UTAS statement on personal information
Information covered by this statement
You do not need to reveal personally identifiable information to access and browse certain web pages, or to use certain functionality contained on the Sites. However, using the services, functionality or features related to the provision of online courses on the Sites does require you to provide personally identifiable information such as your name and email address. You are responsible for ensuring that any personally identifiable information that you provide to UTAS is accurate and kept up to date. Providing inaccurate information may result in some services and courses being unavailable and inaccessible to you.
What you consent to by using the Sites
What information is collected
Personally identifiable information (i.e. information that can identify you) is collected by UTAS when you register for a user account, participate in online courses, discussion lists and forums through the Sites, and when you communicate with course instructors or UTAS. Personally identifiable information about your performance in an online course may also be collected in aggregate form and at the individual participant level.
UTAS may track, collect and aggregate non-personal information (i.e. information that cannot identify you) such as pages that have been visited, when they were visited, the order in which they were visited, and which hyperlinks or other functionalities have been used on the Sites. UTAS may log the IP address, operating system, browser software and device type used by users of the Sites, and, from an IP address, UTAS may be able to determine a user’s internet service provider and the geographic location of that user’s point of connectivity. Information is also collected or may be collected through cookies and other typical web analytical tools and methods. Cookies are small data files that store information about a User's visit to a website. When you browse the Sites in the future, the data stored in the cookie can be retrieved by the Sites allowing for an improved and more personalised experience on the Sites. Most web browsers allow you to control how and whether cookies are accepted by that web browser. Instructions on how to reset a web browser so that cookies are rejected are usually found in the “Help” section of that web browser’s toolbar. Please understand that if you reject cookies from the Sites, many of the functions and conveniences of the Sites may not work properly.
How information is used and shared
Non-personal information is used in aggregate form to gain a better understanding of the educational needs of users and to improve services through analyses of the demographics and learning behaviours of online course participants and site users.
Personally identifiable information may be used to respond to your questions, provide you with courses and/ or services through the Sites, and as further provided in this Privacy Statement. In particular, your personally identifiable information may be used and disclosed as described below. We will also use and disclose your personally identifiable information to provide services to you through our contracted providers for services such as providing certificates to indicate you have completed a course.
Communications with UTAS and course officials
When you contact UTAS and/ or the online course instructors, they may use the information provided by you to respond to your communication and/ or as described in this Privacy Statement.
Providing services to you
Personally Identifiable Information such as your email address and name will be used to provide you with a user account allowing you to participate in online courses, discussion lists and forums, and otherwise to administer online courses and related services to you.
Online Course Participation
Personally identifiable information that is collected from you will be used to process and manage your participation in online courses through the Sites, including without limitation, tracking your attendance, progress and stages of course completion, and to administer online course assessments such as assignments, quizzes, tests and exams. To the extent required to manage your participation in an online course, your personally identifiable information may be shared with course instructors and other persons who are designated by the course instructors to develop, edit, review or modify the course and/ or its content.
Forums and Discussion Lists
Forum posts by you containing personally identifiable information may be used to facilitate your continued use of the online course forums and may be reposted in future course offerings for reasons including without limitation as an exemplar in future courses or as feedback for marketing. Where a posting by you is reposted it will be de-identified unless consent is given by you to include your identifiable information (e.g. your username or name)
Postings (i.e. submissions made through the Sites) by you of information such as comments, coursework and other content which contain personally identifiable information will be shared with other course participants and users of the Sites where it is posted or communicated to a course forum, discussion list, or other portion of the Sites designed for public communications to other course participants or users of the Sites.
Personally identifiable information such as your email address may be used to send you updates about site maintenance, online course information and other services, products and events of UTAS, its affiliates and/or licensors.
Registration on the Thinkific Site
As a general rule, Thinkific will not give your data to third parties for direct marketing purposes without your permission. However, there are some important exceptions to this rule. You should check the Thinkific Privacy Statement for the full details of what information is collected by Thinkific and how it may be shared.
