Privacy Policy

Served to Cert Pty Ltd - ABN 85 634 533 903
Effective Date: 20th of August 2025

1. Who we are

Served to Cert Pty Ltd (“we”, “our”, “us”), provides nationally recognised training and assessment to learners across Australia. This policy explains how we handle personal information for prospective students, applicants, enrolled students, graduates, and website users of servedtocert.com.au.

2. Our commitment to privacy

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), the National Vocational Education and Training Regulator Act 2011, the National Vocational Education and Training Regulator (Data Provision Requirements) Instrument 2020 (AVETMISS/Total VET Activity), the Student Identifiers Act 2014 (USI), and the 2025 Standards for Registered Training Organisations.

3. What we collect

Depending on your relationship with us, we may collect:

  • Identity & contact details: name, date of birth, gender (optional), addresses, email, phone.

  • Eligibility & background: citizenship, residency, language/literacy/numeracy support needs, disability or medical information you choose to provide (only where relevant to support or statutory reporting), prior education and employment status.

  • Training & assessment data: enrolment details, units/qualifications, results, attendance/participation, RPL/credit transfer evidence, fees and payments.

  • USI details (and verification status) as required by the Student Identifiers Act 2014.

  • AVETMISS fields required for the National VET Provider Collection.

  • Website & communications: online forms, enquiry/chat records, IP address, device/browser information, cookies and analytics (see Section 11).

  • Referrals & support: information provided by our partner Salute for Service (transition support only) or by software we use for RPL evidence management (e.g., RPL assessment platforms). These parties do not deliver training services on our behalf.

Were lawful and practical, you may interact with us anonymously or using a

pseudonym (e.g., general enquiries). If you don’t provide information we

reasonably require for training, we may be unable to enrol you or issue

certification.

4. How we collect information

  • Directly from you via our website, forms, emails, phone, events, interviews, tutorial sessions, RPL assessments, and surveys.

  • From third parties with your authority or as permitted by law, e.g., previous RTOs/employers (for credit transfer/RPL), government agencies for USI verification, or from our service providers (student

  • management/learning systems).

  • Automatically through cookies/analytics when you use our website (see Section 11).

5. Why we collect and use your information

We collect, use, and disclose personal information to:

  • respond to enquiries, assess your application, and enrol you

  • deliver, support, and assess your training (including RPL/credit transfer)

  • create, verify, and use your USI

  • prepare and submit AVETMISS/Total VET Activity data to the National VET Collection

  • issue AQF certification and maintain issuance records

  • manage fees, funding, and compliance audits

  • provide student support and reasonable adjustments

  • communicate about your course and (if you opt in) send marketing about our services, you can opt out anytime meet legal, regulatory, and reporting obligations to ASQA, NCVER, DEWR (Australian Government), and state/territory funding bodies.

6. Disclosures (who we share with)

We may disclose personal information to:

  • NCVER for the National VET Provider Collection and research/statistics

  • DEWR and other authorised government agencies that manage national VET data and policies

  • the USI Office/Registrar for USI creation/verification and transcript services

  • ASQA and auditors for regulatory assurance

  • state/territory training authorities and funding bodies (where applicable)

  • our service providers under contract (e.g., student management systems, learning platforms, identity verification, secure document storage, RPL assessment platforms, IT/hosting, email, analytics). These providers must handle personal information under strict confidentiality and security obligations and cannot use it for their own marketing.

  • your nominated employer/sponsor (where relevant), or as required/authorised by law.

Where we use cloud or technology providers that store data overseas, we take reasonable steps to ensure the recipient will protect your information in a way that is substantially similar to the APPs (APP 8).

7. Your USI and the USI Registry System

If you authorise us to apply for a USI on your behalf, we will provide you with the USI Student Privacy Notice and obtain your consent. We will only use your identity information for the USI process and will destroy the ID details as soon as practicable after creating/verifying your USI, as required by law.

8. The VET Data Privacy Notice

Before or at enrolment, we will give you the VET Data Privacy Notice that explains how your VET data is used and disclosed (including to NCVER and for research/statistics) and your rights. We include the current government-approved wording in our enrolment process and student handbook.

Where to find it: The full VET Data Privacy Notice is provided on our website here https://servedtocert.com.au/student-hub

9. Direct marketing

We may send service updates and (only if you consent) marketing about our courses and events. You can opt out at any time by clicking “unsubscribe” or contacting us (see Section 15). We never sell your personal information.

10. Data retention

We retain student assessment evidence for at least two (2) years from completion, or longer where licensing/funding contracts require.

We retain records required to re-issue AQF certification for 30 years (as required by the RTO Standards).

Other records are kept only as long as necessary for the purposes described in this policy or as otherwise required by law.

11. Our website, cookies, and analytics

We use cookies and similar technologies to operate our site, remember preferences, and understand website traffic. We may use privacy-enhancing analytics tools and ad platforms. You can control cookies through your browser settings. If we use third-party analytics or advertising, those providers may process limited data on our behalf under contract and cannot identify you from analytics reports.

12. Security

We take reasonable steps to protect personal information against misuse, interference, loss, and unauthorised access, modification, or disclosure.

Measures include role-based access, MFA for staff systems, secure transmission (HTTPS), encrypted storage where appropriate, staff training, supplier due diligence, and secure destruction or de-identification when no longer required.

13. Accessing and correcting your information

You can request access to, or correction of, your personal information at any time. We’ll respond within a reasonable period and, where we refuse a request (for example, where disclosure would unreasonably impact another person’s privacy), we’ll tell you why and how you can complain.

14. Your choices

Anonymity/pseudonymity: available for general enquiries.

Sensitive information: we will only collect it with your consent or were permitted by law and only when needed to support you or meet reporting obligations.

Marketing: opt out anytime.

USI: you may create your own USI at usi.gov.au and provide it to us.

15. How to contact us

Email: info@servedtocert.com.au

Phone: (07) 3555 7703

Address: 2 Heaslop Street, Woolloongabba Q 4102

16. Complaints

If you have a privacy concern, contact us first. We will investigate and respond in writing. If you’re not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC): oaic.gov.au, 1300 363 992.

You can also raise VET data concerns with NCVER/DEWR as described in the VET Data Privacy Notice.

17. Third-party services and partners

We may use reputable third-party platforms to support training delivery (e.g., learning systems, e-signature, student management, and RPL evidence tools).

We also work alongside Salute for Service (transition support partner) to assist veterans; Salute for Service does not deliver training services. When these providers handle data on our behalf, they do so under contract and only for our purposes.

18. Changes to this policy

We may update this policy to reflect legislative or operational changes. The latest version will always be available on servedtocert.com.au and will show the effective date. Significant changes will be notified to current students by email or LMS notice.