Training Alliance Group (TAG) delivers employment, training and community services across three service streams:
Â
This policy explains how TAG collects, holds, uses and discloses personal information. It applies to all individuals whose information TAG handles across these service streams, including participants, job seekers, students, employers and contractors.
This policy also applies to job applicants and contractors engaged by TAG. Personal information collected during recruitment or contracting is handled in accordance with the Privacy Act. TAG staff in an ongoing employment relationship are covered by TAG’s internal privacy arrangements for employment matters.
TAG complies with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs) in Schedule 1 and the Notifiable Data Breaches scheme under Part IIIC. TAG also complies with the Disability Services and Inclusion Act 2023 (DSI Act) for DSS-funded services, the Privacy (Tax File Number) Rule 2015 where applicable, and the Standards for Registered Training Organisations 2025 for RTO-enrolled students.
TAG manages information security across all service streams through a single certified Information Security Management System (ISMS), holds ISO 27001 certification, and is accredited under the Right Fit for Risk framework.
This policy is reviewed annually and may be updated to reflect changes in TAG’s operations, services or legal obligations.
Â
TAG collects personal information that is necessary to deliver the services you have engaged us for. We only collect information for a lawful purpose that is reasonably necessary or directly related to our functions, or where required or authorised by law.
You may choose not to provide your personal information to us. In some circumstances this will mean we are unable to deliver the relevant service to you.
You may also choose to deal with us anonymously or using a pseudonym where this is practicable. However, for most of our services it will be necessary for you to identify yourself: for example, to assess your eligibility for a program, to enrol you in training, or to investigate and resolve a complaint.
Â
2.1 Types of Information We Collect
Personal information we collect includes, but is not limited to:
Â
We collect sensitive information only where it is necessary for service delivery or employment purposes. In most cases we will seek your consent before collecting it. Where collection is a condition of a government contract or regulatory requirement, we will tell you at the time of collection.
Â
2.2 Children and Young People
Where TAG collects personal information about a person aged 15 or over, our general practice is to collect information directly from them. For children under the age of 15, or where we are uncertain about a person’s capacity to provide informed consent, we will notify and seek consent from a parent or guardian, unless seeking consent is impractical or the collection is required or authorised by law.
Â
2.3 Unsolicited Information
Sometimes personal information is provided to us without us having requested it. Where this occurs, we will determine whether the information is reasonably necessary for our functions. If it is not, we will destroy or de-identify it as soon as practicable and in accordance with applicable records management requirements. If it is relevant, we will handle it in accordance with this policy.
Â
2.4 How We Collect Information
We may collect your personal information:
Â
Where a document you sign or accept includes a consent statement, that statement describes the specific personal information being collected and the purpose. Read it before signing. If you have questions about what information is being collected and why, contact us using the details in section 10.
There are inherent risks associated with transmitting information over the internet, including via email. You should be aware of this when sending personal information to us online. If this is a concern, you may contact us by phone or post instead.
Â
2.5 Website and Passive Collection
Our websites collect information to support service delivery and improve user experience. We are not responsible for the privacy practices of external websites linked from our site.
Some information is collected passively by software running on your device. TAG does not collect this information directly. You can limit passive collection by disabling cookies, disabling JavaScript, opting out of Google Analytics, or disabling location services on your device.
Our website includes an eligibility questionnaire to help determine whether TAG services may be suitable for you. This form is reviewed by a staff member: no automated eligibility decision is made from your responses.
Â
We use your personal information for the primary purpose for which it was collected; delivering the services you have engaged us for. This includes:
Â
We may use your information for a secondary purpose where:
Â
Where appropriate, consent for secondary use will be confirmed in writing.
We use video surveillance at our premises for security purposes only. Footage is not used for any other purpose and is not publicly available.
Â
We only disclose your personal information for the purpose for which it was collected, or as otherwise permitted under the Privacy Act. We may disclose your information to:
Â
4.1 Disclosure Overseas
Personal information collected from participants under TAG’s DEWR and DSS government contracts is stored in Australia and is not transferred overseas.
In other contexts, we may disclose personal information to overseas recipients in limited circumstances, including:
Â
TAG takes reasonable steps to limit the overseas disclosure of personal information to the circumstances described in this section.
Â
TAG takes reasonable steps to ensure the personal information we collect and hold is accurate, current, complete and not misleading. If you believe information we hold about you is incorrect or out of date, contact us using the details in section 10.
Â
TAG is committed to protecting your personal information from loss, unauthorised access, misuse, modification and disclosure. TAG manages information security through a certified Information Security Management System (ISMS) that covers all service streams and operational environments. TAG holds ISO 27001 certification and is accredited under the Right Fit for Risk framework.
Personal information is retained and disposed of in accordance with applicable records management requirements. When personal information is no longer required, it is disposed of securely.
Â
TAG is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). If TAG becomes aware of an eligible data breach: that is, unauthorised access to, disclosure of, or loss of personal information that is likely to result in serious harm to any individual, TAG will:
Â
TAG maintains an internal data breach response procedure. If you believe your personal information held by TAG has been compromised, contact us using the details in section 10.
Â
TAG does not currently use automated systems to make, or substantially contribute to, decisions about individuals. Where assessment or screening tools are used, a staff member reviews all outcomes before any decision is made.
This policy will be updated to reflect any changes in TAG’s use of automated decision-making, including to meet emerging regulatory requirements.
Â
You have the right to request access to the personal information TAG holds about you, subject to limited exceptions under the Privacy Act. You also have the right to request that inaccurate, incomplete or out-of-date information be corrected.
To make an access or correction request, contact us using the details in section 10.
Â
If you believe TAG has breached your privacy, you can make a complaint verbally, in writing or anonymously using any of the following:
Â
TAG handles privacy complaints in accordance with its Complaints Management Policy. You will not face any retribution for making a complaint.
If you are not satisfied with TAG’s response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.