Privacy Policy

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in material form or not.

ACS collects and holds personal information when you engage with us, make inquiries with us, download our publications and other digital assets, sign up to our newsletters, or interact with our websites and social media accounts. This includes your name and contact details (such as address, email address, mobile number, etc).

In addition, we may also collect and hold other personal information in order to provide our services (please refer to section 2 for details of the various services the ACS provides). The information collected will vary depending on the products and services that you use and may include some, or all, of the following:

General information: Your name, gender, date of birth, country of residence and / or country of birth, visa information, next of kin, preferred language.

Identification: Passport, drivers’ licence, Medicare card, birth certificate or other identification details (which may include your image).

Contact details: Your home address, work address, mail address, email address, phone numbers, social media handles, and other ways to contact you.

Your education and employment information: Your student or employer identification, education qualifications, education transcripts, scores, or other evidence, employer information, position title, resume, work experience, or other relevant employment information.

Health and dietary information: Dietary and health information, including medical conditions and / or requests for specific assistance, in connection with your use of our products and services.

Your use of our products and services: Information on whether you have purchased, used, or indicated interest in any of our products or services.

Payment information: Bank account details, credit card information (last 4 digits of the card and expiry date) may be collected by ACS but is processed using a secure 3rd party gateway and therefore this information is not held.

Your preferences and interests: Your stated or likely preferences, for example whether you may be interested in specific information and news, technical topics, products or services, or promotions.

Our interactions with you: Enquiries, feedback, complaints, compliments, responses to surveys, records of any correspondence and interactions with us and our staff (including in person, online, by telephone or email and via social media), or other forms of interaction.

Your use of our website and applications: Your IP address and details of how you use the website or apps.

Other: marriage certificate, tax ID numbers and superannuation/insurance reference numbers.

At times, your use of some of our products and services may require us to collect additional information from you. This information will only be used to provide you with those services or to support your use of those services.

1.1 Sensitive information

Under the Privacy Act, ‘sensitive information’ means information or an opinion about an individual’s:

• racial or ethnic origin;
• political opinions;
• membership of a political association;
• religious beliefs or affiliations;
• philosophical beliefs;
• membership of a professional or trade association;
• membership of a trade union;
• sexual preferences or practices;
• criminal record; or
• health information and genetic information about an individual that is not otherwise health information.

ACS does not collect sensitive information except as set out in this section or with your informed consent. Please note however that membership of ACS or the British Computer Society (through our member and certification recognition) will be noted if applicable.

ACS will use your personal information in order to communicate with you and provide you with our various services, including for the purposes set out below.

2.1 Memberships

ACS collects and may use the personal information of its members for the purposes of:

• providing members with a comprehensive range of membership products and services (including advocacy services), information regarding relevant products and services (or changes to these products and services) from ACS and appropriate ACS contracted third parties, and to help you keep up to date with industry changes and developments;
• seeking a better understanding of member needs in order to continually develop and improve membership products and services;
• providing and offering professional development courses, conferences, seminars, workshops, certifications, and access to events;
• providing and offering access to digital assets (for example, publications, training courses, how to videos and guides);
• providing access to online communities;
• providing members with a subscription to ACS publications and/or other newsletters; and
• meeting its legal obligations.

2.2 Skilled Migration Services

ACS collects and may use personal information for its Skilled Migration Services for the purposes of:

• performing its role as a ‘Skills Migration Assessing Authority;
• processing and assessing applicants’ applications or inquiries;
• assessing applicants’ qualifications and experience to determine their suitability criteria and the outcome of their skills assessment application; and
• meeting its legal obligations.

2.3 Events  

ACS collects personal information through inquiries, registrations, and attendances at its events for the purposes of:

• organising and providing various events held by the ACS (including for example, courses, conferences, seminars, workshops, launches);
• processing and managing event registrations (including catering for dietary requirements);
• maintaining event attendance records;
• contacting registered event guests with information in regard to the event and seeking post-event feedback;
• communicating with you in relation to future events or ACS products, courses, services, promotions or other products or services that ACS reasonably thinks may be of interest to attendees;
• processing and responding to attendee inquiries; and
• conducting research to improve its events and better understanding needs.

2.4 Other

Other purposes, that ACS collect and use personal information may include:

• to provide our newsletters when you subscribe to receive them;
• to provide our publications and other digital assets for download on our website on request;
• conducting the ACS Professional Year Program in ICT;
• determining whether the general entry requirements and course entry requirements are satisfied for enrolment into ACS Education programs;
• to provide you with information and updates about ACS and/or its various brands, including the services we provide and to make you aware of any new and additional products, services or courses;
• to invite you to events, information sessions and other professional development courses and seminars;
• to verify your identity for the purposes of communicating and providing services to you;
• when you post details of job positions on our website;
• to provide you with information about sponsoring and / or partnering with the ACS;
• various business planning and accounting purposes;
• to improve our products and services, and better understand your needs; and
• for considering the suitability of job applicants for, and contacting those suitable applicants in relation to, current and future roles with the ACS.

