Royal Australian Mint Privacy Policy

Overview

This Privacy Statement sets out how the Royal Australian Mint (the Mint) complies with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (the Privacy Act).

In performing our functions, we may collect, hold, use or disclose your personal information. This policy contains information about how we collect, use, disclose and store personal information, including sensitive information, and how individuals may access and correct personal information that we may hold.

We take privacy seriously and will only collect, use and disclose your personal information in accordance with the Privacy Act and other applicable laws.

The Privacy Act applies to information about individuals, not to information about entities such as businesses, firms or trusts. If we do not receive personal information about you, the Privacy Act will not apply. Detailed information on the Privacy Act can be found on the website of the Office of the Australian Information Commissioner.

Who should read this Privacy Policy?

You should read this policy if you are:

  • An individual whose personal information may be given to or held by us
  • A contractor, consultant, supplier or vendor of goods or services to us or someone who has tendered to provide goods or services to us
  • A person seeking employment with us
  • A person who is or was employed by the Mint
  • A person who has sent correspondence to us
  • A person who has made enquiries or complaints to us
  • A person who has made Freedom of Information (FOI) requests or Special Access requests to us.

Guidance on the Mint’s Information Handling Practices

What is Personal Information?

“Personal information’ is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not (section 6 of the Privacy Act). 

What kinds of personal information does the Mint collect and hold?

We collect and hold a broad range of personal information in records relating to:

  • Employment services and human resource management
  • The performance of retail, commercial, legislative and administrative functions
  • Public and product awareness, including when people ask to be on an email or mailing list so that we can send them information about our products, activities and publications
  • The management of contracts arrangements
  • Correspondence from members of the public
  • Complaints (including privacy complaints) made
  • The provision of legal advice by internal and external lawyers

In performing our functions, we may collect and hold the following kinds of personal information, which will vary depending on the context of the collection:

  • Your name, address and contact details (phone and facsimile numbers and e-mail address)
  • Photographs, video recordings and audio recordings of you 
  • Information about your personal circumstances (for example, marital status, age, gender, occupation, accommodation and relevant information about your partner or children);
  • Financial information such as your bank account or credit card information (where we receive or make payments to you)
  • Information about your identity (for example, date of birth, country of birth, passport details, visa details, driver licence, birth certificate);
  • Information about your background (for example, educational qualifications, the languages you speak);
  • Information about your work history (for example, work history, referee comments, remuneration); and
  • Government identifiers (for example, Tax File Numbers).

The Appendix provides detailed information about the types of personal information that we hold and our information handling practices.

How we collect personal information

We collect personal information through a variety of different methods including:

  • Paper-based forms
  • Electronic forms (including online forms)
  • Face to face meetings
  • The exchange of business cards
  • Telephone communications
  • E-mail communications
  • Communications by letter
  • Communications by fax
  • Mint websites
  • Mint social media websites and accounts
  • Public Wi-Fi

It is usual practice for us or an organisation acting on behalf of us (for example, a contracted service provider) to collect personal information directly from you or someone that you have authorised to provide information to us. 

Under the Privacy Act, we are required to take contractual measures to ensure contracted service providers (including sub-contractors) comply with the same privacy requirements applicable to us.

Personal information about you may also be collected via other Commonwealth agencies, State or Territory government bodies, or other organisations. Sometimes we may collect personal information about you from a third party or a publicly available source, but only if you have consented to such collection or would reasonably expect us to collect your personal information in this way.

From time to time, personal information is provided to us without being requested by us. When we receive such information, we will handle it in accordance with our obligations under the Privacy Act.

What is sensitive information?

'Sensitive information' is defined in section 6 of the Privacy Act as:

  1. information or an opinion about an individual's:
    1. racial or ethnic origin
    2. political opinions
    3. membership of a political association
    4. religious beliefs or affiliations
    5. philosophical beliefs
    6. membership of a professional or trade association
    7. membership of a trade union
    8. sexual orientation or practices
    9. criminal record

that is also personal information

  1. health information about an individual
  2. genetic information about an individual that is not otherwise health information
  3. biometric information that is to be used for the purpose of automated biometric verification or biometric identification
  4. biometric templates.

