POL-G-53, Version 4.1, 21 June 2017
The National Museum of Australia (the Museum) is a major cultural institution charged with researching, collecting, preserving and exhibiting historical material of the Australian nation. The Museum focuses on the three interrelated areas of Aboriginal and Torres Strait Islander history and culture, Australia’s history and society since European settlement in 1788 and the interaction of people with the environment.
Established in 1980, the Museum is a publicly funded institution governed as a statutory authority in the Commonwealth Arts portfolio. The Museum’s building on Acton Peninsula, Canberra opened in March 2001.
4. Principles or guidelines
4.1 Why the Museum collects personal information
The Museum collects and uses personal information to perform its statutory functions. These functions include developing, maintaining and exhibiting collections of historical material; conducting research into Australian history; and providing information relating to Australian history through education and public programs.
4.2 What types of personal information the Museum collects and what it is used for
Through its activities, the Museum engages with a broad cross-section of people, both in Australia and internationally. The personal information collected and used by the Museum is described below. Personal information is usually collected from the individual concerned although in some cases we may receive such information from third parties.
4.2.1 Museum visitor and client information
a. Museum customer relationship management system
The Museum maintains a database with contact details of individuals who regularly engage with the Museum or who wish to receive information about particular Museum activities. This includes members of the general public, donors, Museum Friends, or people with a business-related interest in the Museum (for example, school teachers, people working in other cultural institutions, in the media or in tourism). The information is usually collected directly from the people who are interested in receiving the information or from a representative of their organisation. In the case of Friends’ family memberships, name and date of birth information relating to minors is collected from their parent or guardian.
Personal information in our relationship database is used to:
- distribute information about Museum events and activities;
- maintain membership lists of Museum Friends;
- retain details of object and cash donors, and (with their consent) to publicly acknowledge those donors;
- maintain a record of respondents providing feedback about their Museum experience;
- generate invitation lists for Museum events.
b. Email marketing and promotional activities (e-news)
The Museum uses a secure, external online database service provider to send emails on behalf of the Museum about its exhibitions, events, programs, special promotional offers and surveys. People sign up to receive this information in a number of ways such as via the Museum website, upon registering to use the visitor wi-fi, through a booking system such as Eventbrite, or by completing hard copy forms. The e-news is delivered by a service provider, Campaign Monitor, an Australian-based company that stores information on servers in the United States.
c. Bookings information
Bookings for functions, conferences, school visits and guided tours are regularly taken by the Museum. Normally only a limited amount of personal information is collected – for example, a nominated point of contact will be requested. The purpose of collecting this information is to ensure that an event or visit is properly coordinated. This information is not used for any other purpose (such as unsolicited marketing) without the consent of the individual concerned; however, the information may be used to generate broad demographic data.
The Museum uses Eventbrite as its primary online booking system for events. The personal information provided by a customer to Eventbrite (excluding any billing or credit card information) is disclosed by Eventbrite to the Museum. The purpose of collecting this information is to ensure that an event is properly coordinated and, if the customer has agreed to receive information about the Museum’s programs, events and activities, to send them that information.
d. Visitor information and feedback
In order to improve its services, the Museum collects information from visitors about its programs. This information may be solicited (for example, through visitor surveys) or unsolicited (such as letters or emails from members of the public). The majority of evaluation that is initiated by the Museum allows people to respond on an anonymous basis. Visitor surveys, which the Museum regularly uses to seek feedback from visitors, do not involve the collection of information that could lead to a person being identified, although more generic information such as age and city of residence may be collected. Respondents have the option of providing their personal information to the Museum if they wish to join the Museum’s Friends program or subscribe to a mailing list.
Where members of the public provide their personal information to the Museum in the course of making an enquiry or comment, that information will only be used by the Museum to deal with the person’s enquiry or comment.
Personal information in the form of photographs of visitors is collected only with the consent of the person or their parent/guardian. The consent forms for photography include the name of the person in the photograph and their contact details.
Visitors using Museum property such as wheelchairs or scooters are asked to leave a form of personal identification (or a photocopy of such identification) to ensure items are returned. Where photocopies are taken, they are only kept for the duration of the visit and, provided the items are returned undamaged, are disposed of immediately.
e. Visitor wi-fi
The Museum provides internet access to visitors via its wireless network, with services facilitated by a third party provider, Skyfii. Visitors who register for this wi-fi service will be asked to provide personal information in the form of a name and email address. Both the Museum and Skyfii will have access to this personal information in order to manage the wireless network system.
Information about visitors’ use of the wi-fi service (including browsing history while they are at the Museum premises) will be automatically collected, however this information is anonymous and will not be linked to individual users. The purpose of collecting this information is to better understand visitor behaviour at the Museum and, if visitors have agreed to receive material about Museum activities, events and programs, to provide them with that material (see also ‘Email marketing and promotional activities’, above).
