The following section provides information about the major categories of personal information collected and held by AMSA. This is a representative sample only – if you are interested in learning about the handling of personal information other than the kinds discussed below, please contact the AMSA Privacy Officer on the details provided.
AMSA collects personal information in relation to various functions it administers under the Marine Safety (Domestic Commercial Vessels) National Law Act 2012 (the National Law), for example, issuing certificates in relation to vessels and the qualifications of seafarers. This personal information is entered into databases for access by AMSA users involved in administering the National Law. Content may include: names, addresses, dates of birth, place of birth, nationality, occupation and gender.
Sensitive content may include: physical or mental health information and information about disabilities.
AMSA collects personal information directly from the individual concerned.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Personal information contained within the databases is only used and disclosed for purposes related to and consistent with the administration of the National Law. The following individuals have routine access to this personal information: Operations staff, delegates of AMSA under the National Law, and other authorised individuals within state/territory marine safety agencies. Other AMSA staff may have access to this personal information to carry out their duties where required.
We may also use or disclose this information in circumstances described under the Use and Disclosure heading in Part A of this policy.
We maintain and update personal information in our databases when we are advised by stakeholders that their personal information has changed.
See ‘Data security' in Part A of this document.
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.
For information about how to access or correct personal information in these databases see 'Access and correction' in Part A of this document.
Information relating to certificates of qualification
Purpose
The purpose of collecting this information is to assess seafarers in terms of training, experience, medical fitness and oral examinations for the issue of certificates of qualification. Content may include: names, addresses, dates of birth, place of birth, nationality, occupation and gender. Sensitive content may include: physical or mental health information, disabilities and racial or ethnic origin. The personal information on these records relates to employees in the maritime industry.
Collection
We collect personal information directly from individuals.
We may also collect personal information about an individual from third parties (such as employers) where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information from someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
This personal information is only used for the purpose of administering seafarer qualifications under legislation administered by AMSA (the Navigation Act 2012 (Cth) and the National Law). AMSA employees responsible for the assessment of applications and granting of seafarer qualifications will have routine access to this personal information. Other agency staff may have access to this personal information to carry out their duties where required.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in relation to seafarer qualifications when we are advised by stakeholders that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Data retention
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority. Paper and electronic records are kept for a minimum of 5 years.
Access and correction
For information about how to access or correct personal information relating to certificates of qualification see 'Access and correction' in Part A of this document.
General register of seaman
Purpose
The purpose of these records was to support the provision of employment services to the maritime industry as required by the Navigation Act 1912. The function ceased as from 1 March 1998. Content may include: name, gender, address, date and place of birth, occupation, maritime qualifications, employment, marital status, names and status of next of kin. Sensitive content may include: physical or mental health, disabilities, criminal convictions and discipline reports. The personal information on these records relates to seafarers in the maritime industry and covers records not yet in the open access period and therefore not available from National Archives.
Collection
AMSA no longer collects information for inclusion within the General Register of Seaman.
Use and disclosure
The information is only made available to the seafarer or the seafarer’s legal personal representative or to a third party with the written authority of the seafarer. In the case of a deceased seafarer, information is made available to a third party with the written authority of the next of kin.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
AMSA no longer maintains this database.
Data security
Personal information in the General Register of Seaman is stored on microfiche media within a secure environment. When no longer required, the records are transferred to the National Archives of Australia.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Australian register of ships
Purpose
The purpose of these records is to maintain information about the ownership and other title interests in Australian ships as required by the Shipping Registration Act 1981. Personal content may include: name, address, nationality, shareholding and other property interests in the ship. The records relate to approximately 30,000 ships.
The personal information on these records relates to ship owners, agents, charterers, caveators and ship masters
Collection
We collect personal information directly from individuals lodging interests within the Register or their representatives.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information within the Australian Register of Ships is used for the purpose of administering the Register and may also be used where information about the registration of a vessel is relevant to a staff member’s duties. AMSA employees with responsibilities in the Shipping Registration Office have routine access to this information. Other employees who require registration information for the purpose of their role may also access this information.
In accordance with the Shipping Registration Act 1981, information contained in the Shipping Register may be inspected by members of the public and copies of entries provided in accordance with the payment of a fee. Please visit Request a title extract for more information. We may also use or disclose personal information contained in the Register for purposes other than which it was collected in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our shipping registration files when we are advised by stakeholders that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Information relating to prosecutions and regulatory enforcement actions
Purpose
The purpose of collecting this information is to ensure the compliance with and enforcement of legislation related to AMSA [9]. Body worn camera footage is also collected by AMSA inspectors for the purposes of ensuring inspector safety, creating a record of interactions with the public and evidential purposes.
