The Australian War Memorial (Memorial) takes the matter of information privacy seriously. It endeavours at all times to protect and handle personal information in a manner consistent with its obligations under the Privacy Act 1988 (Privacy Act), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APPs) and the APP Code for Australian Government Agencies.
This policy has been developed and is maintained in accordance with the Australian War Memorial’s Director’s Instruction 9.02 Handling of Personal Information.
The Memorial's purpose is to commemorate the sacrifice of those Australians who have died in war. Its mission is to assist Australians to remember, interpret and understand the Australian experience of war and its enduring impact on Australian society.
The Memorial deals with personal information in relation to its main functions as a memorial, museum and an archive and the activities that support these functions. Such activities include:
- Commemoration, ceremony or events
- Collections development and management
- Exhibitions development and management
- School education programs
- Fundraising, including retail operations
- Sponsorship and supporters programs
- Volunteer programs
- Personnel recruitment and contract management
- Communications including personal and corporate correspondence
- Social media and online activity
These and other activities often require the Memorial to collect contact information and personal details of individuals wishing to be involved in or have access to the Memorial’s collections and programs.
All such activities are carried out by the Memorial in accordance with the powers and limitations of the Australian War Memorial Act 1980.
The Memorial carefully balances the need for information from those wishing to access its archives, programs and services with the amount and type of information it collects and the manner in which it stores, uses and shares this information.
The Memorial is also mindful of privacy issues when providing access to personal recollections, accounts and material held in the National Collection. These records may also be subject to government regulations in relation to classified information and public access to records may also be withheld on these grounds.
This Privacy Management Policy outlines how we will comply with the Australian Privacy Principles (APPs) and the APP Code for Australian Government Agencies.
This Privacy Management Policy outlines how we will handle requests for access to or correction of personal information and complaints about our handling of privacy related matters.
The key concepts and definitions used in this plan are contained in the Privacy Act and are outlined below:
Australian Privacy Principles (APP) are contained in the Privacy Act.
Consent means express consent or implied consent
Health information means:
- information or an opinion about
- the health or a disability (at any time) of an individual; or
- an individual's expressed wishes about the future provision of health services to him or her; or
- a health service provided, or to be provided, to an individual; that is also personal information; or
- other Personal Information collected to provide, or in providing, a health service; or
- other Personal Information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
- genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.
Personal information is defined in the Privacy Act as ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not.’
The types of Personal Information that the Memorial collects and holds will depend on the circumstance and relationship between the individual and the Memorial.
Personal information that is commonly collected by the Memorial includes:
- Address (residential, postal and email)
- Phone number
- Date of birth
- Country of Birth
- Driver’s Licence
- Banking and superannuation details
- Tax File Number
- Health information
- Emergency contact details
- Photographs or video recordings (including ID cards, CCTV footage and event photography/videography)
- Criminal history
- IT access logs
- Records of donations and related family histories
- Retail or other transactional records
- Security Clearance status
Privacy Statement means a notification, in the format specified under paragraph 2.2, that is required to be provided to an individual at or before the time (or, if that is not practicable, as soon as practicable after) the Memorial collects Personal Information.
Sensitive information is defined in the Privacy Act as:
- Information or an opinion about an individual’s:
- racial or ethnic origin; or
- political opinions; or
- membership of a political association; or
- religious beliefs or affiliations; or
- philosophical beliefs; or
- membership of a professional or trade association; or
- membership of a trade union; or
- sexual orientation or practices; or
- criminal record that is also Personal Information;
- Health information about an individual;
- Genetic information about an individual that is not otherwise health information; or
- Biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
- Biometric templates.
Memorial Personnel means all employees, appointed office holders (Council), consultants, contractors and volunteers of the Memorial.