1. TITLE
Australian National Maritime Museum
2. INTRODUCTION
The Australian National Maritime Museum (the Museum) is the keeper of Australia’s narrative as an island nation shaped by the sea. Its purpose is to develop, preserve and showcase its collections to expand our knowledge of our maritime heritage and to share these stories, nationally and internationally. In the course of performing its statutory functions under the Australian National Maritime Museum Act 1990, the Museum collects, stores, uses and disposes of personal information.
3. PURPOSE
In accordance with the Privacy Act 1988, the Museum is required to have a Privacy Policy that explains how it manages personal information.
This Policy outlines the reasons for the collection, use and retention of personal information and how that information is stored and disposed of. It also explains how an individual can access information about themselves, correct that information or complain about a breach of the Australian Privacy Principles.
4. SCOPE
The Privacy Policy applies to all personal information collected as a record by the Museum and sets out how this is handled and maintained in compliance with the Privacy Act 1988.
The exception to the meaning of a ‘record’ is anything kept in a library, art gallery or museum for the purposes of reference, study or exhibition. Such personal information is not subject to the Act.
5. POLICY STATEMENT
The Museum is committed to managing the personal information in collects, stores, uses and disposes of in compliance with relevant legislation and the Australian Privacy Principles Guidelines.
6. GUIDELINES
6.1 Why the Museum collects personal information
The Museum collects and uses personal information to perform its statutory functions. These include developing, maintaining and exhibiting collections of historical material, conducting research, providing information through education, public programs and publications, maintaining an events program and engaging with customers.
Individuals give the museum personal information when becoming an employee, volunteer or Member, via the Museum’s platform and when purchasing tickets, booking events, when onsite and registering to use wi-fi, and by completing forms and surveys.
The Museum will not collect personal information unless the individual agrees. As required by the Australian Privacy Principles, the Museum provides advice as to how the information may be used at the time of collection.
6.2 How personal information is held and protected
The Museum is committed to taking all reasonable steps to protect personal information from misuse and loss. It has in place strict procedures and standards to prevent its unauthorised access, modification or disclosure.
The Museum’s online and IT systems are managed in accordance with the Australian Government Protective Security Policy Framework and the Australian Government Information Security Manual. Access to personal information is strictly controlled through password protection for accessing electronic IT systems, and secure locked cabinets for paper files.
Storage of information (and the disposal of information when no longer required), is managed in accordance with Australian Government records management regulations, guidelines and legislation, including the Archives Act 1983.
7. CATEGORIES OF INFORMATION
To fulfil its mission, the Museum engages with individuals across Australia and internationally. In so doing, personal information is collected and used. In general, this is from the individual concerned although in some cases information may be received from third parties.
7.1 Personnel and administrative records
The Museum collects personal information about its employees, volunteers, interns, contractors, Council, committee members and site visitors. The purpose is to properly administer matters relating to an individual’s employment, duties or presence at the Museum.
- Employee records usually include personal details (such as address, next of kin and contact information), bank account details, tax file number, employment history, medical and police checks, leave, salary and superannuation records. Information may also be retained about rehabilitation or workers’ compensation claims, discipline or code-of-conduct matters and performance management.
- Volunteers provide the museum with their name, contact details, employment history and a copy of their driver’s licence. This information is used to assess their suitability and is stored as a paper record in the Volunteer Office.
- Council members are required to provide personal details, including contact details, bank account details and tax file number.
- Where contractors are operating machinery or performing specialised tasks, they are also required to provide their specialised license and personal identification (such as a driver’s licence). These are copied and stored as a paper record in Security and securely destroyed once the contractor’s engagement has ended.
- Visitors to museum offices and back-of-house are required to provide their full name, mobile number and to have a photograph taken. This information is stored on Sine’s Cloud Database (AWS). See Sine’s Privacy Policy Statement for further information, https://www.sine.co/privacy/.
Personal information relating to employees, volunteers, interns and Council and committee members is stored in the payroll system.