Links to external websites and services
The Sites may contain hyperlinks to websites and services that are not owned or operated by UTAS (“Third Party Sites”). No personally identifiable information from the Sites is disclosed by UTAS to Third Party Sites except as provided in this Privacy Statement. You acknowledge and agree that UTAS and the instructors of the online courses provided through the Sites are in no way responsible for the collection and use of your information by Third Party Sites. Please review the privacy policies of each Third Party Site before you use them and understand that if you use them it is at your own risk.
Changes to this Privacy Statement
You may contact UTAS in relation to any of your personal information collected when using UTAS websites by sending an email to email@example.com.
21 October 2016
Responsible Officer: General Counsel
Approved by: Vice-Chancellor
Approved and commenced: December, 2014
Review by: December, 2017
Relevant Legislation, Ordinance, Rule and/or Governance Level Principle: Personal Information Protection Act 2004 (Tas) Privacy Act 1988 (Cth) Archives Act 1983 (Tas) Right to Information Act 2009 (Tas)
Responsible Organisational Unit: Legal Services
The objective of this policy is to:
outline the University’s privacy obligations;
inform individuals of the manner in which the University collects, uses and discloses personal information.
This policy applies to all University staff, business units, divisions, faculties and entities.
3. Policy Statement
The University is required to comply with the provisions of the Tasmanian Personal Information Protection Act (2004). In addition the provisions of the Commonwealth Privacy Act (1988) may apply:
where the University agrees to comply with that Act in a contract; or
to University owned companies.
4. Policy Provisions
4.1 Collection of Personal Information from an individual
4.1.1 The University collects Personal Information from staff, students and members of the public.
4.1.2 The University will collect Personal Information by lawful means.
4.1.3 The University will only collect Personal Information that is necessary for one or more of its functions or activities.
4.1.4 When collecting Personal Information, or as soon as possible afterwards, the University will provide the individual with a Privacy Statement. The Privacy Statement will outline the following:
a. That the University is collecting the Personal Information;
b. The individual’s rights to access the Personal Information;
c. The purpose of collecting the Personal Information;
d. Who will have access to the Personal Information;
e. Whether the University is disclosing the Personal Information to third parties;
f. The main consequences if all or part of the Personal Information is not provided;
g. Which division of the University to contact for information about the collection, use and disclosure of Personal Information; and
h. Any law that requires the University to collect the Personal Information.
4.2 Collection of Personal Information from a third party
If the University collects Personal Information about an individual from a third party it will take reasonable steps to ensure that the individual is made aware of the matters outlined in paragraph 4.1.4.
4.3 Use of Personal Information
The University will only use the Personal Information it collects for the purpose for which it was collected unless:
* the University obtains the consent of the individual to use the Personal Information for another purpose; or
* the University is permitted to use the Personal Information for another purpose under the Privacy Laws.
4.4 Disclosure of Personal Information
4.4.1 The University will disclose Personal Information to staff members who require that information for the performance of their duties.
4.4.2 The University will disclose Personal Information in accordance with the purpose for which it was collected.
4.4.3 The University will only disclose Personal Information to third parties with the consent of the individual unless:
* the disclosure is permitted or required by law; or
* the disclosure is necessary to lessen or prevent a serious risk to health safety or welfare of an individual.
4.4.4 Where the University is disclosing personal information to a third party, the University will enter into an agreement that binds the third party to the provisions of the Personal Information Protection Act 2004.
4.5 Data Quality
The University will take reasonable steps to ensure that it keeps Personal Information it holds, up to date, accurate and complete.
4.6 Data Security
The University will take reasonable steps to protect personal information from misuse, loss, disclosure and unauthorised access. The University will only dispose of Personal Information in accordance with the disposal schedules maintained under the Archives Act 1983 (Tas).
4.7 Access and Correction
4.7.1 An individual may make a request to access to their Personal Information. At first instance the request should be made to the relevant faculty or business unit. If access is refused, the individual may make an application for access to information under the Right to Information Act 2009 (Tas).
4.7.2 If the Personal Information held by the University is inaccurate, incomplete of misleading, the individual may request that it be updated or corrected. If the University decides not to make the requested amendment, it will notify the individual of that decision in writing within 20 working days of the request being made.
