Our collection is your collection, so sign up for our newsletter and never miss out! Receive the latest news and event information from Australia’s living archive.
2. Personal information handling practices
3. Use and disclosure of personal information
4. Data quality
5. Storage and data security
6. Records management
7. Email communication
11. How to contact the NFSA Privacy Contact Officer
Appendix 1 – Australian Privacy Principles — a summary for APP entities
The 13 APPs are summarised in Appendix A of this APP Policy and are available in full in Schedule 1 of the Privacy Act.
Some terms defined in legislation are identified using inverted commas (' ').
The NFSA collects personal information to perform its functions in the NFSA Act to:
- the preservation and maintenance of programs and related material that are not in the national collection; and
- the provision of access to programs and related material that are not in the national collection;
These functions are performed within the NFSA's powers to do all things necessary or convenient to be done for or in connection with the performance of the NFSA's functions, including but not limited to the powers to:
1.3 Personal information and sensitive information
The Privacy Act defines terms including 'personal information' and 'sensitive information'.
'Personal information' means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
'Sensitive information' includes:
1.4 Overview of this APP Policy
In compliance with APP 1, the NFSA takes steps as are reasonable in the circumstances to implement practices, procedures and systems that ensure compliance with the APPs and any relevant APP code, including for dealing with any related enquiries or complaints.
This APP Policy explains how the NFSA manages personal information, including:
2.1 The kinds of personal information the NFSA collects and holds
The NFSA may collect personal information from an individual, or from a third party. The NFSA uses forms, online systems and other electronic or paper correspondence, as well as telephone and face-to-face interactions, to collect personal information.
The NFSA collects and holds over 19 classes of personal information which may include;
2.2 About personal information the NFSA collects
The personal information collected in connection with the operations of the NFSA may be in relation to:
2.3 How the NFSA collects personal information
In collecting information within its functions and powers, the NFSA will not collect personal information (other than sensitive information) unless the information is reasonably necessary for, or directly related, to one or more of the NFSA's functions or powers. Any personal information that the NFSA collects will be relevant for the purpose to which it is collected. The NFSA will only collect personal information by lawful and fair means and will generally collect the information about an individual from the individual personally, unless the individual consents otherwise, or it is unreasonable or impractical to do so.
Unsolicited personal information will be collected if the NFSA determines that it could have otherwise collected the information, or de-identify or destroy the information if the NFSA could not have collected the information and it is not contained in a Commonwealth record.
Where it is reasonable in the circumstances, the NFSA will notify individuals about the collection of their information by reference to this APP Policy or will otherwise ensure that the individual is aware of relevant matters as required by the APPs.
2.4 How the NFSA holds personal information
2.5 Access to and correction of personal information
An individual may apply to access or correct their personal information by application to the Privacy Contact Officer.
Individuals have a right to access the personal information that the NFSA holds about that individual. The right of access is subject to the relevant exemptions in the FOI Act and any Act of the Commonwealth. The NFSA will respond to the individual's request within 30 days after the receipt of a request from the individual, to grant access or to give written reasons for any refusal to grant access to the information.
The NFSA will take reasonable steps to correct personal information that it holds to ensure that it is accurate, up-to-date, complete, relevant and not misleading.
Individuals can request information that the NFSA holds about them to be corrected. The NFSA will notify the individual of a decision within 30 days after the receipt of a request from the individual and will provide written reasons if the request to amend personal information is refused.
3.1 General use and disclosure
The NFSA holds personal information that is collected for a primary purpose and will not use or disclose it for another purpose, except where an individual provides consent or in compliance with APP6, including where:
3.2 Disclosure of personal information to overseas recipients (APP 8)
The NFSA is not likely to disclose information to overseas recipients.
APP 8 places obligations on the NFSA for disclosure of personal information to overseas entities, when the recipient is not in Australia or an external entity Territory, and is not the entity or the individual. Before any personal information is disclosed overseas, the NFSA will take reasonable steps to ensure that the overseas recipient does not breach the APPs (other than APP 1) in relation to the information.
3.3 Accidental or unauthorised disclosure of personal information
The NFSA protects personal information the NFSA holds and will take seriously and deal promptly with any accidental or unauthorised disclosure of personal information.
External service providers who handle personal information about the NFSA’s staff, users or other individuals are ordinarily bound contractually to comply with the Privacy Act and may themselves have statutory obligations as APP entities.
It is also ordinarily a requirement for staff, contractors and service providers to comply with the Privacy Act in fulfilment of their obligations under:
If employees disclose official information without authority they may face disciplinary sanctions including, in the most serious cases, termination of employment.
Collection systems aid in the automated correction of identified errors within Mediaflex dataset when required - identification and resolution method are determined by Collection Information Section. Additionally, Collection Information Section upgrades data as part of their regular work.
In terms of securing personal data collected via acquisition work processes, this is achieved by limiting access to the Mediaflex system to staff and endorsed researchers. This information is also withheld from the Mediaflex public interface (Search the Collection).
The NFSA takes reasonable steps to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure.
The NFSA manages its online services and IT systems in accordance with the Australian Government Protective Security Policy Framework and the Australian Government Information Security Manual.
Storage of information (and the disposal of information when no longer required) is managed in accordance with Australian Government records management regulations, guidelines and authorities, including the Archives Act, Records Authorities and General Disposal Authorities.
There are inherent risks associated with the transmission of information over the internet, including via email. Individuals should be aware of this when sending personal information to the NFSA via email. If this is of concern to any individual, they should use other methods of communication with the NFSA, such as post, fax, or phone. The NFSA does not endorse the sending of credit card details to the NFSA.
9.1 How to make a complaint
9.2 NFSA complaint-handling commitment
In accordance with APP 1, the NFSA will take reasonable steps in the circumstances to deal with enquiries or complaints about compliance with the APPs. The NFSA will send a considered response to a complaint or suggestion within 30 days if contact details are provided. The NFSA is committed to quick and fair resolution of any complaints and will ensure complaint sis taken seriously.
9.3 How to make a complaint to the Federal Privacy Commissioner
Any complaints about the NFSA's personal information handling practices can be made to the Privacy Contact Officer (above) or to the Office of the Australian Information Commissioner.
In accordance with APP1, an individual may contact the Privacy Contact Officer to:
The NFSA’s Privacy Contact Officer may be contacted by any of these contact points:
Privacy Contact Officer
(Principal Legal Counsel)
National Film and Sound Archive of Australia
Post: GPO Box 2002, Canberra ACT 2601
Email: privacy [at] nfsa.gov.au
Fax: 02 6248 2165 (+61 2 6248 2165 for callers outside Australia)
Telephone: 02 6248 2056 (+61 2 6248 2056 for callers outside Australia)
Dated 12 March 2014, from the Office of the Australian Information Commissioner.
APP 1 - Open and transparent management of personal information
APP 2 - Anonymity and pseudonymity
Requires APP entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply.
APP 3 - Collection of solicited personal information
Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of ‘sensitive’ information.
APP 4 - Dealing with unsolicited personal information
Outlines how APP entities must deal with unsolicited personal information.
APP 5 - Notification of the collection of personal information
Outlines when and in what circumstances an APP entity that collects personal information must notify an individual of certain matters.
APP 6 - Use or disclosure of personal information
Outlines the circumstances in which an APP entity may use or disclose personal information that it holds.
APP 7 - Direct marketing
An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met.
APP 8 - Cross-border disclosure of personal information
Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas.
APP 9 - Adoption, use or disclosure of government related identifiers
Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier, or use or disclose a government related identifier of an individual.
APP 10 - Quality of personal information
An APP entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure.
APP 11 - Security of personal information
An APP entity must take reasonable steps to protect personal information it holds from misuse, interference and loss, and from unauthorised access,modification or disclosure. An entity has obligations to destroy or de-identify personal information in certain circumstances.
APP 12 - Access to personal information
Outlines an APP entity’s obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies.
APP 13 - Correction of personal information
Outlines an APP entity’s obligations in relation to correcting the personal information it holds about individuals.
The purpose of this statement is to let users of this website know what information is collected about them when they visit this site, how this information is used and if it is disclosed.
This statement has been prepared in accordance with the Federal Privacy Commissioner’s Guidelines for Federal and ACT Government World Wide Websites.
1. Information collected
When you look at this website, the National Film and Sound Archive of Australia’s server makes a record of your visit and logs the following information for statistical purposes:
2. Access to information collected
The National Film and Sound Archive of Australia will not make an attempt to identify users or their browsing activities. However, in the unlikely event of an investigation, a law enforcement agency or other government agency may exercise its legal authority to inspect the National Film and Sound Archive of Australia’s or our Internet Service Provider’s logs.
3. Use of information collected
We will only record your e-mail address if you send us a message. Your e-mail address will only be used for the purpose for which you have provided it and it will not be added to a mailing list or used for any other purpose without your consent.
4. Transmission of information across the Internet
This site does not provide facilities for the secure transmission of information across the Internet. Users should be aware that there are inherent risks transmitting information across the Internet.
On occasion, the National Film and Sound Archive of Australia will use electronic forms on this site to gather personal information for purposes directly related to a function or activity of the National Film and Sound Archive of Australia. When we do so we will let you know the purpose for which the information is being collected (including if the information is to be published), and the legal authority for the collection if it is authorised or required by or under law.
We will also provide you with other options for providing the information (for example, a paper form and mailing address, or a telephone contact). For further information, please contact the National Film and Sound Archive of Australia.
5. Information collected
Some sites use 'cookies’ to track a particular user’s access to a site. Cookies are not used on this site to gather personal information about users except when they are used within a specific web-based application for session management purposes (for example, while using the search function within the National Collection of Screen and Sound database).
6. Publishing Information
We will only publish personal information on this site if it has been collected for this purpose with your knowledge or if you have consented to the disclosure.
When giving such consent you should be aware that information published on this site is accessible to millions of users from all over the world, that it will be indexed by search engines and that it may be copied and used by any web user. This means that, once the information is published on this site, we will have no control over its subsequent use and disclosure.
7. Digital Learning website
The NFSA’s privacy information for Digital Learning websites is located on our Legal notices page.