Dolph Business School is a Registered Training Organisation (RTO No. 41480 CRICOS Provider No. 03642G) with responsibility for delivering vocational education and training. Dolph Business School collects and stores personal information on our students and industry clients. Dolph Business School complies with the Privacy Act 1988 (Commonwealth). This policy describes how Dolph Business School collects, manages, uses, discloses, protects, and disposes of personal information in accordance with the thirteen Australian Privacy Principles (APPs) outlined in Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012.



Under the Privacy Act 1988 and Privacy Amendment (Enhancing Privacy Protection) Act 2012 (s6(1)), personal and sensitive information is defined as follows:

  • Personal information: “information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.”
  • Sensitive information: “(a) information or an opinion about an individual’s: (i) racial or ethnic origin, or (ii) political opinions, or (iii) membership of a political association, or (iv) religious beliefs or affiliations, or (v) philosophical beliefs, or (vi) membership of a professional or trade association, or (vii) membership of a trade union, or (viii) sexual preferences or practices, or (ix) criminal record, that is also personal information; or (b) health information about an individual; or (c) genetic information about an individual that is not otherwise health information; or (d) biometric information that is to be used for the purposes of automated biometric verification or biometric identification; or (e) biometric templates”.

Authority to collect and store information

Dolph Business School is a Registered Training Organisation approved by the Australian Skills Quality Authority. This registration is issued under the authority of the National Vocational Education and Training Regulator Act 2011. This legislation requires Dolph Business School to collect personal and sensitive information from its students. This requirement is specified in the Data Provision Requirements 2011 which is one of five legislative instruments that Dolph Business School must comply with as a condition of its registration.

The data provision requirements require Dolph Business School to collect data from students in accordance with the Australian Vocational Education and Dolph Business School Information Statistical Standard (AVETMISS). This is a complex information standard that defines information about who the student is, where the training is delivered and what they are studying. The Standards for Registered Training Organisations require Dolph Business School to retain and store this information for up to 30-years and to report training activity to government agencies in accordance with the mandatory reporting requirements.

Together these requirements form a statutory obligation to collect, store and report information of any student participating in nationally accredited training. The publications referred to in this section can be accessed from the ASQA website.


Collection and use

Dolph Business School collects personal information, either directly or indirectly, that is reasonably necessary for, or directly related to its delivery of the services it offers. Some of the information collected may be regarded as ‘sensitive’ as defined by the Privacy Act.

Your personal information (including the personal information contained on this enrolment form and your training activity data) may be used or disclosed by Dolph Business School for statistical, regulatory and research purposes. Dolph Business School may disclose your personal information for these purposes to third parties, including:


  • School - if you are a secondary student undertaking VET, including a school-based apprenticeship or traineeship;
  • Employer - if you are enrolled in training paid by your employer;
  • Job Services Provider - if you are enrolled in training paid by your Job Services Provider;
  • Commonwealth and State or Territory government departments and authorised agencies;
  • NCVER;
  • Organisations conducting student surveys as authorised by NCVER; and
  • Researchers.

Personal information disclosed to NCVER may be used or disclosed for the following purposes:

  • Issuing a VET Statement of Attainment or VET Qualification, and populating Authenticated VET Transcripts;
  • Facilitating statistics and research relating to education, including surveys;
  • Understanding how the VET market operates, for policy, workforce planning and consumer information; and
  • Administering VET, including program administration, regulation, monitoring and evaluation.

You may receive an NCVER student survey which may be administered by an NCVER employee, agent or third party contractor. You may opt out of the survey at the time of being contacted.

NCVER will collect, hold, use and disclose your personal information in accordance with the Privacy Act 1988 (Cth), the VET Data Policy and all NCVER policies and protocols, including those published on NCVER's website at


Solicited information

Contact information such as name, organisation, position, address, telephone, and e-mail address are collected for marketing, support services, mandatory reporting and for communicating with stakeholders as part of our day-to-day operation.

In addition to information collected for a training activity, Dolph Business School will also collect, store and report information relating to satisfaction surveys, complaint handling and on our client employers.

Names, addresses, phone numbers, emergency contact details, bank account details and other employment related information is collected from employees for the purpose of managing human resources. The management of staff personal information complies with this policy.


Collection methods

Personal and sensitive student information as well as training activity information is prescribed by the AVETMISS Standard. This information is collected directly from our students using enrolment forms which may be paper based or electronic and other administrative forms, including but not limited to complaint forms, application for recognition of prior learning, request for refund, transfer application, etc. Much of this information is entered into our student management software called RTO Data. Once the information is entered into RTO Data, they are scanned, and then destroyed if hard copy, or saved onto our Cloud account if in electronic form.

Survey responses are collected using our Employer and Student Satisfaction Surveys which are issued both in hard copy and electronic format. These survey results are returned to the main office and entered into our survey analysis software – Satisfaction Data. Survey forms once entered into Satisfaction Data are either destroyed if hard copy or permanently deleted if in electronic form.

Enquiry information from prospective students including personal contact information is collected directly from individuals who make data requests either by telephone, e-mail, or via our website.

Dolph Business School collects personal information from individuals on commencement of their employment with us.


Sensitive information

Personal information collected by Dolph Business School that may be regarded as ‘sensitive’ under the Privacy Act includes:

‘Disability’ and ‘long-term impairment status’ (health); and ‘indigenous status’, ‘language spoken at home’, ‘proficiency in spoken English’, ‘country of birth’ (implies ethnic / racial origin). This information is specified in the AVETMISS data elements and is collected for the national VET data collections, national VET surveys, and may be collected for VET-related research.

‘Dietary requirements’ (health-related) are collected for event catering purposes only.

Biographical information, which may contain information on ‘affiliations’ and ‘membership of a professional or trade association’ are obtained from key note speakers for event marketing purposes.

‘Memberships of professional associations’ and ‘health and work injury information’ is collected from Dolph Business School’s employees for HR management purposes.


Direct marketing

Dolph Business School respects an individual’s right not to receive marketing material, and provides an option within communications and on its website for individuals to unsubscribe from receiving marketing material. Dolph Business School conducts its marketing communications and dissemination of service information in accordance with Australian Privacy Principle 7 (Direct marketing), the Spam Act 2003 (in respect of electronic communications), and the Do Not Call Register Act 2006. It is not, however, Dolph Business School’s practice to ‘cold call’ for the purpose of marketing its products and services.


Google Analytics and cookies

Google Analytics is a web service provided by Google Inc. Cookies are used to generate data on website activity and usage. The cookies, which include IP addresses, are transmitted to and stored in Google servers in the United States where they are used to compile web-use reports. Google may transfer this information to third parties, where required by law, or for information processing on its behalf. Google will not associate IP addresses with any other data held by Google. More information on Google’s privacy policy can be found at: It is possible to disable cookies by adjusting web-browser setting and to opt-out of Google Analytics Doing so, however, may affect web-site functionality.

Dolph Business School’s web servers automatically log information such as server address, date and time of visit and web pages accessed. No personal information is recorded. These logs are used for website management and improvement.


Unsolicited personal information

If Dolph Business School should receive unsolicited personal information, it will be treated and managed according to the Australian Privacy Principles.


Notification of collection

Dolph Business School aims to notify individuals of the collection of their personal information before, or at the time of collection, or as quickly as possible thereafter. Notifications are usually in writing, but may be verbal for our telephone help-desk services, or research conducted by telephone interview.

Marketing– notification is provided on our website course application page. Individuals are also notified at the time of collecting personal information for events. A privacy notice is provided in all Dolph Business School’s marketing communications.

Quality Indicator surveys– notification is provided in the letter of invitation to participate in the surveys and also at the time of collecting the information (online or by telephone).

Dolph Business School’s staff– notification is provided on commencement of employment.


Disclosure of personal information

Dolph Business School does not disclose personal information other than for the purpose for which it was collected, or an individual has consented to a secondary purpose, or an individual would reasonably expect this (such as receiving communications about upcoming events), or if required by law.

Dolph Business School may share personal information with the Commonwealth government in accordance with Commonwealth contractual obligations. In these circumstances Dolph Business School will take reasonable steps to inform and seek consent from the individuals concerned and take all reasonable steps to ensure that the recipient handles the personal information according to the Australian Privacy Principles.

Dolph Business School does not sell its mailing lists to third-parties for marketing purposes.

Dolph Business School does not disclose personal information to overseas recipients. While people around the world can access material published on our website, no statistical or research publications contain identifiable personal information.


Management of personal information

Dolph Business School endeavours to ensure the personal information it collects and uses or discloses is accurate, up-to-date, complete and relevant. Dolph Business School routinely updates the information held in its customer relationship management system. This includes confirming with students who are returning for a new enrolment if their personal contact details have changed.


Access to and correction of personal information

Individuals may, subject to the exceptions prescribed by the Australian Privacy Principles, request access to and correction of their personal information where this is collected directly from individuals by Dolph Business School.

Dolph Business School does not charge for giving access to or for correcting personal information. Requests for access to or correction of personal information should be made in accordance with the student access to records policy.


Information retention and disposal

Personal information is held in electronic format:

  • Information collected from student enrolment applications and survey responses is held in databases.
  • Names and contact details of stakeholders are held in RTO Data and e-mail contact lists.
  • Names and contact details collected during the delivery of services are held in electronic form on Dolph Business School’s servers.
  • Staff member’s personal information is held in RTO Data, for HR management on our servers and on our pay roll database.
  • Backup copies of all electronic files held in Dolph Business School systems are kept in the event of a system failure / loss. All backup copies of system files are secured.

Dolph Business School does not charge for giving access to or for correcting personal information. Requests for access to or correction of personal information should be made in accordance with the student access to records policy.


Information security

Dolph Business School takes active steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

  • Dolph Business School’s systems and internal network are protected from unauthorised access using appropriate technologies. Most system data transferred over the internet is protected by a Secure Socket Level protocol (SSL). The inherent risks associated with data transmission over the internet are, however, commonly acknowledged. Individuals, who do not wish to provide their personal information via the online website forms have the option of mailing this information to Dolph Business School directly.
  • Access to RTO Data is protected through user log-on and password, and the assignment of user access rights.
  • Third-party providers used by Dolph Business School for the delivery of services are required to be compliant with the Australian Privacy Principles and offer appropriate safeguards to protect personal information.
  • Dolph Business School’s premises and data storage systems are fully secured. Dolph Business School practices a clean-desk policy and locking workstations when working with personal information. Paper documents containing names and addresses are required to be locked away and shredded when destroyed. All hardware is properly ‘sanitised’ before disposal.

Complaints and concerns

Complaints or concerns about Dolph Business School management of personal information should be directed in writing to Dolph Business School’s Chief Executive Officer. Dolph Business School will respond to you in writing within 48-hours. Complaints received by Dolph Business School will be managed in accordance with our Complaints and Appeals Policy.