Privacy Policy
Effective from 01 November 2018
This Privacy Policy sets out how we collect, use, store, disclose, retain and protect your personal information. It applies to your use of this website and to any other website, application and/or platform operated by us (collectively, the Services) where this Privacy Policy is referenced, regardless of how you access or use them, including through mobile devices.
In this Privacy Policy, 'us' 'we' or 'our' means CCIG Investments Pty Ltd (ABN 57 602 889 145) and each of its related entities (including CCIG (Australia) Pty Ltd (ABN 94 602 873 905), CCIG Holdings Pty Ltd (ACN 61 604 183 084) and CCIG SMI Pty Ltd (ABN 20 614 710 422)) from time to time.
We are committed to respecting your privacy. In handling your personal information, we are regulated by and are committed to complying with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (Privacy Law).
By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us, for as long as we consider necessary to fulfil the purpose for which such personal information was collected, or as required by relevant laws. In this context, “collect” or “collection” means gather, acquire or obtain by any means, information in circumstances where the individual is identifiable or identified.
This Privacy Policy applies, among other things, to your use of the Services. If you do not accept this Privacy Policy, you must not use the Services.
Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, address and contact details. It may also include financial information, including your credit card information.
Occasionally, we may ask you for personal information about other people - for example, your customers or clients, other guests where you are travelling as part of a group booking, or other authorised representatives in order to provide our services. If you choose to disclose this information to us, you confirm that you have informed these parties that you are providing their personal information to us for the purposes of providing our products and services either directly or by providing such disclosure in your own privacy policy.
Where lawful and practical, you have the right to remain anonymous or to make use of a pseudonym, however if you choose to remain anonymous or to use a pseudonym, we and our third party contractors and merchants may not be able to provide you with access to some or all of our products or services (including information products and services). If you wish to stay at any of our resorts on an anonymous or pseudonymous basis, please note that we require certain personal information in order to process your booking. We may be able to accommodate your request during your stay through our ‘Silent Guest’ program, but otherwise we do not guarantee it. We will inform you if you are unable to remain anonymous or use a pseudonym when dealing with us.
Collection of Personal Information
We may collect the following types of personal information:
- name;
- billing, mailing and/or street address;
- email address;
- telephone number and other contact details;
- age or date of birth;
- gender;
- sexual orientation;
- religious beliefs;
- health information;
- time zone information;
- financial information, including credit card information;
- drivers licence details and other forms of personal identification;
- your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
- details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
- any additional information relating to you that you provide to us directly through the Services (including our website) or indirectly through your use of our Services or online presence or through other websites or accounts from which you permit us to collect information;
- information you provide to us through customer surveys; or
- any other personal information that may be required in order to facilitate your dealings with us.
- We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:
- register to use the Services (including via our website);
- complete registration or enquiry forms, order any products or services from us or third party merchants, publish reviews, upload content, participate in message boards, blogs and/or any other user generated content facilities or send emails to us;
- request, book, process, enquire and/or order and confirm any services and products in connection with the Services (including in relation to hospitality and food service management, resort management and travel management services, and medical services (Resort Services)) from us and/or any of our related bodies corporate, agents, suppliers, contractors and/or merchants;
- communicate with us and/or any of our related bodies corporate, agents, suppliers, contractors and/or merchants and/or any of the users of the Services through correspondence, chats, email, or when you share information with such persons from other applications, services or websites; or
- interact with the sites, services, content and advertising of us and/or any of our related bodies corporate, agents, suppliers, contractors and/or merchants.
We will generally collect personal information directly from you. We may also collect personal information from third parties (including third party data analytic service providers) and publicly available sources of information. We may use personal information supplied by you or a third party to source additional personal information from publicly available sources of information.
Please do not submit your personal information to us if you do not wish for us to collect it.
