Print

Guide to our privacy policy

A guide to our privacy policy.

The purpose of this privacy policy is to:

  • clearly communicate the personal information handling practices of the Australian Maritime Safety Authority (AMSA)
  • enhance the transparency of AMSA operations
  • give individuals a better and more complete understanding of the sort of personal information that AMSA holds, and the way we handle that information.

I don't have time to read the whole policy. What should I read first?

This privacy policy has been developed to follow the 'layered policy' format, which means that it offers layers of greater or lesser detail so people can read as much as they wish and find what they need fast.

If all you want is a snapshot of our personal information handling practices, you can have a look at our Condensed Privacy Policy. This offers an easy to understand summary of:

  • how we collect, use, disclose and store your personal information
  • how you can contact us if you want to access or correct personal information we hold about you.

If, on the other hand, you are in search of a more comprehensive explanation of our information handling practices, then this is the document for you. This document forms the 'detailed' layer of our privacy policy.

Outline of this policy

'Part A—Personal Information Handling Practices' explains our general information handling practices across the agency including information about how we collect, use, disclose and store your personal information.

'Part B—Files' offers further detail by explaining our personal information handling practices in relation to specific AMSA functions or activities. Here you can find out what sort of records we keep and why. You may find this section helpful if, for example, you have made an enquiry to AMSA and wish to know how we manage our files.

'Part C—Online' explains our personal information handling practices when you visit our websites.

Part A—Our personal information handling practices

Our obligations under the Privacy Act

This privacy policy sets out how we comply with our obligations under the Privacy Act 1988 (Privacy Act).  As an Australian Government agency, we are bound by the Australian Privacy Principles (APP’s) in the Privacy Act which regulate how entities may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them.

In this privacy policy, 'personal information' has the same meaning as defined by section 6 of the Privacy Act:

'personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not
  • whether the information or opinion is recorded in a material form or not.'

Collection

It is our usual practice to collect personal information directly from the individual or their authorised representative.
Sometimes we collect personal information from a third party or a publicly available source, but only when the individual has consented to such collection, when we are required or authorised by law to collect information from someone other than the individual, or it is unreasonable or impracticable to collect the information from the individual.

In limited circumstances we may receive personal information about third parties from individuals who contact us and supply us with the personal information of others in the documents they provide to us.

We only collect personal information for purposes which are reasonably necessary for or directly related to our functions or activities under the Australian Maritime Safety Authority Act 1990, the Navigation Act 2012, the Marine Safety (Domestic Commercial Vessel) National Law Act 2012, the Shipping Registration Act 1981 or other AMSA legislation. We also collect personal information related to employment services, human resource management, and other corporate service functions (including public awareness and education).

We also collect personal information (including contact details) as part of our normal communication processes directly related to those purposes, including:

  • when an individual emails staff members
  • when an individual telephones us
  • when an individual hands us their business card.

When we solicit personal information, where reasonable we ensure that the person providing the personal information is advised of the matters referred to in Australian Privacy Principle 5 within a Privacy Notice.

Use and disclosure

We only use and disclose personal information for the purposes for which it was given to us, or for purposes which are reasonably necessary for or directly related to one of our functions or activities, and we do not give it to other government agencies, organisations or anyone else unless one of the following applies:

  • the individual has consented
  • the individual would reasonably expect AMSA to use or disclose the information for the secondary purpose and the secondary purpose is related (or directly related in the case of sensitive information) to the purpose for which it was collected
  • we are required or authorised by law or by an order of a court/tribunal
  • we reasonably believe that the use or disclosure of the information is necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body
  • it will prevent or lessen a serious and imminent threat to somebody's life or health, or where it is necessary to assist with the location of a person who has been reported missing
  • it is necessary for the establishment, exercise, or defence of a legal or equitable claim or in relation to an alternative dispute resolution process.

Data quality

We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed, and at other times as necessary. 

Data security

We take steps to protect the personal information we hold against misuse, loss, interference, and unauthorised access, disclosure or modification. These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

When no longer required, personal information is destroyed in a secure manner, or deleted according to the AMSA 's Records Disposal Authority.

Access and correction

An individual has a right to request access to their personal information and to request its correction. If an individual requests access to the personal information we hold about them, or requests that we change that personal information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act, the Freedom of Information Act 1982 (FOI Act) or other relevant law to withhold the information, or not make the changes.