What kinds of sensitive information do we collect?

On occasion, we may collect sensitive information about you including information about:

  • your health (including information about your medical history and any disability or injury you may have)
  • any criminal record you may have
  • your membership of a professional or trade association
  • your racial or ethnic origin.

Why we collect sensitive information?

We may collect sensitive information about you if:

  • you have consented and the information is reasonably necessary for, or directly related to, one of our functions or activities
  • the collection is required or authorised by law.

Data quality

We hold personal and sensitive information in paper-based files, electronic records, e-mails and databases.

We will take reasonable steps to maintain and update personal information in our possession or control, or when we are advised by individuals that their personal information has changed.

Data security

We will take all reasonable steps to ensure that all personal information in our possession or control is protected against loss, unauthorised access, misuse, disclosure or modification.

Access to personal information held is restricted to authorised persons who are our employees or contractors to us. 

Electronic and paper records containing personal information are protected in accordance with the Australian Government security policies; for example, we use password protection for electronic files, secure paper files in locked cabinets and compactuses and may use other physical access restrictions (for example, for personnel files). 

Storage of personal information (and the disposal of information when no longer required) is managed in accordance with the Australian Government records management regime, including the Archives Act 1983 (Archives Act), Records Authorities and General Disposal Authorities. 

Accidental or unauthorised disclosure of personal information

We will take seriously any accidental or unauthorised disclosure of personal information. Complaints will be handled in accordance with the Mint's complaints process (please refer below). 

If a breach of the Australian Privacy Principle(s) has been identified, we will advise you of our findings and proposed follow up action which may include, for example, an apology, targeted staff training, revised security or storage arrangements, or amendment of forms to prevent similar situations arising. 

If you are not satisfied with our response, you have the option of making a complaint to the Privacy Commissioner (see below).

Purposes for which personal information is collected, held, used and disclosed

We only collect personal information for purposes which are directly related to our functions or activities, and only when it is necessary for or directly related to such purposes. 

These functions and activities include:

  • Performing recruitment, employment and human resource management functions in relation to individuals seeking employment with the Mint, Mint staff and contractors
  • Performing retail, commercial, legislative and administrative functions
  • Complaints handling
  • Program management
  • Contract management
  • Responding to enquiries and correspondence from members of the public
  • Responding to requests under the FOI Act and the Archives Act.

We will not ask you for personal information we do not need.

We will use and disclose personal information for the primary purposes for which it is collected (for example, to respond to a sales order being placed, assistance sought, application or enquiry or to make referrals which the individual, applicant and or enquirer has consented to or is reasonably likely to expect us to make).  We will take reasonable steps to provide you with information about the primary purpose of collection at the time the information is collected or as soon as practicable after collection.   

Sometimes we will pass on personal information to other staff, government departments, or organisations. We will only do so if the purpose of the disclosure is related to the purpose for which the information was collected. We may also pass on personal information where it is required by law. Where possible, we will notify you at the time we collect the information, or shortly after, if we are likely to pass the information on to another body and, if relevant, the bodies to which the information is likely to be given.

We will only use your personal information for secondary purposes where it is able to do so under the Privacy Act. 

Disclosure of personal information overseas

We will not usually disclose personal information to overseas recipients. Where it is necessary for us to disclose personal information to overseas recipients, we will only do so where at least one of the exceptions under APP 8 apply.

Accessing your personal information

How to seek access to and correction of personal information

You have a right under the Privacy Act to access personal information we hold about you. 

You also have a right under the Privacy Act to request corrections to any personal information that we hold about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. 

If you wish to:

  • Query how your personal information is collected, held, used or disclosed
  • Ask questions about this Privacy Policy
  • Obtain access to or seek correction of your personal information

please contact the Mint using the following contact details:

By email:

privacy@ramint.gov.au

By Post:

Privacy Officer
Royal Australian Mint
60 Denison Street
DEAKIN  ACT  2600

The Mint will respond to the request within 30 days and will request the provision of proof of identity which will need to be one of the following:

  • Name
  • Customer account number
  • Address
  • Phone number

Should proof of identity not be provided, the Mint will give written notification that the request cannot be met. Complaints can be addressed as below.

