Home / Privacy Policy

Privacy Policy

This Privacy Policy was last updated on 28 August 2024

DOWNLOAD A COPY OF THE PRIVACY POLICY

1. What we do

The AEAS Test provides testing specifically designed for primary and secondary school students from non English language backgrounds, wishing to study in Australian and international schools in other countries.

Testing is available worldwide and a comprehensive AEAS Report is provided to parents and, if nominated in the test registration form, to the school that the student is applying to enter and the education agent working with the family.

AEAS also developed the Australian Schools Information System (ASIS).  This website was created to support international students and education agents when researching Australian schools.  It also provides a portal for students to apply to the schools on the System, and schools to manage the enrolment communication and procedure.

AEAS also developed the Exhibition Management System (EMS) to facilitate the collection and storage of information of students, and their families, considering studying in an Australian school, for the purpose of sharing this information with the Australian school participants they meet with during AEAS Exhibitions overseas.

If you are acting on behalf of a minor, you warrant that you have the consent and authority to provide personal information to us as a parent or guardian of the minor.

This Privacy Policy will give you a better understanding of how we collect, use, disclose and store your personal information. Please read it carefully.

2. Introduction

Australian Education Assessment Services Pty Ltd (ACN 108 370 770) and will be referred to as “AEAS”, “we”, “our” and “us” in this Privacy Policy owns and operates the following websites:

  • aeas.com.au
  • aeas.com.au
  • aeas.com.au

By accessing or using these websites or our services, you agree to be bound by this Privacy Policy. This Privacy Policy relates to how we collect, use, disclose and store the personal information you may supply to us.

We are committed to protecting your privacy through compliance with the Privacy Act 1988 (Cth) (“Privacy Act”), the Australian Privacy Principles (“APP”), the EU General Data Protection Regulation (“GDPR”), the Health Privacy Principles (“HPPs”) and the Health Records Act 2001 (Vic), and any other privacy laws applicable to our Websites.

We reserve the right, at our discretion, to modify or remove portions of this Privacy Policy at any time. Where our Websites contain links to third-party websites, these sites are not governed by this Policy and we do not make any representations about third-party websites that may be linked to any of our Websites.

This Privacy Policy should be reviewed periodically so that you are updated on any changes. We welcome your comments and feedback.

3. The kinds of data and information we collect

Personal Information

  • We access, collect, and hold your personal information to provide you with our services. ‘Personal information’ when used in this Privacy Policy has the meaning given to it in the Privacy Act but it generally means any information that can be used to personally identify you. When you sign up for or use AEAS, ASIS, EMS or register for an AEAS exhibition or event, our use of any of our other services, the type of personal information we may collect includes your student name, gender, date of birth, email, phone number, address, passport or ID number and information, photo, parent names, Australian Residency Status, visa type, current school and year level, school reports, English Language Centre Reports and other documents, details of education agent (if relevant), names of schools applying for (if relevant), and school participant name, emergency contact information.
  • The following information is also collected from students and families verbally – preferred school subjects, long term goals, interest and activities, relatives and friends in Australia, any health issues.
  • ‘Sensitive information’ is a subset of personal information and generally includes an individual’s racial, religious or ethnic origin, health information or political/ philosophical affiliations or beliefs. We may be required from time to time to collect sensitive information from you, but will not do so without your express consent. Sensitive information that may be collected with your consent includes stating a religion and health information , including without limitation educational psychology reports, learning difficulties (self reported or with a letter from a professional), ADHD, autism spectrum disorders, hearing, vision impairment, diabetes, allergies, and other types of health problems such as cardiac disease (“Health Considerations”). Health Considerations will be used by us to create an AEAS student report and will only be disclosed to third parties, such as schools with parental consent.
  • We may also collect other information required as part of the application procedure between schools and students and/or education agents.

Log Data

When you use our Websites, our servers record information including information that your browser automatically sends whenever you visit a website, or that your mobile app automatically sends when you’re using it (“Log Data”). This Log Data includes device identifiers, device type, geo-location information, connection information, statistics on page views, traffic to and from our Websites, mobile network information, time, date, referring URL, the type of operating system and browser, ad data, IP address, server address, date and time of your visit to AEAS, information of documents you download, pages visited, search terms, cookie information, and standard web log data.

The Log Data may be processed for the purposes of operating our Websites, providing our services, ensuring our security, maintaining back-ups of our databases and communicating with you.

Cookies and Other Similar Technologies

To capture Log Data, we may use cookies and similar technologies like pixels, web beacons and local storage to collect and store personal and non-personal information about how you use AEAS.

Cookies are files that store information on the device on which you are using or accessing our Websites. Cookies also retain your details and preferences, so you can easily continue your browsing session upon return to any one of our Websites. If you do not want to activate cookies, you can opt-out of receiving them by amending the settings of your internet browser, although you may find that some parts of our Websites will consequently have limited functionality and personalisation if you do so. You should note that Cookies may be necessary to provide you with some features of our online services. By using our Websites, you agree to the use of these tracking technologies.

