Promontory Accommodation Management Services (ABN 63 005 546 912)
1. Purpose of Policy
2. What types of information do we collect?
The type of personal information that we collect and hold about you depends on the type of dealings that you have with us. For example, in order to process a booking, a request or an enquiry from you, we may need to know all or some of the following: your full name, address, telephone number, e-mail address, and your current location. We may also gather information from cookies or web beacons. You can find out more about how they operate in the relevant section of this policy below. We may also collect IP addresses, mobile device identifier details, your location, navigation and click-stream data, the time of accessing the Site, pages you viewed, what you searched for, the duration of your visit, and other details of your activity on the Site. If you ask us to connect with other sites (for example if you ask us to connect with your Facebook account) we may get information that way too. Information that we collect from third parties, such as credit information which we use to prevent and detect fraud, information from your mobile provider if you are accessing the Site over a mobile device or information from a third party such as a social media or travel opinions site where you have asked us to share your data with them.
Sensitive information is personal information such as health information and information about racial or ethnic origins that is generally afforded a higher level of privacy protection. We only collect sensitive information where it is reasonably necessary for our business functions and you have consented, or we are required to do so by law.
Information other than personal information ("non-personal information")
When you visit the Site, some of the information that is collected about your visit is not personal information, because it does not reveal your identity. We use this information to help us improve our services. We may aggregate this information for our own statistical purposes. Provided that it remains anonymous, we may disclose that aggregated information to third parties for marketing or other business-related purposes.
3. How do we collect personal information?
Methods of collection We will collect personal information by lawful and fair means as required by the Privacy Act. We will also collect personal information directly from you where this is reasonable and practicable.
We collect personal information in a number of ways, including:
Directly from you in person, by email, over the telephone,
through written communications (such as letters and faxes) or by you completing forms or submitting information on the Site;
Through our Site, for example, if you make an enquiry to rent a property.
From third parties, including,
direct marketing database providers,
any of our related companies,
public sources, such as telephone directories, membership lists of businesses, professional and trade associations, ASIC searches;
From our own records of your use of our services.
4. Why do we collect, hold, use and disclose your personal information?
The main purposes for which we collect, hold, use and disclose personal information are:
To identify you and verify your identity;
To communicate with you about our services;
To contact you from time to time with critical user or service updates;
To customize, measure and improve our services, content and advertising;
To compare information for accuracy, and verify it with third parties;
and for any other purposes that you have consented to.
Where we have your express or implied consent, or where we are otherwise permitted by law, we may contact you with information about our products and the services on the Site. You can opt-out of receiving these marketing communications at any time, by either contacting email@example.com or by using the unsubscribe facility that is included in the commercial electronic messages (i.e., email) to opt-out of receiving non-booking related messages.
5. To whom do we disclose your personal information?
We may disclose your personal data to enforce our policies, or where we are permitted to do so by applicable law, such as in response to a valid, legally-compliant request by law enforcement or governmental authority, or in connection with actual or proposed litigation, or to protect our property, people and other rights or interests.
We may also share your personal data with:
Any third party you have asked us to share your personal data with - such as Facebook if you have asked us to connect with your Facebook account; or
Our contracted services providers, including Information technology service providers (including cloud services providers);
Marketing, communications and research agencies;
Mailing houses, postal, freight and courier service providers;
Printers and distributors of direct marketing materials;
External business advisers (such as recruitment advisers, auditors and lawyers).
In the case of these contracted service providers, we may disclose personal information to the service provider and the service provider may, in turn, provide us with personal information collected from you in the course of providing the relevant products or services.
We may de-identify and aggregate the personal information of you and others for our own statistical purposes. Provided that it remains permanently de-identified, we may disclose that aggregated information to third parties or publish it for marketing or research purposes.
In the unlikely event that Promontory Accommodation Management Services is sold, or some of its assets transferred to a third party, your personal information, as a valuable asset, may also be transferred. Potential purchasers and their advisors may have access to data as part of the sale process.
Our customer database could be sold separately from the rest of the business, in whole or in a number of parts. It could be that the purchaser's business is different from ours too.
6. Data quality and security
We hold personal information in a number of ways, including in electronic databases, email contact lists, and paper files held on secure premises. We take reasonable steps to:
Make sure that the personal information that we collect, use and disclose is accurate, up-to-date and complete and (in the case of use and disclosure) relevant;
Protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure;
Destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted under the Act.
We implement a range of physical and electronic security measures to protect the personal information that we hold, including:
mandatory password protection on all computers.
secure hardcopy document,
electronic storage media and hardware disposal procedures;
firewall and antivirus/malware software;
training and workplace policies.
While Promontory Accommodation Management Services strives to protect the personal information and privacy of users of the Site, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by email firstname.lastname@example.org.
While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. We have security measures in place to protect our user database and access to this database is restricted internally. However, it remains each user's responsibility:
To protect against unauthorized access to your use of the Site;
To ensure no one else uses the Site while the user's machine is connected to the Site (including connections through a mobile, Wi-Fi or share access connection you are using);
To log off or exit from the Site when not using it;
and Where relevant, keep your password or other access information secret.
Your password and login details are personal to you and should not be given to anyone else or used to provide shared access for example over a network; If you have asked us to share data with third-party sites, however (such as Facebook) their servers may not be secure. Credit card information is generally stored by our credit card processing partners and we ask them to keep that data secure.
We also use third parties to help us optimize our website flow, content and advertising (see below).
Note that, despite the measures taken by us and the third parties we engage, the internet is not secure, and others may nevertheless unlawfully intercept or access private transmissions or data.
As such, except to the extent that liability cannot be excluded due to the operation of a statute, Promontory Accommodation Services Management excludes all liability (including negligence) for the consequences of any unauthorised access to your personal information.
Please notify us immediately if you become aware of any breach of security.
8. Phishing or False emails
If you receive an unsolicited email that appears to be from us that requests personal information (such as your credit card, login, or password),
or that asks you to verify or confirm your account or other personal information by clicking on a link,
that email was likely to have been sent by someone trying to unlawfully obtain your information, sometimes referred to as a "phisher" or "spoofer."
We do not ask for this type of information in an email. Do not provide the information or click on the link.
Please get in touch with Customer Support by emailing email@example.com. Third-party websites Links to third-party websites that are not operated or controlled by Promontory Accommodation Management Services are provided for your convenience.
9. Access and correction of your personal information
You have a right to request access to or correction of your personal information held by us.
If you wish to access, correct or update any personal information we may hold about you, please contact us as set out below
10. Complaints process
The Privacy Officer will investigate the complaint and determine whether a breach has occurred and what action, if any, to take.
When contacting us, please provide as much detail as possible in relation to the query, issue or complaint.
We will take any privacy complaint seriously. We will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 30 days.
We request that you cooperate with us during this process and provide us with the relevant information we may require.
We expect our procedures will deal fairly and promptly with your complaint.
However, if you remain dissatisfied, you can also make a formal complaint with the Office of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia): Director of Compliance Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001 Phone: 1300 363 992 www.oaic.gov.au 9.
11 Contact Us
Please contact our Privacy Officer if you have any queries about the personal information that we hold about you or the way we handle that personal information on the following email: firstname.lastname@example.org
12 Changes to this Policy
Site updates and changes in our information collection and disclosure practices.
You should also print a copy for your records.