Introduction
- The Royal Australian Mint (Mint) (‘we’, ‘our’, ‘us’) is required to comply with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs). Although it operates independently, the Mint is an entity with the Department of the Treasury for the purposes of the Privacy Act.
- We are not required to comply with the Regulation (EU) 2016/679 (General Data Protection Regulation), but we take steps to ensure compliance with privacy best practice.
Purpose
- We are committed to protecting the privacy of individuals and we recognise that personal information is a valuable asset.
- This policy explains how we collect, use, disclose and store your personal information. It also explains how you may request access to, or correction of, the personal information we hold about you, or make a complaint about how we have handled your personal information. This policy should be read in conjunction with the Privacy Policy of the Department of the Treasury (available at https://treasury.gov.au/privacy-policy).
- You should read this policy if you are:
- a customer of the Mint (including the Mint eShop);
- a visitor to the Mint;
- a contractor, consultant, supplier or vendor of goods or services to us, or someone who has tendered to provide goods or services to us;
- a person seeking employment with us;
- a person who is, or was, employed by us;
- a person who has sent correspondence to us;
- a person who has made an enquiry or complaint to us; or
- a person who has made a request for access to information or documents held by us.
What is personal information?
- Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
What personal information do we collect?
- We collect a range of personal information depending on how you engage with us. For example:
- if you are an employee of or contractor to the Mint, we will collect your name, date of birth, contact details, photographic image and other records related to your recruitment, employment and contractor arrangements;
- if you are a customer, coin dealer or external supplier that engages with the Mint, we may collect your name, address, contact details and financial or credit card information;
- if you visit the Mint’s premises, we will use CCTV to record your image and actions, and if you need to visit non-public areas we may ask you to provide further personal information before entry;
- if you engage with us through our website, social media channels or at in-person events, we may collect your name, contact details, photographic image and any information that you choose to provide to us; and
- if you engage with us at in person events, we may take your photograph.
- Some of this personal information may be sensitive information for the purposes of the Privacy Act, meaning that the information is afforded greater protections under the Privacy Act.
- We only collect your sensitive information if:
- it is reasonably necessary for our functions and activities, and you consent to the collection of your sensitive information;
- the collection of your sensitive information is required or authorised by law (such as under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act), the Data Availability and Transparency Act 2022 (Cth) (DAT Act) or the Public Interest Disclosure Act 2013 (Cth) (PID Act)); or
- we are otherwise permitted by the Privacy Act to collect your sensitive information.
- For further details about what types of personal information we collect about our employees and contractors, see Annexure A.
- For further details about what types of personal information we collect about our customers and external suppliers, see Annexure B.
- For completeness, when you access our website, we may collect information about your visit and use cookies to collect information about which pages you view, how you reach them, what you do when you visit a page, and the time spent on the page.
- Cookies are small data files placed on your computer that provide us information about the performance of our website in providing content to you. We may also gather IP addresses as part of our business activities and to assist with any operational difficulties or support issues with our website. IP addresses and cookie information do not identify you personally, only the device that you are using. We also use this type of information collected from our website to help us identify how our website is being used, and to make improvements.
- We also use Facebook/Meta and Google tracking services that are embedded into the eShop to enable Facebook/Meta and Google to display advertisements about the eShop on other websites that you may use. However, the information used to deliver these services generally does not identify you personally – it identifies the device that you are using.
What if we don’t collect personal information?
- If we do not collect your personal information, we may be unable to employ or contract you, or provide you with some goods and services. You may also be denied access to non-public areas of the Mint. However, in some circumstances we do allow individuals to remain anonymous or use a pseudonym when dealing with us. For example, you can make a general enquiry by telephone without telling us your name.
How do we collect personal information?
- We collect your personal information in a number of ways. For example, we may collect your personal information via:
- our website;
- our social media accounts;
- the Mint eShop;
- electronic forms;
- email;
- telephone;
- photographs;
- paper-based forms, including communications by letter;
- our CCTV systems; and
- photographs.
- We may also collect your personal information if you attend an in person event.
- While we generally collect personal information directly from you, we may collect your personal information from a third party if this is permitted by the Privacy Act. For example, we may collect your personal information from other Commonwealth agencies, or from our contracted service providers.
