevention of security breaches; and
- the enhancement of our Websites to meet users’ needs.
15. How you can make a privacy complaint
If you have a concern about the way in which we handle personal information and wish to make a complaint, please contact our Privacy Officer using the contact details below. We are committed to acknowledging your complaint in a prompt manner and will give you an estimated timeframe for when we will respond to your complaint. It is our intention to resolve your complaint to your satisfaction. However, if you do not believe that the matter has been resolved satisfactorily, you are entitled to contact the Office of the Australian Information Commissioner on 1300 363 992 (local call charges apply) or by using the other contact details on the Commissioner’s website (www.oaic.gov.au) and the online privacy complaints form. The Commissioner may investigate your complaint further.
16. Further information
To find out more about how we manage personal information, please contact us using the following details: Our Privacy Officer:
- Telephone: 1300 473 972
- Email: email@example.com
For more information on the Privacy Act and the APPs, you may:
- visit the website of the Office of the Australian Information Commissioner (www.oaic.gov.au); and/or
- contact the Privacy Hotline 1300 363 992 (local call charges apply).
Last updated: 9 January 2023