bSafe - Privacy Statement
SAFER COMMUNITIES DATA PROTECTION AND PRIVACY COLLECTION STATEMENT
1. Who does this Data Protection and Privacy Collection Statement apply to?
This Data Protection and Privacy Collection Statement applies to anyone who reports an incident or concern to Monash University’s Safer Community Unit (“Safer Community Unit”) through the online application (“Application”) or the online reporting form (“Form”).
This Safer Communities Collection Statement is to be read in conjunction with the Monash University Data Protection and Privacy Procedure.
2. What types of personal data will be processed by the University?
The personal data processed by us will include the details you directly provide to us through the Application or the Form and may include your name and contact details.
Depending on the details you provide through the Application or the Form, the University may also process personal data about you that is classed as special category data, and which requires additional protections under the law. The types of special category data processed by the University through the Application or the Form may include, but may not be limited to, health information and sexual information. Access to, and sharing of, this type of data are controlled very carefully. Where you provide special category data through the Application or the Form, we will always ask for your consent at the time of collection and we will rely on your consent as the lawful basis for our processing and use of this data.
In submitting your Application or Form to the Safer Community Unit, where you provide the University with the personal data of others (e.g. the name of another individual who witnessed an incident) you are encouraged to inform them that you are disclosing that information to the University and that they can contact the University’s Data Protection and Privacy Office in relation to how their personal data is being used (details below).
Your personal data is created, stored and transmitted securely in a variety of paper and electronic formats. This includes databases that are shared within the Safer Communities Unit and across the University. Access to your personal data is limited to University and University affiliates’ representatives who have a legitimate interest in it for the purpose of carrying out their duties.
3. Why do we need your personal data and what is our legal basis for processing it?
The personal data processed by us, or processed on our behalf, is needed for the legitimate interests of the University in the management and security of our premises generally and for the security of University students, employees and visitors.
We will use personal data provided to us through the Application or the Form to verify the information provided in the Application or the Form, to investigate any incident(s) and to take any action to the extent deemed necessary by the University (including to undertake our own internal investigations) or as otherwise permitted or required by law.
If you choose not to provide your personal data in the Application or the Form, it may not be possible for the Safer Community Unit to fully investigate the incident(s) you have reported and we will not be able to contact you for any additional information that may be required.
4. Who will the University share my personal data with?
Your personal data may be disclosed:
- to the University’s legal advisers or other professional advisers and consultants engaged by the University; and
- by the University where permitted by law (e.g. to law enforcement). This will usually be where it is necessary to lessen or prevent a serious threat to your life, health, safety or welfare, or a serious threat to public health, public safety or public welfare;
In the event of an emergency, your personal data may be disclosed to police, medical or hospital personnel, civil emergency services, your legal representative or nominated emergency contact person, or other person assessed as necessary to respond to the emergency.
On occasion, the above types of sharing may involve the transfer of your personal data outside Victoria or Australia. As described in the Data Protection and Privacy Procedure, such transfers are carried out with the appropriate safeguards in place to ensure the privacy and security of your personal data.
Where personal data is disclosed to third parties, it will be done so only to the extent necessary to fulfil the purpose of such disclosure.
5. How will the University use my personal data?
We are committed to the integrity and safeguarding of personal data as set out in the Data Protection and Privacy Procedure.
We take all reasonable steps to ensure that the personal data processed is managed in accordance with the University’s Recordkeeping policy and Recordkeeping: Retention and Disposal of University Records procedure (Australia only).
Should you wish to be removed from our database, please contact the University’s Data Protection and Privacy Office (details below).
6. What are my individual rights?
In addition to your rights to access and correct your personal data and lodge a complaint relating to how we handle your personal data as set out in the Data Protection and Privacy Procedure, if the GDPR applies, you may, under certain conditions, have the following rights available:
- to object to any processing of your personal data that we process on the lawful basis of legitimate interests, unless our reasons for the underlying processing outweighs your interests, rights and freedoms;
- to withdraw your consent where we have processed any of your personal data based on consent;
- to object to direct marketing (including any profiling) at any time;
- to ask us to delete personal data that we no longer have lawful grounds to process; and
- to object to the use of automated decision making.
7. Who can I contact if I have any questions about how my personal data is being used or how I can exercise my rights?
If you have any questions about how your personal data is being used, or you wish to exercise any of your individual rights that are available to you, please visit the University’s Data Protection and Privacy Office webpage at www.monash.edu/privacy-monash or contact the University’s Data Protection and Privacy Office by email dataprotectionofficer@monash.edu.