4.2.2 Historical collection, exhibition and research information
The Museum collects personal information relating to objects in its collections and on loan to the Museum. This information includes details about an object’s history, including its current and previous owners and other people connected with the object. The purpose of collecting this information is to assess an object’s ownership and provenance prior to acquisition or loan.
Personal information about an object is obtained from a range of sources including from the donor/vendor and from historical records. The nature of this research is such that personal information is not always collected directly from the person to whom the information relates but from other sources such as third party oral or written histories or newspaper or magazine articles.
Personal information may also be collected in the course of historical research conducted by the Museum and for the purposes of exhibition. Such information may not necessarily relate to an object in the Museum’s collection. This information is maintained in a range of forms, for example in writing, as video or sound recordings, or photographs.
The Museum may collect limited personal information for the following purposes:
- to facilitate the management (eg transportation and insurance) of an object
- to arrange physical access to the collection by researchers, family members, Indigenous community members or special interest groups
- to respond to enquiries for historical information received from members of the public.
The Privacy Act only applies to personal information which is in a record. An exception to the meaning of a ‘record’ is anything kept in a library, art gallery, or museum for the purposes of reference, study or exhibition. Personal information which is kept for the purposes of reference, study or exhibition will not be subject to the Privacy Act. Examples include photographs of individuals used in an exhibition or letters containing personal information kept in the Museum’s collection.
4.2.3 Personnel and administrative records
The Museum collects personal information about its employees, volunteers, interns, contractors, and Council or committee members. The purpose of collecting this information is to properly administer matters relating to a person’s employment or duties at the Museum.
- Employee records usually include personal details (such as addresses, next of kin details), bank account details, tax file number, employment history, medical checks, leave, salary and superannuation records. Records may also be kept in relation to rehabilitation or worker’s compensation claims, discipline or code of conduct matters, and performance management.
- Volunteers provide the Museum with their name, address, employment history and a copy of their driver’s licence. This information is used to assess the suitability of people to become Museum volunteers.
- Some personal information relating to suppliers and contractors is also collected. This may include information about catering, security and cleaning staff employed under a contract between the Museum and the service provider; performers; IT suppliers; consultants/advisors; and suppliers of products for the Museum shop. The personal information is collected and used for the purposes of managing the Museum’s relationship with the contractor and for security.
4.2.4 The Museum’s website
The Museum has a corporate website and Museum-identified spaces on blogs and social networking sites such as Flickr, Twitter, Facebook and YouTube.
4.2.5 Security records (including CCTV)
The Museum maintains security records in order to manage access to Museum premises, assets and information. These records relate to staff, volunteers, interns, visiting researchers and contractors, and may include police record checks and national security clearances. Identification photos are used for security and access control purposes. The Museum’s Agency Security Advisor is responsible for the management of these records.
The Museum uses closed circuit television (CCTV) systems to monitor and record activity in a range of publicly accessible locations at the Museum. The purpose of this monitoring is to provide a safe and secure environment for Museum staff and visitors and to protect the Museum’s collections and exhibits from damage, theft or loss.
The images recorded by the cameras may include identifiable images of people visiting the Museum. These images are stored in a secure environment, and access to these recordings is limited to authorised staff only. Where an incident has occurred warranting further investigation, the Museum may allow the recording to be viewed by people responsible for investigating the incident, both within the Museum and/or external investigative bodies or law enforcement agencies (such as the Australian Federal Police).
Signs have been placed at all public entrances to the Museum advising that the cameras are in operation.
4.2.6 The Museum shop
The Museum’s shop (which operates in the Museum building at Acton in Canberra and online) uses a secure electronic facility to process credit card transactions. Customers may also leave their details in order to purchase items by mail order or to have items placed on hold.
The Museum uses a third party provider, Retail Express, to collect personal information when purchases are made via the Museum’s online shop. Personal information is collected for the purposes of fulfilling the order and, if the purchaser has asked to receive newsletters or other information about the Museum, to provide them with that information. Personal information may be disclosed to Australia Post for the purposes of delivering an order. The Museum also retains order details (excluding credit card details) in a secure system to help manage any returns, refunds or exchanges.
4.2.7 Collection and storage of sensitive information
Sensitive information may be collected in relation to some employees. For example, employees may formally identify as a person of ethnic descent, or as having a disability. Health information (for example medical reports or certificates) may also be collected by the Museum where there is a workers’ compensation or other health-related matter affecting an employee.
National police history checks are conducted on prospective staff members, volunteers, interns, visiting researchers and contractors. The individual’s written consent must be obtained before a check is submitted and processed, and access to relevant personal information is strictly limited to authorised Museum staff. The Museum will not retain a person’s informed consent form or the results of a police check for longer than 12 months following the release of the result. Further details regarding the process for national police history checks and the safeguards in place to protect personal information are available on the Museum’s intranet or from the Agency Security Advisor.
