Privacy documents
TEQSA, its employees, contractors and agents (collectively, 'the agency') is subject to the Privacy Act 1988 (Cth) (the Privacy Act) and to the requirements of the Australian Privacy Principles (APPs) contained in Schedule 1 of the Privacy Act.
We also adhere to applicable Privacy guidance for organisations and government agencies provided by the Office of the Australian Information Commissioner.
The remainder of this webpage contains an abridged version of the complete privacy policy (condensed privacy policy).
Condensed privacy policy
The complete privacy policy provides more detailed information about:
- the types of personal information that we collect, hold, use and disclose
- our personal information handling practices
- our authority to collect your personal information, why it may be held by us, how it is used and how it is protected
- our use of artificial intelligence
- whether we are likely to disclose personal information to overseas recipients and if possible, to whom and
- how you can access your personal information, correct it if necessary and complain if you believe it has been wrongly collected or inappropriately handled.
You should read our complete or condensed privacy policy if you are:
- a student
- a higher education provider
- a professional accreditation body
- a contractor, consultant, or supplier of goods or services to us
- a person whose information may be given to us by a third party, including other Australian Government agencies
- a current or past employee
- a person seeking employment with us, or
- any other individual whose personal information we may collect, hold, use and disclose from time to time.
Information we collect and why we hold, use and disclose it
Our purpose is to protect student interests and the reputation of Australia’s higher education sector through a proportionate, risk-reflective approach to quality assurance that supports diversity, innovation and excellence.
The Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act) which established us as an agency, calls for us to:
- register regulated entities as higher education providers and accredit their courses of study
- conduct compliance and quality assessments
- conduct re-accreditation assessments of courses developed by providers without self-accrediting authority
- provide advice and make recommendations to the Commonwealth Minister responsible for Education on matters relating to the quality and regulation of higher education providers
- cooperate with similar agencies in other countries
- collect, analyse, interpret and disseminate information relating to quality assurance practice and quality improvement in higher education
- to investigate and take action against individuals or organisations offering or advertising commercial academic cheating services to students at Australian higher education providers.
We collect, hold, use and disclose personal information for a variety of purposes, including:
- perform our legislated regulatory and quality assurance functions
- perform our management, employment and personnel functions and responsibilities in relation to our staff and contractors
- manage contracts and consultancy arrangements
- administer requests received by us under the Freedom of Information Act 1982 (Cth) or the Privacy Act
- manage correspondence and engagement with stakeholders, members of the higher education sector and the public
- obtain legal advice from internal and external lawyers.
Our legislated functions under the TEQSA Act include, but are not limited to:
- assessing applications of higher education providers for registration, renewal of registration, course accreditation, and renewal of course accreditation
- conducting assessments of compliance
- notifying and generally communicating with prospective and registered higher education providers in relation to TEQSA’s regulatory functions
- collecting and retaining student records following a provider ceasing to operate (and to allow students and providers to request access).
Our legislated functions under the Education Services for Overseas Students Act 2000 (ESOS Act) include, but are not limited to:
- assessing applications for Commonwealth Register of Institutions and Courses for Overseas Students (CRICOS) registration and renewal of CRICOS registration
- assessing applications to make changes to CRICOS registration, including making changes or adding courses, locations, student capacity and third-party arrangements
- monitoring compliance with all requirements under the ESOS Act and related legislation, and acting where there is non-compliance or risks of non-compliance.
We only collect, hold, use and disclose personal information for a lawful purpose that is reasonably necessary or directly related to one or more of our functions or activities or where otherwise required or authorised by law.
We use and disclose personal information for the primary purposes for which it is collected. We will only use your personal information for secondary purposes where we are able to do so in accordance with the Privacy Act.
Our online services
When you use TEQSA’s online services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your server address, your top-level domain name, the date and time of the visit to the site, the pages accessed and documents viewed, the previous sites visited, and the browser type, browser language, and one or more cookies that may uniquely identify your browser. The information does not contain anything that identifies individuals.
Disclosure of personal information overseas
It is unlikely the records we hold that contain personal information will be disclosed to any overseas recipients. However, where TEQSA does so, we will ensure that appropriate steps are taken to comply with Australian Privacy Principle 8.
Storage and data security
Storage of personal information (and the disposal of information when no longer required) is managed in accordance with the Australian Government's records management regime.
We take all reasonable steps to protect the personal information held in our possession against loss, unauthorised access, use, modification, disclosure or misuse.
Data quality
We take all reasonable steps to make sure that the personal information we collect and store is accurate, up-to-date, complete, relevant and not misleading.
Access to and alteration of records containing personal information
You have a right under the Privacy Act to access personal information we hold about you.
You also have a right under the Privacy Act to request corrections of any personal information that we hold about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.
It is also possible to access and correct documents held by us under the FOI Act. Further information about how to make an FOI application is available on the Freedom of Information page of our website. You can also contact our FOI team at foi@teqsa.gov.au.
Changes to this condensed privacy policy
Please note that the condensed privacy policy may change from time to time.
Last updated: February 2026.
Privacy impact assessments
A privacy impact assessment (PIA) is a systematic assessment of a project that identifies the impact that the project might have on the privacy of individuals, and sets out recommendations for managing, minimising or eliminating that impact.
The Privacy (Australian Government Agencies - Governance) APP Code 2017 (Privacy Code) requires us to undertake a PIA in certain instances and to maintain a register of those PIAs from 1 July 2018. In accordance with the Privacy Code, we publish our PIA Register (see below).
Privacy impact assessment (PIA) register
The agency's PIA register has been prepared in accordance with section 15(1) of the Privacy Code.
Last updated: 25 February 2026.
| Date | Document Title |
|---|---|
| 14 November 2019 | Documents obtained from the University of New South Wales regarding Australian and overseas providers |
| 30 March 2022 | COVID-19 vaccination mandate |
| 13 May 2024 | Student records management solution |
| 19 December 2024 | Records management project (digital uplift) |
| 27 August 2025 | PIMS 2.0 – P Drive Data Migration (Stage 1-3) |
Complaints
If you think we may have breached your privacy you may contact us to make a complaint using the contact details below. In order to ensure that we fully understand the nature of your complaint and the outcome you are seeking, we prefer that you make your complaint in writing.
For further information about our complaint handling process please read our Complaints about TEQSA policy.
Contact us
If you have any enquiries or complaints about privacy, or if you wish to access or correct your personal information, please email us at foi@teqsa.gov.au or write to:
Privacy Contact Officer
Tertiary Education Quality and Standards Agency
GPO Box 1672
Melbourne VIC 3001
Complete privacy policy