1.    Purpose of This Notice
This Privacy Notice explains how personal data is collected, used, disclosed, retained, and protected when individuals register interest in or apply for courses offered by Australia & New Zealand Institute of Insurance and Finance (ANZIIF) through Brunei Insurance and Takaful Association (BITA).

2.    Roles of the Parties
2.1.    BITA acts as a Data Controller in respect of the initial collection and processing of personal data for registration facilitation purposes.
2.2.    ANZIIF acts as an independent Data Controller upon receipt of the personal data for the purposes of enrolment assessment, course administration, and academic management.

3.    Personal Data Collected
The personal data collected may include, but is not limited to:
3.1.    Full name
3.2.    Identification or passport number (where required)
3.3.    Contact details (email address, telephone number, address)
3.4.    Professional information
3.5.    Course preferences
3.6.    Any additional information voluntarily provided by the applicant

4.    Purposes of Processing
Personal data is collected and processed for the following purposes:
4.1.    To facilitate registration and submission of applications to the Learning Institution
4.2.    To verify eligibility and completeness of applications
4.3.    To communicate with applicants regarding course information and enrolment status
4.4.    To fulfil contractual or pre-contractual obligations
4.5.    To comply with legal, regulatory, or accreditation requirements

5.    Data Sharing and Disclosure
Personal data collected by the Organization will be shared with:
5.1.    ANZIIF for enrolment and academic administration
5.2.    Authorized service providers or processors engaged by either party, subject to appropriate data protection safeguards

6.    Data Retention
6.1.    Personal data will be retained:
6.2.    By the Organization: only for as long as necessary to facilitate registration, respond to enquiries, and meet legal or regulatory requirements
6.3.    By the Learning Institution: in accordance with its academic, regulatory, and retention policies
6.4.    Thereafter, personal data will be securely deleted or anonymized.

7.    Data Subject Rights
Applicants have the right to:
7.1.    Access their personal data
7.2.    Rectify inaccurate or incomplete data
7.3.    Request erasure of data (subject to legal limitations)
7.4.    Restrict or object to processing
7.5.    Request data portability
7.6.    Withdraw consent at any time
7.7.    Requests may be submitted to: dpo.bita@outlook.com

8.    Data Security
Appropriate technical and organizational measures are implemented to safeguard personal data against unauthorized access, disclosure, alteration, or destruction.

9.    Accuracy of Information
Applicants are responsible for ensuring that the personal data provided is accurate, complete, and up to date. The Organization shall not be liable for any consequences arising from inaccurate or incomplete information provided by the applicant.

10.    Limitation of Liability
The Organization acts solely as a facilitator for registration and does not make any representations or guarantees regarding admission, course outcomes, or decisions made by the Learning Institution.

11.    Updates to This Notice
This Notice may be updated from time to time to reflect changes in legal or regulatory requirements. The latest version will be made available at the point of registration.