The Australian Computer Society (‘ACS’) is committed to protecting personal information and will take all reasonable steps to secure the personal information it holds. In the context of this policy, a reference made to the ACS also includes ACS’s wholly owned businesses and brands, including Association for Data-Driven Marketing & Advertising (‘ADMA’), ADMA Forum, Bay City Labs, Data Governance Australia (‘DGA’), Digital & Technology Collective, Harbour City Labs, Institute of Analytics Professionals of Australia (‘IAPA’), IQ Education and River City Labs.
The ACS understands the importance of privacy and is committed to collecting and handling personal information in accordance with all applicable privacy laws including the Australian Privacy Act 1988 (Cth) (‘Privacy Act’) and the Australian Privacy Principles (‘APPs’).
The ACS is also committed to complying with the EU General Data Protection Regulation (‘GDPR’) to the extent that we collect the personal information of individuals who are located or resident in the European Union.
If you are based in the EU, Schedule A sets out additional privacy information applicable to you under the GDPR.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in material form or not.
ACS collects and holds personal information when you engage with us, make inquiries with us, download our publications and other digital assets, sign up to our newsletters, or interact with our websites and social media accounts. This includes your name and contact details (such as address, email address, mobile number, etc).
In addition, we may also collect and hold other personal information in order to provide our services (please refer to section 2 for details of the various services the ACS provides). The information collected will vary depending on the products and services that you use and may include some, or all, of the following:
General information: Your name, gender, date of birth, country of residence and / or country of birth, visa information, next of kin, preferred language.
Identification: Passport, drivers’ licence, Medicare card, birth certificate or other identification details (which may include your image).
Contact details: Your home address, work address, mail address, email address, phone numbers, social media handles, and other ways to contact you.
Your education and employment information: Your student or employer identification, education qualifications, education transcripts, scores, or other evidence, employer information, position title, resume, work experience, or other relevant employment information.
Health and dietary information: Dietary and health information, including medical conditions and / or requests for specific assistance, in connection with your use of our products and services.
Your use of our products and services: Information on whether you have purchased, used, or indicated interest in any of our products or services.
Payment information: Bank account details, credit card information (last 4 digits of the card and expiry date) may be collected by ACS but is processed using a secure 3rd party gateway and therefore this information is not held.
Your preferences and interests: Your stated or likely preferences, for example whether you may be interested in specific information and news, technical topics, products or services, or promotions.
Our interactions with you: Enquiries, feedback, complaints, compliments, responses to surveys, records of any correspondence and interactions with us and our staff (including in person, online, by telephone or email and via social media), or other forms of interaction.
Your use of our website and applications: Your IP address and details of how you use the website or apps.
Other: marriage certificate, tax ID numbers and superannuation/insurance reference numbers.
At times, your use of some of our products and services may require us to collect additional information from you. This information will only be used to provide you with those services or to support your use of those services.
1.1 Sensitive information
Under the Privacy Act, ‘sensitive information’ means information or an opinion about an individual’s:
ACS does not collect sensitive information except as set out in this section or with your informed consent. Please note however that membership of ACS or the British Computer Society (through our member and certification recognition) will be noted if applicable.
ACS will use your personal information in order to communicate with you and provide you with our various services, including for the purposes set out below.
ACS collects and may use the personal information of its members for the purposes of:
2.2 Skilled Migration Services
ACS collects and may use personal information for its Skilled Migration Services for the purposes of:
ACS collects personal information through inquiries, registrations, and attendances at its events for the purposes of:
Other purposes, that ACS collect and use personal information may include:
Any non-identifiable personal information that is collected from your website visits is used solely internally for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are at this website.
If you do not provide us with certain personal information, ACS may be unable to perform its functions and/or provide you with the services and support your request. Please also be aware that as an education/RTO provider and skilled migration assessor, ACS is required to collect some personal information in accordance with its legal obligations.
The personal information we require to deliver our products and services is usually collected directly from you:
We also collect personal information from third parties, including from:
When collecting personal information by whichever means, ACS will take reasonable steps to provide the appropriate notices and obtain relevant consents in accordance with the Australian Privacy Principles. Most information is collected directly from the individual. ACS may also obtain some personal information from third party sources. In such cases ACS will require a warranty from the third party that the information has been collected in accordance with Australian Privacy Principles, including notification that the information may be disclosed to organisations such as ACS or requisite consents had been obtained.
We may keep unsolicited personal information (personal information we receive that we have taken no active steps to collect) if the information is reasonably necessary for one or more of our functions, services or activities.
ACS may, from time to time, disclose your personal information to:
If you are a skilled migration assessment applicant, we provide the Commonwealth Department of Home Affairs with your assessment outcome, education qualifications, employment information, identification details relevant to your skilled migration application and your migration agent’s details (if applicable).
ACS may disclose personal information for secondary purposes that are related to the primary collection purpose but only in situations where it is reasonable to expect such information to be disclosed. Typically, this would be for internal business practices (auditing, product development, IT support and service providers, credit and collection agencies etc).
ACS is represented on a number of international bodies (including IFIP, SEARCC and IP3) and is a signatory to the Seoul Accord. It does not disclose any personal information to these bodies other than that of the ACS’s appointed representatives.
