Privacy Policy

1                 About this Privacy Policy

This Privacy Policy applies to Deadly Sports Plus Aboriginal Corporation (ABN 56 185 070 469) (Deadly Sports Plus).

Deadly Sports Plus is committed to  complying with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs), when handling your personal information. In certain circumstances such as when we provide a health service, we may be subject to additional privacy obligations in State or Territory legislation including the Health Records and Information Privacy Act 2002 (NSW), Health Records Act 2001 (Vic), and the Health Records (Privacy and Access) Act 1997 (ACT).

This Privacy Policy applies to “personal information” held by us.

“Personal information” refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable. For example, this may include your name, address, contact details, date of birth, gender, identity information and device information.

Additionally, we may also handle categories of “sensitive information”, which is given additional protection under the Privacy Act. “Sensitive information” is a subset of personal information, and is any of the following about you:

  • racial or ethnic origin

  • political opinions or membership of a political association

  • religious beliefs or affiliations or philosophical beliefs

  • membership of a professional or trade association, or trade union

  • sexual orientation or practices

  • criminal record

  • health information

  • genetic information

  • biometric information (when used for automated biometric verification or biometric identification) and biometric templates.

In this Privacy Policy, we describe the key ways in which we typically handle personal information and sensitive information in the ordinary course of our business.

2                 Purposes of collection, use, disclosure and retention of records

Deadly Sports Plus generally collects, uses, discloses, or retains a record of personal information about all individuals with whom we undertake any form of business activity. Deadly Sports Plus collects, holds, uses and discloses information from our clients and stakeholders for a range of purposes, including but not limited to:

  • providing products and services to clients;

  • managing suppliers, re-sellers and training partners;

  • promoting products and services;

  • conducting internal business functions and activities; and

  • meeting requirements of stakeholders.

Deadly Sports Plus only uses or discloses personal information it holds about an individual for the particular primary purposes for which the information was collected, and may also use or disclose it for  secondary purposes in cases where:

  • individual consented to a secondary use or disclosure;

  • an individual would reasonably expect the secondary use or disclosure, and that is directly related to the primary purpose of collection;

  • Where necessary to:

    • provide a health service to an individual;

    • find a missing person; or

    • assist in the investigation of suspected unlawful activity or enforcement related activity; or

    • using or disclosing the information is permitted, required or authorised by law, including for the activities described in section 8.

3                 Anonymity and pseudonymity

Subject to circumstances requiring identification outlined in this section 3, Deadly Sports Plus provides individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us in relation to a particular matter, whenever practical. This includes providing options for anonymous dealings in cases of general course enquiries or other situations in which an individuals’ information is not required to complete a request.

Individuals may deal with us by using a name, term or descriptor that is different to the individual’s actual name wherever possible. This includes using generic email addresses that does not contain an individual’s actual name or generic user names when individuals may access a public component of our website or enquiry forms. Deadly Sports Plus only stores and links pseudonyms to individual personal information in cases where this is required for service delivery (such as system login information) or once the individual’s consent has been received.

Deadly Sports Plus must require and confirm identification to support our clients’ service delivery to individuals for nationally-recognised training programs. It is a condition of registration under the National Vocational Education and Training Regulator Act 2011 (Cth) (VET Act) that we identify individuals and their specific individual needs on commencement of service delivery, and collect and disclose Australian Vocational Education and Training Management of Information Statistical Standard (AVETMISS) data on all individuals enrolled in nationally recognised training programs. Other legal requirements, as noted throughout this Privacy Policy, may also require considerable identification arrangements.

There are also other occasions within our service delivery where an individual may not have the option of dealing anonymously or by pseudonym, as identification is practically required for us to effectively support an individual’s request or need.

4                 Types of information collected

The following types of information, which include some personal information may be collected, depending on the type of interaction and the requirements for the service Deadly Sports Plus is delivering:

  • if you are a visitor to one of our sites, we will automatically collect your device information, including web browser, IP address, time zone, some of the cookies installed on the device and pages, products or training courses viewed;

  • if you are a customer, we will generally collect your product order information, name, email, phone number, delivery address and payment details required for client communication to fulfill orders, screen for potential risk or fraud, and when in line with shared preferences, provide relevant, targeted information or advertising of Deadly Sports Plus products or services;

  • if you are a personnel of business we deal with, we will generally collect your name, email, phone number, employment details; and

  • if we provide a health service to you, we will collect generally your name, address, phone number, date of birth, gender and details of your health issues that you choose to share with us.  If you consent to us doing so, we may also collect information about your sexual orientation, disability information, health information, genetic information and racial or ethnic origin.

5                 How personal information is collected

Deadly Sports Plus will usually collect any required information directly from the individuals concerned. This may include the use of forms (such as registration forms, enrolment forms, training partner application forms or re-seller application forms) and the use of web-based systems such as online enquiry forms, product order forms, training enrolment forms, web portals or information management systems. Device information is collected in relation to visits to the Deadly Sports Plus website using:

  • cookies, which are data files placed on the visitor’s device;

  • log files that track actions occurring on the site; and

  • web beacons, tags and pixels that record information on how each visitor uses the site.

