This Privacy Statement explains in general terms how Hunter & Bligh Media Pty Ltd in partnership with Wyndham Destination Asia Pacific Pty Ltd collects, holds, uses and discloses your personal information under the Australian Privacy Principles.
We may amend this Privacy Statement as our business requirements or the law changes. Any changes to this Privacy Statement will be updated on hunterandbligh.com.au. We may also issue specific privacy collection notices from time-to-time relating to particular products or services.
This Privacy Statement does not apply to Hunter and Bligh’s or Wyndham Destinations Asia Pacific’s employee records.
1 INFORMATION WE COLLECT
The types of personal information that we collect about you will depend on our relationship with you, the circumstances of collection and the type of service you request from us. The personal information may include:
- Your name, gender, date of birth, contact details, income and assets overview, homeownership status, location, IP address and source of sign up
- Details related to your rewards and content preferences
- If you use our website or mobile applications, your geo-location, IP address, mobile telephone number or ID and details of any third party sites that you may have accessed that are our partners
1.1 In the course of business it is necessary for both Hunter & Bligh Media Pty Ltd and Wyndham Destination Asia Pacific Pty Ltd to collect Personal Information. This information allows us to identify who an individual is for the purposes of our business, share Personal Information when asked of us, contact the individual in the ordinary course of business and transact with the individual. Without limitation, the type of information we may collect is:
(a) Personal Information. We may collect personal details such as an individual’s name, location, date of birth, nationality and other information defined as “Personal Information” in the Privacy Act that allows us to identify who the individual is;
(b) Contact Information. We may collect information such as an individual’s email address, telephone, residential, business and postal address and other information that allows us to contact the individual;
(c) Financial Information. We may collect financial information related to an individual such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our services; Hunter and Bligh has not, and does not at this time collect any credit card or banking information as we do not currently host any payment facilities or sell any of our products. If in the future we were to sell product, tickets etc we will only store your details if you purchase something. Your information will never be on-sold or shared to any other party not listed in this policy or the prize competition terms and conditions. If you sign up for a co-sponsored prize draw, the terms and conditions will clearly stipulate if/which details will be shared with the sponsoring partner.
(d) Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, finances and other information for statistical and research purposes; and
(e) Information an individual sends us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities.
1.3 We may also collect non-Personal Information about an individual such as information regarding their computer, network and browser. This may include their IP address. Where non-Personal Information is collected the Australian Privacy Principles do not apply.
2 HOW WE COLLECT INFORMATION
We may collect personal information about you when you use our products and services, register to receive our newsletters or other communications, register to be part of one of our programs, tell us about your preferences of content, rewards and communication, register to enter prize draws, competitions and collect reward offers, participate in online surveys or question polls or purchase goods through our partners. As well as collecting information directly from you, there may be occasions when we collect information about you from a third party. These third parties may include:
2.1 Most information will be collected in association with an individual’s use of Hunter and Bligh and Wyndham Destinations Asia Pacific, an enquiry about Hunter and Bligh and Wyndham Destinations Asia Pacific or generally dealing with us. However, we may also receive Personal Information from sources such as advertising, an individual’s own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners. In particular, information is likely to be collected as follows:
(a) Registrations/Subscriptions. When individuals register or subscribe for a service, list, account, connection or another process whereby they enter Personal Information details in order to receive or access something, including a transaction;
(b) Accounts/Memberships. When an individual submits their details to open an account and/or become a member with us;
(c) Supply. When an individual supplies us with goods or services;
(d) Contact. When an individual contacts us in any way;
(e) Access. When an individual accesses us physically we may require them to provide us with details for us to permit them such access. When an individual accesses us through the internet we may collect information using cookies (if relevant – an individual can adjust their browser’s setting to accept or reject cookies) or analytical services; and/or
(f) Pixel Tags. Pixel tags enable us to send email messages in a format customer’s can read and they tell us whether mail has been opened.
2.2 As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that an individual is always aware of when their Personal Information is being collected.
2.3 Where we obtain Personal Information without an individual’s knowledge (such as by accidental acquisition from a client) we will either delete/destroy the information, or inform the individual that we hold such information,
3 WHEN PERSONAL INFORMATION IS USED AND DISCLOSED
3.1 In general, the primary principle is that we will not use any Personal Information other than for the purpose for which it was collected other than with the individual’s permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted.
3.3 It may be necessary for us to disclose an individual’s Personal Information to third parties in a manner compliant with the Australian Privacy Principles in the course of our business.
3.4 We will not disclose or sell an individual’s Personal Information to unrelated third parties under any circumstances. If a member signs up or enters a particular co-sponsored prize opportunity, the terms and conditions and registration page will clearly stipulate whether some of your details will be shared with the sponsoring partner. The member will be aware of where their data can be shared.