If we do not agree to provide access to personal information or to amend or annotate the information we hold about them, the individual may seek a review of our decision or may appeal our decision under the FOI Act.

If we do not agree to make requested changes to personal information the individual may make a statement about the requested changes and we will attach this to the record.

Individuals can obtain further information about how to request access or changes to the information we hold about them by contacting us (see details below).

Making a privacy complaint

You are able to make a privacy complaint if you consider that an officer or part of AMSA has breached one of the APP’s or any other obligation under the Privacy Act.

You must generally make a complaint directly to AMSA at first instance.  This complaint should be in writing and should include a description of your privacy problem.  You may direct your complaint to the Privacy Officer at the details provided below.  The Privacy Act states that AMSA will respond within a reasonable time (usually 30 days).

If you are dissatisfied with the response from AMSA, or you do not receive a response within 30 days, you may then complain directly to the Office of the Australian Information Commissioner (the OAIC).  Complaints to the OAIC must be made in writing.  The OAIC’s preference is for you to use the online Privacy Complaint form if possible.  It is free to lodge a complaint with the OAIC. Your complaint should include:

  • the name of the agency involved
  • a brief description of your privacy problem
  • any action the agency or organisation has taken to fix the problem
  • copies of any relevant documents, including copies of your complaint to the agency or organisation, and its response.

Go to the OAIC website for information about making a privacy complaint or making a complaint to the OAIC.

Overseas disclosures

AMSA may disclose information to overseas governments or maritime safety agencies for purposes related to legislation governing AMSA's operations, or if required in accordance with Australia’s international obligations.  

The International Convention on Standards of Training, Certification and Watchkeeping for Seafarers (STCW Convention) establishes a system whereby a country may recognise a seafarer certificate issued by another party to the convention.  If a seafarer wishes to have their Australian certificate recognised for use in another country, AMSA may need to disclose some personal information to the country where the seafarer wishes to work.  It is also a requirement of the STCW Convention that in order for a country to recognise the qualifications of a seafarer from another country, there must be an agreement in place between those two countries.  For a list of countries which can issue a Certificate of Recognition for an AMSA issued certificate, please visit the Certificates of Recognition webpage.

AMSA also provides an automated service to maritime administrations and domestic and international shipping companies to verify the validity of a STCW certificate issued by AMSA. For information on this system, visit Standards of training, certification and watchkeeping for Seafarers (STCW) Endorsement Guidelines for State issued certificates.  AMSA may also disclose personal information overseas in limited situations related to search and rescue emergencies or in other circumstances related to our statutory functions.  

Part B Files: how we handle specific types of files that contain personal information

The following is an example of the major categories of personal information collected and held by AMSA. This is a representative sample only - if you are interested in learning about the personal information handling practices of personal information other than the kinds discussed below, please contact the AMSA Privacy Officer on the details provided.

Information relating to certificates of qualification

Purpose

The purpose of collecting this information is to assess seafarers in terms of training, experience, medical fitness and oral examinations for the issue of certificates of qualification.  Content may include: names, addresses, dates of birth, place of birth, nationality, occupation and gender.  Sensitive content may include: physical or mental health information, disabilities and racial or ethnic origin. The personal information on these records relates to employees in the maritime industry.

Collection

We collect personal information directly from individuals.

We may also collect personal information about an individual from third parties (such as employers) where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information from someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

This personal information is only used for the purpose of administering seafarer qualifications under legislation administered by AMSA. The following AMSA employees have routine access to this personal information: Manager, Ship Operations and Qualifications and staff of Ship Operations and Qualifications section, and staff of the Domestic Commercial Vessel Division.  Other agency staff may have access to this personal information to carry out their duties where required by legislation.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

We maintain and update personal information in our seafarer qualification files when we are advised by stakeholders that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.  Paper and electronic records are kept for a minimum of 5 years.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

General register of seaman

Purpose

The purpose of these records was to support the provision of employment services to the maritime industry as required by the Navigation Act 1912. The function ceased as from 1 March 1998.  Content may include: name, gender, address, date and place of birth, occupation, maritime qualifications, employment, marital status, names and status of next of kin. Sensitive content may include: physical or mental health, disabilities, criminal convictions and discipline reports. The personal information on these records relates to seafarers in the maritime industry and covers records not yet in the open access period and therefore not available from National Archives.

Collection

AMSA no longer collects information for inclusion within the General Register of Seaman.