Personal information collected for enforcement purposes may include: statements and recorded interviews with alleged offenders and witnesses about incidents, including information such as names, addresses, occupations and business interests. Sensitive content may include: medical information, photographs and video footage of individuals, criminal convictions and details of suspected or alleged breaches of legislation.
Collection
Personal information may be collected directly from the individual concerned. We may also collect personal information about an individual from third parties where it is relevant, and where the individual has consented to such collection, where we are required or authorised by law to collect the information, or when it is unreasonable or impracticable to collect the information from the individual. In enforcement investigations it may often be unreasonable or impracticable to collect personal information from a person under investigation.
Body worn camera footage will normally be collected directly from the individual and with their consent. An inspector will not be required to obtain consent if they consider collection of the information is reasonably necessary for, or directly related to one or more of AMSA’s enforcement functions and there is no time to obtain consent or consent is unable to be obtained. In particular, inspectors may capture without consent:
- an observed breach of AMSA administered legislation
- non-compliant behaviour that will lead to compliance or enforcement action being taken, or
- an incident that is about to, or has occurred.
Use and disclosure
Personal information collected for this purpose will only be used in connection with the compliance and enforcement activities of AMSA. These purposes include the prosecution of criminal offences and civil penalty provisions. Some of this information will therefore be disclosed to the Commonwealth Director of Public Prosecutions or lawyers acting for AMSA, defence lawyers and in court proceedings.
AMSA staff with responsibility for enforcement and inspection have routine access to this information, with the exception of body worn camera footage, access to which is more limited.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy. In particular, personal information may be disclosed to an enforcement body where it is necessary for one or more enforcement activities conducted by or on behalf of that body.
Data quality
We maintain and update personal information in our files when we are advised by stakeholders that their personal information has changed, or otherwise as necessary.
Data security
See ‘Data security' in Part A of this document.
Body worn camera footage is stored in Evidence.com, an encrypted cloud-based system. A username/password and AMSA multifactor authentication are required to access the system. Access to files uploaded to Evidence.com is restricted to AMSA staff who require access to particular files for the purpose of an investigation or prosecution or as an administrator of the system.
Data retention
When no longer required, personal information is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority. These records must be kept for a minimum of 10 years.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Levy payment portal
Purpose
The purpose of these records is to facilitate the payment of levies in accordance with the Marine Navigation Levy Collection Act 1989; the Marine Navigation (Regulatory Functions) Levy Collection Act 1991; and the Protection of the Sea (Shipping Levy Collection) Act 1981 ('the Levy Collection Acts'). The personal information on these records relates to shipping agents and ship operators registering to pay levies to AMSA and generally includes: names and contact details.
Collection
We collect personal information directly from individuals using the Levy Payment Portal.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in the levy payment portal is only used for the purposes of administering the Levy Collection Acts and access is provided to staff engaged in administering levy payments.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our Levy Payment Portal files when we are advised by stakeholders that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Data retention
Personal information contained within Levy Payment Portal files is destroyed in a secure manner in accordance with the AMSA's Records
Disposal Authority.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Emergency beacon register
Purpose
The purpose of these records is to provide information to the AMSA Response Centre in the event of an activation of a private distress beacon. Content may include: name, address, contact details, nationality, occupation, employer or business information, and next of kin and emergency contacts. The personal information on these records relates to any member of the public registering a distress beacon in Australia.
Collection
We collect personal information from the owner of the beacon. This information may include details of next of kin and emergency contacts supplied by the owner of the beacon.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in the emergency beacon register is used by AMSA for the purpose of assisting search and rescue operations in accordance with its functions under the Australian Maritime Safety Authority Act 1990. The information may be passed to other government agencies assisting in search and rescue operations. AMSA also uses the contact details of registered beacon owners, including email addresses and mobile phone numbers, to prompt beacon owners to update their registration details and for other purposes related to maintaining their registration. Staff authorised to access the beacon register for the purposes of their role have routine access to the data. Search and rescue officers in AMSA Response may access the data as required for their functions.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our Emergency Beacon Register files when we are advised by stakeholders that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Data retention
When no longer required, personal information in the files is destroyed in a secure manner or deleted in accordance with the AMSA's Records Disposal Authority.
