PRIVACY POLICY – WEBSITE & LMS
This Privacy Policy sets out how CompAP (ABN 96986355903) protects the privacy of personal information that is collected through the website available at compap.com.au (Site), from industry partners, contractors to CompAP or directly from you. We are committed to ensuring that your privacy is protected. Please read this Privacy Policy carefully.
​
Should we ask you to provide any information by which you can be identified when using this Site, we assure you that it will only be used in accordance with this Privacy Policy and the Australian Privacy Principles.
You are not required to provide any personal information to us. If you do not do so, it may affect your use of this Site or the products and services offered on the Site.
​
This Privacy Policy may be amended from time to time with changes, additions and deletions, at our sole discretion. You should check this page regularly to ensure that you are aware of any changes. Your continued use of the Site following any amendments indicates that you accept the amendments.
​
Collection of Personal Information
We collect information from a variety of sources. Information may be collected:
-
when you provide details to CompAP in an enrolment application form, consent form, survey or feedback form;
-
when you enter personal information into, or agree to having your personal information entered into, our online Learning Management System (LMS);
-
via our industry partners associations or other body which is a member or affiliated with CompAP;
-
when you access the Site or LMS;
-
when you contact us via email, telephone or mail or engage via social media;
-
when you participate in any program, activity, competition or event run by CompAP;
-
where we are required to do so by law (for education, VET training, child protection, Work Health and Safety laws or other legislation in Australia).
The information that we collect may include:
-
name;
-
contact information, including email address;
-
school you are attending or teaching;
-
information about your vocational needs;
-
any other information requested on this Site or otherwise required by us or provided by you.
We may contact you to voluntarily respond to questionnaires, surveys or market research to seek your opinion and feedback. Providing this information is optional to you.
​
We may receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.
​
How we use Cookies
CompAP uses session “cookies” for keeping users logged in to the Site. A cookie is a small file supplied by our web server and stored by the web browser software on your computer when you access this site. An explanation of cookies can be found at the site of the Office of the Australian Information Commissioner. Cookies allow us to recognise you as an individual as you move from one of our web pages to another, and to retain data about whether you are logged in to the CompAP LMS.
​
This information is only used to help you use our website systems more efficiently, not to track your movements through the internet, or to record private information about you.
​
Age Limits
We only partner with secondary schools. Our lowest age group is typically those students commencing Year 10 (14-15 years).
​
Use of Personal Information
We collect and use personal information for the following purposes:
-
to allow account creation for students, teachers, and assessment through our custom-built LMS;
-
to provide information, products and services to you and request information to manage and administer those products and services (including enrolment, assessment and issuing certificates of completion and statements of attainment);
-
to deliver or facilitate the provision of training and capture assessment evidence for making assessment judgements;
-
to respond to your queries relating to our Site, our products, advice and services;
-
to better understand your needs, enabling us to improve our products and services;
-
for internal record keeping;
-
direct marketing (we will only use your information if you have provided consent to use your information for this purpose and you have opted-in to this type of communication).
We may contact you by a variety of measures including by telephone, email, sms or mail. If you wish to update your contact details or change the way we contact you, please contact us at the details below.
​
Disclosure of Personal Information
We may disclose personal information:
-
for the purposes of informing teachers, assessors, and our industry partners about course progression and completion status;
By providing us with personal information, you consent to this disclosure. Where we disclose your personal information to third parties, we will request or otherwise seek to get comfortable that the third party follows the Australian Privacy Principles regarding handling your personal information.
​
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith and where we have sought to maintain confidentiality.
​
We do not typically or routinely disclose personal information to overseas recipients. Unless consent has been given, or an exception under the Australian Privacy Principles applies, we will only disclose personal information to overseas recipients where reasonable steps have been taken to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to your personal information.
​
Security
We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure that information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. This includes:
-
The Site is secured using an SSL certificate. Access to the website is not available on an insecure connection.
-
All storage infrastructure is housed in highly secure data centres with redundancy in place in the event of natural disasters.
-
Regular third party pen testing is conducted on our systems in addition to close monitoring by internal developers. Manual and automatic malicious code scanners are in place.
Data Storage
Data is stored using obfuscation for relevant personal information and encrypted passwords.
​
Application and server information
The server infrastructure is located in an Vultr Cloud data centre facility in Sydney, Australia.
The server is configured using best security practices. A code review and quality assurance process is undertaken prior to code being deployed into the production environment. Access to server infrastructure is through public and private key authentication with multiple access level checks.
​
Controlling your personal information
Choice and Consent
Providing us with your personal information is optional to you. You can choose not to provide personal information. When you provide us with your personal information, you consent to the terms in this Privacy Policy, and to us disclosing or receiving your personal information for these purposes. We will not sell, distribute or lease your personal information to third parties unless we have your permission or are legally required to do so.
Anonymity
We will provide individuals with the option of remaining anonymous or using a pseudonym in their dealings with us where it is lawful and practicable (e.g. when requesting information on a course; website enquiries; anonymous complaints/feedback). Generally is it not practicable or lawful for us to deal with individuals anonymously or pseudonymously on an ongoing basis (e.g. if the individual wishes to enrol in a Binnacle program).
Restrict
You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us, details below.
Access
You may at any time request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth). We prefer that this request is made in writing by contacting CompAP via the details below. We may require that you provide sufficient identification before allowing you to access personal information held about you. If we are required or authorised by law to do so, we may refuse to provide you with access to this information. We will either provide you with access or inform you of our decision to refuse access within 28 days of receiving your request.
Correction
If you believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us (details below). We rely in part upon clients advising us when their personal information changes. We will respond to any request within a reasonable time and will endeavour to promptly correct any information found to be incorrect so that the information is accurate, up-to-date, complete, relevant and not misleading.
Complaints
If you believe that we have breached the Australian Privacy Principles and wish to make a complaint about that breach then please email us setting out details of the breach. We will promptly investigate your complaint and will endeavour to respond to you in writing within 28 days setting out the outcome of our investigation, what steps we propose to take to remedy the breach and any other action we will take to deal with your complaint.
​
To contact our Privacy Officer, please contact us at:
CompAP
Peppertree Drive, Jimboomba, QLD, 4280