4.8 Unique Identifiers
The University assigns staff and students an identification number in order to carry out its functions efficiently. The University will not permit a third party to adopt or use a University assigned unique identifier for another purpose.
4.9 Disclosure outside Tasmania
The University may transfer personal information interstate or overseas where it is necessary for the operation of the University. Where the University transfers personal information outside Tasmania, it will comply with the requirements of the Privacy Laws and will ensure that the recipient is within a jurisdiction that has Privacy Laws comparable to Tasmania.
4.10 Sensitive Information and Health Information
The University will not collect Sensitive Information or Health Information unless the individual has consented or the collection is required or permitted by law.
Collection: Is the act of gathering, acquiring or obtaining Personal Information from any source, including third parties, by any means.
Health Information: Is defined in the Act as Personal Information or an opinion about the physical, mental or psychological health, a disability, an individual’s future wishes relating to the provision of health services, other information collected to provide or in providing a health service and genetic information.
Any information or opinion given orally or in any recorded format about an individual:
- whose identity is apparent or is reasonably ascertainable from the information or opinion;
- who is alive or has not been dead for more than 25 years.
Personal Information Custodian: Is defined in the Act to include the University of Tasmania.
Privacy Laws: Includes the Personal Information Protection Act 2004 (Tas) and the Privacy Act 1988 (Cth).
Privacy Statement: Is a Statement provided to an individual that outlines the purpose of collecting the information and the intended use and disclosure of the Personal Information.
Sensitive information: Is a particular type of Personal Information. Its full definition can be found in the Act. It includes information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual preference and criminal record, as well as information such as counselling and disability information.
The Act: The Personal Information Protection Act 2004 (Tas).
Unique Identifier: Means anything assigned by the University to identify an individual for its operations, other than a name or ABN. For the purposes of the University it includes student and staff ID numbers.
How we protect your privacy
We’ve broken this policy down into different sections so you can better understand what areas are applicable to you.
POLICY IS PART OF OUR TERMS AND CONDITIONS OF USE
We do not knowingly provide services or sell products to children. If you are below the age of 16, you may use our website only with the permission and active involvement of a parent or legal guardian. If you are a minor, please do not provide us or other website visitors with any personal information and do not use this website. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
THE TYPE OF INFORMATION WE COLLECT FROM YOU
2. Personal Information from customers
If you are collecting any sensitive Personal Information from your students/subscribers (for example and including information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or sexuality), you agree to obtain affirmative, express consent from your students/subscribers for the use and access of sensitive Personal Information by Thinkific and other third parties.
Information we collect from our customers.
In order to offer The Services, we need to collect information from our customers. Here is a summary of the information that we collect from our customers and what we do with it:
We collect your name, email address, and IP address. We need this information to provide you with our Services, for example, to confirm your identity and contact you.
You may voluntarily provide additional information related to the registered account such as any API key provided or images or videos you choose to upload.
We collect data about the Thinkific-hosted webpages that you visit. We also collect data about how and when you access your account in order to give you access and at the same time improve our Services.
When you voluntarily share personal information with us in the course of offering your course and using our services, we store that Personal Information.
When transactions between you and our website involve payment by credit card, debit card, checks, money orders, and/or third party online payment services, we will collect information related to the transaction as part of the course of doing business with you, including billing address, telephone number, and other information related to the transaction.
When you share personal information about your customers (“learners”) we store that information for you so that you can process enrollments and better serve your customers.
This information is collected when you sign up for our Services, when you access our Services or otherwise provide us with the information. In some circumstances, when you have given us express permission, we will also use and store your personal information.
3. Information from our customers’ students/subscribers (“learners”)
In order to provide you with our product and services, we store information about your students so that you can administer your course(s). Here is some more details on what information we collect and why.
We allow you to collect the name, email, and any other personal information from your customers. Name and email are needed to allow individuals to access our Services for processes such as processing enrolments, authentication, or otherwise administering your course. This information is given on a voluntary basis when a customer uses or accesses our Services, for example when a customer visits a Thinkific site, enrolls in a course, or signs up for an account on a Thinkific site.
