POL-G-53, version 7.0, 26 November 2024
- Download Privacy policy273.5 kb pdf [ PDF | 273.5 kb ]
1. Title
Privacy policy
2. Introduction
The National Museum of Australia (the Museum) is a major cultural institution charged with researching, collecting, preserving and exhibiting historical material of the Australian nation. The Museum focuses on the three interrelated areas of First Nations history and culture, Australia’s history and society since European settlement in 1788 and the interaction of people with the environment.
Established in 1980, the Museum is a publicly funded institution governed as a statutory authority in the Commonwealth Arts portfolio. The Museum’s building on Acton Peninsula, Canberra opened in March 2001.
3. Scope
Under the Privacy Act 1988 (Privacy Act), the Museum must have a privacy policy explaining how the Museum manages personal information.
This privacy policy describes the kinds of personal information we collect and hold, how we go about collecting that information and why we do so. It also outlines how a person may access information about themselves or seek correction of that information and how an individual may complain about a breach of an Australian Privacy Principle (APP).
This privacy policy does not apply to personal information that is contained in the Museum’s collection material that is held, managed and made accessible by the Museum. The Privacy Act includes a general exemption for all such material held by libraries, art galleries and museums.
4. Principles or guidelines
4.1 Why and how the Museum collects personal information
The Museum collects and uses personal information to perform its statutory functions. These functions include developing, maintaining and exhibiting collections of historical material, conducting research into Australian history, and providing information relating to Australian history through education and public programs.
The Museum will not collect, use or disclose personal information unless the information is deemed reasonably necessary for, or directly related to, one or more of the Museum’s functions or activities under the National Museum of Australia Act 1980, permitted under the Privacy Act, or otherwise authorised or required by law.
The Museum may collect information directly from individuals or from a third party.
Individuals agree to receive information about the Museum in a number of ways, such as via the Museum website, through marketing or promotional activities or by completing hard copy or digital forms and surveys.
4.2 What types of personal information the Museum collects and what it is used for
Through its activities the Museum engages with a broad cross-section of people, both in Australia and overseas. The personal information collected and used by the Museum is described below. Personal information is usually collected from the individual concerned although in some cases the Museum may receive such information from third parties.
4.2.1 Museum visitor and client information
- Museum customer relationship management system
- regularly engage with the Museum either in person, online or through other means
- purchase tickets to the Tim and Gina Fairfax Discovery Centre, a Museum event or exhibition or other Museum function
- donate or provide support to the Museum
- register or sign up as a Museum Friend
- request Museum program or service information
- book for conferences, school and other group visits, tourism experiences and guided tours
- wish to receive information about particular Museum activities including members of the general public, donors, Friends or people with a business-related interest in the Museum (for example, schoolteachers, people working in other cultural institutions, in the media or in tourism).
- name, contact details including email address, postal address and phone numbers and date of birth
- financial donations and sponsorship information including the name of the person making the donation and the date and amount received
- Friends membership information
- information about events or exhibits attended, specific areas of interest at the Museum, communication preferences
- information about school groups that visit or participate in a Museum activity
- photography and filming consent and/or release information.
- facilitate and issue ticketing for the Tim and Gina Fairfax Discovery Centre, an event or exhibition or other function
- distribute information about Museum events and activities, including by email
- engage with the public via a digital activity or social media platform or online service, including distributing promotional or marketing material
- identify and inform an individual about programs, exhibitions and events that may be of interest to that individual (where that individual has not opted out to receive these communications)
- solicit sponsorship, donations or other support for the Museum
- maintain membership lists of Friends and donors
- retain details of object and cash donors, and (with their consent) to publicly acknowledge those donors
- process, administer and issue information about a booking for an event or exhibition which an individual has booked or registered
- request and receive feedback about visitor experiences
- generate invitation lists for Museum events
- respond to enquiries, complaints or feedback
- generate broad demographic data.
The Museum maintains a database with details of individuals who:
The kind of personal information that the Museum collects and holds about an individual will depend on the nature of the individual’s dealing or engagement with the Museum. The Museum may collect and hold these types of personal information:
This information is usually collected directly from the people who are interested in receiving information or from a representative of their organisation. In the case of Friends’ family memberships, name and date of birth information relating to children is collected from their parent or guardian.