Use and disclosure

The information is only made available to the seafarer or the seafarer’s legal personal representative or to a third party with the written authority of the seafarer. In the case of a deceased seafarer, information is made available to a third party with the written authority of the next of kin.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

AMSA no longer maintains this database.

Data security

Personal information in the General Register of Seaman is stored on microfiche media within a secure environment.  When no longer required, the records are transferred to the National Archives of Australia.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Australian register of ships

Purpose

The purpose of these records is to maintain information about the ownership and other title interests in Australian ships as required by the Shipping Registration Act 1981. Personal content may include: name, address, nationality, shareholding and other property interests in the ship. The records relate to approximately 30,000 ships.

The personal information on these records relates to ship owners, agents, charterers, caveators and ship masters

Collection

We collect personal information directly from individuals lodging interests within the Register or their representatives. 
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information collected within the Australian Register of Ships is only used for the purpose of administering the Register.  The agency staff of the following Business Units have routine access to this information: the Shipping Registration Office; Office of Legal Counsel; Corporate Services Division; Emergency Response; and Ship Safety Division.

Other than information which is made publically available in accordance with the Shipping Registration Act 1981, we will only also use or disclose this information for purposes other than which it was collected in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

We maintain and update personal information in our shipping registration files when we are advised by stakeholders that their personal information has changed.

Data security

In accordance with the provision of the Shipping Registration Act 1981, some personal information contained within the Register is publically available.  We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the non-publically available Shipping Register personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Files relating to prosecutions and regulatory enforcement actions

Purpose

The purpose of collecting this information is to ensure the compliance with and enforcement of legislation related to AMSA.  Content may include: name, address, occupation and names and status of business partners. Sensitive content may include: criminal convictions and details of suspected or alleged breaches of legislation.

The personal information on these records relates to alleged and proven offenders. The records also contain contact details for witnesses to the offence.

Collection

We collect personal information directly from the individual concerned.  We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information collected for this purpose will only be used in connection with the compliance and enforcement activities of AMSA.  Some of this information is therefore disclosed to law enforcement agencies and the Director of Public Prosecutions.  AMSA staff in areas of responsibility for maritime safety and for marine environment protection have routine access to this information.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

We maintain and update personal information in our files when we are advised by stakeholders that their personal information has changed, or otherwise as necessary.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the prosecution and regulatory enforcement personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority. These records must be kept for a minimum of 10 years.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Levy payment portal

Purpose

The purpose of these records is to facilitate the payment of levies in accordance with the Marine Navigation Levy Collection Act 1989; the Marine Navigation (Regulatory Functions) Levy Collection Act 1991; and the Protection of the Sea (Shipping Levy Collection) Act 1981 ('the Levy Collection Acts').  Content may include: name, contact details, employer or business information. The personal information on these records relates to shipping agents and ship operators registering to pay levies to AMSA.

Collection

We collect personal information directly from individuals using the Levy Payment Portal. 

We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information in the levy payment portal is only used for the purposes of administering the Levy Collection Acts. The following AMSA staff has access to the information: Finance staff, Ship Operations and Qualifications staff.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

We maintain and update personal information in our Levy Payment Portal files when we are advised by stakeholders that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the levy payment portal personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

Personal information contained within Levy Payment Portal files is destroyed after seven years in a secure manner in accordance with the AMSA's Records

Disposal Authority. 

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Emergency beacon register

Purpose

The purpose of these records is to provide information to the Rescue Coordination Centre in the event of an activation of a private distress beacon.  Content may include: name, address, contact details, nationality, occupation, employer or business information, and next of kin.  The personal information on these records relates to any member of the public registering a distress beacon in Australia.

Collection

We collect personal information directly from the owner of the beacon.

We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information in the emergency beacon register is used for the purpose of assisting search and rescue operations through the registration of beacons or MMSI numbers.  AMSA collects this information in accordance with its functions under the Australian Maritime Safety Authority Act 1990. The information may be passed to other government agencies assisting in search and rescue operations. AMSA also uses the contact details of registered beacon owners, including email addresses and mobile phone numbers, to prompt beacon owners to update their registration details and for other purposes related to maintaining their registration. The following agency staff have routine access to the information: staff of the 406MHz Beacon Registry Office, operational personnel in AMSA Search and Rescue.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

We maintain and update personal information in our Emergency Beacon Register files when we are advised by stakeholders that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the Emergency Beacon Register personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

When no longer required, personal information in the files is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Contacts lists

Purpose

We maintain contacts lists which include contact information about individuals who may have an interest in AMSA’s work and media representatives. We use these contacts lists to distribute information about our activities and publications.