As a student progresses through your course(s) we collect information about how they interact with the course, including but not limited to, their progress through the course, quiz scores, survey results, discussion or forum contributions and other student activities.
While we technically process this information via the Thinkific platform in order to administer The Services, you have the ability to access and remove this information at any point. We do not access this information unless requested by a Thinkific customer.
Some transactions between learners and our website or your courses or school may involve payment by credit card, debit card, checks, money orders, and/or third party online payment services. In such transactions, we will collect information related to the transaction as part of the course of doing business with you, including a billing address, telephone number, and other information related to the transaction.
4. Information from Partners, Affiliates, Ambassadors, and Experts
Individuals who qualify as partners, ambassadors, affiliates or experts are businesses or individuals that have agreed to specific terms to work with Thinkific to promote the Service by a) referring clients to Thinkific; b) developing Thinkific sites or themes for customer use; c) developing apps using the Thinkific Application Interface (API) for customer use or d) partnering with Thinkific for the purposes of promotion or collaboration.
Information that we collect about partners, affiliates, ambassadors, and experts.
We may collect your name, company name, website, social media usernames/handles, phone number(s), address, business type, email address, PayPal Account, and GST/HST number (or local tax identifiers).
We collect data about the Thinkific-hosted webpages that you visit and how and when you access your account, including information about the device and browser you use, your network connection and your IP address. We use this information to give you access and to improve our Services.
We collect Personal Information about your customers that you share with us or that they provide to use directly. We use this information to work with you and to provide our Services to your customers.
We may also use Personal Information in other cases where you have given us express permission.
We collect this information when you sign up for a Partner, Affiliate, Ambassadors, or Expert Account, when you sign up one of your customers for our Services, or when your customers sign up themselves. We also collect any additional information that you might provide to us.
5. Information from Thinkific website visitors and support users
We collect information from visitors to the Thinkific website and your IP address. We also collect information such as when you visited, the website from where you came prior to visiting us, the website where you go when you leave our website, your computer’s operating system, location data, and the type of web browser that you are using.
We also collect Personal Information submitted by you via any messaging or email feature available from any of our websites.
We may also receive Personal Information when you submit help tickets or make other requests to Thinkific via any of our websites.
From telephone support users, we collect your name and phone number.
From support users (people who email us for support), we collect your name, email address, location, Thinkific site address, and email conversation with a Thinkific agent.
From forum and discussion users, we collect your name.
We use this information to provide and enhance our Services (including servicing your account, if applicable), and answer any questions you may have.
We collect this information when you visit Thinkific-hosted webpages, use Services offered on our websites or engage with us either by email, web form, instant message, phone, or post content on or through our websites (including forums, blogs and via any Messaging Feature). We also collect any additional information that you might provide to us.
6. Information from cookies and similar tracking technology
We collect cookies or similar tracking technologies. This means information that our website’s server transfers to your computer. This information can be used to track your session on our website. Cookies may also be used to customize our website content for you as an individual. If you are using one of the common Internet web browsers, you can set up your browser to either let you know when you receive a cookie or to deny cookie access to your computer.
Opting out: You can opt out of targeted ads served via specific third-party vendors by visiting the Digital Advertising Alliance’s Opt-Out page.
We may also use automated tracking methods on our websites, in communications with you, and in our products and services, to measure performance and engagement.
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser
7. Information that we share with third parties
Thinkific works with third parties to help provide you with our Services and we may share Personal Information with them to support these efforts. In certain limited circumstances, we may also be required to share information with third parties to conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also receive Personal Information from our partners and third parties.
Personal Information may be shared with third parties to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
Personal Information may be shared with third-party vendors to help us conduct marketing and/or advertising campaigns.
Personal Information may also be shared with a company that acquires our business, whether through merger, acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding. If this happens, we will post a notice on our homepage.
Thinkific will always ask for your consent before sharing your Personal Information with third parties for purposes other than those described in this Section 7.
8. Terminating your relationship with us
We will continue to store archived copies of your Personal Information for legitimate business purposes and to comply with the law.
