Privacy
The Hub respects the privacy of anyone who interacts with us and is committed to protecting and managing personal and health information fairly and lawfully.
The Hub is administered by the University of Melbourne which has obligations regarding the collection, use and management of individuals’ personal information under the Privacy and Data Protection Act 2014 (Vic). To the extent that they apply to our activities, the University is also subject to the requirements of the Privacy Act 1988 (Cth). The University’s Privacy Policy (MPF1104) affirms the University’s commitment to the privacy and data protection principles contained in these privacy laws. This policy applies to all areas of the University. Any person who deals with the University is entitled to expect that their personal and health information will be treated in accordance with this policy.
We collect and process personal information through lawful and fair means and in a non-intrusive way. We only process personal information as necessary, for specified purposes, and in accordance with the relevant Privacy Laws. The purpose and lawful basis for collecting your personal information is detailed in the specific privacy collection notices for particular activities.
We will only use or disclose your personal information under the following circumstances:
- for the purpose for which it was collected
- for a related purpose which you might reasonably expect
- where you have consented to the disclosure
- where it is necessary for the pursuit of our legitimate interests (such as facilitating teaching, learning and research)
- where we have engaged a contracted service provider or partner to perform legitimate functions on our behalf, such as those outlined in the privacy collection notice.
We do not sell your personal information to third parties under any circumstances or permit third parties to sell on the information we have shared with them.
We take all reasonable steps to ensure that any personal information we (or third parties operating on our behalf) collect, transmit, store or otherwise process, is accurate and complete, and that appropriate technical and organisational measures are implemented and maintained to protect it from accidental or unlawful destruction, misuse, loss, alteration, or unauthorised access or disclosure.