DOWNLOAD PDF VERSION
Endorsed by Executive and Ratified by the Director
PREPARED BY: ICT & Information Governance
Version Date Author Changes Made
V1.0 22/06/18 L.Tallon First draft developed
V1.1 22/06/18 T. Quach Additional information added and policy reviewed
V1.2 11/07/18 DoCA Reviewed by department of comms
V1.3 20/07/18 T.Quach Formatting policy
It also outlines how a person may access information about themselves or seek correction of that information and how an individual may complain about a breach of an Australian Privacy Principle (APP).
2.2.1 Personal Information
Personal information is defined as information or an opinion about an identified individual, or an individual who is reasonably identifiable:
a) whether the information or opinion is true or not; and
b) whether the information or opinion is recorded in a material form or not.
2.2.2 Sensitive Information
Sensitive information is a subset of personal information. The Museum has a higher degree of responsibility when it comes to the collection and use of sensitive information. Sensitive information includes information about an individual’s:
• health (including predictive genetic information)
• racial or ethnic origin
• political opinions
• membership of a political association, professional or trade association or trade union
• religious beliefs or affiliations
• philosophical beliefs
• sexual orientation or practices
• criminal record
• biometric information that is to be used for certain purposes
• biometric templates
2.3 Who should read this policy?
• ANMM employees and volunteers;
• contractors, consultants, suppliers or vendors of goods or services to the Museum;
• applicants to the Museum for information under the Freedom of Information Act 1982; and
• individuals whose personal information may be collected, held, used or disclosed by the Museum.
This policy will be monitored by the Privacy Contact Officer and reviewed on an annual basis.
3.1 Information collection purposes
The Museum collect information for a range of purposes that support our functions. This would include:
• a customer of the Museum which requires personal information. Such as the Store for online purchases, Welcome Wall, Membership, hiring a venue for personal events or donations to the Museum;
• photographs, opinions and comments posted on the Museum’s official social media platforms (including Encounters 2020);
• username and password for interactions with the Museum’s website (such as Welcome Wall);
• records of payments made, bank or credit card details for the purpose of payment and history of donations made;
• personal information including photo ID, employment history, curriculum vitae and education information if applying for a position with the Museum;
• certain health information; for example, food allergies or other medical needs such as access to facilities or events hosted by the Museum or medical certifications for Endeavour voyaging participation;
• photographic identification for staff, contractors and volunteers;
• conference registration information (including dietary requirements);
• CCTV footage in areas where CCTV signage is located;
• personal views and opinions about products and services through the form of feedback.
The Museum will disclose at the time of collection how personal information will be used and handled.
3.1.1 Museum visitor and client information
184.108.40.206 Museum customer relationship management system
The Museum maintains a database with contact details of individuals who regularly engage with the Museum or who wish to receive information about particular Museum activities. This includes donors, members or people with a business-related interest in the Museum (for example, school teachers, people working in other cultural institutions, in the media or in tourism). The information is usually collected directly from the people who are interested in receiving the information or from a representative of their organisation. In the case of memberships, name and date of birth information relating to minors is collected from their parent or guardian.
Personal information in our relationship database is used to:
• distribute information about Museum events and activities;
• maintain membership lists;
• retain details of object and cash donors, and (with their consent) to publicly acknowledge those donors;
• maintain a record of respondents providing feedback about their Museum experience;
• generate invitation lists for Museum events.
220.127.116.11 Email marketing and promotional activities
The Museum uses a secure, external online database service provider to send emails on behalf of the Museum about its exhibitions, events, programs, special promotional offers and surveys.
Individuals can choose to opt-out of receiving communications from the Museum at any point.
18.104.22.168 Bookings information
Bookings for functions, conferences, school visits and guided tours are regularly taken by the Museum. Only a limited amount of personal information will be required to manage the booking – such as first and last name, address and email address. The purpose of collecting this information is to ensure that an event or visit is properly coordinated. This information is not used for any other purpose (such as unsolicited marketing) without the consent of the individual concerned; however, the information may be used to generate broad demographic data.
22.214.171.124 Visitor information and feedback
In order to improve its services, the Museum collects information from visitors about its programs. This information may be solicited (for example, through visitor surveys) or unsolicited (such as letters or emails from members of the public). The majority of evaluation that is initiated by the Museum allows people to respond on an anonymous basis. Visitor surveys, which the Museum regularly uses to seek feedback from visitors, do not involve the collection of information that could lead to a person being identified, although more generic information such as age and city of residence may be collected for demographical analysis. Respondents have the option of providing their personal information to the Museum if they wish to join the Membership program or subscribe to a mailing list.
Where members of the public provide their personal information to the Museum in the course of making an enquiry or comment, that information will only be used by the Museum to deal with the person’s enquiry or comment. Personal information in the form of photographs of visitors is collected only with the consent of the person or their parent/guardian. The consent forms for photography include the name of the person in the photograph and their contact details.
Visitors who utilise the cloakroom services may be asked to leave a form of personal identification to ensure items are returned. This ID is stored in a secure place and is returned to visitors upon request of their items.
126.96.36.199 Visitor wireless network
The Museum provides internet access to visitors via its wireless network. No personal information is captured, however upon agreeing to the terms and conditions when connecting to the wireless network, customers agree for their IP addresses on connected devices to be logged. This is to ensure that the Museum has visibility of the connections that are currently have access to the network.
The Museum may analyse broad data trends to determine how people are accessing the network in order to improve services. For example: the type of device and the website or app being accessed. This data is de-identified.
3.1.2 Historical collection, exhibition and research information
The Museum collects personal information relating to objects in its collections and on loan to the Museum. This information includes details about an object’s history, including its current and previous owners and other people connected with the object. The purpose of collecting this information is to assess an object’s ownership and provenance prior to acquisition or loan.
Personal information about an object is obtained from a range of sources including from the donor/vendor and from historical records. The nature of this research is such that personal information is not always collected directly from the person to whom the information relates but from other sources such as third party oral or written histories or newspaper or magazine articles. Personal information may also be collected in the course of historical research conducted by the Museum and for the purposes of exhibition. Such information may not necessarily relate to an object in the Museum’s collection. This information is maintained in a range of forms, for example in writing, as video or sound recordings, or photographs.
The Museum may collect limited personal information for the following purposes:
• to facilitate the management (eg transportation and insurance) of an object;
• to arrange physical access to the collection by researchers, family members, Indigenous community members or special interest groups;
• to respond to enquiries for historical information received from members of the public
• to meet obligations under legislation, such as the Firearms Act or the Poisons and Therapeutic Goods Act.
There is an exception in the Privacy Act for materials kept in a library, art gallery, or museum for the purposes of reference, study or exhibition. Examples include photographs of individuals used in an exhibition or letters containing personal information kept in the Museum’s collection. The Museum will, where possible, provide advice regarding this exception during the accessioning process.
3.1.3 Personnel and administrative records
The Museum collects personal information about its employees, volunteers, interns, contractors, and Council or committee members. The purpose of collecting this information is to properly administer matters relating to a person’s employment or duties at the Museum.
Employee records usually include personal details (such as full name, addresses, email address, contact number and next of kin details), bank account details, tax file number, employment history, medical checks, police checks, leave, salary and superannuation records. Records may also be kept in relation to rehabilitation or worker’s compensation claims, discipline or code of conduct matters, and performance management. This information is kept and stored in the Museum’s personnel information management system and is only accessible to authorised staff.
Volunteers provide the Museum with their personal details (such as full name, addresses, email address, contact number and next of kin details), employment history, curriculum vitae and a copy of their driver’s licence. This information is used to assess the suitability of people to become Museum volunteers which includes medical checks and police checks. This information is kept and stored in the Museum’s personnel information management system and is only accessible to authorised staff.
Some personal information relating to suppliers and contractors is also collected. This may include information about catering, security and cleaning staff employed under a contract between the Museum and the service provider; performers; IT suppliers; consultants/advisors; and suppliers of products for the Museum shop. This personal information (such as full name, contact number and next of kin – where applicable) is collected and used for the purposes of managing the Museum’s relationship with the contractor and for security. This information is kept and stored in the Museum’s personnel information management system and is only accessible to authorised staff.
Contractors who come to the Museum to operate machinery or perform specialised tasks will be required to provide their specialised license and personal identification (for example, their Drivers’ License). This will be photocopied and safely stored in Security records. This information will be securely destroyed a few days after the contractor is no longer required on site.
3.1.4 The Museum’s website (including Encounters 2020)
The Museum has a number of corporate websites and Museum-identified spaces on blogs and social networking sites such as Flickr, Twitter, Facebook and YouTube. Please refer to the ANMM’s Website for the latest list of official social media platforms.
3.1.5 Security records (including CCTV)
The Museum maintains security records in order to manage access to Museum premises, assets and information. Identification photos are used for security and access control purposes. These records relate to staff, volunteers, interns, visiting researchers and contractors, and includes police record checks. These records are stored in a secure environment, and access to these records is limited to authorised staff only.
The Museum uses closed circuit television (CCTV) systems to monitor and record activity in a range of publicly accessible locations at the Museum. The purpose of this monitoring is to provide a safe and secure environment for Museum staff and visitors and to protect the Museum’s collections and exhibits from damage, theft or loss.
The images recorded by the cameras may include identifiable images of people visiting the Museum. These images are stored in a secure environment, and access to these recordings is limited to authorised staff only. CCTV footage is held on a 3-month rolling basis.
Where an incident has occurred warranting further investigation, the Museum will allow the recording to be viewed by people responsible for investigating the incident, both within the Museum and/or external investigative bodies or law enforcement agencies (such as Police NSW).
Signs have been placed at all public entrances to the Museum advising that the cameras are in operation.
The Museum uses swipe card technology to control access to facilities for staff, contractors, interns and volunteers. This access and data is stored in a secure environment, and access to these records is limited to authorised staff only.
3.1.6 The Museum retail store
Personal information may be disclosed to Australia Post or another couriering company for the purposes of delivering an order. The Museum also retains order details (excluding credit card details) in our third party application, BigCommerce to help manage any returns, refunds or exchanges. Where a refund is required, The Museum will contact their bank merchant to authorise this refund back to the customer account.
Customers may also leave their details in order to have items placed on hold. This information is destroyed immediately once claimed at the retail shop.
3.1.7 Collection and storage of sensitive information
Sensitive information may be collected in relation to some employees. For example, employees may formally identify as a person of ethnic descent, or as having a disability. Health information (for example medical reports or certificates) may also be collected by the Museum where there is a workers’ compensation or other health-related matter affecting an employee, as well as to conduct pre-employment medical checks.
National police history checks are conducted on prospective staff members, volunteers, interns, visiting researchers and contractors. The individual’s written consent must be obtained before a check is submitted and processed, and access to relevant personal information is strictly limited to authorised Museum staff.
Incident reports are required to be completed when a security incident, an injury or hazard has occurred or been identified. These reports may contain information, some of a medical nature, about visitors, volunteers and staff.
The Museum may hold information about a staff member’s union membership if that person has authorised a deduction from pay for their union dues. There may be other records, which would identify union members such as right of entry permits, email communication between union members, or where union delegates are represented on Museum committees.
These records are stored in a secure environment, and access to these records is limited to authorised staff only.
Where the Museum receives a hard copy donation form from an individual, this information will be processed and stored on the Blackbaud platform. Payment details, such as credit card numbers, are kept only as long as required to process payment, and are then securely destroyed.
3.1.9 User Generated Content
You may be able to disclose information about yourself in the course of contributing user generated content on publicly-available areas - particularly the Encounters 2020 platform. This includes your uploaded photos or videos, full name, email address, geolocation, interests, and content that you have favorited, metadata (i.e., hashtags). Your photo or video files may also contain your narrations and captions, as well as data regarding your precise geolocation. Your content will also be shared with users of other social media services to which you have chosen to share (i.e., Facebook or Instagram), consistent with your privacy settings on those services. Such publicly announced information, may be accessed or recorded by us, and there is no expectation of privacy or confidentiality in such information. Any information, including your Personal Data you submit in the course of such activities, can be read, collected, or used by other users.
If you submit your photo, video or other content to the Museum via the Encounters 2020 platform using the relevant hashtags, this content will be published on the Encounters 2020 website or applications along with certain Personal Data identifying you, e.g., your username provided.
3.2 Third Party Information Collection
When the Museum uses third parties to collect personal information, they will be bound by their own privacy policies and the laws in the countries in which they are hosted.
The information transferred and stored in the Museum’s databases will be handled in a secure environment.
3.3 Dealing with us anonymously or pseudonymously
There are circumstances where there is an option to remain anonymous or use a pseudonym when interacting with the Museum. For example, providing feedback.
If circumstances are such that you cannot deal with the Museum anonymously or pseudonymously, an explanation will be provided, and there will be an option to opt-out of further contact.
3.4 Usage and disclosure of personal information
Personal information will be used for the particular purpose for which it was collected.
The Museum will not use or disclose your personal information for any other purpose unless you provide your consent or it is required, or authorised, by law.
3.4.1 Integrity of personal information
Electronic personal information will be stored on secure systems, accessible only by employees and contractors with a genuine business need to access it. When personal information is kept in hard copy, it will be kept securely in locked cabinets or in secure storage when not in use.
If personal information needs to be disposed of, the Museum will use secure methods of destruction and disposal.
3.5 Overseas disclosure of personal information
Where necessary, the Museum may disclose or store personal information with overseas third parties, including suppliers and database hosting services. Individuals will be notified at the time of collection and may choose to opt-out of providing the Museum with their details.
If the Museum is required to disclose personal information to an overseas third party under international law, it will ensure that this is done in accordance with the Australian Privacy Principles, and, where possible, individuals will be informed of the disclosure.
3.6 Notification of breach
The Museum will endeavour to notify users about any kind of data breach as soon as practicable. information is available in the Museum’s “Data Breach Procedure” which can be found on ANMM’s Website.
3.7 Complaints and Access
The Museum will take reasonable steps to deal with enquiries or complaints about compliance with the Privacy Act. The Museum will acknowledge receipt of a complaint within 7 days and send a considered response to complaints or suggestions within 30 days. The Museum is committed to quick and fair resolution of complaints and will ensure that all complaints are taken seriously. The Museum may take a longer period to address a complaint where an individual has agreed to it in writing.
Complaints about the Museum’s personal information handling practices may also be made to the Office of the Australian Information Commissioner.
3.7.2 Access and Correction
Under the APP, individuals have the right to access and correct their personal information stored by the Museum. The Museum will respond to access requests within 30 days. There are no charges imposed on requests for access to personal information and correction of personal information. The Museum strives to ensure that personal information is accurate, up-to-date, complete, relevant and not misleading.
If the Museum cannot provide access to personal information, for example, if the information has been legally and securely destroyed in accordance with procedure, a written explanation will be provided.
4.1 Privacy Contact Officer
The Museum’s Privacy Contact Officer is responsible for maintaining this policy. The Privacy Contact Officer is also responsible for providing advice on privacy issues; acting as the point of contact for the federal Privacy Commissioner; and investigating any privacy complaints. For further information, please contact email@example.com