Privacy Policy
Privacy Policy
Last Updated: 12 October 2022
Your privacy is important to us and so is being transparent about how we collect, use, and share information about you. This Privacy Policy explains our privacy practices for the activities described herein. Please read this Privacy Policy carefully to learn how we collect, use, disclose, store, and handle your personal information when you access our website (Website) or use any or our Services. Any reference to ‘SIMON, ‘we’, ‘us’, ‘our’ or the ‘Company’ is a reference to the legal owners the Diocese of Ballarat Catholic Education Limited (ACN 629 894 686).
When you access our Website or use our Services you agree to the terms of this Privacy Policy.
Sometimes we will need to update our Privacy Policy so it may change from time to time. By continuing to use our Website or Services after we make any changes, you will be deemed to have accepted those changes, so it is important that you read this Privacy Policy in its entirety and check this Privacy Policy regularly for any updates.
What is personal information?
In this Privacy Policy, 'personal information' means information or an opinion about an individual who is identified or reasonably identifiable. In certain jurisdictions, personal information may be referred to as 'personal data'.
Some types of personal information are designated as 'sensitive information', which are subject to additional protections under applicable privacy laws. In certain jurisdictions, sensitive information may be referred to as 'special categories of data'. For example, these can include information about your health.
Types of information we collect
What types of personal information do we collect?
Depending on the purpose for which the personal information is being collected, we may process the following categories of personal information about you:
- Personal information regarding your personal and professional profile – your name, job title, school, number of enrolled students, country, email address, mailing or street address and telephone number(s), information for the purpose of administering your actual or potential employment with SIMON, information contained in your application or résumé, recorded during any interview, or obtained through any pre-employment checks, and government-issued identifiers such as tax file numbers;
- Information related to your use of any of our Services – photographs, videos and other multimedia, and other documents and files. This information may contain personal information;
- Sensitive information – health or medical information (including proof of COVID-19 vaccination status, where required under a state or federal government laws), ethnicity or race, cultural or social identity, philosophical or religious beliefs, information to verify Working with Children Checks and other sensitive information via National Police Checks, trade union membership;
- Personal information received from contacting us to make a complaint about our Services, provide feedback, submit an enquiry or seek support and training – your name, school, country, job title, mailing or street, address, email address, telephone number, and a recording of the call (to the extent permitted by applicable laws);
- Personal information relating to our suppliers, distributors or other personnel who assist us in providing our Services – your name, mailing or street address, email address, telephone number(s), and billing information; and
- Personal information relating to your attendance at our offices – your name, telephone number(s), and images or videos relating to your attendance.
We also collect technical and general analytics data, such as web browser type and browsing preferences, your Internet service provider, referring/exit pages, and date/time stamps, IP address, time zone, and geolocation data (if applicable) arising from your use of our Website.
We may also collect personal information from you that you voluntarily disclose to us such as through surveys, responding to questionnaires or participating in other forms of research, which may include sensitive information.
Data Stored within your SIMON Instance
To further clarify, the data stored within your SIMON instance remains the sovereignty of the school and is not shared or utilized without school acceptance to any third party. This is also referenced in the “End-User Licence Agreement” (14.2 Ownership of user data).
Where schools utilise data within the SIMON platform with an authorised third-party “End-User Licence Agreement” (12.3 to 12.5 Third-party products) it must not compromise the stability or performance of SIMON related technologies.
Ways of collecting information
How do we collect information?
We have different ways of collecting information.
We collect your personal information directly from you, including when you:
- access or use our Website;
- visit our offices via sign-on procedures and/or CCTV;
- subscribe to, purchase or use our Services;
- use our Services as an authorised user (for example, as an employee of one of our customers who provided you with access to our services) where we act as a controller of your personal information;
- sign up to receive marketing material including exclusive offers, promotions, or events;
- participate in surveys, competitions, promotions or request information or material from us;
- make inquiries about us or our Services or otherwise communicate with us by email, by telephone, in person, via the Website or otherwise; and
- apply to work with us or are engaged by us.
We may collect personal information about you which may be provided to us by a teacher or staff member working at a particular school to which we provide our Services.