3.5 Information is used to enable us to operate our business, especially as it relates to an individual. This may include:
(a) The provision of goods and services between an individual and us;
(b) Verifying an individual’s identity;
(c) Communicating with an individual about:
i Their relationship with us;
ii Our goods and services;
iii Our own marketing and promotions to customers and prospects;
iv Competitions, surveys, prize draws and questionnaires;
(d) Investigating any complaints about or made by an individual, or if we have reason to suspect that an individual is in breach of any of our terms and conditions or that an individual is or has been otherwise engaged in any unlawful activity; and/or
(e) As required or permitted by any law (including the Privacy Act).
3.6 There are some circumstances in which we must disclose an individual’s information:
(a) Where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;
(b) As required by any law (including the Privacy Act); and/or
(c) In order to sell our business (in that we may need to transfer Personal Information to a new owner).
3.8 We may utilise third-pay service providers (such as Gmail from Google, Inc., and MailChimp from The Rocket Science Group LLC) to communicate with an individual and to store contact details about an individual. These service providers are located in the United States of America.
3.9 We may also disclose your personal information to our suppliers and third parties that perform other services for us in connection with the sale and provision of all our goods and services, including third parties who:
- Provide customer service
- Conduct market research and analysis;
- Provide marketing services;
- Provide information technology services such as data storage, distribution services, communication networks, software and system development, maintenance and support, and information processing, analysis and reporting;
- Provide services in the course of investigating a complaint or a security incident; and
- Manage our share registry.
4 HOW INFORMATION IS STORED AND KEPT SECURE
4.2 We will take all reasonable precautions to protect an individual’s Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks. We hold your personal information in a combination of electronic files and cloud-based files. We use third-party information system providers who may store or have access to your personal information. We may combine personal information we receive about you with other information we hold about you. This includes information received from our partners or third parties.
4.3 The security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.
4.4 We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s Personal Information to in accordance with this policy or any applicable laws). The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.
4.5 If an individual suspects any misuse or loss of, or unauthorised access to, their Personal Information, they should let us know immediately.
4.6 We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorised to provide that person with the Personal Information.
5 COMPLAINTS AND DISPUTES
5.1 If an individual has a complaint about our handling of their Personal Information, they should address their complaint in writing to the details below.
5.2 If we have a dispute regarding an individual’s Personal Information, we both must first attempt to resolve the issue directly between us.
5.3 If we become aware of any unauthorised access to an individual’s Personal Information we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed.
6 CONTACTING INDIVIDUALS
6.1 From time to time, we may send an individual important notices, such as changes to our terms, conditions and policies. Because this information is important to the individual’s interaction with us, they may not opt-out of receiving these communications.
6.2 Subscribers understand that they have joined our mailing list and consent to receiving email communications. The majority of communication will be in regards to the prize draw they have entered and offered opportunities to increase their entries in the draw. If a member signs up or enters a particular co-sponsored prize opportunity, the terms and conditions, registration page or entry source, will clearly stipulate whether you will also need to consent to the sponsoring partner(s) advertised. The member will be aware of what mailing lists they will be added to, thus consent to receive communications from that listed partner.
7 GENERAL DISCLAIMERS
7.1 This Website is provided by Hunter and Bligh on an “as is” basis without any express or implied warranty of any kind.
7.2. The World Wide Web exists across open public networks that are neither secure nor private. Accordingly, you acknowledge and accept the risk that any communication to or from the Website may be intercepted, used or modified by third parties.
7.3. Hunter and Bligh do not warrant that access to or use of the Website will be uninterrupted or error-free or that the Website or any material on or accessible through the Website is free from errors or viruses, worms, trojan horses or other harmful components.
7.4. You acknowledge that your access to and use of the Website (including the software operating in connection with the Website) may be interfered with by numerous factors outside of Hunter and Bligh’s control.
7.5 Hunter and Bligh do not warrant anything about the reliability, accuracy, completeness, timeliness, quality, physical state or suitability for a particular purpose of any material on or accessible through the Website.
7.6 Hunter and Bligh makes no commitment to update any material on the Website.
7.7 You are responsible for assessing the accuracy, reliability, suitability and currency of the material on or accessible through the Website.
7.8 You accept all risks and responsibility for all loss, damage, costs and other consequences resulting from using the Website or the material on or accessible through the Website.
8 MARKET RESEARCH AND SURVEY PARTICIPATION
Hunter and Bligh and our research partner, CoreData, strictly adhere to the AMSRS Code of professional behaviour in relation to research confidentiality and data security.
8.1 (a) Respondent anonymity – Respondent’s anonymity must be strictly preserved. The respondents must give informed consent for data to be passed on in a form that allows them to be personally identified. The Researcher must ensure that the information will not be used for any non-research purposes and that the specified recipient of the information has agreed to conform to confidentiality requirements. The Client has no right to access the names and addresses of respondents unless express permission for this is received or if this is only to be used for managing project implementation and cannot be linked to actual responses.
(b) All indications of the identity of Respondents must be permanently removed from the records of information they have provided as soon as they are no longer necessary for research purposes. Where it is necessary to retain identifying details, they must be stored securely and separately from other information the Respondent has provided (e.g. with the linkage maintained by the use of an intervening variable). Access to such material must be restricted to authorised research personnel within the Researcher’s own organisation for specific research purposes (e.g. field administration, data processing, panel or “longitudinal” studies, or other forms of research involving recall interviews).
