Hero
Privacy
Principles

Only collect personal information for a lawful purpose, which is directly related to the agency’s function or activities and necessary for that purpose.

Personal information is only collected in Hero for the use of the school, the schools decides what information to collect in conjunction with the requirements of the Ministry of Education. Personal information is not used by LINC-Technologies for any other purpose.

Only collect personal information directly from the person concerned, unless they have authorised collection from someone else, or if the person is under the age of 16 and the information has been provided by a parent or guardian.

All personal information in Hero is collected by the individual schools via an enrolment form and is either entered by a caregiver completing an online application form or by school administrators directly.

Inform the person you are collecting the information from why you are collecting it, what you will do with it and who else might see it. Tell the person how they can view and correct their personal information, if the information is required by law or voluntary, and any consequences that may apply if they decide not to provide their information.

Schools advise caregivers or students what information is being collected through their enrolment process. It is the responsibility of the school to let caregivers know if additional information is being collected or recorded for the students or caregivers. Hero affords the option for schools to create their own fields for data collection.

Ensure that the personal information is relevant, accurate, complete, up-to-date and not excessive and that the collection does not unreasonably intrude into the personal affairs of the individual.

The collection of data is limited to the information the school feels is relevant to supporting student learning or is required by the state.

Store personal information securely, keep it no longer than necessary and dispose of it appropriately. It should also be protected from unauthorised access, use, modification or disclosure.

Hero databases store information such as accounts, student details, posts, goals, attendance and assessment data and pupil billing information. These are replicated to separate servers so that redundancy is always maintained. Daily snapshots are taken, which are maintained for seven days. All files are stored on Azure Blob Storage, which is managed by Microsoft Azure. This is designed to be highly available with a 99.99% uptime guarantee. This data store is configured to be replicated to 3 different servers within the same datacenter, with geo-replication enabled in the event of a localised disaster at our primary datacenter. Outside of this, an additional backup process is run every night with the same storage configuration, that is, locally and geo-replicated to data centres in NSW (AUS) and Victoria (AUS). All services are stateless, load-balanced, and redundant.

Explain to the person what personal information about them is being stored, why it is being used and any rights they have to access it.

Linc-technologies is the custodian of the data. Any requests for access to information must be made to the individual school as they are the legal entity responsible for the data.

Allow people to access their personal information without excessive delay or expense.

The school can update information within Hero upon request.

Allow people to update, correct or amend their personal information where necessary.

Schools are responsible for the accuracy of information stored within Hero.

Make sure that the personal information is relevant, accurate, up to date and complete before using it.

Schools are responsible for the accuracy of information stored within Hero.

Only use personal information for the purpose it was collected unless the person has given their consent, or the purpose of use is directly related to the purpose for which it was collected, or to prevent or lessen a serious or imminent threat to any person’s health or safety.

Linc Technologies will not use the data for any other reason than making it available to the school. Individuals can actively consent to Hero using the information for other, specified reasons. The school may choose to use the information in other ways and would be responsible for informing students and caregivers if this is the case.

Only disclose personal information with a person’s consent or if the person was told at the time that it would be disclosed, if disclosure is directly related to the purpose for which the information was collected and there is no reason to believe the person would object, or the person has been made aware that information of that kind is usually disclosed, or if disclosure is necessary to prevent a serious and imminent threat to any person’s health or safety.

Linc Technologies will only disclose data if verified permission has been obtained from the person concerned.

An agency cannot disclose sensitive personal information without a person’s consent, for example, information about ethnic or racial origin, political opinions, religious or philosophical beliefs, sexual activities or trade union membership. It can only disclose sensitive information without consent in order to deal with a serious and imminent threat to any person’s health or safety.

Linc Technologies will only disclose data if verified permission has been obtained from the person concerned.