Personal information in the customer relationship management database is used to:
Ticketing, donations and memberships
The Museum uses Tessitura as its customer relationship management (CRM) database. This database is hosted online via a secure and cyber security assessed platform. Personal information and other data on the CRM database is stored in Australian-based data centres.
The personal information provided by an individual to Tessitura (excluding any billing or credit card information) is disclosed by Tessitura to the Museum. An individual’s use of Tessitura is governed by the Privacy Actand Tessitura’s privacy policy. Tessitura may disclose the personal information it collects to overseas recipients in certain situations. If it does, the Australian Privacy Principle relating to overseas disclosure under the Privacy Act will not apply. Further information is available in Tessitura’s privacy policy.
Email newsletters
The Museum uses WordFly, an online system for creating, delivering and tracking digital communication campaigns, to send and manage emails, surveys, special promotional offers and events. In using this system, WordFly may collect personal information about an individual such as email addresses and other information to be used for the distribution of email campaigns, SMS marketing and other important information.
Wordfly is a United States-based company and information captured by the system is hosted by Amazon Web Services (AWS) in the United States. All personally identifiable information and customer content is encrypted using advanced cyber security standards, with additional cloud security controls from AWS hosted infrastructure. For further information on how WordFly stores, handles and transmits personal information, see WordFly’s privacy policy.
An individual may opt-out of receiving communications from the Museum via the WordFly system at any time by unsubscribing using the link provided on all communications.
Other IT systems and services
The Museum may use other IT systems and services from time to time to collect, hold and disclose Museum visitor and client information for the purposes outlined above. These systems may be situated outside Australia. The data protection laws in other countries may not provide an equivalent level of protection to Australian privacy law. However, where practicable the Museum will take reasonable steps to ensure that any overseas recipients of an individual’s personal information only use and disclose such information in a manner consistent with this privacy policy.
For further information on the Museum’s IT systems and services, please contact the Museum’s Privacy Contact Officer via the contact details outlined in section 4.5.
- Venue hire information
Bookings for venue hire are regularly taken by the Museum. The personal information usually collected would include name, phone number, email address and postcode. The purpose of collecting this information is to process a booking and to ensure that an event or visit is properly coordinated.
This information is not used for any other purpose (such as unsolicited marketing) without the consent of the individual concerned. However, the information may be used to generate broad demographic data.
- Visitor information and feedback
To help improve its services, the Museum collects information from visitors about its programs, events and exhibitions. This information may be solicited (for example, through visitor surveys) or unsolicited (for example, in letters or emails from members of the public). Most evaluation that is initiated by the Museum allows people to respond on an anonymous basis. Visitor surveys, which the Museum regularly uses to seek feedback from visitors, do not involve the collection of information that could lead to a person being identified, although more generic information such as age and city of residence may be collected. Respondents have the option of providing their personal information to the Museum if they wish to join the Museum’s Friends program, subscribe to a mailing list or continue to provide feedback to the Museum.
Where members of the public provide their personal information to the Museum in the course of making an enquiry or comment, that information will generally only be used by the Museum to deal with the person’s enquiry or comment.
Personal information in the form of photographs or video footage of visitors is collected with the consent of the person or their parent/guardian. Consent forms include the name of the subject and their contact details.
Visitors using Museum property, such as wheelchairs, scooters or other devices may be asked to leave a form of personal identification (or a photocopy of such identification) to ensure items are returned. Where photocopies are taken, they are only kept for the duration of the visit and, provided the items are returned undamaged, are disposed of immediately.
- Visitor wi-fi
The Museum provides internet access to visitors via its wireless network, with services facilitated by a third-party provider. No personal information is requested or retained when the visitor connects to the Museum’s wi-fi, however individuals need to agree to any specified terms and conditions.
When accessing the Museum’s wi-fi, a visitor’s media access control address, IP address and device hostname is shared with the network. This allows the device to receive a temporary network address, enabling it to access the internet. This information remains with the wi-fi system for a short time before it is deleted.
