AcademyEX logo large white

THE IMPORTANT LEGAL STUFF

Privacy Policy

Purpose


The purpose of this policy is to ensure that all reasonably available measures are in place to protect the privacy of information collected through user interaction with digital learning platforms, content creation and workshops delivered by academyEX Education Limited Partnership (New Zealand) & AcademyEX PTY Ltd (Australia), collectively referred to as academyEX. It is provided in accordance with respect to academyEX’s obligations under the New Zealand Privacy Act (2020), the New Zealand Education and Training Act (2020) and the Australian Privacy Act 1988.

AcademyEX Education Limited Partnership (NZ)

99 Khyber Pass Road
Grafton
Auckland 1023

PO Box 8115
Newmarket
Auckland 1149

+64 9 964 4444
hello@academyex.com

AcademyEX PTY Ltd (AU)

Suite 2
Level 25/1 Bligh St
Sydney NSW 2000
PO Box 1621
Carindale
QLD 4152

+64 9 964 4444
hello@academyex.com.au

Scope

This policy applies to all staff members and processes at academyEX. AcademyEX must ensure that, when using or dealing with personal information relating to leads, learners, alumni, staff members, users, clients, contractors or any other individuals, they comply fully with this policy.

This policy applies to all personal and client information provided, whether in person or via other means, including through academyEX sites including, but not exclusive to the Learning Management System and supporting SaaS platforms.

Personal information is any information about the user. Such information may be automatically collected (i.e. information sent to academyEX by user-managed devices used to access academyEX services), voluntarily provided (i.e. knowingly and actively provided by the user) and/or via learning analytics used to support learners and improve customer experience..

This policy applies to information collected from all users of academyEX’s products and services.

Policy Statements

academyEX is dedicated to treating personal information with care, trust and respect. This Privacy Policy is designed to provide transparency into privacy practices and principles in a format that users can navigate, read and understand.

Academy Ex Privacy Policy and Procedures cover the collection, use and disclosure of information by AEX, the precautions AEX takes, how individuals can access their personal information, and how complaints can be made if privacy is thought to have been breached.

This policy covers the following:

  1. Automatically collected information

  2. Voluntarily provided personal information

  3. Information collected as part of the learning journey

  4. Use and disclosure of personal information

  5. Cookies and data security

  6. Data retention

  7. User access to and correction of personal information

Automatically collected information

AcademyEX servers automatically log standard data provided by the user’s device and web browser to visit academyEx.com & academyex.com.au. This data may include:

Device data can depend on the specific device or software settings. academyEX recommends checking the policies of the device manufacturer or software provider to learn what information they make available.

In the event of errors, academyEX automatically collects data about the error and the circumstances surrounding its occurrence. This data may include technical details about the device, what action was attempted when the error happened, and other information relating to the problem. There may or may not be notice given of such errors. Please be aware that while this information may not be personally identifying by itself, it is possible to combine it with other data to personally identify individual persons.

Voluntarily provided personal information

AcademyEX collects personal information about users through website registration & eqnquiry forms, enrolment, academic record keeping, online accounts and personal transactions over the phone or online. academyEX may collect the following categories of personal data about the user:

AcademyEX gathers various information depending on the site and/or programme (from application through to matriculation and graduation), including:

  1. Personal information that is required for enrolment in academyEX programmes including identification, qualification, academic, professional, community and immigration information where relevant.

  2. Personal information provided to us through any other method (including without limitation correspondence and discussions whether on academyEX sites or via other means) including, but not limited to:

    • comments voluntarily posted while participating in online discussions with the academyEX academic staff, facilitators educators and other students

    • any email communications with academyEX to seek support or to send queries related to academic work

    • any academic related content submitted electronically, such as assessments (written, video or other relevant submissions), quizzes, and examinations, and the results of any assessments

    • any data and documentation submitted as part of the identity verification process where required to obtain a certificate or academic accreditation

  3. When you are participating in an academyEX programme, we and third parties may collect and store the following additional information:

    • comments you voluntarily post while participating in online discussions

    • any email communications with academyEX to seek user support or to send queries
      responses you voluntarily provide in questionnaires, surveys, or user research that you participate in related to the programme

    • Learning analytics data (generated from activity on the Learning Management System)

    • If a user provides academyEX with personal information about another person, the user must ensure that they are authorised to disclose that information to academyEX and that, without taking any further steps required by applicable data protection or privacy laws, academyEX may collect, use and disclose such information for the purposes described in this privacy policy.

Storage, use and disclosure of personal information

AcademyEX may use the information listed in Section 6 for educational purposes, student & client communication, statistical purposes and for system administration tasks to maintain this service. academyEX does not identify individuals as part of this practice. However, in the event of an investigation by a law enforcement agency or other government agency, academyEX may exercise its legal authority to inspect relevant server logs.

Personal information collected by academyEX will be held for the purposes of enrolling users, academic records and administration.

Personal applicant information, including uploaded documents, is securely stored on the academyEX’s Student Management System (the Salesforce platform) under academyEX domains. academyEX agreement with Salesforce ensures that both parties control the protection of personal data.

AcademyEX is responsible for protecting user's data at all times, except where there is a situation with the Salesforce infrastructure out of academyEX’s control. Salesforce very clearly outlines this responsibility and commitment on their website. For further information, please refer to the Salesforce website.

A unique identifier will be assigned to each user, which will be used in conjunction with a secondary means of identification or password.