Sensitive information
Some personal information (for example, race, ethnicity, and health information) is sensitive and requires a higher level of protection under the Privacy Law. We will not generally collect any sensitive information from you which we consider are unnecessary to our Services. We will only collect such sensitive information when we have your express consent for us to do so and the collection is reasonably necessary for us to provide our products and/or services (for example weddings, group functions or accessing our medical services) or pursue one or more of our functions or activities, or where the information is required or authorised by law or necessary for the establishment, exercise or defence of a legal claim.
Why do we collect, use and disclose personal information?
We may collect, hold, process, use and disclose your personal information for the following purposes:
- to enable you to access and use, and to enhance and improve your use of, our Services and products and services contained within the Services, including in relation to the Resort Services, our website, and applications of us or any of our related bodies corporate, agents, suppliers, contractors and/or merchants;
- to operate, protect, improve and optimise the Services and products and services (including in relation to the Resort Services), website, applications, business and user experience of us and/or any of our related bodies corporate, agents, suppliers, contractors and/or merchants, such as to perform analytics, conduct research and for advertising and marketing;
- to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
- to send you personalised recommendations and submission of customer feedback;
- to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
- to request, book and confirm Resort Services from us and/or any of our related bodies corporate, agents, suppliers, contractors and/or merchants;
- to send you order confirmation and booking confirmation details or to contact you if there is a problem with a transaction, enquiry or booking;
- to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
- to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties;
- for the purpose of providing you with the Services (including via our website), Resort Services and developing our business;
- to personalise your use of the Services (including visits to our website) and developing the design and style of the Services (including our website and app) to improve the Services and Resort Services provided to you;
- to inform you about the latest changes to our website, products, services (including the Services and Resort Services) or promotional offers that you might find interesting;
- for communicating (and personalising such communication) with you;
- in order to enable you to share our content with others, for example, by using an 'Email a friend' or 'Share this' functionality’ feature;
- carrying out technical and statistical analysis to measure the performance of our products and services and the website; and/or
- employment related purposes (including assessing an applicant’s suitability for a job).
Personal information and other data collected by us may be shared with related bodies corporate within our group.
We may also disclose your personal information to a trusted third party who also holds other information about you, including TravelClick. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.
If we receive unsolicited personal information about or relating to you and we determine that such information could have been collected in the same manner if we had solicited the information, then we will treat it in the same way as solicited personal information and in accordance with the Privacy Law. Otherwise if we determine that such information could not have been collected in the same manner as solicited personal information, and that information is not contained in a Commonwealth record, we will, if it is lawful and reasonable to do so, destroy the information or de-identify the information.
Employment application
In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees, which are exempt from the Privacy Law.
Do we use your personal information for direct marketing?
We and/or our related bodies corporate, agents, suppliers, contractors and/or merchants may send you direct marketing communications and information about our services and/or products (including in relation to Resort Services). This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act 2003 (Cth) and the Privacy Law. You will be given the option to sign up for our email newsletter. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (for example, an unsubscribe link).
Sharing your personal information
We may disclose personal information for the purposes described in this privacy policy to:
- our employees, related bodies corporate, agents and contractors;
- our third party suppliers, merchants and service providers (including providers for the operation of the Services, Resort Services and/or our website and/or our business or in connection with providing the Resort Services and other services to you);
- professional advisers, dealers and agents;
- payment systems operators (for example, merchants receiving card payments);
- our existing or potential agents, business partners or partners;
- our sponsors or promoters of any competition that we conduct via our Services;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- organisations to whom we outsource functions (including information technology providers, print service providers and mail houses);
- with your consent (express or implied), to specific third parties to receive information held by us;
- specific third parties authorised by you to receive information held by us; and/or
- other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.
We may share information about you with suppliers that we engage to help us provide certain services and/or functionality – for example online payment processing. We will use commercially reasonable endeavours to take steps to control and be responsible for the use of your information by such suppliers. While we cannot guarantee the security of this information, we will use all reasonable endeavours to ensure the third party protects the personal information from unauthorised use or disclosure (Data Breach). If we become aware of a Data Breach from the third party, we will notify you of the Data Breach and will endeavour to work with you to limit the potential impact.