To preserve Respondents’ anonymity not only their names and addresses but also any other information provided by or about them that could in practice identify them (e.g. their Company and job title) must be safeguarded. These anonymity requirements may be somewhat relaxed where the Respondent has given explicit permission for this under the conditions of ‘informed consent’ or where disclosure of names to a third is essential for research purposes such as data processing or further interview (e.g. an independent fieldwork quality check) or for further follow-up research. The original Researcher is responsible for ensuring that any such third party agrees to observe the requirements of this Code – in writing if the third party has not already formally subscribed to the Code.
These anonymity requirements relate to any records from which the identity of the Respondent is apparent, or can reasonably be ascertained, including a Respondent’s photograph, verbatim quotes and audio or videotaped interviews. Permission to observe an interview/group discussion by a third party must be gained from the respondent.
8.2 Informed consent – All research participants should provide informed consent to participate in the research. This includes
(a) the purpose of the research, expected duration, and procedures;
(b) A description of any reasonably foreseeable risks or discomforts to the subject or any benefits to the subject or to others which may reasonably be expected from the research
(c) A statement describing the extent, if any, to which confidentiality of records identifying the subject will be maintained and the limits of confidentiality
(d) An explanation of whom to contact for answers to pertinent questions about the research and research subjects’ rights
(e) A statement that participation is voluntary, refusal to participate will involve no penalty or loss of benefits to which the subject is otherwise entitled, and the subject may discontinue participation at any time without penalty or loss of benefits to which the subject is otherwise entitled
(f) their right to decline to participate and to withdraw from the research once participation has begun;
(g) incentives for participation
8.3 Usage of data – All research data, findings, (except in the case of syndicated projects), research briefs and other information provided by the client remains their property and must not be disclosed to third parties without prior explicit arrangement.
The transfer of information about Respondents is permissible between a Researcher and the Client where the intent of this is to limit research contacts by means of maintaining records about participation. This should not be done where this practice would allow personalised information to be extrapolated or where any research data gathered about an individual may be appended or inferred by the transfer
8.4 Survey record storage – Hunter and Bligh and CoreData conforms to currently agreed professional practice relating to the keeping of records securely for an appropriate period of time after the project has ended. The proposed period of time for which the Researcher should keep research records will vary with the nature of the information (e.g. whether they are identified or de-identified), the nature of the project (e.g. ad hoc, panel, repetitive) and the possible requirements for follow-up research or further analysis. Researchers may retain information in an identified form only while the details of the identity of the Respondent continue to be necessary for research purposes. In the case of de-identified information, the period of time for which records should be kept by the Researcher normally will be longer for the stored research data resulting from a survey (tabulations, discs, tapes, electronic files, etc.) than for primary field records (the original completed questionnaires and similar basic records. Records should be kept in a manner in which it should be possible to reconstruct all the information originally collected with the exception of any personal identifiers.
The period for which records will be kept must be disclosed to, and agreed by, the Client in advance. In default of any agreement to the contrary, in the case of ad hoc surveys, the normal period for which the primary field records should be retained is one year after completion of the fieldwork while the research data should be stored for possible further analysis for at least two years.
All data is stored on a secure web-server located in Australia, with well-maintained firewall facilities. All data is additionally backed up daily to a secure cloud-server that also has well-maintained firewall facilities. Security of our servers is managed by a dedicated IT provider who have explicitly agreed to adhere to the AMSRS standards for data storage and security.
Contract inclusions Confidentiality and privacy
8.5 Use and disclosure of Confidential Information
During and after the term of the contact, no Confidential Information may be used by a party, or disclosed by a party, to any person except:
(a) to employees, auditors and other professional advisers of the party requiring the information for the purposes of this agreement;
(b) with the consent of the party who supplied the information;
(c) if the recipient party is required to use or disclose the information by law or by the rules of a stock exchange; or
(d) if the recipient party is required to use or disclose the information in connection with legal proceedings relating to this agreement.
(e) if the recipient granted permission as a requirement of entry
8.6 Disclosure by the recipient
(Use and disclosure of Confidential Information) must use all reasonable endeavours to ensure that persons receiving Confidential Information from it do not disclose the information except in the circumstances permitted in clause (Use and disclosure of Confidential Information). Return of Confidential Information A party who has received Confidential Information from the other under this agreement must, on the request of the other party, immediately deliver to that party all documents or other materials containing or referring to that information which are in its possession, power or control or in the possession, power or control of persons who have received Confidential Information from it under clause 1.1(a) or 1.1(b) (Use and disclosure of Confidential Information) unless the receiving party has a right under this agreement, or at law, to retain it
9 ADDITIONS TO THIS POLICY
10 CONTACTING US
You can contact us by:
- Phone 02 9376 9624
- Write firstname.lastname@example.org