Data Privacy Policy

DATA SECURITY

At StudentSafe AU, we are committed to protecting your personal information and ensuring transparency in how we handle this data. This policy outlines how we collect, manage, store, and protect the personal data you provide to us. It also explains who has access to your data, for what purposes, and how long it is retained.

Data security is of the utmost importance to us and we are committed to ensuring information we collect from you is secure. In order to prevent unauthorised access or disclosure, we have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect online and offline.

1. Collection of Personal Information

We collect personal information during our consultation process to develop tailored school transport solutions. This information may include: 

  • Name 
  • Address 
  • Contact details (email address, phone number) 
  • Postcode 
  • Survey responses 
  • Data related to current school transport routes and systems 
  • Directly from you: When you provide information through surveys, consultations, or direct communications. 

       ● Indirectly: By analysing postcode and transport data shared during the consultation process.

Purpose of collection:

  • To analyse current transport routes and systems for efficiency and optimisation.
  • To gather feedback from stakeholders regarding existing transport arrangements. 

2. Use and Management of Personal Data

Your personal data is used solely for the purposes outlined above and may be shared with trusted third-party service providers to assist with data processing or transport modelling, as required for legitimate business purposes. Your explicit consent will be obtained unless sharing is essential to fulfil the purpose of the consultation or required by law. 

How we use your data:

Analyse transport and postcode data for insights and improvements.

Review survey responses to identify common themes and concerns.

Design optimised transport routes and present tailored solutions.

3. Data Storage and Retention

We retain personal data only as long as necessary to fulfil the purposes outlined in this policy, ensuring compliance with legal, contractual, or operational requirements. Specifically, personal data will be stored for the duration of the consultation project and up to 12 months afterwards to address any follow-up inquiries or reviews. Once this period ends, the data will be securely deleted or anonymised, unless further retention is required by law or for legitimate business needs.

 

Data Security Measures:

We implement technical and organisational measures to ensure your data is secure, including encryption, access controls, and secure data storage. 

  • Encryption: Personal data is encrypted both in transit and at rest.
  • Access Controls: Access is restricted to authorised personnel only, based on their roles and responsibilities.
  • Backup: Regular backups ensure data integrity and availability in case of system failure.

4. Access to Personal Data

Your personal information is only accessible to employees and contractors who need to use it for legitimate business purposes, such as data analysis, customer service, and presenting tailored solutions.

Who has access:

  • Data analysts developing optimised transport strategies. 
  • Survey analysts interpreting survey results.
  • Customer support and technical staff addressing inquiries or feedback.

Purpose of access: Access is restricted to those with job-related roles to process and analyse the data collected during the consultation.

5. Third-Party Sharing

We do not sell, rent, or trade your personal data. However, we may share your personal data with trusted third-party service providers for legitimate business purposes, such as assisting with data processing or transport modelling. These providers comply with strict data protection measures and use your data solely for the purposes agreed upon during the consultation. 

Explicit consent will be obtained for any third-party sharing, except where sharing is necessary for the consultation process or required by law. In all cases, data sharing will remain compliant with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)

6. Transparency and Consent

We value your privacy and aim to provide transparency regarding the collection and use of your personal data.

  • Consent to participate: By participating in surveys or consultations, you consent to the collection and processing of your personal data for the purposes described in this policy. If we intend to use your data for additional purposes, we will obtain your explicit consent. 
  • Right to withdraw consent: You may withdraw your consent at any time by contacting us at corporategovernance@thecoachcompany.com . We will respect your decision and cease processing your data. 

7. Data Subject Rights

You have certain rights regarding your personal data under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). These include: 

  • Access: Request access to your personal data and receive a copy of the information we hold, subject to certain exceptions. 
  • Rectification: Request correction if your personal data is inaccurate.    Deletion: Request deletion of your personal data, subject to legal or contractual obligations. 
  • Portability: Request a copy of your personal data in a structured, commonly used, and machine-readable format. 

To exercise any of these rights, please contact the Compliance Officer at: Rev: 08-12-2024 / SSAU GOV-DAT-1 3

corporategovernance@thecoachcompany.com

8. Notifiable Data Breach

In accordance with the Notifiable Data Breach (NDB) scheme introduced by the Privacy Amendment (Enhancing Privacy Protection) Act 2012, we are committed to promptly notifying you in the event of a data breach that may result in serious harm to you. If a breach occurs, we will: 

  • Assess the breach and its potential impact. 
  • Notify affected individuals as soon as practicable. 

      ● Report the breach to the Office of the Australian Information Commissioner (OAIC) if required.

9. Updates to this Policy

We may update this privacy policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will notify you of any significant changes by posting an updated policy on our website or contacting you directly.

10. Contact Us

For any questions relating to this policy, please contact the Compliance Officer at: corporategovernance@thecoachcompany.com