Privacy, Legislation and Access to Records


The Di Pacci Coffee Company, RTO 45805, collects personal information on clients (companies and employers) and participants. Accurate records management and care of personal information is required to comply with privacy legislation as a business, and the Standards for Registered Training Organisations, (RTOs) 2015. The following policy and procedures for privacy will protect participants and clients and manage risk in our business.

This policy assists the RTO to meet the requirements of the Standards for RTOs 2015 clause:

3.4. Records of learner AQF certification documentation are maintained by the RTO in accordance with the requirements of Schedule 5 and are accessible to current and past learners.

6.5. The RTO:

a)securely maintains records of all complaints and appeals and their outcomes; and

8.1. The RTO cooperates with the VET Regulator:

        f) in the retention, archiving, retrieval and transfer of records.

8.5. The RTO complies with Commonwealth, State and Territory legislation and regulatory 

requirements relevant to its operations.


  • Data is collected on all students enrolling in a course. 
  • The collection of this data is necessary to establish the identity of the student so that certificates issued to that person clearly identifies that person as the recipient.
  • Names collected must be full names, (no nicknames, aliases,pseudonyms), and the certificate issued will reflect these details. This data is entered into the AVETMISS database.
  • The signed enrolment form is the agreement between the RTO and the student. 
  • The Unique Student Identifier (USI) is required prior to the issuance of the certificate. Where feasible, the student is encouraged and expected to register and provide the USI and the RTO will verify the details. 
  • All personal information must be destroyed once the details of the participant are verified and entered in the student management system. 

Maintenance of Records

  • The setup of course and student files is explained in the Student Administration Policy and Procedure 
  • The Document and Data Management Policy and Procedure sets down the controls and process for records management. 

Retention of Assessment Items and Archiving Student Records 

  • All relevant records are filed at the conclusion of the training. 
  • We comply with the ASQA general direction of Retention of Assessments. 
  • The files are housed in a lockable cabinet in the locked office. 
  • We retain these records for a minimum of six (6) months from end of course and up to two (2) years depending on the audit requirements of the funding and regulatory bodies.
  • Records of AQF documentation issued will be retained for a period of thirty (30) years
  • When the records are no longer required, they are shredded and disposed of. 
  • The “close out” and archiving of course and student files is explained in the Student Administration Policy and Procedure.

Use and Disclosure of Information 

  • Only staff has access to student records for the purpose of verifying log-in, verifying USI, AVETMISS personal details, progress, issuing or re-issuing certificates, contact of the student for re-certification or other relevant cause for contact within the boundaries of the business operations.
  • Relevant regulatory bodies have access for auditing or other lawful purposes.
  • Representative agencies of the Government have access for lawful reasons

Student Access to Records

  • Unless it is unlawful to do so participants can request access to their personal records. 
    • Participants can contact the office through the website or by email.
    • There may be an administration fee charged for locating and providing information within a defined number of days. 

    Identification checking process 

    • An identification checking process will be followed before releasing information. Confirmation of correct information from 3 forms of ID that is entered into our database from the application form and course details will be used to verify ID. This could be: 
      • Full name 
      • Address 
      • Date of birth 
      • Date and location of course
      • Student number 
      • Payments for the course 
      • Other questions about submission of documents for assessment that confirm the participant’s participation in the course.  
    • Where possible, the files will be sighted by the participant on our premises or the premises of the employer with a representative in attendance. 
    • The files may not be removed or copied without prior request and permission granted by the office. 

    Student Identification – Unique Student and Certificate ID Number 

    • We use an AVETMISS database and all participants are issued with a unique student identification number in that system. (This is NOT the same as the government issued USI) 
    • This number is shown on the certificate and can be used to verify attendance and completion of the relevant course.
    • This information is retained and archived in the database. 

    Employer and Other Organisation Access to Records

    • Employers who pay for participants to participate in training and who support workplace or distance training and assessment have the right to ask for access to records. But the student/employee will be advised before any information is released. 
    • Requests by other organisations for information relating to the student will only be provided as a verification of information provided by that organisation. A request to the student for release of information may be undertaken depending on the circumstances. 
    • This request and approval will be logged in the communication or case notes in the database or student file.