• Our Structure
• Our Service Charter
• Our Mission
• Core and Non Core Policy
• Privacy Statement
• Electronic Messaging Charter
• Our Advisory Notes

Privacy Statement

(revised 25th June 2004)

The personal information collected by the Division of Information Technology, is protected by the Privacy and Personal Information Protection Act 1998 (NSW).

What Information is Collected

The following personal information is collected when you log into the CSU network:

• your name;
• your account code (if you are a staff member);
• your login ID;
• your default password;
• your active password;
• your personal identification number (PIN);
• our e-mail address;
• the Web sites that you visited (including the date and time of the visits) and the links that you accessed on those sites;
• the size of files you down loaded;
• the address of the Internet provider you used;
• your phone number if you dial into CSU modems;
• details of the modem login you used and;
• the amount of your weekly time quota used (if you are a student).

The following personal information is collected each time a call is received by, or made from the University's PABX system:

For incoming calls

• the extension number receiving the call;
• the number from which the call originated;
• the duration of the call;

For out-going calls

• the number from which the call originated;
• the number called and;
• the duration of the call.

Call information relating to calls made on mobile telephones provided to staff for University business is also collected by the Division.

^ top of page

Use of Personal Information

Examination of your personal information held by the Division is only carried out for the purpose of protecting University systems and to enable the University to conduct its business.

Technical Officers within the Division who have access to personal information in order to do their job, are bound by the Division's code of conduct and security, and by confidentiality contracts. These are signed annually and require employees to maintain the confidentiality of personal information that comes into their possession in the course of their employment with the Division.

The personal information collected may be used for identification purposes when issuing or changing passwords, to investigate faults in the University's internet and intranet services, to improve the administration of the University's website, to determine future loads on the intranet, to monitor phone usage levels, for accounting and cost recovery purposes, and, if necessary, to track harassment calls or other suspected abuses of the data, video and telephone systems.

Your personal information may also be used to Investigate breaches of the University's Code of Conduct for users of Electronic Facilities. Access to the logs that record your use of the CSU network for the purposes of investigating breaches of the Code of Conduct by students is authorised by the Presiding Officer of the CSU Computer Emergency Response Team (CSUCERT). In the case of staff this access to the logs is authorised by the Executive Director, IT on the advice of the responsible Dean, Head of School, Executive Director or member of the University's Senior Executive group.

Your personal information will not be used for any other purpose unless you give the Division permission to use it for another purpose.

^ top of page

Disclosure of Personal Information

The personal information you provide will not be made available to any person or organisation outside of the University for processing or for any other purpose without your consent unless we are required by law to disclose it. Please note that any information disclosed in CSU Forums or What's New and News, becomes public information. You should exercise caution if you decide to disclose your personal information via these outlets.

Access to Personal Information

Your personal information will be stored securely and electronically by the Division for seven years.

You may seek access to your personal information to ensure that it is not inaccurate, irrelevant to the purpose for which it was collected, misleading, incomplete or out-of-date. You may also ask us to amend any of the information we hold about you or to add comments or explanations in relation to the information we hold on you. To do any of these things you should contact the Administration Assistant to the Executive Director , Division of Information Technology, who address is given below.

• Executive Officer
  Division of Information Technology
  Charles Sturt University
  Post Office Box 789
  Albury, NSW, 2640

If you are unhappy with the way we have handled or failed to handle your personal information you may apply to have the matter reviewed by lodging a formal application with the University Secretary whose address is given below.

• The University Secretary
  Charles Sturt University
  The Grange
  Panorama Avenue
  BATHURST NSW 2795

The University's Privacy Management Plan for download (.rtf)

Garry Taylor
Executive Director
Division of Information Technology

^ top of page