We may collect personal information about you from publicly available sources (such as the Internet) and from third parties (such as mutual contacts, or if someone makes a purchase on your behalf, or your referees provided during the recruitment process if you apply for a job with us). We may also collect personal information through third parties such as our service providers, and through promotional and marketing activities.
Our websites and services may contain links to other websites, applications, platforms, and services maintained by third parties. The information practices of these third parties, including the social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.
How do you use cookies and analytics?
Certain information is collected automatically through your device, such as your computer address, computer type, operating system name and version, device manufacturer and model, language, Internet browser type and the websites you visit, including through cookies and analytics. We collect this information to analyse data, to track your experience on our Website and to improve the functionality and experience of SIMON products, services and our Website.
We use the following technologies to collect technical information and general analytics:
- cookies – these are type of data files that are placed on your device and often include an anonymous unique identifier;
- log files, which track actions occurring on our Website (which we collect anonymous data on and track); and
- web beacons, tags, and pixels, which are electronic files used to record information about how you browse our Website.
By using our Website and our Services, you are consenting to the use of these technologies in accordance with this Privacy Policy.
Can you choose not to disclose your personal information?
If you contact us to make a general enquiry about us or our business, you do not have to identify yourself or provide any personal information. You can also notify us that you wish to deal with us using a pseudonym.
Sometimes, if we are unable to collect personal information about you, we may not be able to provide you with the information or assistance you require. For example, we will not be able to send you information you have requested if you have not provided us with a valid email address or telephone number.
If you want, you can disable your web browser from accepting cookies and other technologies used to collect technical information and general analytics. If you do so, you can still access our Website, but it may impact your user experience.
How we use and disclose information
How do we use your personal information?
In general, we use your personal information for purposes or legitimate interests connected with our business. Some of the specific purposes for which we use your personal information are as follows:
- to provide our Services to our customers or to receive goods or services from our suppliers;
- to enable the proper operation and functionality of our Services;
- to verify your identity (for example, if you request access to the personal information we hold about you);
- to consider you for a job at SIMON (whether as an employee or contractor) or other relationships with us;
- to communicate with you and to address any issues or complaints that we or you may have regarding our relationship;
- for direct marketing purposes (see the "Direct marketing" section below); and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
In what circumstances do we disclose personal information?
We will only use personal information about you if we have a lawful basis to do so, for example:
- where you have given us your consent;
- where processing of your personal information is necessary for the performance of a contract with you;
- to meet our legal obligations; and
- to pursue our legitimate business interests.
However, we will use or disclose your personal information:
- for the purposes for which we collected it (and related purposes which would be reasonably expected by you);
- for other purposes to which you have consented; and
- as otherwise authorised or required by law.
We may also use or disclose your personal information for our administrative, marketing (including direct marketing), planning, product or service development, quality control, survey and research purposes and for other purposes to which you have consented, or as otherwise permitted or required by law.
Who do we disclose personal information to?
We may disclose your personal information to third parties in connection with the purposes described above (see the "How do we use your personal information?" section).
This may include disclosing your personal information to the following types of third parties:
- our related companies;
- our professional advisers (such as lawyers, accountants or auditors) and insurers;
- our employees, contractors and third-party service providers who assist us in performing our functions and activities e.g., payment systems operators and financial institutions, cloud service providers, data storage providers, shipping companies, telecommunications providers and IT support services providers;
- customers with whom you are affiliated, whom if you use our services as an authorised user, we may share your personal information with your affiliated customer responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
- organisations authorised by us to conduct promotional, research or marketing activities;
- third parties to whom you have authorised us to disclose your information (e.g., referees); and
- any other person as required or permitted by law.
We may also share anonymous or de-identified usage data with our service providers for the purpose of helping us in such analysis and improvements. Additionally, we may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our Services.
Anyone using our online communities, forums, blogs, or communication features on our Website may read any personal information or other information you choose to submit and post.