Use of personal information
- We use personal information for the primary purpose for which it is collected, which may include:
- performing our recruitment, employment and other human resources-like functions;
- performing our retail, commercial and administrative functions, which includes:
- complying with our legislative obligations, including those under the AML/CTF Act, the DAT Act, the PID Act, the Archives Act 1983 (Cth) (Archives Act) and the Freedom of Information Act 1982 (Cth) (FOI Act); and
- responding to complaints, enquiries and correspondence from members of the public;
- ensuring the security of our premises, information and operations – for example, through the use of CCTV systems;
- to comply with our reporting and accountability obligations to the Department of the Treasury on privacy matters; and
- keeping a correspondence register of correspondence to a Minister in the Treasury portfolio.
- We may also use your personal information for other purposes, if:
- we notify you of these purposes when we collect the personal information;
- you consent to the use of your personal information; or
- we are permitted by the Privacy Act to use your personal information.
- We may use your personal information to send you information about our services, events and initiatives, if you have given your express or implied consent to receiving such information, or if we are otherwise authorised by law to use your information.
- However, you can withdraw your consent to your personal information being used to send you information about our services and initiatives by contacting the relevant section within the Mint via our general email address at hello@ramint.gov.au or the Privacy Officer, if your initial request was not actioned in a reasonable timeframe (see paragraphs 39 to 42 below).
- For further details about how we use personal information about our employees and contractors, see Annexure A.
- For further details about how we use personal information about our customers and external suppliers, see Annexure B.
Disclosure of personal information
- We may disclose your personal information to third parties for the purposes set out in paragraphs 19 to 24 above. For example, we may disclose your personal information to our contracted services providers (delivery organisations) and Commonwealth agencies (e.g. the Department of Finance or the Australian National Audit Office) or to the Minister or to the Parliament of Australia.
- We may also disclose your personal information to another third party if this disclosure is permitted by the Privacy Act.
- For further details about who we disclose personal information about our employees and contractors to, see Annexure A.
- For further details about who we disclose personal information about our customers and external suppliers to, see Annexure B.
Cross-border disclosure of personal information
- We may need to disclose your personal information to recipients outside of Australia, including as part of:
- ensuring that our contracted service providers can provide ICT support services to us; and
- enabling international delivery of retail and coin orders, such as to customs clearing agents or shipping agents.
- However, if we need to disclose personal information to a recipient outside of Australia, we take steps to ensure that this disclosure complies with the Privacy Act.
Storage of personal information
- We store your personal information securely, by taking reasonable steps to ensure that the personal information we hold is protected from misuse, interference and loss, and from unauthorised access, modification or disclosure.
- For example, we only allow authorised persons (such as our employees or contracted service providers) to access the personal information we hold. These individuals and providers are subject to privacy and security obligations.
- Electronic and paper records containing personal information are protected in accordance with relevant Australian Government security policies.
- In accordance with our obligations under the Archives Act, we also destroy or de-identify personal information when we no longer require that information to fulfil our functions and activities.
Access to, and correction of, personal information
- You may request access to the personal information that we hold about you in a particular form (e.g. hard copy or electronic). You may also request that we correct the personal information that we hold about you, if that information is inaccurate, out of date, incomplete, irrelevant or misleading. Subject to the Privacy Act, we are required to take reasonable steps to correct such information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
- We may ask you to verify your identity before we process an access or correction request, to ensure that your personal information is appropriately protected.
- There may be instances in which we are not required by the Privacy Act to give you access to your personal information, or to correct the personal information that we hold about you. If we cannot process your access or correction request, we will notify you in writing and give you further information about other options that may be open to you.
- We aim to process access and correction requests within 30 days of receipt.
Complaints
- If you have any questions or would like to make a complaint about how we have handled your personal information, please contact our Privacy Officer by email at privacy@ramint.gov.au, or by post at:
Privacy Officer
Royal Australian Mint
60 Denison Street
DEAKIN ACT 2600
- To assist us in responding to your complaint, please provide as much information as possible about the extent of interference with your privacy, including your affected personal information, dates of the interference and any other individuals involved.
- We aim to acknowledge receipt of queries and complaints within 14 days of their receipt. We then respond to queries, and investigate and respond to complaints, in a timely manner. We aim to respond to queries and complaints within 30 days of receipt, but it may take longer if the matter is complex.
