Dev Academy Aotearoa Privacy Policy
This policy should be read in conjunction with:
The information privacy principles in the Privacy Act 1993
The agreements between Dev Academy Aotearoa and its students
Official Information Act 1982
Procedures
These procedures outline the collection, use and disclosure of personal information by Dev Academy Aotearoa and access by individuals to personal information about themselves held by Dev Academy Aotearoa.
Definitions
Personal information is any information about an identifiable living individual
student means an enrolled person or prospective enrolled person who provides information to Dev Academy Aotearoa.
Collection of personal data
Dev Academy Aotearoa does not collect personal data unless:
the information or data is collected for lawful purposes connected with a function or activity of Dev Academy Aotearoa and
collection of that information or information is necessary for that purpose.
When Dev Academy Aotearoa collects personal data directly from the individual concerned it must comply with Information Privacy Principles 3 and 4; any exceptions to this are covered in Principle 2 (2) of the Privacy Act 1993.
How is Your Personal Data Collected?
Direct interactions. You may give us your: identity data, contact data, transaction data, financial data and marketing and communications data by filling in forms on our website or in person at one of our campuses, or by post, phone, email or otherwise. This includes personal data you provide when you apply with us when you maintain an ongoing relationship with us as a student.
Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
How we use Your Personal Data
We will only use your personal data when the law allows us to. Here are some examples
For the purposes outlined in this Privacy Policy or a purpose connected to that purpose, as part of our business activities.
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
Definitions
Identity data
Contact data
Profile data
Financial data
Transaction data
Marketing and Communications data
Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
---|---|---|
To register you as a new contact with us | (a) Identity | Performance of a contract with you. Which means acting on the information provided to give you an experience |
To process and fulfil your contract, including: managing payments, fees and charges; and managing your queries – this may include recording calls or communications with our teams; and Sharing regulated and required information with TEC, NZQA, MOE as required by our contracts. | a) Identity | Performance of a contract with you. |
To collect and recover money owed to us in respect of your contract. | (a) Identity | Performance of a contract with you. |
To collect and recover money owed to us in respect of your contract. | (a) Identity | Performance of a contract with you. |
To carry out fraud assessments | (a) Identity | Performance of a contract with you. |
To notify you in relation to our legal obligations and documents, including changes to our terms or Privacy Policy | (a) Identity | Performance of a contract with you. |
To help us improve our offering to our customers, including asking you to leave a review or take a survey, or provide customer insights | (a) Identity | Necessary for our legitimate interests (to study how customers use our products/services, to improve our offering to our customers, to develop them and grow our business). |
To enable you to partake in one of our awards or a competition | (a) Identity | Performance of a contract with you to fulfil the promotion and run the awards/competition. We may also subsequently use your entries for the legitimate interests of understanding our customer base more effectively. |
To administer and protect our business and websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) Identity | Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise). |
To deliver relevant website content, advertisements and other marketing material to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity | Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business to inform our marketing strategy and to improve our offering to you). |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences | (a) Technical | Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy). |
To make suggestions and recommendations to you about products or services that may be of interest to you | (a) Identity | Necessary for our legitimate interests (to develop our products/services and grow our business, and to improve our offering to you). |
Marketing
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
Promotional Offers From Us
We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).You will receive marketing communications from us if you have requested information from us or studied with us (including publications) or services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.
Anonymising Personal Data
We may aggregate and/or anonymise personal data so that it will no longer be considered personal data.
Opting Out
You can ask us to stop sending you marketing messages at any time by following the opt-out/unsubscribe links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, we will stop sending you marketing messages but we will continue to process your personal data if there are legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Cookies
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is connected with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is connected with the original purpose, please contact us.If we need to use your personal data for an unrelated purpose, we will notify you first and provide you with information about that unrelated purpose.Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosures of Your Personal Data
We may share your personal data with the parties set out below for the purposes set out in the table above - Purposes for Which we will use Your Personal Data:
External Third Parties, if related to the purposes for which the personal data is collected, these can include providers of services such as website hosting, data analysis, information technology, reporting and auditing, payment processing, and other services.
To comply with an applicable law, to cooperate with law enforcement, to respond to requests from public and government authorities, and other legal reasons for disclosure.
We seek to ensure that all third parties respect the security of your personal data and to treat it in accordance with all applicable laws.
Students
Dev Academy Aotearoa will keep a personal file for each student that includes any or all of the following personal information:
Full name and address
Date of Birth
Iwi affiliation and Hapu details
Gender
ID verification (i.e. a copy of a birth certificate or passport, signed by an authorised administration staff member to verify that the original was sighted)
Details of courses they are enrolled in
Emergency contact details
NZQA NSI number (National Student Index number)
A copy of an NZQA RoA (Record of Achievement) as at time of first enrolment
Documentation of any formal complaints made by or against the student, including a summary of relevant events, subsequent discussions held, actions taken and outcomes (see policy on Complaints for more details)
Copies of other standardised letters, contracts or forms that comprise the compulsory records for processing enrolments and withdrawals. This includes:
Application Form
Letter of Offer to Study (enrol)
Enrolment Confirmation Form with attached Terms and Conditions (signed by student)
Student Needs Form
Withdrawal Form (where applicable)
Change of Study Form (where applicable)
Post Graduation Data Form (destination outcomes)
Access to and correction of personal information:
Any team member, student, or prospective student may request access to all personal information held about themselves by Dev Academy Aotearoa other than evaluative material and other material that is subject to exception under the Information Privacy Principles in the Privacy Act 1993. Anyone is entitled to request correction of their own personal information. If Dev Academy Aotearoa decides not to change the person’s personal information as requested then it must inform the person of their right to have their request and Dev Academy Aotearoa's refusal noted on their personal file.
Requests for personal information
Dev Academy Aotearoa must not disclose personal information that it holds about any individual to any person, body or agency unless one of the exceptions in Principle 11 of the Information Privacy Principles applies.
Information security
All information gathered by Dev Academy Aotearoa is stored and maintained in secure online facilities that limit access to authorised personnel only. Authorised personnel can only access the information through a password protected process.
Complaints procedure
If a complaint is made to a team member by any individual regarding their own personal information then the team member will attempt to resolve the complaint directly with the person concerned.
If the complaint is not resolved then the team member will refer the complaint to the CEO
On receipt of the complaint the CEO will investigate the complaint and endeavour to bring about a resolution.