Should the request be regarding sensitive information, further details may be required and will be addressed on a case by case basis.

Complaints

How to make a complaint

  • If you are concerned about our handling of your personal information, you may wish to raise your concern directly with the area of the Department involved. This may allow for an informal and direct resolution of your complaint.

If you are not satisfied with this outcome, or prefer to make your complaint directly to the Mint's Privacy Officer, you may send your complaint in writing to either of the following:

By email:

privacy@ramint.gov.au

By Post:

Privacy Officer
Royal Australian Mint
60 Denison Street
DEAKIN  ACT  2600

To assist us to consider your complaint, please provide as much information as possible in describing how you think your privacy has been interfered with, including:

  • What happened
  • When it happened (including dates)
  • What personal information of yours was affected
  • Who did it (include individual names if known)
  • How and when you found out about it.

If you wish, you may interact with us anonymously or via a pseudonym. However, please note that if you do wish to make a complaint or for us to otherwise investigate a breach of the Australian Privacy Principles, it may assist us if you provide your personal details. We will treat any details you give us in confidence and in accordance with our obligations under the Privacy Act and any other applicable legislation.

We are committed to the timely and fair resolution of complaints. Your complaint will be investigated and you will be advised of the outcome.

How to make a complaint to the Federal Privacy Commissioner

You have the option of contacting the Federal Privacy Commissioner if you wish to make a privacy complaint against us.

Telephone:

1300 363 992

Email:

enquiries@oaic.gov.au

Post:

The Privacy Commissioner
Office of the Australian Information Commissioner
GPO Box 5218
Sydney  NSW 2000

If you make a complaint directly to the Privacy Commissioner rather than to us, the Privacy Commissioner may recommend you try and resolve the complaint directly with us in the first instance.

Availability of this Policy

If you wish to access this Policy in an alternative format (for example, hard copy) please contact the Mint using the following contact details.

By email:

privacy@ramint.gov.au

By Post:

Privacy Officer
Royal Australian Mint
60 Denison Street
DEAKIN  ACT  2600

This Policy will be made available free of charge.

Privacy Policy Updates

This Privacy Policy will be reviewed and updated as required. Notifications about policy updates will be published on the Mint’s websites and communicated to databases where appropriate.

 

Appendix A - How we handle specific types of files that contain personal information

Personnel files

The purpose of personnel records is to maintain information for recruitment, human resource management and employment related purposes. Files may contain personal or sensitive information including:

  • Application(s) for employment including an individual's résumé(s), statement(s) addressing the criteria and referee reports
  • Written tasks undertaken by an individual during a selection process
  • Notes from the selection committee during the selection process
  • An individual's employment contract and other records relating to their terms and conditions of employment
  • Details of financial and other personal interests supplied by some individuals and their immediate family members for the purpose of managing perceived or potential conflicts of interest
  • Proof of Australian citizenship
  • Certified copies of academic qualifications
  • Records relating to an individual's salary, benefits and leave
  • Medical certificates or health related information supplied by an individual or their medical practitioner
  • Contact details
  • Financial information (for example, bank account information)
  • taxation details (including a Tax File Number)
  • details of superannuation contributions
  • information relating to an individual's training and development.

The Mint generally collects this information directly from the individual but may also collect personal information from others such as recruitment agents, personnel providers and managers/supervisors. The Mint may also collect personal information about employees and applicants from third parties where the individual has consented to such collection or would reasonably expect the Mint to collect the personal information in this way (for example, referee reports).

Personal information in personnel files is only used for the purpose of maintaining current employee data and information for business and employment related purposes.

The Mint does not give personal information held in these files to other agencies, organisations or anyone else without consent unless the individual would reasonably expect, or has been told, that information of that kind is usually passed to those agencies, organisations or individuals, or the disclosure is otherwise required or authorised by law.

