COLLECTION OF PERSONAL INFORMATION
When you enrol in a course and use our Website, you may be asked for personally identifiable information such as your name, address, email address and telephone number. By giving us such information, you consent to our using it in the manner described in this policy.
Cookie information, pages you have visited and your IP address may also be recorded by us and/or third parties from your browser as set out in this policy.
USE OF PERSONAL INFORMATION
We use personal information to allow us to manage your course study, provide access for you to privileged areas of the Websites, send out newsletters, personalize your visit to our Website and enable us to improve the services and support we offer. We may occasionally carry out market research and send you details of course updates, competitions and other information that we think may be of interest or benefit to you in the course of your studies. If you do not wish to receive such information, please e-mail firstname.lastname@example.org.
DISCLOSURE OF PERSONAL INFORMATION
We may provide information about you to our employees/tutors in order to facilitate and administer your progression through your chosen course.
USE OF SUPPLIED IMAGES
As part of your assessment in your chosen course, you are required to supply images for specified tasks. All images supplied will be treated in the same manner as Personal Information. Images shall not be shared, displayed, distributed or provided to any third party unless you have consented to such disclosure.
Third-party advertisers may also create and access cookies, which will be subject to their privacy policies – we accept no responsibility or liability for the use of such third parties’ cookies. If you do not wish cookies to be placed on your PC or handheld device, then they can be disabled in your web browser. The option to do so is normally found in your browser’s “security settings” section. Please note that permanently disabling cookies in your browser may hinder your use of websites with interactive services.
All security on our Websites is treated seriously. Where applicable, we undertake security steps, including use of SSL technology and tokenizaion, on our back-end systems that store customer account information and to protect data transmissions. Tokenization is the latest security feature that we have implemented on all of our accepted payment gateways. Tokenization when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no extrinsic or exploitable meaning or value. This means in simple terms that your data is being managed by the latest most secure systems available for managing payments online. However, this is not a guarantee that such data transmissions cannot be accessed, altered or deleted due to firewall or other security software failures.
If you have any further concerns about security, please email our team at email@example.com.
The General Data Protection Regulation (referred to as GDPR from here) comes into effect on the 25th May 2018. It is all about data governance and in our case that translates to where data is stored and how is it secured.
The GDPR applies to any business operating in the European Union and also any business having customers in the European Union. While Online Camera Ed is based in Australia we do have customers overseas plus we feel this regulation is a good one to secure data here in Australia so we have adopted the GDPR standards. In reality the GDPR is not too different from Australian Privacy Principles and the Australian Privacy Act which we already fully comply with.
Our ethos is always to be transparent in what we do so here is some explanation about GDPR and our systems we have in place.
Online Camera Ed has two main areas affected by the GDPR and they are payment management and student details management.
Before explaining the details please be aware that we never share any student information or payment information. Even things such as the use of a student image is only done after receiving written permission from the student to use it first.
Our status report is a s follows:
Payments are managed for us by Paypal and Braintree which is also owned by Paypal. Online Camera Ed does not store credit card details at all but rather these are stored by Paypal and Braintree which is owned by Paypal. Paypal and Braintree which is owned by Paypal offer some of the most stringent data protection systems in the world and protection is at an extremely high level. We deliberately went with Paypal and Braintree which is owned by Paypal due to their security and the fact that we did not have to store personal credit card details on our system. No breaches of customer payment information have ever happened and we can report that world standard security systems are in place to manage this into the future as supplied by Paypal and Braintree which is owned by Paypal. So in summary all personal payment information is fully secured.
Student Details Management
The other area we manage is that of student information which is set up when someone enrols with us. Data captured is private and we do not ever share this with anyone. It does contain name, address, email address and phone number data and we treat the management of this as a high priority. No breaches of the security of this data have ever happened and we manage this in the following way:
Our web services provider is Newcastle based company Jezweb. Our web servers are also located in Australia and are GDPR compliant. The Online Camera Ed website has a software firewall in place to block malicious activity and the data centre uses hardware firewalls to help guard against attacks. So this provides a two tier firewall system and it is highly secured. All users protect their account by way of self defining their username and password. Passwords are not visible at any time to Online Camera Ed making them secure. Students are responsible for the security of their account by not sharing their username and password information. If in doubt contact us on firstname.lastname@example.org and request a password reset.
Also forms used on our site also contain student agreement checkboxes just to record that you agree and are aware of the data protection strategies we use.
Data Protection Officer
The final part of our GDPR is that we have appointed Brian Beitz as our data protection officer. Brian who is one of the business owners has intimate knowledge of all systems we use and is your point of contact if you would like to discuss any GDPR issues. He is best reached by email at email@example.com
Online Camera Ed has taken proactive steps to ensuring our compliance with GDPR and this ultimately benefits all of our students knowing that we take the management of their private information very seriously.