Cookies and site usage

This privacy statement relates only to the information automatically collected from you resulting from your visit to websites controlled by the Queensland University of Technology.

The University’s Information Security Policy sets out our requirements for confidentiality, integrity and availability of information accessed through Information Technology facilities.

The University is committed to protecting your privacy and processing personal information fairly and lawfully in compliance with applicable legislation. The collection of personal information by the University is governed by the Information Privacy Act 2009 (Qld) (IP Act). The University is also considered to be a data controller for the purposes of the EU General Data Protection Regulation 2016/679 (GDPR) in relation to the collection of personal information from individuals located in the EU, while conducting certain activities.

"Personal information" is defined broadly in the IP Act and GDPR as information that relates to an identified or identifiable individual. For further information about how the University manages personal information, please view the University’s Privacy Policy or visit our Privacy Webpage.

Links

This privacy statement does not apply to external websites that are linked to the University’s site. The University is not responsible for the privacy practices or content of external websites.

When you link to another site, we recommend you read the privacy statement of that site to familiarise yourself with its privacy policy and practices.

Disclosure of site visit data

The University will not disclose any personal information collected as part of your site visit to a third party without your consent, unless we are required or authorised to do so by law. As part of an investigation into suspected unlawful or improper activity, a law enforcement agency or government agency may exercise its legal authority to inspect the web server's records (for example, in relation to hacking or abusive messages).

Use of Cookies

Internet cookies are small strings of text placed on users' hard drives during the data exchange that happens when a browser points to a website. Cookies allow a website to store information on a user's machine and retrieve it later. Cookies and other information collection technologies can only store information that is explicitly provided by the user or visitor in the first place, or information the website already knows about the user, such as their IP address.

QUT's website uses cookies for:

  • identifying unique visitors to the site for statistical purposes (that is, you will be allocated a visitor number which will be held in a cookie on your computer or device for a fixed period, such as 30 days. This cookie will also hold your IP address).
  • proving your identity when you attempt to access a restricted part of the QUT site (generally only available to QUT staff and/or students). You will be asked to provide your QUT Access username and password to prove your identity. This information is sent across the Internet securely using a Secure Socket Layer (SSL). A cookie may then be created in your computer or device's memory until you shut down your browser, though sometimes it may be stored on your computer or device. This cookie contains the following information that is available even if you have disabled cookies:
    • internal unique ID generated by QUT
    • your full name and email alias, which may be used for personalising the site as well as for emails sent from the site to you
    • your relationship with QUT (for instances, the course or unit you are enrolled in or the work areas with which you are currently associated). This is used to ensure you are authorised to access the information you have requested.

Site usage

When you visit QUT's website, we make a record of your visit using "single pixel gif" technology embedded in the code of each page. We log the following information, which is used for statistical purposes:

  • the IP address of the computer you are using or an IP that is dynamically allocated by your internet service provider
  • the date and time of your visit
  • the pages accessed and documents downloaded
  • the file size of the pages downloaded
  • the type of browser used and screen resolution
  • the referring page (ie last page visited before entering the QUT site).

Third party service providers

QUT uses Google Analytics to gather statistics about how its website is accessed. Google Analytics uses cookies to gather information for the purpose of providing statistical reporting. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers located outside of Australia. No personally identifying information is recorded or provided to Google. If you are logged in to the QUT website, information about your user account is not linked to data recorded by Google Analytics and is not provided to Google.

QUT uses third party marketing platforms, including Google Ads, Facebook, Sendpulse, Quantcast, Oath, and Twitter to market its products and services. These marketing platforms may serve our ads to you on their own websites, or on partner websites and apps. The marketing platforms we use allow us to advertise and communicate to you based on profiles developed according to your use of our websites and other partner websites, personal information you provide to us, and your response to the advertising messages we serve to you.

We may also use third party audience data from Google Analytics, Oath, and Quantcast, such as age, gender, behaviour, and interests, to provide advertising that's suited to your preferences. No personally identifiable information is recorded or provided to these third parties through this process, however information generated by the cookie about your use of our website will be transmitted to our vendors and may be stored on servers outside of Australia.

QUT contracts third party service providers to market its products and services. These third party providers are contracted to protect any personal data with the same level of protection as QUT. We advertise and communicate to you based on profiles developed according to your use of our websites, your response to the advertising messages we serve to you online, as well as the personal information you provide to us. Personal information is collected, stored and used according to QUT Privacy Policy.

The vendors we use have their own policies around cookie usage. We encourage you to check the policies on these sites.
Most browsers can be set to accept or reject cookies. You can choose to adjust your browser to reject cookies or to notify you when they are being used. Sometimes, rejecting cookies results in a loss of some website functionality. For instance, you may be unable to access a secure site, such as QUT Virtual. Alternatively, rejecting cookies may mean that you may have to establish your identity a number of times across the QUT site during a visit because the server cannot recheck your identity each time you request access to a restricted area. The information required to enable rechecking of your identity (e.g. your password) is encrypted for security prior to being added to the cookie.

QUT Mobile App

The QUT Mobile App (available on iOS and Android) is provided to support students and staff in accessing QUT services. Use of the app is optional. If you choose not to use the app, or if you decline or later withdraw certain device permissions, some features may be unavailable. For example, withdrawing location permission would disable the campus map and Digital ID functionality may be affected. The following disclosures supplement the information set out in this statement and apply specifically to the mobile app.

Location

The app requests access to your device's location for two purposes:

  • Campus map: foreground location is used to display your current position on the campus map and to automatically select the nearest QUT campus while the map is open. Location data is not stored or transmitted off your device. Any campus locations you save or pin within the app (such as favourite buildings) are stored as place identifiers within QUT's campus directory (not GPS coordinates) and are retained against your account to allow them to be restored across sessions and devices.
  • Digital ID and campus access: the Digital ID feature uses NFC or Bluetooth to interact with campus card readers, depending on your device. On Android, NFC is the primary method — hold your phone near a reader with the app open; Bluetooth is available as a fallback where NFC is not supported. On iOS, Bluetooth is used (NFC is not supported for Digital ID). An optional Background Access Mode allows the app to interact with readers when closed or in the background. The app uses Gallagher Security's Mobile Connect SDK for this feature. Neither QUT nor Gallagher's SDK accesses, collects, or transmits your physical location for this purpose. Refer to the Gallagher CC Mobile App Privacy Policy for further information.

You can manage or withdraw location permissions at any time through your device settings:

  • iOS: Settings > Privacy & Security > Location Services > QUT
  • Android: Settings > Apps > QUT > Permissions > Location

Withdrawing location permission will disable the campus map feature. On Android, location permission is also required for Bluetooth mode (NFC access is not affected). On iOS, location permission is only required if you enable Background Access Mode for Digital ID; standard Bluetooth access is not affected. Other app features will continue to function normally.

Personalised content and authentication

Where you choose to sign in, the app uses your QUT credentials to retrieve personalised information such as your timetable, results, and enrolment details from QUT systems. This information is displayed within the app and is not shared with third parties. Authentication tokens are stored securely on-device using iOS Keychain or Android Keystore and are not accessible to other applications. Where supported by your device, the app may offer biometric authentication (such as Face ID or fingerprint) as a convenience sign-in option; biometric data is processed entirely by the device operating system and is not accessed or stored by QUT.

Push notifications

With your consent, the app delivers push notifications relevant to your role and preferences. You can manage notification preferences within the app or through your device settings at any time.

The app also uses a third-party crash and error reporting service to identify and resolve technical issues. This service collects anonymised device and diagnostic information (such as device model, OS version, and error stack traces) and does not collect personally identifiable information.