Welcome to the USI Beta site! This site will replace the current USI.gov.au soon. Explore and tell us what you think

Privacy Policy

Our Privacy Policy ensures the secure handling of your data under the Privacy Act 1988.

We are committed to handling your personal information in accordance with the Privacy Act 1988 (Privacy Act). Set out in Schedule 1 of the Privacy Act, we are an 'APP entity' that must comply with the Australian Privacy Principles (APPs). The Privacy Act and APPs regulates how we must collect, use, disclose and hold personal information, and how you may access and correct your personal information. 

This privacy policy has been developed in accordance with APP 1. The purpose of this privacy policy is to explain:

  • the personal information we collect, use and disclose
  • how we collect, use, disclose and hold your personal information
  • why we collect, use and disclose your personal information
  • how you can access your personal information we hold and ask for the information to be corrected (if necessary)
  • what you can do if you have a query, concern or complaint about our handling of your personal information.

This Privacy Policy also provides information about accessing information under the Freedom of Information Act 1982.

What personal information we collect and hold

We collect a broad range of personal information that is reasonably necessary for, or directly related to, our functions and activities under the Student Identifiers Act 2014.

Personal information collected includes:

  • full name
  • preferred name
  • mailing address (this could be the physical/street address and/or postal address)
  • email address
  • telephone numbers
  • date of birth
  • city or town of birth
  • country of birth
  • gender
  • the services you have received or have asked about
  • cookie and clickstream data e.g. information about a website you have visited (We only collect some personal information from cookies and clickstream data. Individuals who do not wish to receive cookies can turn this function off in their web browser)
  • we temporarily hold transcript data for third parties to view
  • answers to personal account security questions
  • data from previous revoked accounts
  • details of identification (such as the state and number listed on a driver's license).

Only the type of your identification document you have provided is stored, not the document itself.

For students who are undertaking vocational education and training (VET) courses, the National Centre for Vocational Education and Research (NCVER) holds your training information, which is used to electronically create authenticated Unique Student Identifier (USI) VET transcripts.  

How we collect your personal information

We collect your personal information in a few different ways. For example:

  • directly from you, when you access and use our website and online systems
  • indirectly from you when you use our website and online systems such as cookies and clickstream data
  • when we or someone on our behalf talks to you on the telephone and in person such as through the contact centre or customer surveys
  • in writing, for example by letter or email
  • when you apply, or someone on your behalf creates a USI.

We may also collect your personal information from other people (relevant third parties), including:

  • other government agencies
  • law enforcement agencies
  • education or training providers
  • entities that provide services to us
  • individuals who assist you in creating a USI.

We will usually collect your personal information directly from you. However, we may collect your personal information from a third party if:

  • you consent (including where you have authorised an entity under Section 9 of the Student Identifiers Act to apply for a USI on your behalf)
  • we are required or authorised to collect the information by or under an Australian law, or a court or tribunal order
  • it is unreasonable or impractical for us to collect personal information directly from you.

When we collect personal information, we are required under the APPs to notify you of:

  • the purposes for which we collect the information
  • whether the collection is required or authorised by law
  • any person or body to whom we usually disclose the information, including if those persons or bodies are located overseas. We usually provide this notification by including privacy notices on our forms and website.

Personal information is sometimes provided to us without us having requested it. This is called ‘unsolicited personal information.’ When we receive unsolicited personal information, we will consider if we could have collected the information if we asked for it and if so, we would follow the Privacy Act in handling that information. If we determine that we could not have collected the information, subject to the requirements of the Archives Act 1983, we will destroy or de-identify the information.

Why we collect, use and disclose your personal information

We collect, use and disclose your personal information for a variety of different purposes relating to our functions and activities under the Student Identifiers Act, to:

  • identify you
  • process your application for a USI
  • verify and or assign a USI
  • resolve issues with a USI
  • create an authenticated VET transcript
  • provide services to you and to send system generated notifications to you
  • answer questions, and provide information or advice about existing and new services
  • give you access to protected areas of our website
  • assess how our website is working and to make it work better
  • conduct business processing functions
  • update our records and keep your contact details up to date
  • process and respond to complaints.

There are some circumstances in which we are permitted to use or disclose personal information for another purpose, such as where a permitted general situation exists as set out in section 16A of the Privacy Act (e.g. to lessen or prevent a serious threat to life, health, or safety).  

For additional information regarding use or disclosure of personal information, please refer to the Office of the Australian Information Commissioner APP 6 Guideline.

Likely secondary purposes for which we may use or disclose your personal information include (but is not limited to):

  • conduct planning, service, and policy development; program evaluation; complaints handling; quality control and assurance
  • to conduct research
  • to investigate fraud or misconduct
  • give information to our contractors or service providers to allow them to assist in providing our services to you
  • administer our obligations under legislation, for example in relation to freedom of information and privacy.