Any non-identifiable personal information that is collected from your website visits is used solely internally for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are at this website.

If you do not provide us with certain personal information, ACS may be unable to perform its functions and/or provide you with the services and support your request. Please also be aware that as an education/RTO provider and skilled migration assessor, ACS is required to collect some personal information in accordance with its legal obligations.

The personal information we require to deliver our products and services is usually collected directly from you:

• using physical, electronic or online forms;
• via the internet including websites and social media;
• via email;
• via telephone or facsimile;
• via face-to-face contact (e.g. at forums, trade shows and events); and
• through security surveillance cameras (installed in some ACS offices).

We also collect personal information from third parties, including from:

• migration agents acting on your behalf;
• schools, universities and tertiary institutions;
• work colleagues who have written third party official Statutory Declarations or Affidavits; or
• your employer.

When collecting personal information by whichever means, ACS will take reasonable steps to provide the appropriate notices and obtain relevant consents in accordance with the Australian Privacy Principles. Most information is collected directly from the individual. ACS may also obtain some personal information from third party sources. In such cases ACS will require a warranty from the third party that the information has been collected in accordance with Australian Privacy Principles, including notification that the information may be disclosed to organisations such as ACS or requisite consents had been obtained.

We may keep unsolicited personal information (personal information we receive that we have taken no active steps to collect) if the information is reasonably necessary for one or more of our functions, services or activities.

ACS may, from time to time, disclose your personal information to:

• our employees, affiliates, controlled entities, contractors (or sub-contractors) or other third party service providers in order to provide our services, including (but not limited to) IT service providers, cloud providers;
• third party conference or event organisers;
• your fellow members as required by law (e.g. Associations Incorporation Act 1991);
• our professional providers or advisors (e.g. lawyers, accountants, business advisors);
• third parties with whom ACS has sponsorship, commercial or other contractual arrangements with to provide services or benefits to ACS members, marketing, business or other related purposes;
• credit reporting agencies, courts, tribunals and regulators if you fail to pay for the services provided to you;
• Department of Home Affairs as required for migration assessment applicants; and
• any other individual or third party for any authorised purpose with your consent or when authorised or required by law.

If you are a skilled migration assessment applicant, we provide the Commonwealth Department of Home Affairs with your assessment outcome, education qualifications, employment information, identification details relevant to your skilled migration application and your migration agent’s details (if applicable).

ACS may disclose personal information for secondary purposes that are related to the primary collection purpose but only in situations where it is reasonable to expect such information to be disclosed. Typically, this would be for internal business practices (auditing, product development, IT support and service providers, credit and collection agencies etc).

ACS is represented on a number of international bodies (including IFIP, SEARCC and IP3) and is a signatory to the Seoul Accord. It does not disclose any personal information to these bodies other than that of the ACS’s appointed representatives.

ACS is a Registered Training Organisation (‘RTO’) within the Australian Skills Quality Authority (‘ASQA’) framework and as such is required to comply with the National VET Provider Collection Data Requirements Policy. This includes providing reports which reveal personal information. This information is presented in aggregated form and used by VET regulators to better support the VET sector and will not identify individuals.

ACS is obligated by statute (Associations Incorporation Act 1991) to make available for inspection by the members of ACS the Prescribed Information in its Register of members. Prescribed Information includes the name and address of each member. In certain circumstances, members may apply to the ACS to restrict access to their personal information that is recorded in the register of members.

Marketing ACS products and services is important for us to fulfil our role. We use a number of direct marketing strategies and channels including email, mail, SMS, social media and telephone to provide you with information relating to our products, courses, services, promotions, publications or other products or services that we reasonably think may be of interest to you. We will provide you with a way of opting out of receiving direct marketing communications or you can Opt out by contacting our Privacy Officer (see contact details in section 13).

ACS’s contracted third parties may use similar marketing strategies and channels as ACS. Members have an Opt In option on ACS's website to grant consent to receive such third party communications. Also, ACS will be expanding its options for members to choose which third party communications they would like to receive and the frequency. Non-members can use the unsubscribe option available on marketing communications.

Likewise, members and others who have registered for an ACS event have an Opt In option to receive SMS communications (typically reminders for events).

ACS will never sell, trade, lease or rent any personally identifiable information to other organisations except as stated and agreed when collecting information from members or other persons.

ACS reserves the right to communicate with members about the substantive affairs of the organisation.