ACS is a Registered Training Organisation (‘RTO’) within the Australian Skills Quality Authority (‘ASQA’) framework and as such is required to comply with the National VET Provider Collection Data Requirements Policy. This includes providing reports which reveal personal information. This information is presented in aggregated form and used by VET regulators to better support the VET sector and will not identify individuals.
ACS is obligated by statute (Associations Incorporation Act 1991) to make available for inspection by the members of ACS the Prescribed Information in its Register of members. Prescribed Information includes the name and address of each member. In certain circumstances, members may apply to the ACS to restrict access to their personal information that is recorded in the register of members.
Marketing ACS products and services is important for us to fulfil our role. We use a number of direct marketing strategies and channels including email, mail, SMS, social media and telephone to provide you with information relating to our products, courses, services, promotions, publications or other products or services that we reasonably think may be of interest to you. We will provide you with a way of opting out of receiving direct marketing communications or you can Opt out by contacting our Privacy Officer (see contact details in section 13).
ACS’s contracted third parties may use similar marketing strategies and channels as ACS. Members have an Opt In option on ACS's website to grant consent to receive such third party communications. Also, ACS will be expanding its options for members to choose which third party communications they would like to receive and the frequency. Non-members can use the unsubscribe option available on marketing communications.
Likewise, members and others who have registered for an ACS event have an Opt In option to receive SMS communications (typically reminders for events).
ACS will never sell, trade, lease or rent any personally identifiable information to other organisations except as stated and agreed when collecting information from members or other persons.
ACS reserves the right to communicate with members about the substantive affairs of the organisation.
Cookies in use may identify individuals who log into our website. You can reject cookies by changing the settings on your browser but doing so may limit your functionality and user experience within our site. For further information, please refer to our Cookies Policy.
Our website uses analytics platforms that allow us to better understand how users experience our website and applications. These services do not identify individual users or associate member and customer IP addresses with any other data held by those platforms. The type of information that is collected includes:
ACS uses Google Analytics and Adobe Analytics to collect and process anonymous and aggregated data. Details and information about these services and how the relevant service provider uses the collected data is available at www.google.com/policies/privacy/partners/ and https://www.adobe.com/privacy/experience-cloud.html
Securing and protecting data is an issue that ACS takes very seriously. We have implemented technology and security processes to protect the personal information that we collect and we take all reasonable steps to protect it. Our websites have electronic security systems in place, including the use of firewalls and data encryption. User identifiers and passwords are also used to control access to your personal information.
Other examples of ACS security measures include:
ACS limits physical access to its offices. We maintain all personal information, including membership and 'in-house’ mailing lists, subscriber details and web server logs, in controlled environments that are secured against unauthorised access. Verification of identity is required before information is released to any person, including a member.
ACS servers are located in an ISO 27001 (Information Security Management System) certified facility.
ACS member and customer data is held in the Cloud by a number of third party Customer Relationship Management systems (‘CRMs’) providers that may be located overseas, including in Japan and the USAny overseas disclosures will only be made once ACS has taken all reasonable steps to ensure the personal information will be treated at least in accordance with the Privacy Act and other applicable privacy laws. (Note that our CRM provider has been certified by the Australian Signals Directorate through their ASD Certified Cloud Services program).
ACS's agreements with our cloud providers address compliance with the Privacy Act and any amendments to those laws. We are confident that the providers will maintain administrative, technical, and physical safeguards to help protect the security, confidentiality and integrity of member and customer data consistent with applicable requirements of Australian privacy laws.
You have the right to seek access to the personal information we hold on you. Members can readily access and amend as necessary their own personal information by visiting the respective ACS website.
Non-members can access the personal information we hold on them by contacting our Privacy Officer (see contact details in section 14), either in writing or by email. The person seeking access will be asked to verify their identity before the information is released.
ACS will take reasonable steps to ensure that personal information held is current, accurate and complete. You have the right to request access to your personal information and to request its correction. In particular, members can access, and are expected to update as necessary, their contact details and professional development activities through the ACS website Otherwise, you can also request to access and correct your personal information by contacting our Privacy Officer (see contact details in section 14)
ACS acknowledges that ICT professionals may suspend and reactivate their ACS membership as they move through experiences and employment and ACS will retain personal information for reasonable periods to assist in this process. Additionally, ACS acknowledges the merit in keeping metrics on the assessment of ICT skills and will also retain personal information on skills assessment applicants for reasonable periods. Outside of reasonable retention and other legal requirements, we will destroy or permanently de-identify personal information. We will also do the same on lawful request.
Complaints concerning the collection, disclosure or handling of your Personal Information by ACS or breaches of the APPs should be addressed to our Privacy Officer (see contact details in section 14). Any complaint should be first made in writing and include the date, details of your complaint or the alleged breaches, and how you would like your complaint resolved.
Our Privacy Officer will attempt to resolve the complaint within 30 business days but this timeframe may be extended if further information is required from the complainant and/or an involved third-party.
If the complaint is not resolved to your satisfaction you can refer it to the Office of the Australian Information Commissioner. Such complaints generally are resolved through conciliation.
ACS’s Privacy Officer is your first point of contact in relation to privacy-related matters and to assist in our compliance with privacy obligations. The following contact details are provided below if have any queries or wish to contact our Privacy Officer:
Contact details: [email protected]; 02 9299 3666.
Postal address: Level 27, Tower One, 100 Barangaroo Avenue, Sydney, NSW, 2000.
PO Box Q534
QVB NSW 1230