Collection

It is our usual practice to collect personal information in contacts lists directly from individuals, for example, where they have asked to be added to a contact list.

We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

We only use personal information in contacts lists for the purpose of managing public and stakeholder relations.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

AMSA uses a number of online channels, including social networking services, to communicate with individuals and organisations with an interest AMSA’s work. The use of these services is governed by the online channel's Terms and Conditions and Privacy Policies, and the AMSA Terms and Conditions that attach to those platforms. Users may be required to supply some personal information such as name and email address to use these channels to communicate with the AMSA. Using these services to communicate with us may make some personal information visible to the AMSA and third parties.

Data quality

We maintain and update personal information in our contacts lists when we are advised by individuals that their personal information has changed. We also regularly audit contacts lists to check the currency of the contact information. We will remove contact information of individuals who advise us that they no longer wish to be contacted.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the contact list personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

Routine access to contacts lists is limited to the database operators who have responsibility for maintaining the contacts lists. Other staff members have access to the personal information in contacts lists on a need to know basis.

Access and correction

For information about how to access or correct personal information in our contacts lists see 'Access and correction' in Part A of this document.

Freedom of Information files

Purpose

When AMSA receives a request for access to documents under the Freedom of Information (FOI) Act, we create a file for that request. We collect personal information from FOI applicants to enable us to process their application and to keep track of the information released to them under the FOI Act.

The personal information in these files relates to the FOI applicant, however, the files may also contain other personal information contained in the documents that are relevant to the FOI request.

Collection

We collect personal information in FOI files directly from individuals who make an FOI request. We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

We only use the personal information in FOI files for the purpose of assessing and processing the FOI application.

We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy. 

Data quality

We maintain and update personal information in FOI files as necessary or when we are advised by individuals that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the personal information contained within FOI files against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

Personal information in FOI files is destroyed after seven years in a secure manner in accordance with AMSA 's Records Disposal Authority.

Access and correction

For information about how to access or correct personal information in FOI files see 'Access and correction' in Part A of this document.

Administrative and personnel files

Purpose

The purpose of personnel records is to maintain current employee information for business and employment related purposes, or where authorised or required by law. The personal information in these files relates to the employee and may include:

  • Applications for employment including the employee's resume, statements addressing the criteria and referee reports
  • Written tasks undertaken by the employee during the selection process
  • Notes from the selection committee during the selection process
  • The employee's employment contract, and other records relating to their terms and conditions of employment
  • Details of financial and other personal interests supplied by some employees and their immediate family members for the purpose of managing perceived or potential conflicts of interest
  • Proof of Australian citizenship
  • Certified copies of academic qualifications
  • Records relating to the employee's salary, benefits and leave
  • Medical certificates or health related information supplied by an employee or their medical practitioner
  • Contact details
  • Taxation details
  • Superannuation contributions
  • Information relating to the employee's training and development.

The purpose of keeping records on candidates for employment ('applicant files') is to allow us to assess the suitability of candidates for employment at the AMSA.

Collection

AMSA generally collects personal information directly from employees and applicants.

We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information in personnel files is only used for the purpose of maintaining current employee data and information for business and employment related purposes.

We only use personal information in applicant files for the purpose of assessing and processing applications for employment. We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

Data quality

AMSA maintains and updates personal information in our personnel and applicant files as necessary, or when we are advised by individuals that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the administrative and personnel personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

Staff files are kept for a minimum of 75 years after the date of birth of an employee. If an applicant is unsuccessful a file will be kept for seven years.  Any duplicate copies of applications used as part of the selection process are disposed of securely at the end of the process.
The following staff members have access to personnel and applicant files on a need to know basis:

  • Staff sitting on the selection committee
  • Human resources manager
  • Human resources staff.

Access and correction

For information about how to access or correct personal information in administrative files see 'Access and correction' in Part A of this document.

National Data Management System

Purpose

The purpose of collecting information contained within the National Data Management System (NDMS) is to administer the National System for Domestic Commercial Vessel Safety, as implemented by the Marine Safety (Domestic Commercial Vessels) National Law Act 2012.  AMSA is the National Regulator of the national system, with staff of state and territory marine safety agencies acting as its delegates. AMSA and its delegates collect personal information in the process of administering the national system (relating to, for example, certificates and qualifications), certain elements of which are entered into the NDMS for access by users across the country for purposes associated with the national system. Content may therefore include: names, addresses, dates of birth, place of birth, nationality, occupation and gender.

