The “ACI Online Learning Centre”, “Canadian Airports Online College”, “Duty Free World Council Academy” and “Klayo” are services operated by Ceventas Pty Ltd (ABN 66 128 878 811).
We may make alterations or additions to this policy from time to time. Should we do so, we will update this policy on our web site.
2. What is “personal information”?
The Privacy Act 1988 (Cth) (Act) defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
a) whether the information or opinion is true or not; and
b) whether the information or opinion is recorded in a material form or not.
3. Purpose of collection
We collect personal information to provide you with services available through Ceventas.
We may also use your personal information in connection with data analytics to:
a) personalise our service offerings to you, and
b) assist in our understanding of industry dynamics and standards and thereby improve our overall service for the benefit of both yourself and others.
4. What information do we collect?
Ceventas collects different information about you at different times. There are two broad categories of information that we collect from you:
5. Information we require to supply our services
When you sign up for Ceventas services, or when you make an inquiry about our services, we may request personal information such as your name, company, seniority, position, address, telephone number, email address and credit card details (if you are paying online).
6. Personal information stored on our systems
Ceventas and its service providers will have personal information stored on servers due to the nature of the services we provide.
This information may include training records and competency attributes including knowledge, skills, abilities, competencies and other relevant workforce capability data.
This information will be kept strictly confidential, unless we are required to release the information by law.
7. How we collect your personal information
The only information we collect is what you provide to us or which you have, expressly or by implication, agreed we can collect from authorised third parties in order to enable your participation in the services we offer.
By participating in Ceventas services and by voluntarily providing us with information about yourself, you are consenting to our use of that data in the manner described in this policy.
8. How do we use personal information we have collected?
We collect and use your personal information to deliver our services to you. We will use your personal information to provide you with:
9. Direct marketing
If you use our services, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected such information direct from you or from other authorised users of the service, and if the material is of a type that you would reasonably expect to receive from us.
We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature. In the case of electronic marketing material subject to the Spam Act 2003 (Cth), the material will be accompanied by a functional unsubscribe facility.
An alternative means of opting out is to contact us as set out below and simply request that you receive no further such communications.
We may use your personal information to:
Ceventas uses the services of MailChimp and as such personal data will be transferred and processed by MailChimp when consent to receive promotional material is given. We will disclose your personal information, without notice or your consent, only if:
You may stop the delivery of promotional email from Ceventas at any time by following the specific instructions in the email you receive. These instructions will tell you how to remove your name from our subscription list.
If we collect personal information from you via our website, we may use digital cookies to remember your preferences and collect online traffic data and browsing characteristics.
Internet cookies are small strings of text placed on users’ hard drive during the data exchange that happens when a browser points to a website. The browser stores the message in a text file which is sent back to the server each time the browser requests a page from the server.
Cookies and other information collection technologies can only store information that is explicitly provided by the user or visitor in the first place, or information which is already known to the website such as your IP address.
You can choose to adjust your browser to reject cookies or to notify you when they are being used, bearing in mind that rejecting cookies may mean you will be unable to access the service.
11. Disclosure of personal information
By using our service’s you agree that your employer and/or airports at which you work may have access to your training records including courses enrolled, completion status, dates of enrolment and completion and your final assessment scores.
Your personal information may be accessible by other authorised users of the service such as training and compliance amanagers. Your information will not be available to anyone that is not an authorised registered user of the service.
We may have cause to disclose personal information to our service providers who assist us in operating our computer systems. Your personal information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties. In the event that we outsource part of our infrastructure, it is possible that the entity we engage for this purpose may also have access to your personal information.
Subject to the foregoing, we only use your personal information in a manner consistent with the original purposes of collection or as otherwise permitted by the Australian Privacy Principles (or, where and to the extent applicable, the GDPR).
12. Access and correction
You can access and (where appropriate) correct personal information which you have provided to us, subject to certain situations where we are permitted by law to deny access.
Note, however, that responsibility for management of your employment records rests with your employer, not with us, and any enquiries regarding such records should be directed to the employer, whether or not your employer continues to use our service, and whether or not you remain an employee of that entity.
Australian Privacy Principle 12 permits you to obtain access to the personal information we hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions. If you require assistance in accessing your personal data for this purpose, please contact us as set out below.
13. Complaint procedure
If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be carefully considered, and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
14. Overseas transfer
Your personal information may be transferred overseas or stored overseas for a variety of reasons. By the very nature of our services, it is a condition of participation that you consent to the overseas transfer of your personal information.
You indicate your consent to the overseas transfer of your personal information by participating in our services. If you do not consent, we may be unable to provide you with the services.
15. GDPR and other foreign legislation
In some circumstances, the European Union General Data Protection Regulation (“EU GDPR”) provides additional protection to individuals located in Europe. Similarly, individuals located in the United Kingdom will in some circumstances be protected by domestic legislation which effectively implements the GDPR (“UK GDPR”).
Where this is the case, there may be additional rights and remedies available to you under the GDPR in the event that your personal information is handled in a manner inconsistent with that law. In these circumstances, your additional rights will include the right to object to, restrict and/or withdraw your consent to the processing of your personal information, the right to access or erase your personal information, and the ability to receive a machine-readable copy of your personal information.
Some countries outside the EU or the UK may also have data protection legislation with extra-territorial effect which replicates the GDPR in whole or in part.
Please contact us at firstname.lastname@example.org if you require any further explanation in this regard.
16. Amendments to this policy
17. How to contact us about privacy
If you have any queries, or if you seek access to your personal information, or if you have a complaint about our privacy practices, you can contact us on email@example.com