The Mint may use personal information on these files for reporting purposes and may publish information on a de-identified basis in the Annual Report or disclose information on a de-identified basis to other bodies such as the Australian Public Service Commission. 

The Mint will maintain and update personal information on these files as reasonably necessary, or when we are advised by individuals that their personal information has changed.

The Mint will take all reasonable steps to ensure that the information on these files that is in its possession or control is protected against loss, unauthorised access, misuse, disclosure or modification and that only authorised employees have access to such material.

The following agency staff have access to information contained on these files:

  • Officers in the Human Resources Section
  • Officers in the organisation with responsibilities for managing staff on a 'need to know' basis.

The information contained in these files is not disclosed to overseas recipients except where reasonably necessary, for example, for the purposes of making travel arrangements overseas. In such circumstances, the Mint will take reasonable efforts to seek your consent prior to making the disclosure.

Freedom of Information files

The Royal Australian Mint is subject to the Freedom of Information Act 1982 with the exception of its commercial activities. For more details please visit the Freedom of Information page.

Records of gifts received

The purpose of these records is to maintain a register of gifts received which are over the allowable limit.

Personal information contained in these files may include: names of the recipient of the gift(s) and presenter of the gift(s).

The following Mint staff have access to this personal information: officers in the Finance Branch and senior staff in the Mint on a 'need to know' basis. The information is not disclosed to overseas recipients.

Customer and dealer information

The purpose of these records is to help us to assist you with your order and to support your relationship with the Mint allowing us to tailor our customer service to suit your particular needs.

Personal information recorded may include name, address, telephone number, facsimile numbers and e-mail addresses. Paper-based order forms are held for Commonwealth records and may include credit card information.

Mint staff responsible for taking orders, maintaining database and organising logistics may have access to this information.

At times, we outsource some of our internal functions and activities to other companies. In the course of doing this, we may disclose your personal information, such as name and address details, to enable the service provider to undertake that particular function (such as a mailing house mailing our brochures to your address).

Mailing/email subscription lists of the Mint

The purpose of these records is to distribute information to subscribers. The content of the material distributed will vary depending on the particular subscription list to which the individual or organisation has subscribed, for example, new products and public events.

Personal information recorded may include: name, addresses, telephone number, facsimile numbers and e-mail addresses of a subscriber. Product history and correspondence may also be recorded.

Mint staff that have responsibility for maintaining the particular mailing lists may have access to the personal information.

The personal information contained in these records is for the Mint's use only and is not disclosed to other parties without prior consent.

To unsubscribe from these mailing lists, please click on the Unsubscribe button on the email or contact the relevant area of the Mint.

Documents relating to applications for contracts and consultancies

The purpose of these records is to provide information about contractors and consultants who have submitted a response to the Mint tender.

Personal information contained in these files may include: name, position, contact information (address, telephone and facsimile numbers and e-mail address), curricula vitae of individuals seeking to provide services to Mint.

The following staff have access to this personal information: Mint staff involved in evaluating the particular tender and staff in the Finance Branch.

For information about how to access or correct personal information in administrative files please refer to the 'Accessing Your Personal Information' section of this policy.

Financial management records

The purpose of these records is to comply with legislative requirements in respect of the recording of transactions and to assist management in its planning and accountability responsibilities.

Personal information contained in these files may include: creditor's or debtor's name, address, contact information, bank account details and transaction history.

The following Mint staff have access to this information on a 'need-to-know' basis: officers in the Finance Branch. Professional accounting firms may, from time to time, be contracted to undertake financial services for the Mint and may have access to this information where it is relevant to the work they are undertaking. All Mint officers who are involved in processing and approving financial transactions on behalf of Mint may have security controlled access to relevant information on the financial management information system.

Some of this information is disclosed as required to the Department of Finance, the Australian National Audit Office, the Australian Government Solicitor and Treasury's internal auditors.

For information about how to access or correct personal information in administrative files please refer to the 'Accessing Your Personal Information' section of this policy.

Correspondence to the Small Business Minister, Treasurer and other ministers in the portfolio

The purpose of these records is to maintain a register of correspondence addressed to the Small Business Minister, Treasurer and other Portfolio Ministers. Correspondence may be received from private citizens, Ministers, Parliamentarians, Government Departments and private organisations.