We will continue to store anonymous or anonymized information, such as website visits, without identifiers, in order to improve our Services.
9. What we don’t do with your Personal Information
We do not and will never share, disclose, sell, rent, or otherwise provide Personal Information to other companies (other than to specific Thinkific customers you may be interacting with) for the marketing of their own products or services.
If you are a customer using Thinkific’s Services, we do not use the Personal Information we collect from you or your customers to independently contact or market to your customers. However, Thinkific may contact or market to your customers if we obtain their information from another source, such as from the customers themselves.
10. Keeping your personal information secure
We follow industry standards on information security management to safeguard sensitive information, such as financial information, intellectual property, employee details and any other Personal Information entrusted to us. Our information security systems apply to people, processes, and information technology systems on a risk management basis.
We exclusively process payments through PCI DSS Level 1 payment providers, which is the highest level of compliance available.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your Personal Information.
11. Residents of the European Economic Area (“EEA”)
Thinkific works with merchants and users around the world, including in the EEA. Please note that as part of our service, we may transfer your personal information to other regions, including to Canada and the United States.
Additionally, if you are located in the EEA, you have certain rights under European law with respect to your personal data, including the right to request access to, correct, amend, delete, or limit the use of your personal data. In order to exercise these rights, please reach out to us using the contact information below.
12. How do we protect your information across borders?
Thinkific Labs Inc. is a Canadian company, we provide services to customers and our technology processes data from users around the world. Accordingly, Thinkific may transmit your personal information outside of the country, state, or province in which you are located.
If you are located in the EEA or in Switzerland, and believe that your Personal Information has been used in a manner that is not consistent with the relevant privacy policies listed above, please contact us using the information below.
13. User Names and Passwords
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a username and password for access to certain parts of our website, you are responsible for keeping the username and password confidential. Do not give your password to anyone. If you enter a section of our website that requires a password, you should log out when you leave. As a safety precaution, you should also close out of your web browser completely and re-open it before viewing other parts of the Internet.
14. Accessing and Correcting your Information
If you have a customer account with us, you can review and change your personal information by logging into the website and visiting your account profile page. You may also send us an e-mail at email@example.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
If you are a learner/student and would like to access, change, or delete your personal information please contact the course provider that you interacted with directly. We act as a processor on their behalf and can only forward the request to the course provider.
15. Your Voluntary Disclosure of Information to Third Parties Who Are Not Our Suppliers
You may choose to provide personal information to website visitors or other third parties who are not our suppliers. Please use caution when doing so. The privacy policies and customs of these third parties determine what is done with your information.
We may use autoresponders to communicate with you by e-mail. To protect your privacy, we use a verified opt-in system for such communications and you can always opt-out of such communications using the links contained in each autoresponder message. If you have difficulties opting out, you may contact us by sending an e-mail to firstname.lastname@example.org, or sending us mail to the address listed below.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website, including the illegal acts of third parties (such as criminal hacking).
18. Policy Changes
If you are concerned about the topic covered by this policy, you should read it each time before you use our website. Any questions or concerns about this policy should be brought to our attention by sending an e-mail to email@example.com, or one of the methods provided under Contact Information, and providing us with information relating to your concern.
Thinkific Labs Inc.
#400 – 369 Terminal Ave
We hate unsolicited commercial e-mail as much as you do. Also known as Spam or junk e-mail, it is a disservice to the Internet community.
We fully endorse and comply with the requirements of Canada’s anti-spam legislation (CASL) and CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act), and all other applicable unsolicited commercial e-mail laws.
If you subscribe to electronic newsletters or other communications from us or our website, you will always have an option to unsubscribe immediately.
If you have additional questions, comments or concerns, please contact us by sending an e-mail to firstname.lastname@example.org and providing us with information relating to your concern.
You may also mail your concerns to us at the following address:
Thinkific Labs Inc. #400 – 369 Terminal Ave, Vancouver, BC V6A 4C4
Please note that the content of this page can change without prior notice.
This Anti-Spam Policy was last updated on December 19, 2014