The main privacy laws that apply to the university are the:
The Acts also allow a person who feels their privacy has been breached by the university, to make a privacy complaint to the university.
Other privacy laws that impose obligations on the university include the:
The university's Privacy Officer:
All individuals have a right to access the personal information that the university holds about them.
You can gain access to your personal information directly if you are a staff member or student of the university (through the myUNSW portal) or by contacting the relevant area of the university. You also have options to access your personal information if your initial access request is denied.
Proof of identity
The university will require proof of identity before it discloses any personal information that it holds.
If accessing personal information in person, the university officer will request original valid ID (e.g., driver licence, or passport) before disclosing the information. If accessing by other means you will need to provide a certified copy of a valid ID along with your request.
Students can access some of their personal information via the myUNSW portal, including their:
Students can also update their personal details and maintain their enrolment via myUNSW.
To access your personal information held by the university that is not available via myUNSW, you should contact the relevant unit of the university to request access.
Past students wishing to access their personal information held by the university should contact the relevant area of the university that holds that information.
Find details for obtaining your academic transcript.
Staff members can access some of their personal information via the myUNSW portal, including their:
Staff members can also update their personal details via myUNSW.
Staff members are also able to access their Personnel File and should be advised of any adverse reports or documents relating to performance placed on that file. To access your Personnel File, staff should contact Human Resources on: (02) 9385 2711 or email: firstname.lastname@example.org.
Other individuals wishing to access their personal information held by the university should contact the relevant area of the university that holds that information.
Authorising third party access to your personal information
If you wish a third party (e.g., family member, friend, employer or legal representative) to access your personal information held by the university, you must provide express consent for the university to disclose your information.
To ensure the university meets its obligations under privacy laws, the consent must be in writing, signed by the individual concerned, and contain the following information:
Current students wishing to authorise a third party should use the form provided by Student Central.
The UNSW Privacy Officer can provide assistance to identity the relevant area of the university that holds your personal information.
If you are having trouble accessing your personal information, or access has been denied, the UNSW Privacy Officer may be able to assist by liaising with the relevant area to facilitate access (depending on the nature of the information being requested and its availability).
Formal application for access under the GIPA Act
You may be able to apply for access to your personal information by making a formal access application under the Government Information (Public Access) Act 2009 (NSW). This option is not the university's recommended way to access personal information. However, if your request is complex and may contain information that is not your personal information then an application under the GIPA Act may be required.
Find further information on making an application under the GIPA Act.
Phone: (02) 9348 1198
The University's Privacy Management Plan identifies how the University will comply with the Privacy and Personal Information Protection Act 1998 (NSW) and the Health Records and Information Privacy Act 2002 (NSW).
The Privacy Management Plan is reviewed each year, with the current version found here.
Under section 53 of the Privacy and Personal Information Protection Act 1998 (NSW), individuals have the right to seek a review of certain conduct of the university, in circumstances where the individual believes that the university has breached the terms of the Act.
An application for internal review can be submitted by anyone who is "aggrieved" by the conduct of the University. A review can also be sought where the action taken by the university might only affect the personal information of other individuals. The request for internal review can only be made where it is alleged that the university has:
An application for an internal review must:
The request for internal review should be lodged with the University Privacy Officer using the application form for internal review.
UNSW is committed to improving accountability and transparency by increasing access to information. The university will publish open access information if and when such information exists. The university also accepts valid formal information access applications.
The Legal & Compliance team provides a range of resources for the benefit of UNSW staff, students and members of the community.