We reserve the right to disclose your personal information without your consent if the disclosure is:
- to comply with applicable laws and government or regulatory bodies' lawful requests for information;
- required in order to investigate an unlawful activity;
- required by an enforcement body for investigate activities; or
- necessary to prevent a serious and imminent threat to a person’s life, health or safety, or to public health or safety.
We may transfer, sell or assign any of the information described in this privacy policy to third parties as a result of a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business.
Subject to obtaining your consent, we may also supply personal information about you to third parties other than as set out above.
Disclosure of personal information outside Australia
We may disclose personal information outside of Australia to related bodies corporate, employees, agents, contractors and/or merchants, third party suppliers, service providers and information technology and cloud services providers located in countries other than Australia, including the United States of America and Japan.
When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Law. Further, the overseas recipient of personal information may be subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority. In such case, we will not be responsible for that disclosure. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.
Using our services and cookies
We may collect personal information about you when you use and access our Services (including our website).
In addition to personal information, we may collect information about you automatically when you use our Services or visit our website. While we may not use browsing information in respect of our website to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.
We may also use 'cookies' or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our website may not work as intended for you if you do so. If you choose not to receive our cookies, we cannot guarantee that your experience with the website will be as quick or responsive as if you do receive cookies.
The information collected by cookies and web beacons is not personally identifiable, it includes general information about your computer settings, your connection to the internet, for example, the operating system and platform, IP address, your browsing patterns and timings of browsing on the website and geographical location.
We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Law. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.
Keeping your personal information secure
We may hold your personal information in either electronic or hard copy form. We take the security of your personal information very seriously and will use reasonable commercial endeavours to take reasonable and appropriate steps to have appropriate physical (such as the use of secure storage facilities), technical (such as firewalls) and administrative procedures (such as a user ID/password system and employee restrictions) in place to help protect your personal information from unauthorized access, use or disclosure as required by law in Australia. However, we cannot guarantee the security of your personal information.
We only retain your personal information for as long as is necessary for the purposes for which it was collected and we are required to keep it to comply with any laws. We will take such steps as are reasonable in the circumstances to destroy or de-identify personal information which we no longer need. These measures may vary depending on the personal information held.
In the unlikely event that there is an unauthorised use or disclosure of your personal information, we will notify you of the Data Breach and will undertake an investigation into how the Data Breach occurred and its likely severity. As part of this, we will endeavour to work with you and the Office of the Australian Information Commissioner to limit the impact, and any reoccurrence, of the breach.
Links
Our Services, website and apps may contain links to websites, apps or other services operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, apps or other services and have no control over or rights in those linked websites, apps or other services. The privacy policies that apply to those other websites, apps or other services may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites, apps or other services.
Accessing or correcting your personal information
You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. Such circumstances include the following:
- access would create a serious threat to safety;
- providing access will have an unreasonable impact upon the privacy of other individuals;
- denying access is required or authorised by law;
- the request is frivolous or vexatious;
- legal proceedings are underway or anticipated, and the information would not be accessible through the process of discovery in the proceedings;
- negotiations may be prejudiced by such access;
- providing access is likely to prejudice law enforcement; or
- access would reveal a commercially sensitive decision making process.
We may also need to verify your identity when you request your personal information.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
Making a complaint
If you think we have breached the Privacy Law, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.
If you believe we have not adequately dealt with your complaint, you may complain to the Office of the Australian Information Commissioner about the way we handle your personal information. The Commissioner can be contacted at:
GPO Box 5218 Sydney NSW 2001
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Changes to this Privacy Policy
We may change our Privacy Policy from time to time by publishing changes to it on our website with an updated effective date. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy. If we make significant changes to our Privacy Policy, we may also notify you by other means such as sending an email or posting a notice on our home page.
Contact Us
For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:
Director of Sales & Marketing
PMB 22 Mackay QLD 4740
marketing@daydreamisland.com
Toll Free 1800 888 288