- If you are not satisfied with our response to your query or complaint, you may make a complaint to the Office of the Australian Information Commissioner. Please refer to https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us for further information.
Changes to this Privacy Policy
- We may amend this policy from time to time. We ensure that the current version of this policy is available on our website. However, you may also obtain a copy of this policy by contacting our Privacy Officer (see paragraphs 39 to 42 above).
Controlled content information |
|
---|---|
Controlled by |
Privacy Section |
Date of effect |
22 April 2024 |
Approved by |
Chief Executive Officer |
Document no. |
D23/73637 |
CM container |
22/1732 |
Contact |
Privacy Officer |
Annexure A – Handling of personal information about the Mint’s employees and contractors
You should read this Annexure A if you are, or have been, an employee or contractor of the Mint.
What personal information do we collect?
In addition to personal information described in paragraphs 7 to 14 of this policy, we may collect the following personal information:
- employment applications, including any supporting documents;
- employee, referee and emergency contact details;
- selection committee reports;
- photographs;
- employment contracts, including any supporting documents related to terms and conditions of employment;
- proof of Australian citizenship;
- copies of qualifications, trade certificates and licences;
- records relating to salary, employment benefits and leave;
- medical certificates or any health-related information supplied by, or for, an employee;
- taxation information, such as tax declarations;
- bank details, as necessary to pay salaries and other wages;
- superannuation contributions;
- information about training and development; and
- information about performance.
Use of personal information
In addition to the uses of personal information described in paragraphs 19 to 24 of this policy, we may also use personal information to:
- manage your performance, pay and entitlements, and any non-compliance with employment or contractual obligations; and
- generally manage the operation of the Mint’s functions and activities.
Disclosure of personal information
In addition to the disclosures of personal information described in paragraphs 25 to 28 of this policy, we may also disclose personal information to:
- superannuation trustees or administrators;
- other Australian Commonwealth agencies in connection with Commonwealth public sector administration (including, but not limited to, the Australian Taxation Office, the Australian Public Service Commission including the Office of the Merit Protection Commissioner, the Commonwealth Ombudsman and Comcare) if applicable;
- contracted service providers who supply administrative, financial, medical, legal, investigators industrial or other services to the Mint (including employee assistance program providers, professional accounting firms, code of conduct investigators, recruitment agencies, legal advisors, medical practitioners and training providers);
- the Australian Government Security Vetting Agency (AGSVA), the Australian Criminal Intelligence Commissions (ACIC), the Australian Federal Police (AFP) or Australian state and territory policing agencies, in the case of security clearances and security investigates; and
- your emergency contacts, if we have serious concerns for your welfare or that of another person.
Annexure B – Handling of personal information for the Mint’s commercial activities
You should read this Annexure B if you are, or have been, a customer or external supplier of the Mint, or have otherwise engaged with, or intend to engage with, the Mint.
What personal information do we collect?
In addition to the information described in paragraphs 7 to 14 of this policy, we may collect the following personal information:
- your name;
- your address;
- your contact details including email address and telephone number;
- your financial or credit card information;
- copies of identity documents (e.g. driver’s licence, passport, birth certificates), or information from identity documents – for example, where this information is required for us to meet our obligations under the AML/CTF Act, or where it is otherwise required for security purposes; and
- records of gifts received that are over the allowable limit, including the details of recipients and presenters of the gifts.
Use of personal information
We may use your personal information to send you information about our services and initiatives, if you have given your express or implied consent to receiving such information, or if we are otherwise authorised by law to use your information.
In addition to the uses of personal described in paragraphs 19 to 24 of this policy, we may use personal information to:
- generally manage the performance of the Mint’s functions and activities; and
- process, evaluate or otherwise action correspondence from the public.
Disclosure of personal information
As discussed in paragraphs 25 to 28 of this policy, we may disclose your personal information to third parties for the purposes set out in paragraphs 19 to 24 of this policy. For example, we may disclose your personal information to our contracted services providers (e.g. website analytic tool providers, delivery organisations including international transport companies), other Commonwealth agencies, a Minister or the Parliament of Australia, or to another third party if this disclosure is permitted by the Privacy Act.
Download the Royal Australian Mint Privacy Policy (PDF 122kb).
Last Updated: 26 April 2024