Note that the Deadly Sports Plus website’s data collection and use practices are not altered by a do-not-track signal from a web browser. If you object to those practices and have provided personal information to us then please contact us using the contact details below so that we can take appropriate steps.

6                 Dealing with unsolicited personal information

Deadly Sports Plus may from time to time receive unsolicited personal information. Where this occurs, we promptly review the information to decide whether or not we could have collected the information for the purpose of our business activities. Where this is the case, we may hold, use and disclose the information appropriately as per the practices outlined in this Privacy Policy.

Where we could not have collected this information by law or for a valid business purpose, we immediately destroy or de-identify the information unless it would be unlawful to do so.

7                 Adoption, use or disclosure of government related identifiers

Deadly Sports Plus does not adopt, use or disclose a government related identifier related to an individual except:

  • in situations required by Australian law or other legal requirements;

  • where reasonably necessary to verify the identity of the individual;

  • where reasonably necessary to fulfil obligations to an agency or a State or Territory authority; or

  • as prescribed by regulations.

8                 Disclosure to third parties

Deadly Sports Plus will not disclose the personal information of clients or their participants enrolled in non-accredited training to any third party without the prior written permission of such clients or training participants, unless the disclosure to a third party:

  • is for a secondary purpose that could be reasonably expected and directly related to the primary purpose of collection;

  • is necessary to provide a health service to an individual;

  • is for finding a missing person;

  • is to assist in the investigation of suspected unlawful activity or enforcement related activity or

  • is required or permitted  under relevant laws.

As a third-party provider for a registered training organisation (RTO), regulated by the Australian Skills Quality Authority (ASQA), Deadly Sports Plus is required to collect, hold, use and disclose a wide range of personal and sensitive information on clients and their participants enrolled in nationally-recognised training programs. This information requirement is outlined in the VET Act, the Student Identifiers Act 2014 (Cth) and other associated legislative instruments, in particular:

Individuals are advised that due to legal requirements, Deadly Sports Plus discloses information held in relation to individuals enrolled in nationally-recognised training for valid purposes to a range of entities including:

  • Governments (Commonwealth, State or Local);

  • employers (and their representatives), schools, guardians; and

  • other RTOs.

Deadly Sports Plus uses Squarespace to provide software and hosting services in relation to our online store. Squarespace’s privacy policy is at https://www.squarespace.com/privacy,.

Deadly Sports Plus also uses Google Analytics to help understand how customers use its online store. Information on how Google uses personal information may be found at https://www.google.com/intl/en/policies/privacy. Customers can opt out of Google Analytics at any time here: https://tools.google.com/dlpage/gaoptout.

We may also engage other service providers, including information technology providers, lawyers, accountants and consultants from time to time.  We may disclose personal information to them from time to time for the purpose of running our organisation.  We require our contractors to agree to appropriate privacy and confidentiality obligations.

If you do not consent to Deadly Sports Plus making the above disclosures, please contact us using the contact details in section 16. However, if you do not consent to the above disclosures, you acknowledge that we may not be able to provide certain services to you or fulfil certain requests made by you.

9                 Direct marketing

Deadly Sports Plus uses personal information to provide targeted advertising of Deadly Sports Plus products or services that may be of interest to specific clients. In each of our direct marketing communications, Deadly Sports Plus provides a prominent statement that the individual may request to opt out of future communications and all such messages will include an opt-out link.

An individual may also request us at any stage not to use or disclose their personal information for the purpose of direct marketing, or to facilitate direct marketing by other organisations, by using the contact details in section 16. We comply with any request by an individual promptly and undertake any required actions for free.

10              Cross-border disclosure of personal information

Deadly Sports Plus does not disclose personal information on clients or staff to any overseas recipient. The only contact information provided to overseas service or product providers is company email addresses or telephone numbers.  

Deadly Sports Plus will only disclose company contact information to overseas organisations where such contact is essential to the conduct of business and where the overseas organisation is subject to privacy laws or a binding scheme or contract imposing privacy protections at least equivalent to those which apply under the Privacy Act.

11              Requirement to make a written note of use or disclosure for this secondary purpose

If Deadly Sports Plus uses or discloses personal information in accordance with an enforcement-related activity we will make a written note of the use or disclosure, including the following details:

  • the date of the use or disclosure;

  • details of the personal information that was used or disclosed;

  • the enforcement body conducting the enforcement related activity;

  • if the organisation used the information, how the information was used by the organisation; and

  • the basis for our reasonable belief that we were required to disclose the information.

12              How personal information is held

Deadly Sports Plus takes active measures to consider whether we should retain personal information and also to ensure the security of personal information we hold. This includes reasonable steps to protect the information from misuse interference and loss, as well as unauthorised access, modification or disclosure.

Personal information on collection is:

  • as soon as practical, converted to electronic means;

  • stored in secure, password-protected systems, such as financial system, learning management system, student management system and customer relationship management system; and

  • monitored for appropriate authorised use at all times.