Personal information provided may include: name, contact information (address, telephone number, e-mail address) and any other personal information volunteered by the correspondent. Some correspondence may contain sensitive information including: statements about religious beliefs, racial origin and relationship details.

Upon receipt, the correspondence is scanned into the Mint's records management system and basic details of the correspondence (such as author, address, date and indicative subject matter) are recorded so that action on each item can be monitored.  

The following Mint staff have access to this information: staff in the ministerial offices of the Small Business Minister, Treasurer and other Portfolio Ministers and Mint staff who need to have access to the correspondence for the purposes of actioning the correspondence. In addition, access is given to the staff of other agencies when the correspondence is referred to other Ministers whose portfolio responsibilities cover the matters raised.

For information about how to access or correct personal information in administrative files please refer to the 'Accessing Your Personal Information' section of this policy.

Correspondence to the Mint

The purpose of these records is to process correspondence received by the Mint (including inquiries, taskforces and the like for whose records the Mint has responsibility).

Content may include: name, address, date of birth, occupation, gender, marital status, names and status of partners or relatives and other information volunteered by the correspondent.

Sensitive content volunteered may include: physical or mental health, disabilities, racial or ethnic origin, criminal convictions, criminal intelligence, religious affiliations, tax file numbers and other information volunteered by the correspondent. 

The following Mint staff have access to this information: staff that are processing, evaluating or preparing responses to the correspondence.

Personal information contained in these records may be disclosed to the Small Business Minister, Treasurer's Office, the offices of other Ministers in the Treasury portfolio and Mint staff on a 'need to know' basis. Personal information contained in these records may be disclosed to other Departments if they are involved in processing, evaluation or the preparation of the response to the correspondence.

Public Wi-Fi

The public Wi-Fi may collect  and store mobile device information such as MAC addresses and IPs, but will not collect personal information unless it is provided to us. The Mint may also collect and store information regarding the addresses of websites visited while connected to the Mint’s public Wi-Fi. We will also use locations services via the public Wi-Fi. This will track device movements while at the Mint, however we do not link this to individuals.  The information obtained is used to identify generic behavioural patterns used to improve our services.

For security reasons, we also utilise monitoring software to log and/or record use of the public Wi-Fi service, including communications passing over the system before they are made available to the intended recipients. 

We will generally not capture any personal information communicated over the Wi-Fi service without your consent or disclose any personal information to any external persons or entities.  However, we reserve the right to notify and cooperate with the appropriate authorities in the event of suspected instances of unlawful behaviour or misuse of the Wi-Fi service.

The collection, holding, use and disclosure of your personal information by Skyfii is governed by the Skyfii Privacy Policy, which is available at http://www.skyfii.com/privacy-policy.

Appendix B - Website information

It is our usual practice to collect information about all visitors to our online resources. That information is very limited and only used to identify generic behavioural patterns. Sometimes we use third party platforms to deliver information. These are sites hosted and managed by organisations other than ourselves. Before deciding if you want to contribute to any third party site you should read their privacy policy.

There are several methods and packages that we use to collect visitor behaviours on each of our online platforms. We use Google Analytics on our websites. Information and data collected through Google Analytics is stored by Google on servers in the United States of America, Belgium and Finland. You can opt out of the collection of information via Google Analytics by downloading the Google Analytics Opt-out browser add on.

When you visit any of our online resources, our metric tools may collect the following information about your visit for statistical purposes:

  • Server address
  • Top level domain name (for example .com, .gov, .au, .uk etc.)
  • The date and time of your visit to the site
  • The pages you accessed and documents downloaded during your visit
  • The previous site you visited
  • If you've visited our site before
  • The type of browser used.

We record this data to maintain our server and improve our services. We do not use this information to personally identify anyone.

The Mint website contains links to other websites. The Mint is not responsible for the content and privacy practices of other websites and encourages you to examine each website's privacy practices and make your own decisions regarding the reliability of material and information found. 

Collection

Forms

Sometimes, the Mint collects personal information that individuals choose to give the Mint via online forms or by e-mail, for example when individuals use forms on the site to:

  • Provide information
  • Register interest
  • Purchase products.

The information you provide is not retained on the public web server and will not be used for purposes other than that for which it was provided.

The Mint will only record your e-mail address if you send the Mint a message. It will only be used for the purpose for which it was provided and will not be added to a mailing list unless that is the purpose of your message. 

http logs

When individuals only browse the website, the Mint does not collect their personal information. 

When an individual looks at Mint's website, the Mint collects clickstream data in its http logs. These logs are used internally to provide better customer service to you, to develop the site and allow the Mint to report on site activity. They are not used for any other purpose. When you visit the Mint's websites, the Mint makes a record of the individual's visit and logs (in server logs) the following information for statistical purposes:

  • The individual's server address
  • The individual's top level domain name (for example .com, .gov, .org, .au, etc)
  • The date and time of visit to the site
  • The pages the individual accessed and documents downloaded.

We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's server logs.

Cookies

'Cookies' are small amounts of information that are created and stored on the user's system, and used by the Web host server for a variety of possible purposes. The Mint website uses cookies and measurement software and tools on this website and we allow third parties such as our analytics, advertising or ad serving partners to do so. We use and disclose the information collected through the use of cookies and measurement software and tools in accordance with this Privacy Act. This includes using the information to report statistics, analyse trends, administer our services, diagnose problems, target and improve the quality of our products and services, advertising and to serve more relevant advertisements (referred to as “Retargeting”).

We may combine information collected through the cookies on this website with information collected by third parties using their own cookie, to provide better or more relevant services and advertising to you on this website. Our service providers and other third parties may do the same in order to provide more relevant services and advertising to you through other websites that you may visit. We make use of third-party site cookies such as Meta and Google. The data collected is anonymised and cannot be associated with or used to identify you as an individual. However we do not control the setting of third-party cookies and suggest you check the third-party websites for more information about their cookies and how to manage them.

You will need to set your browser to accept 'cookies' in order to undertake searches and display results within the Mint's Databases. If your browser supports such an option, you may also use the setting to 'warn before accepting cookies' or 'prompt'. Our databases will function normally in either 'accept' or 'prompt' modes. 

If you do not wish to have information collected through the use of cookies, or measurement and software tools, you can delete or reject cookies through your browser setting or the settings section of your mobile or tablet device.  The core functionality of the Mint’s website platforms will be largely unaffected if you disable cookies in your browser, but you may be unable to access some advanced functions.

Personal information collected online through the Mint eShop

The Mint wants to ensure that you can purchase online with complete confidence. The Mint's online purchasing process uses eWAY's Secure Online Payments Service and PayPal. eWAY is a certified Level 1 PCI DSS compliant gateway. More information on eWAY can be found here and for PayPal, here.

Any personal information you provide when ordering from the Mint eShop will be used to process your request or order. To enhance your online ordering and shopping experience, and to provide a more personalised service to you, we will ask you if we can use your personal information to contact you about upcoming products and items of interest. You will have the ability to choose whether or not you would like to receive this information from the Mint. You can unsubscribe from this service at any time.

From time to time, we may use parts of the data you and other users provide us with to better understand how our services are used and to provide information for future improvements. The data used to do these reviews does not include any direct personal information that identifies you as our customer.

Generally we will not use your personal details for any other purpose, and will not disclose it to anyone else for a purpose other than that for which you have given it to us. Sometimes we may use or disclose this information in other circumstances permitted under the Privacy Act and the APPs.

Only emailing you if you have opted-in to receive our emails

The Mint employs a 100% permission-based email program. Each edition of our newsletter contains a clearly marked unsubscribe link so you may request to be permanently removed from future mailings.

Making it easy for you to opt-out/unsubscribe from emails

Each email sent from the Mint using the email marketing solution ClickDimensions provides a clear unsubscribe link which will immediately remove you from any or all of our mailings as you specify.

Download the Royal Australian Mint Privacy Policy (PDF 122kb). 

Last Updated: 24 October 2022