The Museum of Contemporary Art Limited (MCA) is committed to managing personal information in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). Personal information is information or an opinion about an identifiable individual, or an individual who is reasonably identifiable. The information or opinion does not have to be true or recorded in a material form.
The purposes for which we usually collect and use personal information relate to circumstances when we receive, respond to or action:
• Purchase of an exhibition ticket either at the MCA or online purchase of an MCA product including through the MCA Store
• Enrollments in programs and registration for events including talks, performances and workshops
• Subscriptions to Art Matters, our e-newsletter
• Applications to become a Member, Ambassador or Young Ambassador
• Donations, sponsorship and other support
• Requests for information or brochures and other general inquiries
• Venue hire and events arrangements
• Recruitment processes (including for volunteers, internships and work experience)
• Injuries or incidents that occur at the MCA
• Interaction with the MCA through our website, our app, MCA Insight, or through social networking activities including, but not limited to, Facebook, Twitter and Instagram.
Generally through these interactions with MCA and our associated collection and use of your personal information, you are giving us permission to send you information about upcoming exhibitions, events (including Tweetups), programs, products and services offered by the MCA that may be of interest to you.
We also collect and use your personal information for market research purposes and to market online services and to innovate and remain client focused in our delivery of products and services.
We collect personal information directly from you. We may collect and update information over the phone, by email, over the Internet, including through your social networking interactions with the MCA, via our app, in person, in writing or if you participate in a MCA survey.
We may also collect personal information from third parties in ways which you would expect (for example, through third parties we engage to sell our exhibition tickets).
The type of personal information we generally collect includes your name, e-mail, gender, postcode, postal address and contact numbers as well as any additional information you provide to us, or authorise us to collect, as part of your interaction with the MCA. For example, it may be necessary to collect more information for the processing of application for grants or financial assistance or enrolling you in a program. In the case of our recruitment activities, we may also collect information about you from third parties who you have nominated as referees.
Closed Circuit Television (CCTV) is in use on the MCA’s premises for security and safety purposes. CCTV footage is likely to capture pictures or video footage of individuals. Footage is accessed by persons authorised to do so and may be provided to law enforcement agencies.
We do not collect sensitive information such as your political or religious beliefs or sexual preference unless you consent to its collection. We may collect details for statistical purposes such as ethnic background. This type of information can assist us to better develop and deliver programs.
The MCA displays ads for current and upcoming exhibitions on the internet and social media. The MCA adds cookies to users’ browsers and uses web beacons and measurement software and tools on our website to enable us to serve ads based on prior visits to the MCA website. Cookies are small files that a website can store on a user’s computer and are used for keeping the 'state of a user session’ i.e. remembering who you are from a page requesting information through to supplying it. The information includes how often users visit the site, what pages they visit, what links they click, what geolocation the visit originated in, what browser they use, what operating system they use, and what other sites they visited prior to coming to our site.
When you look at this website, our Internet Service Provider may make a record of your visit or log information such as your server address, your top level domain name (for example .com, .gov, .au, etc), the date and time of the visit to the site, the pages accessed and documents downloaded, the previous site visited, and the type of browser used.
No attempt is, or will be, made to identify users browsing activities except, in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect activity logs.
The MCA will provide individuals with the opportunity of remaining anonymous or using a pseudonym in their dealings with us where it is lawful and practicable (for example, when making a general enquiry). Generally it is not practicable or lawful for the MCA to deal with individuals anonymously or pseudonymously on an ongoing basis. If we do not collect personal information about you, you may be unable to participate in or have access to our events, programs or activities. Personal information and contact details are also required to us to issue a tax-deductible receipt and to register you for certain events, programs and activities.
We store information in a number of secure databases (including trusted third party storage providers), paper-based files or other electronic record keeping methods. Personal information may be collected in paper-based document and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
The MCA uses physical security and other measures to ensure that personal information is protected from misuse, interference and loss; and from unauthorised access, modification and disclosure. Personal information held in paper-based form is generally securely stored at the MCA in Sydney or in the case of archived records, at an external storage facility in Australia.
We maintain computer and network security by using firewalls, user identifiers and passwords to control access to our computer system. Donations and registrations made on the MCA website use encryption methods and credit card data is stored using systems compliant with the Payment Card Industry Data Security Standard.
We also take steps to destroy or de-identify information that we no longer require. In some cases there are statutory requirements for retaining information for a prescribed period of time.
The MCA uses and discloses the personal information it collects to communicate directly with you to promote its goods and services. You can unsubscribe using the “unsubscribe” link at the bottom of our electronic direct marketing communications. You may also contact the MCA to request not to receive direct marketing communications by emailing firstname.lastname@example.org or by using the contact details below. If you opt-out of receiving marketing material from us, please note that the MCA may still contact you in relation to its ongoing relationship with you. For example, if you are an MCA Ambassador we may still send you information relevant to that relationship with us.
We do not sell personal information.
The MCA may disclose information to trusted third parties engaged to assist with services including data processing, data analysis, information technology services and support, website maintenance/development, venue and event promoters, printing, record archiving, data mailing and market research. Except as provided below, the third parties to which we disclose personal information are located in Australia. We take steps to require any such third parties to protect the privacy and security of your personal information and to only use it for the purpose for which it is disclosed.
The MCA does not typically or routinely disclose personal information to overseas recipients. Unless consent has been given, or an exception under the Australian Privacy Principles applies, the MCA will only disclose personal information to overseas recipients where reasonable steps have been taken to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to your personal information.
To request access to your personal information please contact our Privacy Officer using the contact details set out below. We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. If your personal details change, such as your contact details, or if consider the information held by us is considered to be inaccurate, out-of-date, incomplete, irrelevant or misleading, please contact us to correct or update your details.
We undertake to promptly acknowledge any requests for access and correction to personal information and will take reasonable steps to correct the information. A request to remove or delete personal information may not be possible to comply with as certain personal information must be retained by the MCA for a specific period as specified by applicable legislative and regulatory requirements. In limited circumstances, a request to access, correct or delete personal information may be declined in accordance with the Australian Privacy Principles. In such instances, the MCA will provide a reason for its decision.
All privacy complaints should be directed in writing to the MCA’s Privacy Officer who will consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the issue. We will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within one to two weeks.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint and will ask you to provide us with further information about the circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how you believe your complaint should be resolved.
We will endeavour to acknowledge receipt of the further information within 5 business days of receiving it and to complete our investigation into your complaint in a timely manner. This may include, for example, gathering the relevant facts, locating and reviewing relevant documents and speaking to relevant individuals. In most cases, we expect that complaints will be investigated and a response provided within 30 days of receipt of the information from you. If the matter is more complex and our investigation may take longer, we will write and let you know.
If you consider the MCA’s response to be unsatisfactory or believe that the MCA may have breached the Australian Privacy Principles or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner.
The Office of the Australian Information Commissioner can be contacted by telephone 1300 363 992 or by using the contact details on its website.
MCA Privacy Officer
PO Box R1286
Royal Exchange NSW 1223
02 9245 9469
Last updated: October 2014