Only authorised personnel are provided with login information to each system, with system access limited to only those relevant to their specific role. Deadly Sports Plus information and communications technology systems are hosted in secure cloud-based environments, with robust internal security to physical server locations and server systems access. Virus protection, backup procedures and ongoing access monitoring procedures are in place. Destruction of paper-based records occurs as soon as practicable in every matter, through the use of secure shredding and destruction services at Deadly Sports Plus head office. Individual information held across systems is linked through a Deadly Sports Plus allocated identification number for each individual.

Regular staff training and information bulletins are conducted with Deadly Sports Plus personnel on privacy issues, and how the APPs apply to our practices, procedures and systems. Training is also included in our staff induction practices.

Deadly Sports Plus conducts ongoing internal audits (at least annually and as needed) of the adequacy and currency of security and access practices, procedures and systems implemented.

Deadly Sports Plus will also make all necessary preparations to be able to respond to any privacy data breach. Where unauthorised access or disclosure is detected, or information has been lost in circumstances where unauthorised access is possible, Deadly Sports Plus will promptly activate its Data Breach Response Plan.

Deadly Sports Plus’s Data Breach Response Team is responsible for ensuring the plan is followed and for assessing and managing any breach and will determine whether the incident is an eligible data breach under the Notifiable Data Breach (NDB) scheme. The Data Breach Response Team is also responsible for delivering any notifications that may be required in a timely manner.

Deadly Sports Plus will take all reasonable steps to limit the consequences of a data breach and to preserve and build public trust in its management of personal information.

13              Retention and Destruction of Information

We destroy or de-identify personal information held once the information is no longer needed for any purpose for which the information may be legally used or disclosed.

14              Accessing personal information

Deadly Sports Plus confirms all individuals have a right to request access to their personal information held. Students are able to log in to the training management system at any time to access or update their details. Individuals may also request access to personal records by making contact using the contact details in section 16. In processing requests, we:

  • ensure through confirmation of identity that the request is made by the individual concerned, or by another person who is authorised to make a request on their behalf;

  • respond to a request for access within 14 calendar days, when notifying our refusal to give access, including providing reasons for refusal in writing, and the complaint mechanisms available to the individual or within 30 calendar days, by giving access to the personal information that is requested in the manner in which it was requested; and

  • provide information access free of charge.

A number of third parties, other than the individual, may request access to an individual’s personal information. Such third parties may include employers, parents or guardians, schools, Governments and other stakeholders. In all cases where access is requested, Deadly Sports Plus will ensure that:

  • parties requesting access to personal information are robustly identified and vetted;

  • where legally permitted, the individual to whom the information relates will be contacted to confirm consent (if consent has not previously provided for the matter); and

  • only appropriately authorised parties, for permitted purposes, will be provided access to the information.

15              Seeking correction to personal information

Deadly Sports Plus confirms all individuals have a right to request correction to information held and may do so by making contact using the contact details in section 16. Deadly Sports Plus takes reasonable steps to correct personal information we hold, to ensure it is accurate, up-to-date, complete, relevant and not misleading, having regard to the purpose for which it is held.

On an individual’s request, Deadly Sports Plus will if appropriate:

  • correct personal information held; and

  • notify any third parties of corrections made to personal information, if this information was previously provided to these parties.

In cases where we refuse to update personal information, Deadly Sports Plus will:

  • give a written notice to the individual, including the reasons for the refusal and the complaint mechanisms available to the individual;

  • upon request by the individual whose correction request has been refused, take reasonable steps to associate a statement with the personal information that the individual believes it to be inaccurate, out-of-date, incomplete, irrelevant or misleading;

  • respond within 14 calendar days to these requests; and

  • complete all actions free of charge.

Deadly Sports Plus will take reasonable steps to correct personal information in cases where we are satisfied that the personal information held is inaccurate, out-of-date, incomplete, irrelevant or misleading. This awareness may occur through collection of updated information, in notification from third parties or through other means.

16              Questions, comments and complaints

If you have any questions, comments or complaints regarding this Privacy Policy, your personal information, or our compliance with our privacy obligations, please contact our Privacy Officer on:

Deadly Sports Plus
Ph 03 9969 7429
admin@deadlysportsplus.com

Once we have received your question, comment or complaint, we will investigate and endeavour to respond to you within a reasonable time, usually within 14 days.

If you are unhappy with our response time, you can lodge a written complaint with the Office of the Australian Information Commissioner at:

Office of the Australian Information Commissioner (OAIC)

GPO Box 5218

Sydney NSW 1042

email: privacy@privacy.gov.au

17              Review and update of this Privacy Policy

Deadly Sports Plus reviews this Privacy Policy:

  • on an ongoing basis, as suggestions or issues are raised and addressed, or as government-required changes are identified;

  • through our internal audit processes on at least an annual basis; and

  • as a component of each complaint investigation process where the complaint is related to a privacy matter.

Whenever this policy is updated, changes to the policy are widely communicated to stakeholders internally through staff communications, meetings, training and documentation, and externally through publishing of the policy on Deadly Sports Plus’s website and other relevant documentation for clients.

This Privacy Policy was last updated on 19 April 2025.