The following is an example of the major categories of personal information collected and held by AMSA. This is a representative sample only - if you are interested in learning about the personal information handling practices of personal information other than the kinds discussed below, please contact the AMSA Privacy Officer on the details provided.
Information relating to certificates of qualification
Purpose
The purpose of collecting this information is to assess seafarers in terms of training, experience, medical fitness and oral examinations for the issue of certificates of qualification. Content may include: names, addresses, dates of birth, place of birth, nationality, occupation and gender. Sensitive content may include: physical or mental health information, disabilities and racial or ethnic origin. The personal information on these records relates to employees in the maritime industry.
Collection
We collect personal information directly from individuals.
We may also collect personal information about an individual from third parties (such as employers) where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information from someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
This personal information is only used for the purpose of administering seafarer qualifications under legislation administered by AMSA. The following AMSA employees have routine access to this personal information: Manager, Ship Operations and Qualifications and staff of Ship Operations and Qualifications section, and staff of the Domestic Commercial Vessel Division. Other agency staff may have access to this personal information to carry out their duties where required by legislation.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our seafarer qualification files when we are advised by stakeholders that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority. Paper and electronic records are kept for a minimum of 5 years.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
General register of seaman
Purpose
The purpose of these records was to support the provision of employment services to the maritime industry as required by the Navigation Act 1912. The function ceased as from 1 March 1998. Content may include: name, gender, address, date and place of birth, occupation, maritime qualifications, employment, marital status, names and status of next of kin. Sensitive content may include: physical or mental health, disabilities, criminal convictions and discipline reports. The personal information on these records relates to seafarers in the maritime industry and covers records not yet in the open access period and therefore not available from National Archives.
Collection
AMSA no longer collects information for inclusion within the General Register of Seaman.
Use and disclosure
The information is only made available to the seafarer or the seafarer’s legal personal representative or to a third party with the written authority of the seafarer. In the case of a deceased seafarer, information is made available to a third party with the written authority of the next of kin.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
AMSA no longer maintains this database.
Data security
Personal information in the General Register of Seaman is stored on microfiche media within a secure environment. When no longer required, the records are transferred to the National Archives of Australia.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Australian register of ships
Purpose
The purpose of these records is to maintain information about the ownership and other title interests in Australian ships as required by the Shipping Registration Act 1981. Personal content may include: name, address, nationality, shareholding and other property interests in the ship. The records relate to approximately 30,000 ships.
The personal information on these records relates to ship owners, agents, charterers, caveators and ship masters
Collection
We collect personal information directly from individuals lodging interests within the Register or their representatives.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information collected within the Australian Register of Ships is only used for the purpose of administering the Register. The agency staff of the following Business Units have routine access to this information: the Shipping Registration Office; Office of Legal Counsel; Corporate Services Division; Emergency Response; and Ship Safety Division.
Other than information which is made publically available in accordance with the Shipping Registration Act 1981, we will only also use or disclose this information for purposes other than which it was collected in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our shipping registration files when we are advised by stakeholders that their personal information has changed.
Data security
In accordance with the provision of the Shipping Registration Act 1981, some personal information contained within the Register is publically available. We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the non-publically available Shipping Register personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Files relating to prosecutions and regulatory enforcement actions
Purpose
The purpose of collecting this information is to ensure the compliance with and enforcement of legislation related to AMSA [9]. Personal information collected may include: statements and interviews with alleged offenders and witnesses about incidents, including information such as names, addresses, occupations and business interests. Sensitive content may include: medical information, criminal convictions and details of suspected or alleged breaches of legislation..
Collection
Personal information may be collected directly from the individual concerned. We may also collect personal information about an individual from third parties where it is relevant, and where the individual has consented to such collection, where we are required or authorised by law to collect the information, or when it is unreasonable or impracticable to collect the information from the individual. In enforcement investigations it may often be unreasonable or impracticable to collect personal information from a person under investigation.
Use and disclosure
Personal information collected for this purpose will only be used in connection with the compliance and enforcement activities of AMSA. Some of this information is therefore disclosed to law enforcement agencies and the Director of Public Prosecutions and will be used for the purposes of criminal prosecutions or civil proceedings. AMSA staff in areas of responsibility for maritime safety and for marine environment protection have routine access to this information.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our files when we are advised by stakeholders that their personal information has changed, or otherwise as necessary.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the prosecution and regulatory enforcement personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority. These records must be kept for a minimum of 10 years.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Levy payment portal
Purpose
The purpose of these records is to facilitate the payment of levies in accordance with the Marine Navigation Levy Collection Act 1989; the Marine Navigation (Regulatory Functions) Levy Collection Act 1991; and the Protection of the Sea (Shipping Levy Collection) Act 1981 ('the Levy Collection Acts'). Content may include: name, contact details, employer or business information. The personal information on these records relates to shipping agents and ship operators registering to pay levies to AMSA.
Collection
We collect personal information directly from individuals using the Levy Payment Portal.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in the levy payment portal is only used for the purposes of administering the Levy Collection Acts. The following AMSA staff has access to the information: Finance staff, Ship Operations and Qualifications staff.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our Levy Payment Portal files when we are advised by stakeholders that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the levy payment portal personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
Personal information contained within Levy Payment Portal files is destroyed after seven years in a secure manner in accordance with the AMSA's Records
Disposal Authority.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Emergency beacon register
Purpose
The purpose of these records is to provide information to the Rescue Coordination Centre in the event of an activation of a private distress beacon. Content may include: name, address, contact details, nationality, occupation, employer or business information, and next of kin. The personal information on these records relates to any member of the public registering a distress beacon in Australia.