4.2.2 Historical collection, exhibition and research information
The Museum collects personal information relating to objects in its collections and on loan to the Museum. This information includes details about an object’s history, including its current and previous owners and other people connected with the object. The purpose of collecting this information is to assess an object’s ownership and provenance prior to acquisition or loan.
Personal information about an object is obtained from a range of sources including from the donor/vendor and from historical records. The nature of this research is such that personal information is not always collected directly from the person to whom the information relates but from other sources such as third-party oral or written histories, or newspaper or magazine articles.
Personal information may also be collected in the course of historical research conducted by the Museum and for the purposes of exhibition. Such information may not necessarily relate to an object in the Museum’s collection. This information is maintained in a range of forms, for example in writing, as video or sound recordings, or photographs.
The Museum may collect limited personal information for the following purposes:
- to facilitate the management (for example, transportation and insurance) of an object
- to arrange physical access to the collection by researchers, family members, First Nations community members or special interest groups
- to respond to enquiries for information about the collection or the Museum’s activities received from members of the public.
The Privacy Act only applies to personal information which is in a record. An exception to the meaning of a ‘record’ is anything kept in a library, art gallery or museum for the purposes of reference, study or exhibition. Personal information which is kept for the purposes of reference, study or exhibition will not be subject to the Privacy Act. Examples include photographs of individuals used in an exhibition or letters containing personal information kept in the Museum’s collection.
The Museum’s research affiliates, scholars and interns may occasionally access documents containing personal information. As part of their engagement with the Museum they agree to comply with the requirements of the Privacy Act.
4.2.3 Personnel and administrative records
The Museum collects personal information about its employees, volunteers, interns, contractors, and Council or committee members. The purpose of collecting this information is to properly administer matters relating to a person’s employment or duties at the Museum.
- Employee records usually include personal details (such as addresses, next of kin details), bank account details, tax file number, employment history, medical checks, leave, salary and superannuation records. Records may also be kept in relation to rehabilitation or worker’s compensation claims, discipline or code-of-conduct matters, grievances, review of actions and performance management.
- Volunteers provide the Museum with their name, address, employment history and a copy of their driver’s licence. This information is used to assess the suitability of people to become Museum volunteers.
- Some personal information relating to contractors is also collected. This may include information about catering, security and cleaning staff employed under a contract between the Museum and the service provider, performers, IT suppliers, consultants/advisors, and suppliers of products for the Museum shop. The personal information is collected and used for the purposes of managing the Museum’s relationship with the contractor and for security.
4.2.4 The Museum’s corporate website
The Museum has a corporate website and Museum-identified spaces on blogs and social networking sites such as Instagram, X, Facebook and YouTube.
The Museum’s corporate website refers to this privacy policy and conditions-of-use statement, both of which are linked from the footer of every page on the website. The website provides online services requiring people to provide personal information for the submission of job applications and subscription to the Museum’s e-newsletters. Personal details are maintained on secure servers. Sometimes the Museum also invites people to submit comments, photos or stories via forms on the website. Although users are encouraged not to identify people, the stories may include some personal information. Whenever the Museum collects such content, individuals are informed about the purposes for which their content will be used (for example, publication on the website).
The Museum’s website uses cookies for the purpose of collecting statistical data but does not collect personal information by way of these cookies.
When an individual communicates with the Museum using social networking sites, the Museum may collect your personal information but will only use it to help the Museum to respond or communicate with that individual and the public. The social networking sites will also handle an individual’s information in accordance with their own privacy policies. Individuals are reminded that where they disclose personal information directly on social media and social networking sites, this information potentially becomes public and may be collected and used by others.
4.2.5 Australia’s Defining Moments Digital Classroom
The Museum has an online teaching resource known as Australia’s Defining Moments Digital Classroom (Digital Classroom). The Digital Classroom is a standalone website developed for primary and secondary school students and teachers. Users can engage in virtual tours of the Museum and its collections, play games, take quizzes, enter competitions and undertake online activities to help them explore their family and community histories.