Disclosing your personal information

We may disclose your personal information to several authorised organisations, departments, regulators, and other persons where it is reasonably necessary for the purposes of performing functions or exercising powers.

Detailed information about the use of your information can be found in Division 5 - Collection, use or disclosure of student identifiers of the Student Identifiers Act 2014.

Disclosure of personal information overseas

Occasionally, we may disclose your personal information to third parties who are located overseas. Situations in which this may occur will usually be limited to circumstances where you authorise us to do so.

Before disclosing your personal information to an overseas recipient, we will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the APPs (other than APP 1) in relation to the information, unless at least one of the following applies:

  • the recipient is subject to a law or binding scheme substantially similar to the APPs, including mechanisms for enforcement
  • you consent to the disclosure after being expressly informed that we will not be taking reasonable steps to ensure the overseas recipient does not breach the APPs
  • a permitted general situation exists as set out in section 16A of the Privacy Act (e.g. to lessen or prevent a serious threat to life, health, or safety)
  • disclosure is required or authorised by or under an Australian law, a court or tribunal order, or an international agreement relating to information sharing to which Australia is a party
  • disclosure is reasonably necessary for an enforcement related activity conducted by, or on behalf of, an enforcement body and the recipient perform similar functions.

Security and storage

We take all reasonable steps to ensure your personal information in our possession is protected from:

  • misuse, interference and loss
  • unauthorised access, modification or disclosure.

We may keep your information in either electronic or hard copy form, including cloud storage. Storage of personal information (and the disposal of information when no longer required for business purposes) is managed in accordance with the Archives Act 1983.

Electronic and hard copy records containing personal information are protected in accordance with the Australian Government security policies including the Attorney-General’s Department Protective Security Policy Framework.

Our website might link to websites that belong to third parties. We do not know about the privacy practices of any third-party websites, and we are not responsible for the privacy policies or the information on any third-party websites. Third party websites should tell you about their own privacy practices. 

How you can access and correct your personal information

Subject to certain exceptions, you have a right under the Privacy Act to access personal information we hold about you and to request corrections of your personal information if you think the information is inaccurate, out of date, incomplete, irrelevant or misleading (e.g. updating your contact details). We will investigate your request and take any reasonable steps to correct the information, having regard to the purpose for which it is held.  

Occasionally, we are unable to provide you access to the personal information we hold. If that happens, within 30 days after we receive your request, we will let you know why we cannot provide you access. 

What to do if you think your privacy was breached

If you think your privacy has been breached, please contact us

Privacy impact assessment

The Privacy (Australian Government Agencies – Governance) APP Code 2017 commenced on 1 July 2018 and requires agencies to conduct privacy impact assessments (PIAs) for all ‘high privacy risk’ projects.

A privacy impact assessment (PIA) is a systematic assessment of a project that identifies potential privacy impacts and recommendations to manage, minimise or eliminate them.

A high-risk privacy project is one that involves new or changed ways of handling personal information that are likely to have a significant impact on the privacy of individuals.

Privacy Impact Assessment Register

Our Privacy Impact Assessment (PIA) register has been prepared in accordance with section 15(1) of the Privacy (Australian Government Agencies – Governance) APP Code 2017.

PIA titleCompleted
Unique Student Identifier I June 2012
Unique Student Identifier IINovember 2012
Unique Student Identifier III August 2013
Authenticated VET transcriptsMarch 2018
Third party access to authenticated VET transcriptsOctober 2019
Schools Unique Student Identifier (Schools USI)April 2024

Freedom of Information

The Freedom of Information Act 1982 (FOI Act) gives you the right to request access to government-held information. This includes information we hold about you.

What you can access under FOI

Information available to be accessed through Freedom of information (FOI) includes:

  • a document that contains your personal information
  • a policy-making document
  • an administrative decision-making document.

You can also ask an agency or minister to amend or annotate the personal information they hold about you.

What you can’t access under FOI

You can’t access a document an Australian Government agency or minister holds that is:

  • exempt under the FOI Act
  • conditionally exempt under the FOI Act
  • accessible to the public under other arrangements for a fee.

You can’t access a document held by an agency exempt from the FOI Act.

For further information regarding the FOI process, refer to the Office of the Australian Information Commissioner website.

Request access to USI documents under the FOI

If you would like to access documents under the FOI, your application must:

  • be in writing
  • state that you’re requesting access to information under the FOI Act
  • state the document(s) you want, giving enough information as it is reasonably necessary for us to identify the document(s)
  • give an address or email address where we can send you the document/s.

You don’t need to provide any reasons as to why you're requesting the information.

Email your request to: PolicyDataCompliance@usi.gov.au or via post to:

Attention: Policy, Data & Compliance
Office of the Student Identifiers Registrar 
GPO Box 9828 
Adelaide SA 5001 
Australia

If you are worried about the security of your personal information, please contact us at PolicyDataCompliance@usi.gov.au.

Did you find the information you were looking for on this page?

Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging.