Privacy at the University of Sydney
Information about how the University deals with personal information (also known as personal data) and the rights of the individual is available on the University’s privacy website.
For all enquiries about privacy, including the University’s compliance with the European General Data Protection Regulation (GDPR), email firstname.lastname@example.org.
University Website Privacy Collection Statement
1. Collection of information
When you are using a University website, you may be asked to provide your unikey, name, contact details or other personal information/data.
In some circumstances, we will ask you to use a third party to provide us with information, such as where you register for a University event. Please see the University’s Disclaimer.
– The University has security measures in place to safeguard personal information from misuse, and unauthorised access, use, modification or disclosure, including those in the University’s Information Security Policy and the Policy on the Use of University ICT Resources. We retain your personal information in accordance with the State Records Act 1998 (NSW).
The University’s websites also automatically collect personal information when you are browsing or otherwise using our websites. The various mechanisms used by the University include server logs, proxy logs, and cookies.
A cookie is a package of data which a website requests be stored temporarily on your computer (or in memory) to identify you as a visitor to that website. You can choose to disallow cookies by changing settings on your web browser. However, if you reject all cookies you may not be able to use some of the University’s websites.
The information collected by these various mechanisms includes:
– the server and IP (Internet Protocol) address of the machine that has accessed the website
– the dates and times of each visit to the website
– the pages accessed and documents downloaded
– the type of browser used; and
– sometimes, the previous site visited.
Cookies may also store the following information: session (numbered key) and duration. A numbered key is a unique server-generated number used to identify the current session. The session key can be linked back to a user's login identification.
2. Use and disclosure
We will only use or disclose your personal information:
– for the purpose for which it was collected (such as to meet the object and functions of the University of Sydney Act 1989 (NSW))
– for a directly related purpose
– when we have the appropriate consent to do so; or
– as otherwise required, permitted or authorised by law.
Examples of how we will use or disclose your personal information include:
– Unikeys collected by the University are used for verification purposes to enable access to certain sections of the University’s websites.
– Information that we collect on our Alumni & Advancement forms may be relevantly used to update your contact details, inform you about our services, events and achievements, administer your gift or, respond to your bequest inquiry.
– Information that we collect on website forms may be used for business and learning analytics purposes to assist the University to make better decisions regarding its operations, services and community engagement.
– Information automatically collected on our websites is used for statistical and business purposes such as diagnosing a fault and improving our services or, when required, for investigations. The data is generally not accessible except to authorised University staff for these purposes. Information which is automatically collected may be published as aggregated (de-identified) information to assist with improving the services offered by the University through its websites.
3. Access to and correction of personal information
Under NSW privacy laws, you have the right to request access to and correct any personal information concerning you held by the University.
If you reside in or are located in, the European Economic Area, under the GDPR, where your information is collected, used or disclosed as a result of your express consent, you may withdraw that consent at any time. Further, you may have the right to request the erasure, portability or restriction of processing of their personal information, and, to object to the processing of your personal information.
Information about requesting access to or amending your information can be found on the University’s privacy website.