Personal information is collected at the point of registration of new users for the My Family and My Community timeline activities, and when users upload information while undertaking timeline activities. The timeline activities invite users to upload information about themselves, their family and their community, which may include names, dates, places, stories and images. Images uploaded to the website are automatically deleted after 30 days. Users have the option of sharing their timeline activities with parents, teachers and others through an email link or URL.
Information contained within the Digital Classroom is only accessible to the developer of the website, school administrators who provide students with access to the timeline activities section of the website, the individual user that uploaded the information and people with whom the individual user has shared their online activities.
The Digital Classroom website homepage refers to this privacy policy and a privacy collection notice is provided to new users of the site at the point of registration for the My Family and My Community timeline activities, as well as to users prior to undertaking timeline activities. The Digital Classroom uses cookies for some aspects of the interactives on the site. In instances where a program or activity on the Digital Classroom website differs from the privacy terms outlined above, a separate reference to the differing privacy terms will be provided.
4.2.6 Security records (including CCTV)
The Museum maintains security records in order to manage access to Museum premises, assets and information. These records relate to staff, volunteers, interns, visiting researchers and contractors. They may include, but are not limited to, police record checks and national security clearances. Identification photos are used for security and access control purposes. The Museum’s Agency Security Advisor is responsible for the management of these records.
The Museum uses closed-circuit television (CCTV) systems to monitor and record activity in a range of publicly accessible locations at the Museum. The purpose of this monitoring is to provide a safe and secure environment for Museum staff and visitors and to protect the Museum’s collections and exhibits from damage, theft or loss.
The images recorded by the cameras may include identifiable images of people visiting the Museum. These images are stored in a secure environment and access to these recordings is limited to authorised staff only. Where an incident has occurred that warrants further investigation, the Museum may allow the recording to be viewed by people responsible for investigating the incident, both within the Museum and/or external investigative bodies or law enforcement agencies (such as the Australian Federal Police).
Signs have been placed at all public entrances to the Museum advising that the cameras are in operation.
4.2.7 The Museum Shop (including the online shop)
The Museum may in some circumstances collect information from its shop customers or representatives of wholesalers. Personal information is collected for the purpose of fulfilling the order and providing information and updates in about that order. Personal information may be disclosed to couriers or freight providers for the purposes of delivering an order. The Museum also retains order details (excluding credit card details) in a secure system to help manage any returns, refunds or exchanges.
To process orders on its online shop the Museum uses Shopify to collect personal data such as a customer’s name, address, IP address, email or phone number and order details. In purchasing from the online shop, customers consent to their personal information being disclosed to overseas recipients and acknowledge that the Australian Privacy Principles relating to overseas disclosure will not apply. For further information please see Shopify’s Privacy Policy.
Customers in the European Union: The Museum’s online shop has been configured to offer customers the rights afforded by the General Data Protection Regulation (GDPR) to control their personal data and to fulfil GDPR-related requests. This includes the right to delete, correct and access a customer’s personal data.
4.2.8 Collection and storage of sensitive information
There is a distinction in the Privacy Act between personal information and sensitive information. The Museum will not collect personal or sensitive information which it does not need. The Museum may at times collect sensitive information about an individual such as their racial or ethnic origin (for example a First Nations artist) or health information (for example, if an individual informs the Museum they need mobility support when they visit the Museum or lets the Museum know they have allergies before attending a catered function).
Sensitive information may be collected in relation to some employees. For example, employees may formally identify as being culturally or linguistically diverse or being a person with a disability.
Health information (for example medical reports or certificates) may also be collected by the Museum where there is a workers’ compensation or other health-related matters affecting an employee. All records are stored in a secure file, with access limited to staff on a need-to-know basis.
If a Museum employee or volunteer requires a Working with Vulnerable People (WWVP) check, the Museum will request and collect a copy of their current WWVP check where relevant and/or required by an employee or volunteer’s role.
National police history checks are conducted on prospective employees, , volunteers, interns, visiting researchers and contractors. The individual’s written consent must be obtained before a check is submitted and processed, and access to relevant personal information is strictly limited to authorised Museum staff. The Museum will retain a person’s informed consent form and the results of a police check in line with the Archives Act 1983. Further details regarding the process for national police history checks and the safeguards in place to protect personal information are available from the Museum’s security team.