Collection
We collect personal information directly from the owner of the beacon.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in the emergency beacon register is used for the purpose of assisting search and rescue operations through the registration of beacons or MMSI numbers. AMSA collects this information in accordance with its functions under the Australian Maritime Safety Authority Act 1990. The information may be passed to other government agencies assisting in search and rescue operations. AMSA also uses the contact details of registered beacon owners, including email addresses and mobile phone numbers, to prompt beacon owners to update their registration details and for other purposes related to maintaining their registration. The following agency staff have routine access to the information: staff of the 406MHz Beacon Registry Office, operational personnel in AMSA Search and Rescue.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our Emergency Beacon Register files when we are advised by stakeholders that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the Emergency Beacon Register personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
When no longer required, personal information in the files is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Contacts lists
Purpose
We maintain contacts lists which include contact information about individuals who may have an interest in AMSA’s work and media representatives. We use these contacts lists to distribute information about our activities and publications.
Collection
It is our usual practice to collect personal information in contacts lists directly from individuals, for example, where they have asked to be added to a contact list.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
We only use personal information in contacts lists for the purpose of managing public and stakeholder relations.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
AMSA uses a number of online channels, including social networking services, to communicate with individuals and organisations with an interest AMSA’s work. The use of these services is governed by the online channel's Terms and Conditions and Privacy Policies, and the AMSA Terms and Conditions that attach to those platforms. Users may be required to supply some personal information such as name and email address to use these channels to communicate with the AMSA. Using these services to communicate with us may make some personal information visible to the AMSA and third parties.
Data quality
We maintain and update personal information in our contacts lists when we are advised by individuals that their personal information has changed. We also regularly audit contacts lists to check the currency of the contact information. We will remove contact information of individuals who advise us that they no longer wish to be contacted.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the contact list personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
Routine access to contacts lists is limited to the database operators who have responsibility for maintaining the contacts lists. Other staff members have access to the personal information in contacts lists on a need to know basis.
Access and correction
For information about how to access or correct personal information in our contacts lists see 'Access and correction' in Part A of this document.
Freedom of Information files
Purpose
When AMSA receives a request for access to documents under the Freedom of Information (FOI) Act, we create a file for that request. We collect personal information from FOI applicants to enable us to process their application and to keep track of the information released to them under the FOI Act.
The personal information in these files relates to the FOI applicant, however, the files may also contain other personal information contained in the documents that are relevant to the FOI request.
Collection
We collect personal information in FOI files directly from individuals who make an FOI request. We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
We only use the personal information in FOI files for the purpose of assessing and processing the FOI application.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in FOI files as necessary or when we are advised by individuals that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the personal information contained within FOI files against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
Personal information in FOI files is destroyed after seven years in a secure manner in accordance with AMSA 's Records Disposal Authority.
Access and correction
For information about how to access or correct personal information in FOI files see 'Access and correction' in Part A of this document.
Administrative and personnel files
Purpose
The purpose of personnel records is to maintain current employee information for business and employment related purposes, or where authorised or required by law. The personal information in these files relates to the employee and may include:
- Applications for employment including the employee's resume, statements addressing the criteria and referee reports
- Written tasks undertaken by the employee during the selection process
- Notes from the selection committee during the selection process
- The employee's employment contract, and other records relating to their terms and conditions of employment
- Details of financial and other personal interests supplied by some employees and their immediate family members for the purpose of managing perceived or potential conflicts of interest
- Proof of Australian citizenship
- Certified copies of academic qualifications
- Records relating to the employee's salary, benefits and leave
- Medical certificates or health related information supplied by an employee or their medical practitioner
- Contact details
- Taxation details
- Superannuation contributions
- Information relating to the employee's training and development.
The purpose of keeping records on candidates for employment ('applicant files') is to allow us to assess the suitability of candidates for employment at the AMSA.
Collection
AMSA generally collects personal information directly from employees and applicants.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in personnel files is only used for the purpose of maintaining current employee data and information for business and employment related purposes.
We only use personal information in applicant files for the purpose of assessing and processing applications for employment. We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
AMSA maintains and updates personal information in our personnel and applicant files as necessary, or when we are advised by individuals that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the administrative and personnel personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
Staff files are kept for a minimum of 75 years after the date of birth of an employee. If an applicant is unsuccessful a file will be kept for seven years. Any duplicate copies of applications used as part of the selection process are disposed of securely at the end of the process.
The following staff members have access to personnel and applicant files on a need to know basis:
- Staff sitting on the selection committee
- Human resources manager
- Human resources staff.
Access and correction
For information about how to access or correct personal information in administrative files see 'Access and correction' in Part A of this document.
Databases used for administering the National Law
Purpose
AMSA collects personal information in relation to various functions it administers under the Marine Safety (Domestic Commercial Vessels) National Law Act 2012 (the National Law), for example, issuing certificates in relation to vessels and the qualifications of seafarers. This personal information is entered into databases for access by AMSA users involved in administering the National Law. Content may include: names, addresses, dates of birth, place of birth, nationality, occupation and gender.
Sensitive content may include: physical or mental health information and information about disabilities.
Collection
AMSA collects personal information directly from the individual concerned.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information contained within the NDMS is only used and disclosed for purposes related to and consistent with the administration of the national system. The following individuals have routine access to this personal information: staff of AMSA’s Domestic Commercial Vessel Division and Office of Legal Counsel, delegates of AMSA under the national law, and other authorised individuals within state/territory marine safety agencies. Other AMSA staff may have access to this personal information to carry out their duties where required by legislation
We may also use or disclose this information in circumstances described under the Use and Disclosure heading in Part A of this policy.
Data quality
We maintain and update personal information in our databases when we are advised by stakeholders that their personal information has changed.
Data security
We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect personal information we hold in databases against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.