Third Party Analytics

Third-party analytics tools collect non-personal information such as how often you visit our Websites, the web pages you visit, add-ons, and other analytics data that assists us in improving our services. These tools might include Google Analytics, Google AdWords conversion tracking, Google Tag Manager, or Facebook Ads conversion tracking. Third-party cookies may be placed on your computer by a service provider to us, for example, to help us understand how our Websites are being used. Third-party cookies may also be placed on your device by our business partners to advertise the service to you elsewhere on the Internet. We reserve our rights to modify, add or remove any third-party analytics tools. By using our Websites, you consent to the processing of any non-personal data these tools will collect in the way and for the purposes described above.

How we collect the information

All of the information listed in 3.1 above is collected when students register for testing or for events, and when students or agents upload material within ASIS or EMS. The information in 3.1.2 and 3.1.3.3 above is collected verbally at the time of the speaking test within a test session. In 3.1.4, both schools and students/agents will upload appropriate documentation related to the application procedure.

How we hold the information

AEAS takes reasonable steps to ensure the information it handles is protected from misuse, loss, unauthorised access, modification and disclosure.

All information collected as part of the student test registration, and the speaking test and interview, will be included in the AEAS Test Reports and shared with schools and education agents if nominated by the parents.

All information (but excluding Health Considerations) collected as part of the application procedure within ASIS, including student account details and AEAS Test Reports will be shared with schools and education agents via the ASIS platform when listed in the student registration form. For the avoidance of doubt, information relating to Health Considerations will only be shared with third parties when declared in the student registration form and with parental consent.

If you are registering and/or attending an AEAS exhibition or event in Australia or overseas, you or your parent or guardian may share information collected by us via a QR code and may be accessed by schools and education agents when you visit or attend an AEAS Exhibition.

4. Purposes that the information is used for

We collect, store, use and disclose your personal information through lawful and fair means, so we can perform our business activities. In particular, we need your information to allow us to:

  • provide you with our services;
  • operate, maintain and improve our services and our Websites;
  • contact and communicate with you;
  • verify your identity – e.g. copies of the passport or national identity card, proof of citizenship or photograph of the student when they arrive to sit the AEAS Test;
  • inform the AEAS Report that is prepared as a result of the AEAS Test and provided to the family of the student;
  • provide a copy of the AEAS Report and student school report to Australian schools and a copy of the AEAS Report to education agents that families have nominated. This means that, at times, personal information will be disclosed to entities in Australia, New Zealand and other countries at the family’s request;
  • manage our internal business operations, including internal record keeping, invoicing and billing;
  • respond to and manage queries and complaints both leading up to and after testing if necessary; and
  • comply with our legal and contractual obligations.

Within the Australian Schools Information System, personal information is collected to ensure the successful application process between students, agents and schools.

We may also collect, store, use and disclose your personal information for any purpose relating to the above purposes that could be reasonably anticipated at the time your information was collected, including:

  • for internal operations such as record keeping, database management, data analytics or training;
  • sending you marketing and promotional messages and other information that may be of interest to you; and
  • managing, researching and developing our products and services.

We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate to comply with applicable laws, regulations, government directions, and otherwise in order to protect our rights, privacy, safety, property, or those of other persons.

5. If You Choose Not to Provide Your Information to Us

We respect your privacy and personal choice when it comes to your data. You can choose not to provide us with your personal information or use a pseudonym. However, this may mean that we will not be able to provide you with our services or communicate with you.

6. Other Ways We Collect, Use and Disclose Your Information

Use and disclosure of your information will only be made in accordance with APP 6.

Collection from Third Parties

To use your information in accordance with this Privacy Policy, we may also collect your personal information from third parties including service providers, marketing companies, partners, and organisations with whom we have an agreement to share information for marketing purposes.

Disclosure of Personal Information

Apart from where you have consented, if we disclose your personal information it will only be for the primary purpose for which it was collected or for a related secondary purpose where you would reasonably expect us to disclose the information, or disclosure is necessary to achieve the purpose for which it was submitted. We may disclose personal information, and you consent to us disclosing your personal information, to our employees, affiliates, partners, contractors, service providers, payment system operators, sponsors, and any government and regulatory body. Personal information may also be disclosed in special situations where we have reason to believe that doing so is reasonably necessary to identify, contact or bring legal action against anyone damaging, injuring, or interfering (intentionally or unintentionally) with our rights or property, users, or anyone else who could be harmed by such activities. Also, we may disclose personal information when we believe in good faith that the law requires disclosure.

We may engage third parties to provide you with goods or services on our behalf. In that circumstance, we may disclose your personal information to those third parties in order to meet your request for goods or services.

Most of your personal information will be stored in Australia but some of your personal information may be collected, transferred overseas or stored overseas for a variety of reasons. We take measures to ensure your information is handled by providers who we consider maintain acceptable standards of data protection laws. By providing us with your information, you consent to your information being used, stored, and disclosed overseas, and acknowledge that the overseas entity may not be bound by the same level of laws and regulations as the Privacy Act.

Automated Individual Decision-Making for GDPR Compliance

If you reside in the European Union or EFTA States, you shall have the right not to be subject to a decision based solely on automated processing, including profiling, as long as the decision is not necessary for entering into, or the performance of, a contract between us, or is not authorised by Union or Member State law to which we are subject, or is not based on your explicit consent. If you wish to exercise your rights, please contact us.

7. Data Security

Disposing of and destroying information

We destroy or permanently de-identify personal information which is no longer needed in accordance with the Australian Privacy Principle 11, unless we are otherwise required or authorised by law to retain the information for a period of time.

Data Quality and Security

We take reasonable precautions to ensure that the personal information we collect, use, store and disclose is accurate, complete, relevant and up-to-date.  However, the accuracy of that information depends to a large extent on the information users provide. That’s why we recommend that you keep us up-to-date with changes to your personal information such as your name or address.

We strive to ensure the security, integrity and privacy of personal information submitted to our sites is protected from loss, misuse, unauthorised access, modification or disclosure (via measures, such as firewalls, data encryption, virus detection methods, and password restricted access), and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the internet can be guaranteed to be totally secure.

However, we will endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.

In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorised access to your personal information.

In the event of a data breach, we will attend to the reporting requirements that apply to us. We cannot accept responsibility for the misuse, loss or unauthorised access to, your personal information where the security of information is not within our control.

Notifiable Data Breach Scheme (NDBS)

If you reside in Australia, in the event that there is a data breach and we are required to comply with the NDBS of the Privacy Act, we will take all reasonable steps to contain the suspected or known breach where possible and follow the process set out in this clause.

If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach or sooner if possible. We will follow the guide published by the Office of the Australian Information Commissioner (if any) in making this assessment.  If we reasonably determine that the data breach is not likely to result in serious harm to any individuals involved or any remedial action we take is successful in making serious harm no longer likely, then no notification or statement will be made.

In the case of a personal information breach that affects an EU citizen,we shall without undue delay and where feasible, not later than 72 hours after having become aware of the breach, notify you and the Information Commissioner’s Office, unless the breach is unlikely to result in a risk to your right and privacy.

8. Links to other sites

We provide links to websites outside of our Websites, as well as to third-party websites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our Websites. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and its privacy statement.

9. Accessing and correcting information

You may contact us or update your settings to correct, delete or update your personal information. If an individual establishes and notifies AEAS that their information is inaccurate, incomplete or not up to date, AEAS will take reasonable steps to correct the information or to record that the individual disagrees with the information on file.

AEAS will provide individuals with access to information it holds about them, subject to legal requirements. Requests for access to information will be considered in accordance with the applicable legislation. We may, if in accordance with applicable laws, refuse to provide you with access to your personal information if, for instance, granting you such access would have a negative impact on the privacy of another person.

You can ask us to stop using your information, including when we use your information to send you marketing emails or push notifications. These communications may be sent in various forms, including mail, over the phone, via SMS or via email, in accordance with applicable marketing laws. If you opt out of receiving marketing messages from us, we may still send you newsletters and updates about your account. We only send you marketing material if you’ve agreed to it, but if you’d rather we don’t, you can easily unsubscribe at any time.

You may have your information, where technically feasible, sent to another organisation, where we hold this information with your consent or for the performance of a contract with you.

We will not normally charge a fee for processing a request unless the request is complex or is resource intensive. We do, however, reserve the right to charge an administration fee.

10. Assignment, Change of Control and Transfer

All of our rights and obligations under our Privacy Policy are freely assignable by us to any of our affiliates, in connection with a merger, acquisition, restructuring, or sale of assets, or by operation of law or otherwise, and we may transfer your information to any of our affiliates, successor entities, or new owner.

11. Changes to Our Policy

We may change this Policy from time to time and if we do, we’ll post any changes on this page. It is your responsibility to review the Policy regularly and make sure you are up to date with any changes. If you continue to use our Websites after those changes are in effect, you agree to the new Policy. If the changes are significant, we may provide a more prominent notice or get your consent, as required by law.

12. Contact Us and Complaints and Appeals Process

If you have any questions or complaints about this Privacy Policy, any privacy related dealings with us or a possible breach of your privacy or would like further information about our information management practices, you can contact us here:

Australian Education Assessment Services Pty Ltd ACN 108 370 770  (trading as AEAS)

Address:
Level 1, 215 Park Street
South Melbourne VIC 3205
Australia

Email: [email protected]

If you wish to raise a concern about our use of your information you have the right to do so with your local supervisory authority.

AEAS values the privacy of all individuals and is committed to handling their personal information in a lawful and responsible manner.

13. Further Privacy Information

For more information about privacy issues in Australia and protecting your privacy, visit the website of the Office of Australian Information Commissioner at www.oaic.gov.au

© AEAS. ALL RIGHTS RESERVED.