Incident reports are required to be completed when a security incident, injury or hazard has occurred or been identified. These reports may contain information, some of a medical nature, about visitors, volunteers and staff.
The Museum may hold information about a staff member’s union membership if that person has authorised a deduction from pay for their union dues. There may be other records which would identify union members, such as right of entry permits, email communication between union members, or where union delegates are represented on Museum committees.
4.3 How the Museum holds and protects personal information
Security of personal information is maintained in a number of ways. Where an electronic database containing personal information has been created, the Museum takes steps to ensure that the database may only be accessed by people performing relevant functions. For example, employee records are only accessible by staff performing human resource functions.
The Museum’s information technology systems are based on the high standards defined by the Australian Signals Directorate Information Security Manual. System access is granted to staff only on authority of an appropriate delegate, for the purposes of performing Museum work. Information is managed in accordance with the Australian Government’s Protective Security Policy Framework. Guidance is provided to staff about safeguarding electronic information (including the secure transfer of that information) in the Museum’s information technology policies and procedures.
Technical staff with access to the back end of Museum databases are required to undergo the Museum’s onboarding and clearance process and hold an Australian Government Security Vetting Agency Negative Vetting Level 1 clearance (except in instances where an appropriate waiver is considered and approved by the Museum delegate).
The Museum uses the Australian Government security classification marking system to identify records that contain personal and sensitive information. Disposal of records containing personal information is performed in accordance with the relevant disposal authority under supervision by the records management unit.
Key systems and application software are independently security-audited to identify any potential vulnerabilities and compliance with the revised Essential Eight security levels as outlined in the Strategies to Mitigate Cyber Security Incidents available on the Australian Signals Directorate website.
4.4 Disclosure of personal information
The Museum will not disclose personal information to anyone outside the Museum unless the individual concerned has given their consent, or disclosure is otherwise permitted by the Australian Privacy Principles. Examples of exceptions include disclosure being necessary to prevent a serious threat to a person’s life, health or safety, or for law enforcement purposes.
Personal information held by the Museum will only be released to contractors where it is necessary for the contractor to perform their job. Examples include where a security company is responsible for administering security passes to Museum staff, or a third party (such as a mailing house) is contracted to distribute information. If personal information is given to a third party contracted by the Museum, the written contract will contain the appropriate privacy clauses recommended by the Privacy Commissioner.
The Museum will not transfer a person’s information overseas for any other reasons without their consent unless it is required or authorised by law. If personal information is disclosed overseas, the Museum will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles.
4.5 How to access personal information or seek correction of information
A person may request access to their personal information held by the Museum or to seek correction of the information. The request should be made to the Museum’s Privacy Contact Officer by mail, email or telephone.
Privacy Contact Officer
National Museum of Australia
GPO Box 1901
Canberra ACT 2601
Email: privacy@nma.gov.au
Tel: +61 2 6208 5000
The Museum will respond to a request within 30 days. Access will be given in the form requested by the person, unless it is impracticable to do so or where the Museum is required to refuse access under the Freedom of Information Act 1982 or other Commonwealth legislation. If the Museum decides not to grant access to personal information or to correct personal information, it must provide written reasons for the refusal.
4.6 How the Museum will handle privacy complaints
Where a staff member receives a complaint relating to the handling of personal information, that complaint must be referred to the Museum’s Privacy Contact Officer for investigation. Alternatively, where a person has concerns about the way the Museum has dealt with their personal information, they may contact the Privacy Contact Officer directly (see details listed above).
The Privacy Contact Officer will investigate the matter in accordance with its complaints handling procedures and determine whether the Museum has breached its privacy obligations. If the Privacy Contact Officer finds that there has been a privacy breach, the Director of the Museum will decide what remedial action should be taken. The Museum will aim to respond within a reasonable time of receiving the complaint.