Our website uses cookies to provide the functionality necessary to deliver our products and services. Our website also uses a number of third party services such as analytics and security that also utilise cookies. We do not control these third parties or their cookies and we refer you to the third party’s website for details on how they use their cookies.

Cookies in use may identify individuals who log into our website. You can reject cookies by changing the settings on your browser but doing so may limit your functionality and user experience within our site. For further information, please refer to our Cookies Policy.

Our website uses analytics platforms that allow us to better understand how users experience our website and applications. These services do not identify individual users or associate member and customer IP addresses with any other data held by those platforms. The type of information that is collected includes:

• type of device being used to access the website;
• country where user is located;
• time on a page;
• bounce rate - the number of users that enter and leave the same page (expressed as a percentage);
• channel; and
• other metrics as required.

ACS uses Google Analytics and Adobe Analytics to collect and process anonymous and aggregated data. Details and information about these services and how the relevant service provider uses the collected data is available at www.google.com/policies/privacy/partners/ and https://www.adobe.com/privacy/experience-cloud.html

Securing and protecting data is an issue that ACS takes very seriously. We have implemented technology and security processes to protect the personal information that we collect and we take all reasonable steps to protect it. Our websites have electronic security systems in place, including the use of firewalls and data encryption. User identifiers and passwords are also used to control access to your personal information.

Other examples of ACS security measures include:

• two-factor authentication is required for member and customer data access; and
• access is restricted to only those members of staff who require access for their role.

ACS limits physical access to its offices. We maintain all personal information, including membership and 'in-house’ mailing lists, subscriber details and web server logs, in controlled environments that are secured against unauthorised access. Verification of identity is required before information is released to any person, including a member.

ACS servers are located in an ISO 27001 (Information Security Management System) certified facility.

ACS member and customer data is held in the Cloud by a number of third party Customer Relationship Management systems (‘CRMs’) providers that may be located overseas, including in Japan and the USAny overseas disclosures will only be made once ACS has taken all reasonable steps to ensure the personal information will be treated at least in accordance with the Privacy Act and other applicable privacy laws. (Note that our CRM provider has been certified by the Australian Signals Directorate through their ASD Certified Cloud Services program).

ACS's agreements with our cloud providers address compliance with the Privacy Act and any amendments to those laws. We are confident that the providers will maintain administrative, technical, and physical safeguards to help protect the security, confidentiality and integrity of member and customer data consistent with applicable requirements of Australian privacy laws.

You have the right to seek access to the personal information we hold on you. Members can readily access and amend as necessary their own personal information by visiting the respective ACS website.

Non-members can access the personal information we hold on them by contacting our Privacy Officer (see contact details in section 14), either in writing or by email. The person seeking access will be asked to verify their identity before the information is released.

ACS will take reasonable steps to ensure that personal information held is current, accurate and complete. You have the right to request access to your personal information and to request its correction. In particular, members can access, and are expected to update as necessary, their contact details and professional development activities through the ACS website Otherwise, you can also request to access and correct your personal information by contacting our Privacy Officer (see contact details in section 14)

ACS acknowledges that ICT professionals may suspend and reactivate their ACS membership as they move through experiences and employment and ACS will retain personal information for reasonable periods to assist in this process. Additionally, ACS acknowledges the merit in keeping metrics on the assessment of ICT skills and will also retain personal information on skills assessment applicants for reasonable periods. Outside of reasonable retention and other legal requirements, we will destroy or permanently de-identify personal information. We will also do the same on lawful request.

Contracts with all service providers/consultants whose service involves access to personal information must be subject to contract terms that are compliant with the ACS Privacy Policy and Office of the Australian Information Commissioner guidelines and rules that are legally binding. Where necessary, formal Non-Disclosure Agreements are in place. Also, third parties such as mailing houses, which receive personal information in order to provide a service for ACS, are required to sign an undertaking that the information will only be used for the purpose for which the information was provided.

Complaints concerning the collection, disclosure or handling of your Personal Information by ACS or breaches of the APPs should be addressed to our Privacy Officer (see contact details in section 14). Any complaint should be first made in writing and include the date, details of your complaint or the alleged breaches, and how you would like your complaint resolved.

Our Privacy Officer will attempt to resolve the complaint within 30 business days but this timeframe may be extended if further information is required from the complainant and/or an involved third-party.

If the complaint is not resolved to your satisfaction you can refer it to the Office of the Australian Information Commissioner. Such complaints generally are resolved through conciliation.

ACS’s Privacy Officer is your first point of contact in relation to privacy-related matters and to assist in our compliance with privacy obligations. The following contact details are provided below if have any queries or wish to contact our Privacy Officer:

Contact details: [email protected]; 02 9299 3666.

Postal address: Level 27, Tower One, 100 Barangaroo Avenue, Sydney, NSW, 2000.