Sensitive content may include: physical or mental health information and information about disabilities.

Collection

AMSA and its delegates collect personal information directly from the individual concerned.  

We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.

Use and disclosure

Personal information contained within the NDMS is only used and disclosed for purposes related to and consistent with the administration of the national system. The following individuals have routine access to this personal information: staff of AMSA’s Domestic Commercial Vessel Division and Office of Legal Counsel, delegates of AMSA under the national law, and other authorised individuals within state/territory marine safety agencies. Other AMSA staff may have access to this personal information to carry out their duties where required by legislation

We may also use or disclose this information in circumstances described under the Use and Disclosure heading in Part A of this policy.

Data quality

We maintain and update personal information in our NDMS files when we are advised by stakeholders that their personal information has changed.

Data security

We take steps and utilise up-to-date techniques and processes which meet current government requirements to protect the NDMS personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.  These steps include maintaining up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information, and securing paper files and physical access restrictions.

When no longer required, personal information in the NDMS files is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.

Access and correction

For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.

Part C—Information collected online by AMSA

Information collected

When you browse this website, our system may automatically make a record of your visit and log the following information for statistical purposes:

  • your server address
  • top level domain name (for example .com, .net, .gov, .au, etc)
  • the type of browser and operating system you used
  • date and time of your visit
  • the previous site visited
  • which pages are accessed
  • the time spent on individual pages and the site overall
  • which files were downloaded.

This information is analysed to determine this website's usage statistics.

However, no attempt will be made to identify individual users except where a law enforcement agency (eg the Australian Federal Police) exercises a warrant to inspect our service provider's log files.

We collect no personal information about you unless you voluntarily choose to participate in an activity through this website that involves the provision of personal information, such as:

  • sending electronic mail to this website
  • participating in a survey on this website
  • suggesting a link from this website to an external website.

If you choose not to participate in these activities, your choice will in no way affect your ability to use this website.

Cookies

A cookie is a small file sent by AMSA’s web server onto the user's web browser software when the user accesses this website. (An explanation of cookies generally can be found at the site of the Australian Privacy Commissioner).

Some parts of this website may use a cookie to maintain contact through a session. The cookie allows AMSA to recognise you as an individual as you move from one page of this website to another. This cookie will expire on the close of your browser session or on the closing down of your computer.

Most Internet browsers are pre-set to accept cookies. If you prefer not to receive cookies, you can adjust your Internet browser to disable cookies or to warn you when cookies are being used.

No attempt will be made to identify anonymous users unless legally compelled to do so, such as in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's log files.

Use of personal information collected

Any personal information you choose to provide will only be used for the purpose for which it was provided. We do not give personal information collected online to other agencies, organisations otherwise than in accordance with the circumstances described under the 'Use and Disclosure' heading in Part A of this policy.

The Internet is an insecure medium and users should be aware that there are inherent risks transmitting information across the Internet.

Information submitted unencrypted via electronic mail or web forms may be at risk of being intercepted, read or modified. If you do not wish to email or send an online form to AMSA, you can send mail by post.

Data quality

We will delete or correct any personal information that we hold about you on request.

If you are on one of our automated email lists, you may opt out of further contact from us by clicking the 'unsubscribe' link at the bottom of the email. 

Data security

There are inherent risks in transmitting information across the internet and we do not have the ability to control the security of information collected and stored on third party platforms. In relation to our own servers, we take all reasonable steps to manage data stored on our servers to ensure data security.

Access and correction

For information about how to access or correct personal information collected on our website see 'Access and correction' in Part A of this document.

How to contact us

Individuals can obtain further information in relation to this privacy policy, or provide any comments, by contacting us:  

Telephone

Head office +61 2 6279 5000 (8 am to 5.15 pm Monday to Friday)

Post

Privacy Officer
Australian Maritime Safety Authority
GPO Box 2181
Canberra City ACT 2601

Fax

02 6279 5950

Email

Contact us

Note that some of these words, including 'sensitive information' and 'enforcement body' have defined meanings under the Privacy Act 1988.

Last updated: 

Monday 12 February 2018