Privacy Policy

RELEVANT STANDARD(S): Outcome Standard for NVR Registered Training Organisations Quality Area 1, Assessment, Standard 1.7, Clause (2)(b) and Compliance Standards for NVR Registered Training Organisations and Fit and Proper Person Requirements Part 2, Division 2, Section 9, 10, 11 and 12 and Division 3, Section 20

Purpose

SkillRise Training Pty Ltd t/a SkillRise Training is committed to protecting the privacy and confidentiality of personal information collected from students, staff, and other stakeholders. This commitment is in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and the Compliance Standards for Registered Training Organisations (RTOs) 2025. The purpose of this policy is to outline how personal information is collected, stored, used, and disclosed by SkillRise Training, and to ensure that all practices comply with legislative and regulatory obligations.

Scope

This policy applies to all personal information collected, used, or held by SkillRise Training in connection with its operations, including but not limited to:

• Prospective, current, and past students
• Trainers, assessors, and other staff
• Contractors, third-party providers, and agents
• Industry stakeholders and government agencies (where required by law)

The policy covers all forms of personal and sensitive information, whether provided in writing, electronically, verbally, or by other means. It applies to information collected during the enrolment process, training and assessment activities, student support services, website use, and any other interaction involving personal data.

Policy Principles

SkillRise Training is committed to complying with Australian privacy legislation and safeguarding the personal information of its students, staff, and stakeholders. This policy outlines how SkillRise Training meets its obligations under the following:

1. Privacy Act 1988 (Cth)
2. Privacy Amendment (Enhancing Privacy Protection) Act 2012
3. Australian Privacy Principles (APPs)

These laws and principles guide SkillRise Training in the collection, use, storage, and disclosure of personal information in a manner that upholds the privacy and confidentiality of all individuals engaging with the organisation.

Data Collection on Website

1. SkillRise Training collects limited personal information via its website and other online platforms for purposes such as marketing, promotion, and communication of products and services, including those offered by third parties elected by SkillRise Training. These purposes are clearly disclosed at the time of collection.
2. By submitting personal information on SkillRise Training’s website, affiliated sites, or through other electronic forms of engagement, users provide consent for SkillRise Training and its elected third-party partners to contact them with promotional materials, offers, newsletters, course information, and other relevant communications.
3. Basic personal information may be shared with trusted third parties where there is a reasonable expectation that the individual may benefit from their services. Any additional personal data will only be disclosed to third parties where:
   1. Required by law (e.g. to government or regulatory agencies), or
   2. With the individual’s explicit written consent.
4. Before access to personal information is granted, the individual must verify their identity using appropriate identification.

Data Collection to Provide Training and Assessment Services

1. SkillRise Training collects personal information from clients and staff lawfully and directly for the purposes of delivering nationally recognised training and assessment services, administering operations, and meeting regulatory and reporting requirements. This may also include limited use for marketing relevant programs and services.
2. The type and extent of information collected will vary depending on the specific training product or service requested. However, much of this information is required to be reported under national AVETMISS (Australian Vocational Education and Training Management Information Statistical Standard) guidelines.
3. Information collected may include, but is not limited to:
   1. Full name
   2. Address
   3. Contact details (telephone and email)
   4. Date of Birth
   5. Gender
   6. Cultural Background (Indigenous)
   7. Country of birth
   8. Language spoken at home
   9. Level of English spoken
   10. Disability information
   11. Highest schooling completed
   12. Other qualifications completed
   13. Employment status
4. SkillRise Training only collects personal information by fair, lawful, and transparent means.
5. Enrolment forms and other relevant documents include a privacy disclaimer that explains the purpose of collecting personal information and how it will be used. Students and clients are required to sign this disclaimer as evidence of their informed consent.

Use and Disclosure

SkillRise Training respects the confidentiality of personal information and manages its use and disclosure in accordance with the Privacy Act 1988, the Student Identifiers Act 2014, and the Australian Privacy Principles. Personal information is used only for purposes directly related to the provision of training and assessment services, unless otherwise authorised or required by law.

1. By submitting personal information to SkillRise Training—whether through its website, affiliated sites, or other communication channels—clients and prospective students consent to receiving promotional materials, including product information, newsletters, special offers, and other communications from SkillRise Training and its elected third parties.
2. SkillRise Training may use collected personal information for the following purposes:
   1. To establish and maintain the relationship with SkillRise Training
   2. To promote and market its products and services
   3. To provide the products and services requested
   4. To promote and market the products and services of elected third parties
   5. To administer and manage those products and services
   6. To comply with Commonwealth and State Government laws and regulations
   7. To report to National Registering Bodies regarding provided training services
3. Students can opt out of receiving future promotional communications by using the “UNSUBSCRIBE” link in any email. Access to student personal information—beyond what is shared for promotional purposes—is restricted and can only be granted upon written request to the Administration Team, with appropriate identity verification.
4. For credit transfer applications, SkillRise Training collects, stores, and uses personal documentation (such as AQF certificates or authenticated transcripts) solely to verify eligibility and make decisions regarding the application. Access is limited to authorised personnel involved in training and assessment. Disclosure occurs only when required by law or government bodies. All decisions are documented to ensure consistency and fairness.
5. SkillRise Training only issues AQF certification (qualifications or Statements of Attainment) to students who have met all training and assessment requirements and paid all fees. Certification is issued within 30 calendar days of final assessment. Personal information used in this process is securely handled and disclosed only for legitimate verification or regulatory purposes.
6. In compliance with the AQF Qualifications Register Policy, SkillRise Training maintains a secure register of all AQF qualifications it is authorised to issue, along with records of all issued certifications. These records are:
   1. Retained for at least 30 years
   2. Accessible to current and former students upon request
   3. Made available to ASQA or other regulators when required

Assessment evidence is retained for a minimum of 2 years post-completion. All access is controlled to maintain privacy and data security.

7. SkillRise Training issues certification strictly in accordance with its Certificate Issuance Policy. Certification documents include:
   1. SkillRise Training’s legal name, RTO code, and logo
   2. Full title and code of the qualification or unit(s)
   3. The Nationally Recognised Training (NRT) logo
   4. Authorised signature, seal, or watermark
   5. Any relevant statements on industry streams, Australian Apprenticeship arrangements, or alternate language delivery

This information is managed in line with national data protocols and disclosed only as necessary for verification, reissuance, or regulatory compliance.

8. SkillRise Training complies with the Student Identifiers Act 2014 by ensuring the Unique Student Identifier (USI) is verified with the Registrar before use. USIs are never printed on AQF certificates or Statements of Attainment. Certification is not issued unless a verified USI is provided, unless an exemption applies. In such cases, students are informed prior to enrolment that their results will not appear on national VET transcripts or Commonwealth registers. All USI data is stored securely and treated as confidential.

Agents, Contractors, and Other Third Parties

SkillRise Training engages agents, contractors, and other third-party service providers to support the delivery of training and assessment services. These third parties may require access to personal information to carry out their duties. In all cases, SkillRise Training ensures that these entities are bound by the same privacy obligations outlined in this policy. Third parties must comply with Australian Privacy Principles and are contractually required to handle all personal information with the highest standard of confidentiality and care.

Use of Internet

The internet may be used to transmit personal information between delivery sites, administrative systems, and government or regulatory bodies (e.g., for AVETMISS reporting or USI verification). SkillRise Training has implemented appropriate security measures—such as encryption, password protection, and restricted access—to protect personal information during online transmission. While all reasonable efforts are made to maintain data security, individuals are encouraged to use secure devices and exercise caution when submitting sensitive information electronically.

Data Quality

SkillRise Training takes all reasonable steps to ensure that the personal information it collects, stores, and uses is accurate, complete, and up to date. To maintain data quality, individuals are encouraged to notify SkillRise Training promptly of any changes to their personal details—including contact information, enrolment status, or other relevant updates. Accurate information helps ensure the integrity of training records and effective delivery of services, including certification issuance and communication with students and staff.

Access to Records

1. SkillRise Training respects the privacy of all students and staff and strictly controls access to personal information. Information will not be disclosed to any third party unless:
   1. Authorised by the individual concerned, or
   2. Required or authorised by law.
2. If a third party requests information about a student, the following applies:
   1. Written Authority – The student must provide written consent, identifying:
      1. The third party;
      2. The specific information to be released;

• The date of consent.

1. Verification – The student’s identity must be verified before consent is accepted.
2. Recordkeeping – A copy of the consent form is stored in the student’s file and:
   1. Remains valid until revoked in writing by the student;
   2. Is referenced in the student’s profile for access control.
3. Students and staff seeking to access their own personal information must:
   1. Submit a request to the SkillRise Training Administration Team via [insert email address];
   2. Provide valid identification for verification;
   3. Allow time for the request to be processed securely.
4. If a family member or other relation (e.g. parent, spouse, child) seeks access:

SkillRise Training will not disclose any personal or academic information unless:

1. The student has provided valid written and informed consent;
2. The consent clearly identifies the person and the type of information to be disclosed;
3. The consent is signed, dated, and verified.

5. For students under 18 years of age, SkillRise Training may disclose limited information to a parent or legal guardian, but only:
   1. Where permitted under relevant legislation; and
   2. Where it is in the best interests of the student.

Privacy Concerns

SkillRise Training is committed to addressing all privacy-related concerns promptly and fairly. Clients, students, and staff who have concerns about how their personal information is collected, used, stored, or disclosed are encouraged to raise these with SkillRise Training directly.

Privacy concerns may relate to the accuracy of records, unauthorised access or disclosure, or breaches of confidentiality. Concerns should be submitted to the Administration Team, either in writing or by contacting the RTO via official communication channels.

Once a concern is raised, SkillRise Training will investigate the matter in a confidential and timely manner, provide a clear response, and take appropriate corrective action where necessary. If the issue remains unresolved, the individual may escalate the matter through SkillRise Training’s internal complaints and appeals process or refer it to the Office of the Australian Information Commissioner (OAIC). This process ensures compliance with the Australian Privacy Principles and promotes transparency, accountability, and continuous improvement in the handling of personal information.

Monitoring and Improvement

SkillRise Training is committed to the ongoing monitoring and improvement of its privacy practices to ensure compliance with the Privacy Act 1988, the Australian Privacy Principles, and the Compliance Standards for Registered Training Organisations 2025. The RTO regularly reviews its privacy policy, procedures, and data handling practices to identify and address any risks or breaches.

Monitoring activities include periodic audits of data access, storage, and disclosure processes, as well as staff training and awareness initiatives. Feedback from students, staff, or third parties regarding privacy concerns is recorded and reviewed as part of the RTO’s Continuous Improvement process. Where non-compliance or gaps are identified, corrective and preventive actions are implemented promptly. All staff—including those engaged through third-party arrangements—are required to understand and comply with this policy, and the RTO ensures this through induction, ongoing professional development, and regular policy reviews. Changes to privacy requirements under law or regulation are promptly reflected in internal procedures to maintain high standards of data protection.