Staff members and other personnel within academyEX will have access to users’ personal information for purposes relevant to normal operations including but not limited to: student recruitment, marketing, admission, enrolment, study, academic progress, tuition fees and charges, establishing and maintaining academic and graduation records, assessment, academic agreements (scholarship providers or sponsors, programme delivery partners), academic advice and support, student services, discipline, security and safety, library and IT services, and records, managing records of graduates, and alumni, and managing and improving the quality of services provided by academyEX.

A student’s academic achievements i.e. completion of academic qualifications are public record, and academyEX can verify qualification achievements to those who enquire. However, the specific details or individual components of a student’s qualification (i.e. Academic Transcripts) will not be disclosed by academyEX without the student’s consent.

AcademyEX will use anonymised information (including learning analytics) gained from academyEX student learning activities for academic and marketing purposes, including research and to improve academyEX programmes design and delivery. All possible precautions will be taken to ensure that academyEX students, past and present, will not be identifiable as individuals.

In addition, academyEX will survey students for feedback on their experience of academyEX programmes and courses. This data will be anonymised. academyEX may also ask individuals and groups of students to volunteer feedback and data (including videos and photographs) for research and marketing purposes.

AcademyEX uses email addresses to communicate regarding current bookings, surveys, programme or course updates and administrative matters. All recipients are given the option to opt out of receiving promotional emails via a self-service preference management dashboard.

All users will be deemed to have confirmed their acceptance of our privacy policy through the completion of our registration process, web form submissions and newsletter sign-ups
including accepting and signing AEX Terms and Conditions.

AcademyEX will not disclose any personal information held to a third party, unless required by law, or except as set out below:

Service Providers

academyEX works with third-party service providers who provide hosting, maintenance, backup, storage, infrastructure, payment processing, subscription, analysis, marketing and other services for us, which may require them to access information about the user.

If a service provider needs to access information about a user to perform services on their behalf, they do so under instruction from academyEX, including abiding by policies and procedures designed to protect the user's information. Some of these service providers may be located in countries other than New Zealand and Australia.

Legal Obligations

In exceptional circumstances, academyEX may share information about a user with a third party if academyEX believes that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce academyEX agreements, policies and terms of service, (c) protect the security or integrity of academyEX sites and services, or (d) protect academyEX, related companies, customers or the public from harm or illegal activities.

Sale of our business

in the event that academyEX proposes to sell the business or any of its assets, academyEX may provide user personal data as part of a database to a prospective buyer solely so that they can consider the purchase of the business. Should academyEX proceed to sell the business (or a material part of it) academyEX may provide user personal data as part of that sale so that the purchaser can continue to operate the business and contact users about their plans for the business.

Cookies and Data Security

A cookie is a very small text file that is sent to a browser from our web server and stored on the user’s computer. Cookies help provide users with a customised experience without having to re-enter their preferences each time they return to academyEX websites. Customers may disable cookies, however doing so may restrict access to some web pages.

AcademyEX takes all reasonable precautions to guard against unauthorised access to confidential and personal information including the loss, misuse and alteration of the information held by academyEX. When personal information is no longer required for the purposes for which it was collected, it may be deleted.

AcademyEX booking systems are PCI-DSS compliant. NB. The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that companies that accept, process, store or transmit credit card information maintain a secure environment.

AcademyEX has in place measures to ensure the security of the personal data that is collected and stored about users. academyEX uses all reasonable endeavours to protect personal data from unauthorised disclosure and/or access, including through the use of network and database security measures.

AcademyEX has put in place procedures to deal with any suspected personal data breach and will notify users and any applicable regulator of a breach where legally required to do so.

Data Retention

AcademyEX will hold a user’s information for as long as their User Account is active or as is needed to provide services to the user, or as long as AEX is legally obliged to. This retention policy extends to:

Automatically collected information

In the case of automatically collected information, we will make a good faith effort to retain server logs no more than 90 days.

Voluntarily submitted personal information

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process personal information, we will either delete or anonymise it or, if this is not possible (for example, because personal information has been stored in backup archives), then we will securely store personal information and isolate it from any further processing until deletion is possible.

AcademyEX will hold students enrolment records to comply with NZQA PTE Enrolment and Academic Records Rules 2021. This means enrolment records will be held until at least two years after the completion of the education.

Access to and Correction of Personal Information

A user may request access to their personal information by emailing privacy@academyex.com. If a user contacts academyEX by email or phone (+64 9 964 4444), academyEX may need to verify their identity for security purposes. Changes may take up to 10 days to take effect. If a user has questions regarding the specific personal information about them that academyEX holds, they can contact privacy@academyex.com.

If a user wishes to cancel their Account or request that academyEX no longer uses their information to provide services, they can contact academyEX at privacy@academyex.com.

The role of Privacy Officer is a shared responsibility between representatives from the Digital Advisory Working Group and the AcademyEX management team. These include, but are not limited to: Chief Technology Officer, Academic Director, GM and Head of Data.

If you would like to lodge a complaint or think your information has been mishandled, please contact our Privacy Officer at privacy@academyex.com. All complaints will be regarded as critical and attempted to be resolved within 10 days, or beforehand. The New Zealand and Australian Privacy Commissioners are listed in the “Relevant Documents and Information” section of this document.

Limits of our policy

Please be aware that we have no control over the content and policies of third-party websites that may be linked to from within LMS content and supporting material and therefore, academyEX cannot accept responsibility or liability for their respective privacy practices.


Changes to this policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If required by law, we will get permission or give the opportunity to opt in to or opt out of, as applicable, any new uses of personal information.

External links

In the event our site contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, please should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of activities that occur after leaving our site.

Relevant Documents and Information