Privacy Policy

Last Updated: 1st July 2025
Website: https://collegeofweightmanagement.com.au


1. Purpose

This Privacy Policy outlines how The Australian College of Weight Management & Allied Health (“ACWMAH”) collects, stores, uses, and discloses personal and sensitive information. It ensures compliance with:

  • Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)

  • Student Identifiers Act 2014

  • Standards for RTOs 2025, including Clauses 3.6, 7.2, and 8.5

  • Data Provision Requirements 2020 and the National VET Data Policy


2. Who We Are

We are a Registered Training Organisation (RTO) delivering nationally recognised training.
Website: https://collegeofweightmanagement.com.au


3. Scope 

This policy applies to all students, clients, staff, contractors, website visitors, and any individual whose personal information is collected or processed by ACWMAH.


4. Privacy Notices and Compliance

We notify individuals at or before the point of data collection why their personal information is being collected, how it will be used, and to whom it may be disclosed. We do this via:

  • Enrolment forms and student onboarding materials

  • Our Privacy Notice, published here on our website, in the Student Handbook, and within our forms.

This satisfies Clause 7.2 of the Data Provision Requirements 2020 and our obligations under the National VET Data Policy.


5. What Personal Information We Collect

We may collect:

  • Name, address, contact details, DOB, gender

  • Academic, employment, and enrolment history

  • Unique Student Identifier (USI) and proof of ID

  • Language, Literacy & Numeracy (LLN) results

  • Finance or payment details (via secure payment platforms)

  • Comments, IP address, browser user agent (via website)

  • Gravatar profile details (if comments are made on our website)

For staff and contractors: application and employment information, payroll details, and compliance documentation.


6. Unique Student Identifier (USI)

All students undertaking nationally recognised training must provide a USI or authorise us to apply on their behalf. Information collected for this purpose includes:

  • Full name, DOB, place of birth, gender, contact details

  • Identification documents (used only for USI verification and securely destroyed afterwards)

This information is disclosed to the Student Identifiers Registrar as required under the Student Identifiers Act 2014.


7. Website Activity and Media Uploads

If you engage in live chat or leave a comment on our website, we collect:

  • The data in the live chat or comment form

  • Your IP address and browser user agent (to help detect spam)

  • An anonymised string (hash) of your email address to verify your Gravatar profile image
    (Gravatar privacy policy: https://automattic.com/privacy/); or

  • Your full contact details should you provide them through the live chat feature.

If you upload images, please remove embedded location data (EXIF GPS), as others may extract it.


8. Cookies and Analytics

We use cookies to enhance user experience and track engagement. These cookies may:

  • Save your login information, screen preferences, or form data

  • Track your site interactions (e.g. comments, login sessions)

  • Be disabled via your browser settings

We also use Google Analytics to monitor website traffic. This does not collect personally identifiable information. Google may store data on servers in the United States. You can opt out of Google Analytics via your browser settings.


9. Embedded Content

Articles may include embedded content (videos, images, articles) from third-party websites. This content behaves as if the user visited the external site directly, which may collect data, use cookies, and track interactions.


10. Data Collection Methods

We collect personal information through:

  • Online and paper enrolment forms

  • Surveys, feedback forms, and onboarding questionnaires

  • Direct enquiries, emails, and phone calls

  • Website comments or registration forms

  • Staff onboarding and HR records

All data is entered into our secure Student Management System. Paper forms are scanned and securely disposed of.


11. Payment Gateway – Stripe

When processing online payments, we use Stripe, a secure third-party payment platform. Stripe may collect and store data such as:

  • Credit card information

  • Billing and transaction details

  • Contact information

All payment information is encrypted and processed through Stripe’s secure system.
Stripe’s full privacy policy is available here: https://stripe.com/au/privacy

ACWMAH does not store any credit card information internally.


12. Use and Disclosure of Information

We use your information to:

  • Process enrolments and administer training

  • Maintain accurate student records

  • Issue certificates and academic documentation

  • Report to regulatory authorities and funding bodies

  • Communicate relevant program information and support

We may disclose personal information to:

  • ASQA, NCVER, DEWR, State/Federal departments

  • The USI Registrar

  • Compliance consultants

  • Financial institutions or debt collection agencies (if required)

  • Credit Reporting Agencies (in case of default over $400)

We do not sell or trade personal data. Marketing is only conducted with express or implied consent.


13. Direct Marketing

We respect your right to opt out of marketing. We comply with:

  • APP 7 – Direct Marketing

  • Spam Act 2003

  • Do Not Call Register Act 2006

All messages contain an unsubscribe option. We do not make unsolicited marketing calls.


14. Data Security and Retention

  • Personal data is stored securely in Australia on encrypted servers.

  • Our systems are password-protected and access is restricted to authorised personnel.

  • Physical records are stored in locked facilities and shredded after digitisation.

  • We retain student records for a minimum of 30 years (as per RTO obligations).

When no longer needed and lawful, data is permanently deleted.


15. Access, Corrections, and Your Rights

You may:

  • Request a copy of your personal data

  • Ask us to correct inaccurate or outdated information

  • Request deletion (where legally permissible)

All requests must be submitted in writing and will be processed according to our Record Keeping and Access Policy.


16. Website Users and Commenters

If you leave a comment:

  • It and its metadata are retained indefinitely for follow-up purposes.

  • Your data may be visible to website administrators and (if approved) the public.

  • If you have a registered account, you may edit or delete your personal data (except your username).

If you request a password reset, your IP address will be included in the reset email.


17. International Data Transfers

We do not intentionally store or transfer personal data overseas unless required for systems hosted by providers such as Stripe or Google. Any such transfer is managed in compliance with the Australian Privacy Principles.


18. Complaints and Contact

If you have concerns about your privacy or this policy, you may contact us directly:

The Australian College of Weight Management & Allied Health
Website: https://collegeofweightmanagement.com.au
Email: admin@acwm.edu.au
Phone: 1300 969 367

You may also contact the Office of the Australian Information Commissioner (OAIC):
Website: https://www.oaic.gov.au