2. INFORMATION WE COLLECT
There are five categories of Personal Information that we collect:
1. User information. When you register to use our Services or make an online enquiry, we request Personal Information from you. We require this information to supply our Services.
2. Non-personally identifying information. Peregian Blue collects various non-personally identifying information, such as for example the number of visitors coming to the website etc. This is collected to help us understand the way our website is used and to improve our Services.
3. Public forum. You may provide information of a personal nature through participation in additional services provided such as chat, discussion groups, social media etc. This information can be viewed by the users with access to the website. If you respond voluntarily to our surveys or other interactive communications, we collect the responses and use the information to improve the quality and range of Services.
4. Information provided by consumers when they make or manage bookings. Peregian Blue collects and stores information about consumers and their transactions, including information about their identity, details of the bookings they have made and other information that is provided at the time of booking.
5. Consumer information added by Users. Any information that is submitted to or collected by Users of Services, Users of our Services are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as all privacy policies, relating to the collection of personal information of individuals with whom our Users interact. We collect this information under the direction of our Users, and have no direct relationship with individuals whose personal information we process in connection with the use of our Services. If you are a User providing information (including personal information) about someone else, you must have the legal ability to do so and, if necessary, notify them regarding the use of their personal information. If you are an individual who interacts with a User using our Services – that User is the controller of your information and you should contact them directly for assistance with any requests or questions relating to your personal information.
3. USE AND DISCLOSURE OF INFORMATION
We collect and use your Personal Information to operate our website and deliver our Services to you. We will also use your Personal Information to provide you with sales, technical and account management support, notify you of product upgrades and important product information.
Personal Information that you choose to share with us when you register for an account, subscribe to emails, newsletters and alerts and which you provide to us when using our services, including information entered into our booking platform and included in your comments, reviews or survey responses. In the course of making a booking or submitting reviews, you might voluntarily provide us with sensitive personal data if relevant to the service that you are requesting or reviewing (relating to your health or ethnicity, for example).
We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
Peregian Blue displays targeted advertisements based on personal information. Advertisers (including ad serving companies) may assume that people who interact with, view, or click targeted ads meet the targeting criteria—for example, men ages 18-24 from a particular geographic area.
On some occasions you agree that information we collect may be transferred outside of Australia in order to perform one or more of Peregian Blue’ functions or activities.
We also use your Personal Information in the following ways:
1. to provide and to improve our business services,
2. to confirm your identity; and
3. to enable both us and the third party provider of services for which you utilise the booking to engage in direct marketing purposes.
For direct marketing purposes, your Personal Information will be added to our database and that of the third party provider of services. The databases may be used for ongoing marketing and educative purposes. The type of marketing and educative activities that we undertake includes forwarding material to you so that you are kept updated in relation to various issues and our services.
If at any time you do not wish to continue receiving this information, we provide an “opt-out” procedure in each communication to you.
4. THIRD PARTY SERVICE PROVIDERS
Peregian Blue works with a number of third party service providers to perform a range of our Services and obligations. Some of our third party service providers are located outside of Australia.
Some of those third parties need access to the information we have collected in order to perform our business functions.
Where we share your Personal Information with third-party service providers, they will be contractually bound to use the information only for the purposes of providing the Services or performing the functions required by us and to store the information securely.
5. SECURITY OF PERSONAL INFORMATION
All transactions are secured by 128 bit SSL encryption. SSL technology encodes information as it is being sent over the Internet, helping to ensure that the information transmitted remains confidential. Our servers are deployed to Amazon Web Services (AWS), which is a PCI DSS Level 1 compliant provider.
Only staff who need to have access to your personal information in order to perform their job function are authorised to access the database. In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
6. DATA RETENTION
We will retain your Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:
The length of time we have an ongoing relationship and provide the Services to you (for example, for as long as you have an account with us or keep using the Services); or
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).
7. ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
You have rights to:
1. Know what Personal Information we hold about you, and to make sure it is correct and up to date.
2. Request a copy of your Personal Information or ask us to restrict processing of or delete it.
3. Object to our continued processing of your Personal Information and to request a permanent deletion of your data.
If you are not satisfied with how we are processing your Personal Information, you have the right to complain to your local information protection authority. Your local data protection authority will be able to give you more information on how to submit a complaint.
You can request to exercise these rights by emailing our Privacy Officer at firstname.lastname@example.org. We will process your request within 30 days of receiving your request, accompanied by a relevant proof of identification.
You may be required to have a browser, which allows cookies and other online usage tracking devices to fully access the Website. A cookie is a piece of data stored on your computer tied to information about you. Cookies may be used to track your Internet browsing activities and the websites you have visited.
Specific uses of your information include but are not limited to record:
1. your internet protocol (IP) address;
2. the date and time of your visit;
3. the pages you have accessed and documents downloaded; and
4. the type of browser you were using.
You can disable cookies on your web browser, although this may interfere with your use and enjoyment of the Services.
9. THIRD-PARTY SITES
10. CHILDREN AND OUR SERVICES
Our Services are not directed to children, and you may not use our Services if you are under the age of 18. You must also be old enough to consent to the processing of your Personal Data in your country (in some countries we may allow your parent or guardian to do so on your behalf).
11. CONTACT INFORMATION
If you have any questions about our handling of Personal Information, or if you wish to make an access or correction request or complaint, you should contact us at: email@example.com.
This policy was issued on 22 July 2021