If we disclose your personal information to third parties, we will use reasonable commercial efforts to ensure that such third parties only use your personal information as reasonably required for the purpose of disclosure and in a manner consistent with applicable laws. This may include for example (to the extend commercially practical) by including suitable privacy and confidentiality clauses in our agreement with a third-party service provider to which we disclose your personal information.
What about direct marketing communications?
We will only send you direct marketing communications (either through mail, SMS or email), including offers, any news and exclusive offers, promotions, or events, where you have consented to do so in accordance with applicable privacy and direct marketing laws in your region.
You may opt-out of receiving direct marketing communications at any time by contacting us or by using opt-out facilities provided in the direct marketing communications.
How we manage information
How do we protect your personal information?
We have taken steps to secure and protect your personal information from misuse, loss, unauthorised access, modification or disclosure.
While we have implemented appropriate organisational and technical measures, we cannot guarantee the security of transmission of personal information online. All personal information you share with us online is disclosed at your own risk.
Please notify us immediately if you become aware of any breach of security by contacting us as described in the "How to contact us" section below. You can also submit a complaint in line with the process outlined in the "How you can complain about a privacy issue" section below.
How long do we keep your personal information?
We will keep your personal information for no longer than is necessary for the purposes for which your personal information was collected unless a longer retention period is required by law, under a licence or if it is reasonably necessary for us to comply with our legal obligations, resolve a dispute or maintain security.
Your rights in relation to information
How can you seek to access and correct personal information we hold about you?
You may seek access, correct or update personal information we hold about you by contacting us as described in the "How to contact us" section below.
We will provide access to that information in accordance with applicable legal requirements'. We may require that the person requesting access provide suitable identification and where permitted by law we may charge a fee for giving access to your personal information.
You may have additional rights depending on applicable privacy laws, which may include:
- the right to request erasure of personal information we hold about you, for example if the personal information is no longer necessary to provide services to you;
- the right to withdraw consent. You may withdraw your consent at any time where we relied on your consent to process your personal information;
- the right to require us to stop using all or some of your personal information (for example, if we no longer have a legal right to keep using it) or to restrict our use of your personal information (for example, if you consider that the personal information we hold about you is inaccurate or if it is unlawfully held);
- the right to data portability. In some circumstances you have the right to be provided with a copy of the personal information we hold about you in a structured, machine-readable and commonly used format; and
- the right to require us to check with you before using or disclosing your personal information that it is accurate, up to date, complete and not misleading.
To avoid doubt, these additional rights will only apply to the extent required under the applicable privacy laws. We may ask you to provide suitable identification when you seek to exercise any of these rights.
Your rights relating to personal information
We may also process personal information submitted by or for a customer to our Services. To this end, if not stated otherwise in this Privacy Policy or in a separate disclosure, we process such personal information as a processor on behalf of our customer (and its affiliates) who is the controller of the personal information.
We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Policy. If your personal information has been submitted to us by or on behalf of a SIMON customer and you wish to exercise any rights you may have under applicable privacy laws, please inquire with them directly.
We may only access a customer’s data upon their instructions. If you wish to make your request directly to us, please provide us the name of the SIMON customer who submitted your personal information to us. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.
How can you complain about a privacy issue?
You may make a privacy complaint in relation to personal information we hold about you by contacting us as described in the "How to contact us" section below
If you make a privacy complaint, our Privacy Officer or another suitable staff member will investigate the matter and attempt to resolve it as soon as reasonably possible (usually within 30 days of receipt of your complaint).
If you believe your concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements you can contact your regulatory authority. This may be:
- the Office of the Australian Information Commissioner on 1300 363 992 or visit their website at www.oaic.gov.au;
Local exemptions and inconsistency with law
Where local laws allow for an exemption to compliance with certain legal obligations (for example, the employee records exemption in Australia), we may rely on such an exemption.
This Privacy Policy will not apply to the extent that it is inconsistent with any applicable law.
How to contact us
If you have a query, concern, or complaint about the manner in which your personal information has been collected or handled by us or would like to request access to or correction of the personal information we hold about you, please contact using the details provided below:
SIMON
Attention: Privacy Officer
200 Gillies Street North, Lake Wendouree VIC 3350 execdirector@dobcel.catholic.edu.au