We collect your personal information during recruitment, onboarding and throughout your employment with the University. 

During your recruitment and onboarding, information we collect includes:

• Your name, contact details, date of birth and emergency contact details
• Demographic information
• Referee reports, educational qualifications and previous employment history
• Tax file number, citizenship, work rights and visa details, superannuation and bank account details
• Health and disability information (where relevant).

Before your onboarding, we will conduct background checks (including qualifications, employment history, criminal records, sanctions or reference checks) for compliance and verification, to assess your suitability for employment and support University onboarding management.

If you choose to provide it, we will collect sensitive personal information about you, such as your gender, language spoken at home and sexuality, primarily for mandatory government reporting. This information is collected and stored securely within the HR system. 

During your employment we will continue to collect information regarding your ongoing work and employment through our human resources systems and processes and ICT environments.

We primarily collect information directly from you but in some circumstances, information may be provided by third parties (for example by referees, employment verification services, professional associations, training providers, medical practitioners or government agencies) to verify your employment requirements and right to work arrangements. We will only collect information from third parties when we tell you about this or if authorised by law.

We use your information to manage your employment with the University, including:

• Recruitment, selection, appointment, onboarding and work rights verification
• Payroll, superannuation, insurance, and travel management
• Supporting employment-related requests, such as leave, and staff appraisals, probation, and promotion
• Targeted development programs, workplace adjustments and accessibility planning
• Access to University systems and facilities
• Contacting you or your emergency contact if there are concerns for your welfare or safety
• Managing workplace health, safety, risk and workers’ compensation
• Managing performance, conduct and disciplinary processes
• Staff training and development
• System development and process improvement
• Benchmarking, reporting, quality assurance, planning, and analysis (including confidential and aggregated reporting)
• Monitoring user activity (e.g. network access, IP address, wifi access, user actions) to maintain cyber security, respond to threats, incidents or complaint processes and manage resource utilisation
• Providing relevant University news, opportunities, and services
• Supporting compliance with legal obligations.

With appropriate guardrails in place, the University may use your personal information in approved University artificial intelligence (AI) and machine learning tools to:

• Undertake research and analysis
• Improve administrative processes and service delivery
• Perform quality assurance and planning.

Where these tools are used, your personal information will be handled in accordance with the University’s Privacy Policy and applicable privacy laws.

Sensitive personal information about you, including your demographic data, will be stored securely. Identified demographic data about you will not be accessible to your manager and will only be used by authorised HR staff for workplace adjustments, accessibility planning and targeted program development. It will not be made accessible to any other staff and will only be used for aggregated reporting and planning.

Our HR information is tightly controlled. Required HR information is only shared outside the organisation in limited circumstances, including with:

• Service providers engaged to deliver University functions (e.g. background checks for employment purposes, travel, payroll, ICT service provision and support), who are bound by our privacy and security requirements
• Where required, government agencies, regulators, and law enforcement, including the Australian Taxation Office, Department of Education, Department of Home Affairs and the Tertiary Education Quality and Standards Agency. HR data is also shared with the federal government agency TCSI (Tertiary Collection of Student Information) which requires reporting on staff and students.
• External agencies for reporting, benchmarking, or equity initiatives, using de-identified and aggregated data 
• Other organisations where authorised by law.

Aggregated data and/or otherwise deidentified data may be shared with agencies such as the Australian Bureau of Statistics, Workplace Gender Equity Agency, and university ranking bodies.

Your personal information is stored securely in University systems in accordance with:

• Cyber Security Policy (pdf, 218KB)
• Acceptable Use of ICT Resources Policy (1.3MB)
• Recordkeeping Policy (254KB)

We will hold your personal information for the minimum retention periods set out in the State Records Act 1998 (NSW) and will dispose of your information securely when we no longer required it for a lawful purpose.

Under NSW privacy laws, you have the right to request access to and correct your personal information held by the University. Enquiries should be directed to privacy.enquiries@sydney.edu.au. 

If you live or are located outside Australia, you may have additional rights. Please contact us for more information.

If you believe that the University or a member of staff has not handled your personal information in a way that you expect, you can make a complaint. Find out more about making a privacy complaint.