Privacy Policy
Last Updated: 1st July 2025
Website: https://collegeofweightmanagement.com.au
1. Purpose
This Privacy Policy outlines how The Australian College of Weight Management & Allied Health (“ACWMAH”) collects, stores, uses, and discloses personal and sensitive information. It ensures compliance with:
Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
Student Identifiers Act 2014
Standards for RTOs 2025, including Clauses 3.6, 7.2, and 8.5
Data Provision Requirements 2020 and the National VET Data Policy
2. Who We Are
We are a Registered Training Organisation (RTO) delivering nationally recognised training.
Website: https://collegeofweightmanagement.com.au
3. Scope
This policy applies to all students, clients, staff, contractors, website visitors, and any individual whose personal information is collected or processed by ACWMAH.
4. Privacy Notices and Compliance
We notify individuals at or before the point of data collection why their personal information is being collected, how it will be used, and to whom it may be disclosed. We do this via:
Enrolment forms and student onboarding materials
Our Privacy Notice, published here on our website, in the Student Handbook, and within our forms.
This satisfies Clause 7.2 of the Data Provision Requirements 2020 and our obligations under the National VET Data Policy.
5. What Personal Information We Collect
We may collect:
Name, address, contact details, DOB, gender
Academic, employment, and enrolment history
Unique Student Identifier (USI) and proof of ID
Language, Literacy & Numeracy (LLN) results
Finance or payment details (via secure payment platforms)
Comments, IP address, browser user agent (via website)
Gravatar profile details (if comments are made on our website)
For staff and contractors: application and employment information, payroll details, and compliance documentation.
6. Unique Student Identifier (USI)
All students undertaking nationally recognised training must provide a USI or authorise us to apply on their behalf. Information collected for this purpose includes:
Full name, DOB, place of birth, gender, contact details
Identification documents (used only for USI verification and securely destroyed afterwards)
This information is disclosed to the Student Identifiers Registrar as required under the Student Identifiers Act 2014.
7. Website Activity and Media Uploads
If you engage in live chat or leave a comment on our website, we collect:
The data in the live chat or comment form
Your IP address and browser user agent (to help detect spam)
An anonymised string (hash) of your email address to verify your Gravatar profile image
(Gravatar privacy policy: https://automattic.com/privacy/); or- Your full contact details should you provide them through the live chat feature.
If you upload images, please remove embedded location data (EXIF GPS), as others may extract it.
8. Cookies and Analytics
We use cookies to enhance user experience and track engagement. These cookies may:
Save your login information, screen preferences, or form data
Track your site interactions (e.g. comments, login sessions)
Be disabled via your browser settings
We also use Google Analytics to monitor website traffic. This does not collect personally identifiable information. Google may store data on servers in the United States. You can opt out of Google Analytics via your browser settings.
9. Embedded Content
Articles may include embedded content (videos, images, articles) from third-party websites. This content behaves as if the user visited the external site directly, which may collect data, use cookies, and track interactions.
10. Data Collection Methods
We collect personal information through:
Online and paper enrolment forms
Surveys, feedback forms, and onboarding questionnaires
Direct enquiries, emails, and phone calls
Website comments or registration forms
Staff onboarding and HR records
All data is entered into our secure Student Management System. Paper forms are scanned and securely disposed of.
11. Payment Gateway – Stripe
When processing online payments, we use Stripe, a secure third-party payment platform. Stripe may collect and store data such as:
Credit card information
Billing and transaction details
Contact information
All payment information is encrypted and processed through Stripe’s secure system.
Stripe’s full privacy policy is available here: https://stripe.com/au/privacy
ACWMAH does not store any credit card information internally.
12. Use and Disclosure of Information
We use your information to:
Process enrolments and administer training
Maintain accurate student records
Issue certificates and academic documentation
Report to regulatory authorities and funding bodies
Communicate relevant program information and support
We may disclose personal information to:
ASQA, NCVER, DEWR, State/Federal departments
The USI Registrar
Compliance consultants
Financial institutions or debt collection agencies (if required)
Credit Reporting Agencies (in case of default over $400)
We do not sell or trade personal data. Marketing is only conducted with express or implied consent.
13. Direct Marketing
We respect your right to opt out of marketing. We comply with:
APP 7 – Direct Marketing
Spam Act 2003
Do Not Call Register Act 2006
All messages contain an unsubscribe option. We do not make unsolicited marketing calls.
14. Data Security and Retention
Personal data is stored securely in Australia on encrypted servers.
Our systems are password-protected and access is restricted to authorised personnel.
Physical records are stored in locked facilities and shredded after digitisation.
We retain student records for a minimum of 30 years (as per RTO obligations).
When no longer needed and lawful, data is permanently deleted.
15. Access, Corrections, and Your Rights
You may:
Request a copy of your personal data
Ask us to correct inaccurate or outdated information
Request deletion (where legally permissible)
All requests must be submitted in writing and will be processed according to our Record Keeping and Access Policy.
16. Website Users and Commenters
If you leave a comment:
It and its metadata are retained indefinitely for follow-up purposes.
Your data may be visible to website administrators and (if approved) the public.
If you have a registered account, you may edit or delete your personal data (except your username).
If you request a password reset, your IP address will be included in the reset email.
17. International Data Transfers
We do not intentionally store or transfer personal data overseas unless required for systems hosted by providers such as Stripe or Google. Any such transfer is managed in compliance with the Australian Privacy Principles.
18. Complaints and Contact
If you have concerns about your privacy or this policy, you may contact us directly:
The Australian College of Weight Management & Allied Health
Website: https://collegeofweightmanagement.com.au
Email: admin@acwm.edu.au
Phone: 1300 969 367
You may also contact the Office of the Australian Information Commissioner (OAIC):
Website: https://www.oaic.gov.au