7.2 Museum visitor and client information
Customer relationship management system
A database is maintained with contact details of individuals who regularly engage with the Museum as customers through participation in visitation, events, tours and special activities, as donors of objects or cash, or due to a professional interest (such as education, tourism and the media). This is collected directly from the individuals or from a representative of their organisation. In the case of memberships, the name and date of birth of minors is collected from their parents or guardians.
This information is used to promote events, generate invitation lists, communicate with Members and retain and publicly acknowledge (with their consent) donors. The Museum also maintains a record of individuals providing feedback about their experiences.
The customer relationship management system is managed and secured by Salesforce. Salesforce privacy policy can be found here - Privacy Policy - Salesforce ANZ
Bookings information
The Museum holds a range of events and public programs, of which many are ticketed. A limited amount of personal information is collected (full name, address, email address and phone number) to ensure appropriate management of the activity. This information is not used for any other purpose without the individual’s permission, however it may be used to generate broad demographic data.
Payment and ticketing are managed by Vivaticketing and Eventbrite. These are United States based ticketing systems. They provide the Museum with personal information on attendees, excluding any billing or credit card information. Eventbrite may disclose the personal information it collects to overseas recipients in certain situations and in these circumstances the Australian Privacy Principles will not apply. Further information is available in Eventbrite’s Privacy Policy.
Visitor information and feedback
To improve its services, the Museum collects information from visitors about visitation and its programs. This may be solicited, such as through a visitor survey, or unsolicited, such as letters or emails. Solicited information collection is in general anonymous, although participants have the option of providing personal details in order to become a Member or to subscribe to a mailing list.
Use of the personal information arising from unsolicited emails and letters is confined to dealing with the matter.
From time to time, visitors will be photographed or filmed however this will only be done with their consent or that of their parent or guardian. The consent forms include the name of the individual and their contact details.
Visitor surveys are conducted using Survey Monkey. Privacy policy for Survey Monkey can be found here - Privacy Notice | SurveyMonkey
Donations
A third party provider is used to manage donations of money. Blackbaud collects and stores personal information (name, address, email and phone number) to create a customer profile and process donations. Bank and credit card details are collected at that time but are not retained. In the case of paper donation forms, once processed they are securely destroyed. More information on Blackbaud’s Privacy Policy is available at https://www.blackbaud.com/company/privacy-policy/north-america
Visitor wifi
Visitors are allowed to access the wireless network when on-site, with access provided through a Captive Portal. Personal information is captured which includes First Name, Last Name and Email address, however the terms and conditions require users to agree that the Museum can access the IP addresses of connected devices. This ensures oversight of users accessing the network.
The Museum may analyse broad data trends to determine how people access the network in order to improve services and better understand visitor behaviour. In this case the data will be de-identified.
People Counting
A series of lidar counters are installed in and around the Museum to monitor visitor movement. The purpose is to provide an understanding of visitation movement across the premise to improve traffic flow and provide a safe and secure environment.
Skyfii is the solution used to manage people counter. No personal information or facial recognition is captured. Skyfii Privacy policy - Privacy Policy - Skyfii
7.3 Security records (including CCTV)
Security records are maintained in order to manage access to Museum premises, assets and information. These relate to staff, volunteers, interns, visiting researchers and contractors. They may include police record checks and identification photos. The records are stored in a secure environment with access limited to authorised staff.
A series of closed-circuit television cameras (CCTV) are installed in and around the Museum to monitor and record activity. The purpose is to provide a safe and secure environment for staff and visitors and to protect the National Maritime Collection, Fleet and exhibits from damage, theft or loss.
Signs are in place at all public entrances advising visitors that CCTV is in operation.
Footage is stored in a secure environment and can only be accessed by authorised staff. Where an incident has occurred warranting further investigation, those investigating the incident will be given access to it. Except in the case of an incident, the footage will be permanently deleted after 90 days.
7.4 Historical collection, exhibition and research information
The Privacy Act applies to personal information which is in a record. Personal information kept by a library, art gallery or museum and contained in collection material is exempt.
However, the Act does apply to personal information held in records that support the collection, including personal information:
- about an object’s history, including its current and previous owners and any other individuals having a connection with it.
- concerning donors, lenders and vendors.
- required to arrange physical access to a collection by researchers, First Nations peoples or other interested parties
- in order to manage the object, such as transportation or insurance.
7.5 Corporate website and online engagement
Website
The Museum has a corporate website which has a link to this Privacy Policy.
The website is used for a range of purposes of which many require the provision of personal information: the submission of job applications, purchases through the online shop, subscription to e-newsletters, cash donations to the Foundation, Venues and Education bookings, registration on the National Monument to Migration and payment of membership fees. Personal details are maintained securely through its customer relationships platform.
From time to time, the Museum invites people to submit comments, stories, and photographs on the website. Although it encourages them not to identify individuals, the stories may contain personal information. When inviting such contributions, users are advised as to the purpose to which the material will be put.
Automated Data Collection Methods
When you visit our website, we may collect certain information by automated means, such as cookies, web beacons and web server logs. The information we may collect in this manner includes IP address, unique device identifier, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on our site, dates and times of visits to our site and other usage statistics.
We use information collected through cookies, web beacons, pixels, web server logs and other automated means for purposes such as:
- customising our users' use of our site;
- delivering content tailored to our users' interests and the manner in which our users use our site; and
- managing our site and other aspects of the museum
We also use third-party analytics services on our site, such as those of Google Analytics. The analytics providers that administer these services use technologies such as cookies, web server logs and web beacons to help us analyse your use of our site. The information collected through these means (including IP address) may be disclosed to these analytics providers and other relevant third parties who use the information, for example, to evaluate use of the site. To learn more about these analytics services and how to opt out, please visit <span">Google Analytics and any sites contained in the country-specific addenda.</span">
Social media
Social media channels such Facebook, LinkedIn, X, Instagram and YouTube are used to increase audience awareness and engagement and to promote current events and activities. No information is collected about individual’s engaging with the museum through these channels.
The exception is personal information collected in relation to social media competitions for accountability and auditing purposes. This is securely stored and is not be shared with third parties or used for any other purpose
Email marketing
This is done through the secure, external database provider, the United States-based Mail Chimp which sends emails and regular e-news about current exhibitions, events programs, promotions and surveys. Individuals sign-up to receive this information via the website, our customer relations platform or by completing a paper form. They can also opt out at any time.
Further information on MailChimp’s Privacy Policy is at Mailchimp's Legal Policies | Mailchimp
7.6 Retail Shop
A third party provider, BigCommerce, collects personal information when purchases are made through the online store. Customers may also leave their details in order to purchase items by mail order. In both cases, information is stored on BigCommerce’s data base. This is retained (excluding credit card details) to manage returns, refunds and exchanges. When a refund is requested, the Museum contacts the customer’s bank to authorise the refund to their account. Information on their Privacy Policy is at https://www.bigcommerce.com/privacy/.
The shop also stores personal details for customers to have items placed on hold. This information is destroyed immediately the goods are collected.
8. SENSITIVE PERSONAL INFORMATION
The Privacy Act distinguishes between personal information and ‘sensitive information’. Sensitive personal information includes information or opinion about an individual’s racial or ethnic origins, political and religious beliefs, associations, trade union memberships, sexual orientation, criminal record, health or genetic information and some aspects of biometric information. In addition, national Police Checks are conducted on prospective staff members, volunteers, interns, visiting researchers and contractors.
The Museum will not collect sensitive personal information unless the individual consents and the information is reasonably necessary or directly related to its functions and activities. In the case of Police Checks, the individual’s written consent must be obtained. These records are stored in a secure environment with access limited to authorised staff.
9. DISCLOSURE OF PERSONAL INFORMATION
Personal information will not be disclosed to anyone outside the Museum unless the individual concerned has given consent, or disclosure is otherwise permitted by the Australian Privacy Principles. Examples of exceptions include disclosure being necessary to prevent a serious threat to a person’s life, health or safety or for law enforcement purposes.
Personal information will only be released to contractors where it is necessary for the performance of their job, for example where a mailing house is engaged to distribute information. In such cases, the Museum’s written contract will contain the appropriate privacy clauses recommended by the Privacy Commissioner.
10. RIGHTS AND CHOICES
10.1 Accessing and correcting your personal information
Under the Privacy Act individuals have a right to access and correct personal information held by the museum. Similar rights exist under the Freedom of Information Act (Cth).
Requests to access or correct personal information can be made to the Privacy Contact Officer by telephone, email or mail:
Privacy Contact Officer
Australian National Maritime Museum
Wharf 7
58 Pirrama Road
PYRMONT NSW 2009
Email: privacy@sea.museum
Tel: +61 2 9298 3777
The Museum will respond within 30 days and will not charge a fee. Access to personal information, or changes to that information because it is incorrect, will be allowed unless the Museum considers there is a sound reason under the Privacy Act, or other relevant law, to withhold the information or not to make the changes. In such instances, a written explanation will be provided.
10.2 Anonymity and pseudo-anonymity
In certain circumstances, individuals may wish to remain anonymous or to use a pseudonym when communicating with the Museum, such as providing feedback. If it is not possible to do so, there will be an option to opt-out of further contact.
11. COMPLAINT HANDLING
All complaints from individuals about the handling of their personal information should be in writing to the Privacy Contact Officer, who will investigate and determine whether there has been a breach of privacy obligations.
The Museum is committed to the quick and fair resolution of complaints. Complaints are managed according to the Museum’s Complaints Handling Procedure. Complaints about the Museum’s personal information handling practices may also be made to the Office of the Australian Information Commissioner, https://www.oaic.gov.au/.
12. ROLES AND RESPONSIBILITIES
Director and CEO is responsible for deciding what remedial action should be taken in the case of a privacy breach.
Assistant Director, Corporate is responsible for ensuring that all workers, volunteers and contractors are familiar with this Policy and their obligations.
Privacy Contact Officer is responsible for maintaining and implementing this Policy. The Privacy Contact Officer is also responsible for giving advice on privacy issues, acting as the point of contact for the Commonwealth Office of the Australian Information Commissioner and investigating any privacy complaints. This role is undertaken by the Head of Governance, Policy and Reporting.
13. DEFINITIONS
Personal information – Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not
- whether the information or opinion is recorded in a material form or not.
Sensitive personal information - includes information or opinion about an individual’s racial or ethnic origin, political and religious beliefs, associations, trade union memberships, sexual orientation, criminal record, health or genetic information and some aspects of biometric information.
14. REFERENCES
14.1 Commonwealth legislation and guidelines
Archives Act 1983
Australian Government Protective Security Policy Framework
Australian Government Information Security Manual
Freedom of Information Act 1982 (Clth)
Privacy Act 1988 (Clth)
Privacy (Australian Government Agencies) - Governance APP Code 2017
Australian Privacy Principles
Australian Privacy Principles Guidelines, 2022
14.2 NSW
Government Information (Public Access) Act 2009
Privacy and Personal Information Protection Act 1998
14.3 Australian National Maritime Museum
Data Breach Response Plan
Data Management Policy
Information Classification and Handling Policy
Information Management Policy
Information Governance Framework
Social Media Policy
Acceptable Use of ICT Policy
15. POLICY APPROVAL
This Policy was approved by the Museum’s Executive Review Group on 5 September 2023.
16. POLICY REVIEW
This Policy will be reviewed every three years or when required.
17. VERSION HISTORY
|
Version |
Date |
Responsible Officer |
Comments |
|
1.0 |
December 2019 |
|
|
|
2.0 |
1 July 2023 |
Head of Governance, Policy & Reporting |
Reworked in accordance with Australian Privacy Principles |
|
3.0 |
5 September 2023 |
Head of Governance, Policy & Reporting |
Approved by ERG |