Incident reports are required to be completed when a security incident, an injury or hazard has occurred or been identified. These reports may contain information, some of a medical nature, about visitors, volunteers and staff.
The Museum may hold information about a staff member’s union membership if that person has authorised a deduction from pay for their union dues. There may be other records, which would identify union members such as right of entry permits, email communication between union members, or where union delegates are represented on Museum committees.
4.3 How the Museum holds and protects personal information
Security of personal information is maintained in a number of ways. Where an electronic database containing personal information has been created, the Museum takes steps to ensure that the database may only be accessed by people performing relevant functions. For example, employee records are only accessible by staff performing human resource functions.
The Museum’s information technology systems are based on the high standards defined by the Australian Signals Directorate Information Security Manual. System access is granted to staff only on authority of an appropriate delegate, for the purposes of performing Museum work. Guidance is provided to staff about safeguarding electronic information (including the secure transfer of that information) in the Museum’s information technology policies and procedures.
Hard copies of personal information are secured in commercial grade, lockable cabinets and are only accessed by staff who need the information to perform a particular task. The Museum also has a clear desk policy. Access to secure areas is granted only on authority of a person’s supervisor where that person requires access to perform their job.
The Museum uses the Australian Government security classification marking system to identify records that contain personal and sensitive information. Disposal of records containing personal information is performed in accordance with the relevant disposal authority under supervision by the records management unit.
4.4 Disclosure of personal information
The Museum will not disclose personal information to anyone outside the Museum unless the individual concerned has given their consent, or disclosure is otherwise permitted by the Australian Privacy Principles. Examples of exceptions include disclosure being necessary to prevent a serious threat to a person’s life, health or safety, or for law enforcement purposes.
Personal information held by the Museum will only be released to contractors where it is necessary for the contractor to perform their job. Examples include where a security company is responsible for administering security passes to Museum staff, or a third party (such as a mailing house) is contracted to distribute information. If personal information is given to a third party contracted by the Museum, the written contract will contain the appropriate privacy clauses recommended by the Privacy Commissioner.
4.5 How to access personal information or seek correction of information
A person may request access to their personal information held by the Museum or to seek correction of the information. The request should be made to the Museum’s Privacy Contact Officer by mail, email or telephone.
Privacy Contact Officer
National Museum of Australia
GPO Box 1901
Canberra ACT 2601
Tel: (02) 6208 5000
The Museum will respond to a request within 30 days. Access will be given in the form requested by the person, unless it is impracticable to do so or where the Museum is required to refuse access under the Freedom of Information Act 1982 or other Commonwealth legislation. If the Museum decides not to grant access to personal information or to correct personal information, it must provide written reasons for the refusal.
4.6 How the Museum will handle privacy complaints
Where a staff member receives a complaint relating to the handling of personal information, that complaint must be referred to the Museum’s Privacy Contact Officer for investigation. Alternatively, where a person has concerns about the way the Museum has dealt with their personal information they may contact the Privacy Contact Officer directly (see details listed above).
The Privacy Contact Officer will investigate the matter in accordance with its Complaints handling procedures and determine whether the Museum has breached its privacy obligations. If the Privacy Contact Officer finds that there has been a privacy breach, the Director of the Museum will decide what remedial action should be taken. The Museum will aim to respond within a reasonable time of receiving the complaint.
If the complainant is dissatisfied with the Museum’s investigation of their complaint, they can contact the Office of the Australian Information Commissioner, who is independent of the Museum. Contact details for the Office of the Australian Information Commissioner are available on its website: http://www.oaic.gov.au.
5. Definition of terms
Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
6. Definition of responsibilities
Privacy Contact Officer
The Museum’s Privacy Contact Officer will be responsible for maintaining this policy. The Privacy Contact Officer will also be responsible for providing advice on privacy issues; acting as the point of contact for the federal Privacy Commissioner; and investigating any privacy complaints.
Privacy Act 1988 (Cth)
Australian Privacy Principles (APP) Guidelines
This policy applies to all staff undertaking activities which involve the collection, use, storage and disclosure of personal information.
b. Other related policies
Complaints Handling Procedures (PRO-021)
There are no exclusions to this policy.
d. Superseded policies
This policy supersedes:
|Title||Version number||Version date|
This policy will be monitored by the Privacy Contact Officer and will be reviewed in January 2018.
21 June 2017
Corporate Management Group/Executive Management Group 27 June 2017
Public & all staff
Privacy; personal information
Privacy Contact Officer (Manager, Legal Services)
National Museum of Australia
Privacy Impact Assessment Register
The Privacy (Australian Government Agencies—Governance) APP Code 2017 (Cth) (the APP Code) requires that all agencies, including the National Museum of Australia (the Museum) must conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects.