
Privacy Policy
Australian Nuclear Science and Technology Organisation (ANSTO) is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles.
Personal information is information from which an individual's identity is apparent or can be reasonably ascertained.
ANSTO expects that all employees, officers and contractors will comply with the Privacy Act, the Australian Privacy Principles, this policy, and ANSTO procedures concerning the protection of personal information.
This policy provides detail on our practices with regards to the collection and processing of relevant personal information that may result from an individual engaging with ANSTO. In particular, it explains:
- why and how we collect your personal information;
- the kinds of personal information we collect;
- how your personal information is used;
- when and with whom we share your personal information;
- how we keep your personal information secure;
- how you can access and seek to correct your personal information; and
- how to make a complaint about ANSTO’s privacy practices.
This Privacy Policy applies to ANSTO and its related entities and subsidiaries.
In this page, personal information and sensitive information have the meanings given to them in the Privacy Act 1988 (legislation.gov.au)
Relevant information on privacy and the Australian Privacy Principles is available on the Office of the Australian Information Commissioner’s website: www.oaic.gov.au.
Why is it important?
Safe, Secure and Sustainable is one of the core values maintained by the Australian Nuclear Science and Technology Organisation (ANSTO). ANSTO is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles and the Australian Government Agencies Privacy Code.
Personal information is information from which an individual's identity is apparent or can be reasonably ascertained. This policy provides detail on our practices with regards to the collection and processing of relevant personal information that may result from an individual engaging with ANSTO. In particular, it explains:
- why and how we collect your personal information.
- the kinds of personal information we collect and how your personal information is used;
- when and with whom we share your personal information;
- how we keep your personal information secure;
- how you can access and seek to correct your personal information; and
- how to make a complaint about ANSTO’s privacy practices.
Interpretation / References
In this document, personal information and sensitive information have the meanings given to them in the Privacy Act 1988 . Relevant information on privacy and the Australian Privacy Principles is available on the Office of the Australian Information Commissioner’s website: www.oaic.gov.au
This policy is available to the public through ANSTO’s website: www.ansto.gov.au.
Why do we collect personal information?
We collect personal information to perform our functions and activities as set out in the Australian Nuclear Science and Technology Organisation Act 1987 and the Public Governance, Performance and Accountability Act 2013. These functions and activities include:
- to undertake research and development in relation to nuclear science and nuclear technology;
- produce and use radioisotopes, isotopic techniques and nuclear radiation for medicine, science, industry, commerce and agriculture;
- provide advice to government and undertake international liaison in nuclear-related matters;
- make available (including on a commercial basis where appropriate) facilities, equipment and expertise for research in nuclear science and technology; and
- administrative functions including financial, employee/contractor, and work health and safety management.
- we may disclose your information to third party providers in order to administer functions, however we will only do so in accordance with privacy laws and the relevant collection notice.
More information on what ANSTO does is available on our website.
More information on what ANSTO does is available on our website.
How do we collect personal information?
In general, we collect your personal information directly from you when you deal with us by telephone, letter, email, face to face contact or through our website(s) where it is reasonably necessary for, or directly related to, our functions or activities.
At times we may need to collect sensitive information about you, for example, to conduct a security assessment. The Privacy Act provides additional safeguards for the collection and use of sensitive information. Sensitive information is defined in the Privacy Act to include information about a person’s health, racial or ethnic origin, political opinions, association memberships, religious beliefs, sexual orientation, criminal history, genetic or biometric information.
Collecting through our website
Our websites have an online enquiry/feedback function which enables you to send comments or enquires via email.
By sending such emails, you will be providing us with certain personal information, and we may not be able to deal with your request or query without this information.
Analytic, session and cookie tools
When you visit our main ANSTO website an internal system using analytic, session and cookie tools makes a record of your visit and logs your full IP address, the date and time of your visit to the website and the pages visited. These tools are provided by third parties including Google Analytics and Oracle who have their own privacy policies.
We use these tools to improve your experience when accessing our website and statistics are generated at the top-level domain only. In relation to Google Analytics you can opt out of the collection of this information using the Google Analytics Opt-out Browser Add-on.
ANSTO will not attempt to identify you unless in response to an investigation when a law enforcement agency exercises a warrant
Social Networking Services
We use social networking services such as Facebook, LinkedIn, X (formerly Twitter), Instagram and YouTube to communicate with members of the public about what we do. When you communicate with us using these services, we may collect your personal information to help us respond to your request/message. Each social networking service will also handle your personal information for its own purposes and each site has its own privacy policy.
Email lists
We collect your email address and, if you provide it, other contact details when you subscribe to our email lists. We use this information to send you regular updates on our activities and to administer the lists. You can unsubscribe to our email list via the ANSTO website or by using the unsubscribe option on the email.
Visiting ANSTO sites
ANSTO will collect personal information from anyone visiting ANSTO’s sites. This information is shared with ANSTO’s security team, Discovery Centre and the Australian Federal Police (AFP) and is held by our security team as a record.
Personal information we collect from other sources
Sometimes we collect your personal information from third parties, such as other Australian government agencies or health related entities. This information is securely retained by ANSTO on a confidential basis and is only used or disclosed, if required or authorised by law.
We may collect personal information from other sources with your consent, or if it is impracticable or unreasonable to obtain the information directly from you.
If we do collect your personal information from another source, we will take reasonable steps to ensure that you are notified:
- that we collected your personal information from another source;
- what we will do with the information;
- of any other person or body to whom we may share or disclose the information.
What kind of personal information do we collect and hold?
The types of personal information we collect and hold will depend on the function or activity being undertaken. Examples of personal information that we collect and hold include:
- Visitor records including name, parent contact information (in the case of minors), driver’s licence and passport details
- Customer records including name, position, work address, email and telephone details
- Complaint records
- Staff records
- Work, Health & Safety records
- Rehabilitation files
- Legal and Freedom of Information files
- Ministerial records
- Security files
Examples of sensitive information we collect and hold include:
- health information, including medical, of our staff.
- health information, including initials, date of birth and gender
- information contained in personnel records including information about a staff member’s physical and mental health, racial or ethnic origin and criminal convictions.
- vaccination information from staff, contractors, and visitors.
Can you deal with us anonymously or using a pseudonym?
To provide you with access to our facilities or a service, or to deal with your employment application, we will need to collect your name, contact details and other personal information.
In other circumstances, you may choose to remain anonymous or adopt a pseudonym when dealing with us. For example, you may choose to use a pseudonym to make an enquiry or provide feedback about ANSTO. However, the extent to which we may be able to respond or assist may be limited where you are anonymous or using a pseudonym.
How we deal with unsolicited information
If we receive personal information from you that we did not request (unsolicited personal information), we will determine whether or not the information is related to one or more of ANSTO’s functions or activities. If the information is not relevant to what we do, we may destroy or de-identify the personal information if it is lawful and reasonable to do so.
How do we use and disclose your personal information?
In general, we will use and disclose your personal information for the particular purpose for which it was collected. This may include disclosure to other parties / agencies like the Australian Federal Police.
Sometimes we may use and disclose your personal information for purposes that are related to the primary purpose for collection such as statistical reporting or conducting customer surveys.
We may also use your personal information for a purpose related to the purpose of collection, where you would reasonably expect that your information would be used for this other purpose. For example, if you are an ANSTO customer we may use your email address to keep you informed of any changes to goods or services that you receive.
When we collect personal information from you for certain specific activities, where required, we will use a collection notice that specifically deals with that collection.
We may also use or disclose your personal information for another purpose permitted by the Privacy Act and the Australian Privacy Principles, including where:
- you provide consent;
- we are required or authorised by or under an Australian law or a court or tribunal order;
- a permitted general situation exists as defined by the Privacy Act;
- we reasonably believe that the use or disclosure is reasonably necessary for regulatory or enforcement related activities conducted by, or on behalf of, a regulatory enforcement body.
We will not use or disclose your sensitive information for a secondary purpose unless you would reasonably expect it to be used for this purpose and the secondary purpose is directly related to the purpose for which it was collect or with your consent.
Do we use your personal information for marketing purposes?
Ordinarily, we do not use your personal information for marketing purposes. However, in some circumstances, we may use your personal information for the purposes of direct marketing. Where information is used for marketing purposes we will only do so with your consent and collection will be in compliance with the Privacy Act.We will always provide a simple means by which you can unsubscribe from direct marketing materials
Do we send your personal information overseas?
It may be necessary for us to send personal information overseas, however when we do so we will comply with Australian privacy law.
How do we manage personal information of potential, current and former staff?
When you apply for a position with us, or if you are a former or current staff member of ANSTO, we will need to collect and deal with your personal information.
When you submit an employment application, we collect personal information included in your application and curriculum vitae (resume) such as your contact details, employment history and citizenship or immigration status. If it is relevant to the position, we may also collect sensitive information such as information about your health or details of your racial or ethnic background, with your consent.
When we process your application, we may need to collect and disclose your personal information to third parties where it is not reasonable or practicable for us to collect the information directly from you. For example, we will contact your referees to discuss your academic and employment history and suitability for the position. If you are transferring from another Commonwealth agency, your personal information held by that agency may also be disclosed to ANSTO.
If you are selected as the successful applicant, we will collect personal information from you as part of the ANSTO on boarding process, for example, we may collect sensitive information about your health and any criminal record to assess your suitability to maintain a valid security clearance.
We may also use your personal information to evaluate the performance, quality, maintenance and improvement of ANSTO’s workplace practices and initiatives such as workplace equity, diversity and inclusion.
As part of your employment, we will maintain the following files:
Staff file
Information maintained as part of your staff file includes:
- name, date of birth, phone numbers, email addresses, address, citizenship, immigration status, academic qualifications, credentials, references, photographs, professional memberships and employment history;
- recruitment, contracts and conditions of employment records;
- payroll and administrative information of ANSTO staff;
- attendance records;
- medical certificates and statutory declarations;
- performance appraisals and records relating to personal development and training;
- records of complaints and grievances;
- counselling and disciplinary matters, including investigations, findings and sanctions
- police clearance reports (such as working with children);
- recommendations for honours and awards;
- marital status, dependents and next of kin details; and
- declarations of interests.
Sensitive information on your staff file will be shared with others on a needs to know basis and in accordance with the Privacy Act.
If you are a current or former staff member of ANSTO and wish to obtain your personal information, there are existing processes in place to facilitate access without the need to make a Privacy Act or Freedom of Information Act 1982 (FOI Act) request. Please contact the People, Performance & Capability Division of ANSTO on 9717 3111 before submitting a formal request for information under the Privacy Act or the FOI Act.
Personal Security File
Information maintained as part of your Personal Security file includes:
- Criminal record checks and any security assessments;
Personal Security files are stored securely in the ANSTO Nuclear Security and Nuclear Safeguards Division. This information will be shared with others on a need-to-know basis and in accordance with the permitted purposes under the Privacy Act.
Medical file
Information maintained as part of this file includes:
- vaccination records
- health monitoring records
- health assessment
- details of any accidents and injuries and compensation and rehabilitation files
These medical files are stored securely and separately to your staff files and access is restricted to ANSTO on-site nurses and contracted medical practitioners. This information will be shared with others on an as needs to know basis and in accordance with the permitted purposes under the Privacy Act.
Dose Records
For any person (including employees, contractors or visitors), working regularly or infrequently radiation classified areas, ANSTO collects, stores and maintains individual radiation dose records to detect any instances of the person exceeding the occupational dose limit. These records are stored electronically on a secure database. Before 1993, these records were stored in hard copy files marked ‘Sensitive- Personal’.
Public Health Measures
To manage the work health and safety risks related to public health risks such as COVID 19, ANSTO has a number of control measures designed to protect the health and safety of its workers and the community as well as to protect its business continuity. These control measures are risk informed and may change from time to time. They may include a requirement for employees, contractors, and visitors to ANSTO campuses to provide information and documentation regarding infection status, isolation/quarantine requirements, vaccination status (and any medical contraindications or exemptions under any public health order/direction) and travel movements. This information will be collected with consent and will be treated confidentially and will only be accessible to staff involved in the management of the public health risks. This information may also be provided to third parties as authorised or required by law such as public health units (in Australia) and work health & safety regulators.
How we hold and keep your personal information secure?
Personal information held by ANSTO is stored on electronic media and also in paper files. ANSTO manages, stores and disposes of personal information in accordance with its legal obligations, including those under the National Archives ACT (1983) and Privacy Act (1988). ANSTO uses a range of physical and electronic security measures to protect personal information.
How do you access and correct your personal information?
You have a right to request access to your personal information and to request its amendment or correction.
Upon receiving a request, we will provide you with access to your personal information or take reasonable steps to amend/correct your personal information to ensure that it is accurate, up-to-date, complete, relevant and not misleading, subject to any applicable exceptions under the Privacy Act.
To obtain access or seek correction of your personal information, you should make a request through one of the following means:
- sending an email to our Privacy Officer at privacy@ansto.gov.au
- sending a letter to:
Privacy Officer
ANSTO
Locked Bag 2001
Kirrawee DC NSW 2232
- telephoning (02) 9717 3111 and requesting to speak to the Privacy Officer or
- visiting ANSTO reception at our Lucas Heights or Clayton campus’
If you are dissatisfied with the outcome, you may seek recourse via the OAIC
Privacy Commissioner http://www.oaic.gov.au/
Privacy impact assessment register
The Privacy (Australian Government Agencies – Governance) APP Code 2017 requires that all agencies, including ANSTO, conduct a Privacy Impact Assessment for all high privacy risk projects.
The Privacy Impact Assessment Register records details of the Privacy Impact Assessments conducted by ANSTO for high privacy risk projects since July 2018.
Table of Privacy Impact Assessments
Date | Title |
---|---|
February 2018 | Booking System |
April 2018 | Documentation Application |
October 2018 | Chemical Management System |
November 2018 | Incident Management System |
May 2019 | SAP Product |
April 2019 | Safety Application |
May 2020 | Monitoring System |
May 2022 | Electronic On-boarding system |
March 2024 | Reporting Platform |
July 2024 | Customer Relationship Management tool |
Further information
To find out more about how ANSTO manages personal information, contact: ANSTO Privacy Contact Officer
Email: privacy@ansto.gov.au
For more general information on the Privacy Act and the Australian Privacy Principles:
- Visit the website the Office of the Australian Information Commissioner http://www.oaic.gov.au/
- Contact the OAIC Privacy Enquiries Line 1300 363 992 (local call charge).
We will, from time to time, review and revise this Privacy Policy. We reserve the right to amend this policy at any time and any amendments will be notified by posting an updated version on our website at http://www.ansto.gov.au.