Access and correction
For information about how to access or correct personal information in these files see 'Access and correction' in Part A of this document.
Contacts lists and online platforms
Purpose
We maintain contacts lists which include contact information about individuals who may have an interest in AMSA’s work and media representatives. We use these contacts lists to distribute information about our activities and publications.
AMSA also uses a number of online platforms, including social networking services, to communicate with individuals and organisations with an interest in AMSA’s work. The use of these services is governed by the online platform’s Terms and Conditions and Privacy Policies, and the AMSA Terms and Conditions that attach to those platforms. Users may be required to supply some personal information such as name and email address to use these channels to communicate with AMSA. Using these services to communicate with us may make some personal information visible to the AMSA and third parties.
Collection
It is our usual practice to collect personal information in contacts lists directly from individuals, for example, where they have asked to be added to a contact list. Collection of personal information through online platforms is also from the user of that platform.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
We only use personal information in contacts lists for the purpose of managing public and stakeholder relations.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in our contacts lists when we are advised by individuals that their personal information has changed. We also regularly audit contacts lists to check the currency of the contact information. We will remove contact information of individuals who advise us that they no longer wish to be contacted.
Data security
See ‘Data security' in Part A of this document.
Routine access to contacts lists is limited to the database operators who have responsibility for maintaining the contacts lists. Other staff members have access to the personal information in contacts lists on a need to know basis.
Access and correction
For information about how to access or correct personal information in our contacts lists see 'Access and correction' in Part A of this document.
Freedom of Information files
Purpose
When AMSA receives a request for access to documents under the Freedom of Information (FOI) Act, we create a file for that request. We collect personal information from FOI applicants to enable us to process their application and to keep track of the information released to them under the FOI Act.
The personal information in these files relates to the FOI applicant, however, the files may also contain other personal information contained in the documents that are relevant to the FOI request.
Collection
We collect personal information in FOI files directly from individuals who make an FOI request. We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
We only use the personal information in FOI files for the purpose of assessing and processing the FOI application.
We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
We maintain and update personal information in FOI files as necessary or when we are advised by individuals that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Data retention
Personal information in FOI files is destroyed in a secure manner in accordance with AMSA 's Records Disposal Authority.
Access and correction
For information about how to access or correct personal information in FOI files see 'Access and correction' in Part A of this document.
Administrative and personnel files
Purpose
The purpose of personnel records is to maintain employee information for business and employment related purposes, or where authorised or required by law. The personal information in these files relates to the employee and may include:
- Applications for employment including the employee's resume, statements addressing the criteria and referee reports
- Written tasks undertaken by the employee during the selection process
- Notes from the selection committee during the selection process
- The employee's employment contract, and other records relating to their terms and conditions of employment
- Details of financial and other personal interests supplied by some employees and their immediate family members for the purpose of managing perceived or potential conflicts of interest
- Proof of Australian citizenship
- Certified copies of academic qualifications
- Records relating to the employee's salary, benefits and leave
- Medical certificates or health related information supplied by an employee or their medical practitioner
- Contact details
- Taxation details
- Superannuation contributions
- Information relating to the employee's training and development.
The purpose of keeping records on candidates for employment ('applicant files') is to allow us to assess the suitability of candidates for employment at the AMSA.
Collection
AMSA generally collects personal information directly from employees and applicants.
We may also collect personal information about an individual from third parties where it is relevant, but only when the individual has consented to such collection, when we are required or authorised by law to collect information for someone other than the individual, or when it is unreasonable or impracticable to collect the information from the individual.
Use and disclosure
Personal information in personnel files is only used for the purpose of maintaining employee data and information for business and employment related purposes.
We only use personal information in applicant files for the purpose of assessing and processing applications for employment. We may also use or disclose this information in circumstances described under the 'Use and Disclosure' heading in Part A of this policy.
Data quality
AMSA maintains and updates personal information in our personnel and applicant files as necessary, or when we are advised by individuals that their personal information has changed.
Data security
See ‘Data security' in Part A of this document.
Data retention
Staff files are kept for a minimum of 75 years after the date of birth of an employee. If an applicant is unsuccessful a file will be kept for seven years. Any duplicate copies of applications used as part of the selection process are disposed of securely at the end of the process.
The following staff members have access to personnel and applicant files on a need to know basis:
- Staff sitting on a selection committee
- Human resources manager
- Human resources staff.
Access and correction
For information about how to access or correct personal information in administrative files see 'Access and correction' in Part A of this document.