If the complainant is dissatisfied with the Museum’s investigation of their complaint, they can contact the Office of the Australian Information Commissioner, who is independent of the Museum. Contact details for the Office of the Australian Information Commissioner are available on its website: http://www.oaic.gov.au
4.7 Notifiable Data Breach Scheme
The Museum is committed to dealing promptly with any accidental or unauthorised disclosure of personal information in accordance with its reporting obligations under the Notifiable Data Breach Reporting Scheme. If the Museum needs to investigate or resolve a problem, it may need to (and you authorise the Museum to) disclose your personal information to the Museum’s service providers, law enforcement or other government officials if necessary or appropriate to deal with the problem or if required by law. The Museum’s Notifiable Data Breach Response Procedures are available on its website: https://www.nma.gov.au/about/corporate/procedures/data-breach-response
4.8 Privacy impact assessments
The Privacy Act and the Code requires the Museum to take reasonable steps to implement practices, procedures and systems that ensure privacy compliance is designed into projects dealing with personal information from the start. The Museum conducts privacy impact assessments to assist the Museum in identifying any possible privacy impacts resulting from a project so they can be effectively managed and mitigated. The Museum’s Privacy Impact Assessment Register is available on its website: https://www.nma.gov.au/about/corporate/reports-reviews/privacy-impact-assessment-register
5. Definition of terms
Personal information
Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not
- whether the information or opinion is recorded in a material form or not.
6. Definition of responsibilities
Director
The Museum’s Director is responsible for deciding what remedial action should be taken in the case of a privacy breach.
Privacy Contact Officer
The Museum’s Privacy Contact Officer is responsible for maintaining and implementing this policy. The Privacy Contact Officer is also responsible for providing advice on privacy issues, acting as the point of contact for the federal Office of the Australian Information Commissioner and investigating any privacy complaints.
7. References
Archives Act 1983
Freedom of Information Act 1982 (Cth)
Privacy Act 1988 (Cth)
Privacy (Australian Government Agencies) – Governance APP Code 2017
Australian Privacy Principles (APP) Guidelines
8. Implementation
a. Coverage
This policy applies to all staff undertaking activities that involve the collection, use, storage and disclosure of personal information.
b. Other related policies
Complaints handling procedures (PRO-021)
Notifiable data breach response procedures (PRO-030)
c. Exclusions
There are no exclusions to this policy.
d. Superseded policies
This policy supersedes:
Title | Version number | Version date |
Privacy policy | Version 2.1 | 14 Jun 2012 |
Privacy policy | Version 3.0 | 14 Feb 2014 |
Privacy policy | Version 4.0 | 17 Nov 2015 |
Privacy policy | Version 4.1 | 27 Jun 2017 |
Privacy policy | Version 5.0 | 3 Dec 2019 |
Privacy policy | Version 6.0 | 28 Jul 2020 |
Privacy policy | Version 6.1 | 25 Oct 2022 |
e. Monitoring
This policy will be monitored by the Privacy Contact Officer and will be reviewed in December 2026.
Metadata
ID | POL-G-053 |
Version | 7.0 |
Version date | 27 November 2024 |
Type | General operational |
Approval dates | Approved by Executive Management |
File | 15/1110; 19/1247 |
Availability | Public and all staff |
Keywords | Privacy; personal information |
Responsible officer | Privacy Contact Officer (Manager, Legal Services) |
History |
Privacy policy v 1.0, 9 March 2007 (POL-C-018) Privacy policy v 2.0, 29 June 2009 (POL-C-018) Privacy policy v 2.1, 14 June 2012 (POL-C-018) Privacy policy v 3.0, 17 February 2014 (POL-G-053) Privacy policy v 4.0, 17 November 2015 (POL-G-053) Privacy policy v 4.1, 27 June 2017 (POL-G-053) Privacy policy v 5.0, 3 December 2019 (POL-G-053) Privacy policy v 6.0, 28 July 2020 (POL-G-053) Privacy policy v 6.1, 25 October 2022 (POL-G-053) |
Review date | December 2026 |
Related documents | |
Contact |
National Museum of Australia GPO Box 1901 CANBERRA ACT 2601 Tel: (02) 6208 5000 Email: privacy@nma.gov.au Website: www.nma.gov.au |
Privacy Impact Assessment Register
The Privacy (Australian Government Agencies – Governance) APP Code 2017 (Cth) (the APP Code) requires that all agencies, including the National Museum of Australia (the Museum) must conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects.