Privacy PolicyPrivacy Policy 

As a Commonwealth Government agency, the Museum is obliged to comply with the Privacy Act 1988 (Cth) (Privacy Act). This statement outlines the Museum's practices in relation to collecting, using and disclosing information via its website.

All information and images on this website are the copyright of the Australian National Maritime Museum and may not be reproduced without the written consent of the museum.

The privacy of your personal information is important to us and your name, contact details and other information will not be provided to any other person or organisation without your knowledge and consent unless required by law.

Please contact us to update your details if your name, address or phone number changes. You may request that your details are removed from our database and mailing lists at any time.

Download the Policy (PDF)

Australian National Maritime Museum Privacy Policy

The Australian National Maritime Museum (the Museum) is the keeper of Australia’s narrative as an island nation shaped by the sea. Its purpose is to develop, preserve and showcase its collections to expand our knowledge of our maritime heritage and to share these stories, nationally and internationally. In the course of performing its statutory functions under the Australian National Maritime Museum Act 1990, the Museum collects, stores, uses and disposes of personal information.

In accordance with the Privacy Act 1988, the Museum is required to have a Privacy Policy that explains how it manages personal information. The Privacy Act, the Australian Privacy Principles (APPs)s and the Privacy and Other Legislation Amendment Act 2024 (Cth) regulate how personal
information is handled by the Museum.

This Policy outlines the reasons for the collection, use and retention of personal information and how that information is stored and disposed of. It also explains how an individual can access information about themselves, correct that information or complain about a breach of the Australian Privacy Principles.

The Privacy Policy applies to all personal information collected as a record by the Museum and sets out how this is handled and maintained in compliance with the Privacy Act 1988.

The exception to the meaning of a ‘record’ is anything kept in a library, art gallery or museum for the purposes of reference, study or exhibition. Such personal information is not subject to the Act.

The Museum is committed to managing the personal information in collects, stores, uses and disposes of in compliance with relevant legislation and the Australian Privacy Principles Guidelines.

6.1 Why the Museum collects personal information

The Museum collects and uses personal information to perform its statutory functions. These include developing, maintaining and exhibiting collections of historical material, conducting research, providing information through education, public programs and publications, maintaining an events program and engaging with customers. 

Individuals give the museum personal information in a number of ways, such as when becoming an employee, volunteer or Member, via the Museum’s platform and when accessing the website, purchasing tickets, booking events and programs, when onsite, registering to use wi-fi, and by completing forms and surveys.

The Museum will not collect personal information unless the individual agrees. As required by the Australian Privacy Principles, the Museum provides advice as to how the information may be used at the time of collection.

6.2 How personal information is held and protected

The Museum is committed to taking all reasonable steps to protect personal information from misuse and loss. It has in place strict procedures and standards to prevent its unauthorised access, modification or disclosure.

The Museum’s online and IT systems are managed in accordance with the Australian Government Protective Security Policy Framework and the Australian Government Information Security Manual. Access to personal information is strictly controlled through password protection for accessing
electronic IT systems, and secure locked cabinets for paper files.

Storage of information (and the disposal of information when no longer required), is managed in accordance with Australian Government records management regulations, guidelines and legislation, including the Archives Act 1983.

To fulfil its mission, the Museum engages with individuals across Australia and internationally. In so doing, personal information is collected and used. In general, this is from the individual concerned although in some cases information may be received from third parties.

7.1 Personnel and administrative records

The Museum collects personal information about its employees, volunteers, interns, contractors, casual staff, Council, committee members and site visitors. The purpose is to properly administer matters relating to an individual’s employment, duties or presence at the Museum.

• Employee records usually include personal details (such as address, next of kin and contact information), bank account details, tax file number, employment history, medical and police checks, working with Children Check, leave, salary and superannuation records. Information may also be retained about rehabilitation or workers’ compensation claims, discipline or code-of-conduct matters and performance management. This information is stored within the payroll system. Licences for High-Risk Work and specific qualifications required for staff to fulfill their duties, are documented in the museum’s Training Register (which is stored in WHS Monitor).
• Volunteers provide the Museum with personal information including identity and contact details, demographic and diversity information, emergency contact details, health and medical information relevant to volunteering, employment history, volunteering preferences and interests, background and eligibility check information (including Working With Children Check), and records of required acknowledgements and agreements. This information is collected to assess suitability, support safe participation, meet legislative and governance obligations, and manage ongoing volunteer engagement. It is stored electronically within the Museum’s Rosterfy Volunteer Management system and Records Management Systems.
• Council and Committee members are required to provide personal details, including contact details, bank account details and tax file number. From time to time the Museum may establish advisory or working groups, and external members of such committees may also be requested to provide personal details.
• Some personal information relating to contractors is also collected. This may include information about catering, security and cleaning staff employed under a contract between the Museum and service providers, performers, suppliers, consultants/advisors. The personal information is collected and used for the purposes of managing the Museum’s relationship with the contractor and for security. Where contractors are operating machinery or performing specialised tasks, they are also required to provide their specialised license and personal identification (such as a driver’s licence). These are copied and stored as a paper record in Security and securely destroyed once the contractor’s engagement has ended.
• The museum uses labour hire to employ casual staff. Casual staff provide the museum with their full name, contact details, Working with Children checks and date of birth. This information is stored on the museum’s internal network and can only be accessed by staff within the relevant departments.
• Visitors to museum offices and back-of-house (including work experience students and interns) are required to provide their full name, mobile number and to have a photograph taken. This information is stored on Sine’s Cloud Database (AWS). See Sine’s Privacy Policy Statement for further information, https://www.sine.co/privacy/.

7.2 Museum visitor and client information

Customer relationship management system

The Museum maintains a database with contact details of individuals who regularly engage with the Museum as customers through participation in visitation, , events, tours and special activities; as suppliers, donors oor as individuals with a professional interest, such as those in education, tourism and the media or in relation to the National Monument to Migration. This is collected directly from individuals or from an authorised representative of their organisation.

This information is used to promote events, generate invitation lists, communicate with Members, and retain and publicly acknowledge donors, where consent has been provided. The Museum also maintains records of feedback provided by individuals regarding their experiences.

The Museum’s customer relationship management system is managed and secured by Salesforce. Salesforce’s privacy policy is available at: Privacy Policy – Salesforce ANZ. 

Bookings information

A range of Museum activities are ticketed and a limited amount of personal information is collected to ensure appropriate management of the activity. Ticketing and payment processing are managed through Vivaticketing and Eventbrite.

Vivaticketing is hosted by the Museum, and the information collected (first and last names, email address and postcode) is stored and managed within the Museum’s ICT environment, subject to appropriate technical and organisational security controls. This information is collected for the purpose of managing bookings, communications and attendance.

Payment and credit card transactions are processed by Adyen as the Museum’s payment gateway provider. Payment card and billing information is handled directly by Adyen and is not stored, accessed, or retained within the Museum’s systems, reducing the risk of unauthorised access,
misuse, loss, or disclosure. 

Eventbrite is a United States-based ticketing platform and provides the Museum with personal information on attendees , excluding any billing or credit card information. Eventbrite may store or process personal information outside Australia and may disclose personal information to overseas recipients in accordance with its Privacy Policy, in which case Australian Privacy Principles will not apply. Further information is available in Eventbrite’s Privacy Policy, https://www.eventbrite.com.au/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy?lg=en_AU 

Private events and functions held at the Museum are booked and managed by a third-party provider, SRG Hospitality. Event related information is shared between SRG and the Museum for the purpose of event administration and management. This information may including personal information such as client names, payment details and event details. See SRG’s privacy policy for further information.

Visitor information and feedback 

To improve its services, the Museum collects information from visitors about visitation and its programs. This may be solicited, such as through a visitor survey, or unsolicited, such as letters or emails. Solicited information collection is in general anonymous, although participants have the option of providing personal details in order to become a Member or to subscribe to a mailing list.

Use of the personal information arising from unsolicited emails and letters is confined to dealing with the matter. The Museum treats all complaints confidentially and takes steps not to disclose details of a complaint, other than is reasonably necessary for the purpose of investigating the complaint. Further information is in the Museum’s Complaints Handling Procedure.

From time to time the Museum may record, photograph or film events and public programs for promotional, publicity, research or archival purposes. We will endeavour to provide notice of any events where filming is being conducted. If you attend an event, you may appear in the background of the images or footage unless you tell us that you do not want to be filmed. We will seek permission from you before filming you up close and before filming children under 18 years of age up close. The consent forms include the name of the individual and their contact details.

Visitor surveys may be conducted using Survey Monkey. The privacy policy for Survey Monkey can be found here - Privacy Notice | SurveyMonkey

Visitors using Museum property, such as wheelchairs, may be asked to provide their name and show a form of personal identification to ensure items are returned. Information is only kept for the duration of the visit and, provided the items are returned undamaged, are disposed of immediately.

Donations

The Museum’s customer relationship management platform, Salesforce, is used to manage donations of money. Personal information, including name, address, email address and phone number, is collected and stored for the purpose of administering donations and maintaining donor
records. 

Appropriate safeguards are in place to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Payments for donations are processed via the Museum’s secure payment gateway provider, Adyen. Bank and credit card details are collected directly by Adyen at the time of payment for transaction processing purposes only and are not stored by the Museum. In the case of paper donation forms, once processed they are securely destroyed.

Visitor wifi 

Visitors are allowed to access the wireless network when on-site, with access provided through a Captive Portal. Personal information captured includes First Name, Last Name and Email address, however the terms and conditions require users to agree that the Museum can access the IP addresses of connected devices. This ensures oversight of users accessing the network.

The Museum may analyse broad data trends to determine how people access the network in order to improve services and better understand visitor behaviour. In this case the data will be de-identified.

People Counting

A series of lidar counters are installed in and around the Museum to monitor visitor movement. The purpose is to provide an understanding of visitation movement across the premises to improve traffic flow and provide a safe and secure environment.

Beonic and Aervision are used to count the number of visitors across the museum’s site. No personal information or facial recognition is captured.  Beonic Privacy policy - Privacy Policy - Beonic, Aervision Privacy Policy – Privacy Policy Aervision.

7.3 Security records (including CCTV)

Security records are maintained in order to manage access to Museum premises, assets and information. These relate to staff, volunteers, interns, visiting researchers and contractors. They may include police record checks and identification photos. The records are stored in a secure environment with access limited to authorised staff.

A series of closed-circuit television cameras (CCTV) are installed in and around the Museum to monitor and record activity. The purpose is to provide a safe and secure environment for staff and visitors and to protect the National Maritime Collection, Fleet and exhibits from damage, theft or loss.

Signs are in place at all public entrances advising visitors that CCTV is in operation. 

The recorded images by the cameras may include identifiable images of people visiting the Museum. Footage is stored in a secure environment and can only be accessed by authorised staff. Where an incident has occurred warranting further investigation, , the Museum may allow the recording to be viewed by people responsible for investigating the incident, both within the Museum and/or external investigative bodies or law enforcement agencies (such as the Australian Federal Police). Except in the case of an incident, the footage will be permanently deleted after 90 days.

7.4 Historical collection, exhibition and research information

The Privacy Act applies to personal information which is in a record. Personal information kept by a library, art gallery or museum and contained in collection material is exempt. 

However, the Act does apply to personal information held in records that support the collection, including personal information:

• about an object’s history, including its current and previous owners and any other individuals having a connection with it.
• concerning donors, lenders and vendors.
• required to arrange physical access to a collection by researchers, First Nations peoples or other interested parties
• in order to manage the object, such as transportation or insurance.

7.5 Corporate website and online engagement

Website

The Museum has a corporate website which has a link to this Privacy Policy. The website is used for a range of purposes of which many require the provision of personal information: the submission of job applications, purchases through the online shop, subscription to e-newsletters, cash donations to the Foundation, Education bookings, registration on the National Monument to Migration and payment of membership fees. Personal details are maintained securely through its customer relationships platform.

From time to time, the Museum invites people to submit comments, stories, and photographs on the website. Although it encourages them not to identify individuals, the stories may contain personal information. When inviting such contributions, users are advised as to the purpose to which the material will be put.

Automated Data Collection Methods

When you visit our website, we may collect certain information by automated means, such as cookies, web beacons, web server logs and tracking pixels. The information we may collect in this manner includes IP address, unique device identifier, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on our site, dates and times of visits to our site and other usage statistics.

We use information collected through cookies, web beacons, pixels, web server logs and other automated means for purposes such as:

• customising our users' use of our site;
• delivering content tailored to our users' interests and the manner in which our users use our site; and
• managing our site and other aspects of the museum

We also use third-party analytics and measurement services on our site, such as Google Analytics and Meta (Facebook) Pixel. The analytics providers that administer these services use technologies such as cookies, web server logs, tracking pixels and web beacons for the purpose of collecting statistical data to help us analyse use of our site, but does not collect personal information by way of these cookies. The information collected through these means (including IP address) may be disclosed to these analytics providers and other relevant third parties who use the information, for example, to evaluate use of the site. The Museum adopts a data minimisation approach and ensures that pixels are configured to limit the collection of personal information to the minimum amount necessary. We ensure that sensitive information is not disclosed to third-party platforms through tracking pixels. In some cases, information may be processed or stored outside Australia in accordance with the privacy policies of those service providers. See Privacy Policy – Privacy & Terms – Google

Social media 

Social media platforms such Facebook, LinkedIn, X, Instagram and YouTube are used to communicate to the public, and to promote current events and activities. The Museum uses social media platforms including Facebook, LinkedIn, X, Instagram and YouTube to share information, promote programs and events and engage with audiences. When you communicate with the Museum using these platforms, we may collect your personal information but will only use it to help us respond to or communicate with you and the public. These platforms are operated by third parties and will handle your personal information in accordance with their own privacy policies and data-handling practices. The Museum may receive personal information if individuals choose to contact the Museum via social media, Individuals should be aware that this information may potentially become public and may be collected and used by others. 

The exception is personal information collected in relation to social media competitions for accountability and auditing purposes. This is securely stored and is not shared with third parties or used for any other purpose.

Email marketing

This is done through the secure, external database provider, the United States-based Mail Chimp which sends emails and regular e-news about current exhibitions, events programs, promotions and surveys. Individuals sign-up to receive this information via the website, our customer relations platform or by completing a paper form. They can also opt out at any time. Further information on MailChimp’s Privacy Policy is at Mailchimp's Legal Policies | Mailchimp

7.6 Retail Shop

The Museum may collect information from its shop customers. Personal information is collected for the purpose of fulfilling the order and providing information and updates in about that order. A third-party provider, Shopify, collects personal information when purchases are made through the Museum’s online store. Information collected includes customer name, address, IP address, email or phone number and order details. Customers may also provide their details to purchase items by mail order. In both cases, information is securely stored within Shopify’s platform.

Personal information is retained (excluding credit card details) only for as long as necessary to manage orders, returns, refunds and exchanges. Credit card information is not stored by the Museum. When a refund is requested, the Museum coordinates with the customer’s financial institution to authorise the refund to their account.

Shopify is contractually required to maintain appropriate technical and organisational security measures to protect personal information. For further information see Shopify’s privacy policy.

The Museum shop may also temporarily collect personal details to place items on hold for customers. This information is securely destroyed once the goods are collected.

The Privacy Act distinguishes between personal information and ‘sensitive information’. Sensitive personal information includes information or opinion about an individual’s racial or ethnic origins, political and religious beliefs, associations, trade union memberships, sexual orientation, criminal record, health or genetic information and some aspects of biometric information. In addition, national Police Checks are conducted on prospective staff members, volunteers, interns, visiting researchers and contractors.

The Museum will not collect sensitive personal information unless the individual consents and the information is reasonably necessary or directly related to its functions and activities. In the case of Police Checks, the individual’s written consent must be obtained. These records are stored in a secure environment with access limited to authorised staff.

Personal information will not be disclosed to anyone outside the Museum unless the individual concerned has given consent, or disclosure is otherwise permitted by the Australian Privacy Principles. Examples of exceptions include disclosure being necessary to prevent a serious threat to a person’s life, health or safety or for law enforcement purposes.

Personal information will only be released to contractors where it is necessary for the performance of their job, for example where a mailing house is engaged to distribute information. In such cases, the Museum’s written contract will contain the appropriate privacy clauses recommended by the Privacy Commissioner.

10.1 Accessing and correcting your personal information

Under the Privacy Act individuals have a right to access and correct personal information held by the museum. Similar rights exist under the Freedom of Information Act (Cth).

Requests to access or correct personal information can be made to the Privacy Contact Officer by telephone, email or mail:
     Privacy Contact Officer
     Australian National Maritime Museum
     Wharf 7
     58 Pirrama Road
     PYRMONT NSW 2009
     Email: privacy@sea.museum 
     Tel: +61 2 9298 3777

The Museum will respond within 30 days and will not charge a fee. Access to personal information, or changes to that information because it is incorrect, will be allowed unless the Museum considers there is a sound reason under the Privacy Act, or other relevant law, to withhold the information or not to make the changes. In such instances, a written explanation will be provided.

10.2 Anonymity and pseudo-anonymity

In certain circumstances, individuals may wish to remain anonymous or to use a pseudonym when communicating with the Museum, such as providing feedback. If it is not possible to do so, there will be an option to opt-out of further contact.

All complaints from individuals about the handling of their personal information should be in writing to the Privacy Contact Officer, who will investigate and determine whether there has been a breach of privacy obligations.

The Museum is committed to the quick and fair resolution of complaints. Complaints are managed according to the Museum’s Complaints Handling Procedure. Complaints about the Museum’s personal information handling practices may also be made to the Office of the Australian Information Commissioner, https://www.oaic.gov.au/. 

If a privacy data breach occurs, the museum will respond according to the procedures outlined in the museum’s Data Breach Response Plan. The museum is committed to addressing any accidental or unauthorised privacy disclosures promptly, and in a way which mitigates harm to the affected individuals.

Director and CEO is responsible for deciding what remedial action should be taken in the case of a privacy breach.

Privacy Contact Officer is responsible for maintaining and implementing this Policy, ensuring that all workers, volunteers and contractors are familiar with this Policy and their obligations. The Privacy Contact Officer is also responsible for giving advice on privacy issues, acting as the point of contact for the Commonwealth Office of the Australian Information Commissioner and investigating any privacy complaints. This role is undertaken by the Head of Governance and Planning.

Personal information – Information or an opinion about an identified individual, or an individual who is reasonably identifiable:

• whether the information or opinion is true or not
• whether the information or opinion is recorded in a material form or not.

Sensitive personal information - includes information or opinion about an individual’s racial or ethnic origin, political and religious beliefs, associations, trade union memberships, sexual orientation, criminal record, health or genetic information and some aspects of biometric information.

15.1 Commonwealth legislation and guidelines

Archives Act 1983
Australian Government Protective Security Policy Framework
Australian Government Information Security Manual
Freedom of Information Act 1982 (Clth)
Office of the Australian Information Commissioner, Tracking Pixels and Privacy Obligations,
November 2024
Privacy Act 1988 (Clth)
Privacy (Australian Government Agencies) - Governance APP Code 2017
Australian Privacy Principles
Australian Privacy Principles Guidelines, 2022

15.2 NSW

Government Information (Public Access) Act 2009
Privacy and Personal Information Protection Act 1998

15.3 Australian National Maritime Museum

Data Breach Response Plan
Data Management Policy
Information Classification and Handling Policy
Information Management Policy
Information Governance Framework
Social Media Policy
Acceptable Use of ICT Policy

This Policy was approved by the Museum’s Executive Review Group on 5 September 2023.

This Policy will be reviewed every three years or when required.

Version	Date	Responsible Section	Comments
1.0	December 2019
2.0	5 September 2023	Governance	Reworked in accordance with Australian Privacy Principles
3.0	April 2026	Governance	Updated to incorporate new systems and processes