Seahaven Noosa 4 3 2024 2

Privacy Policy

CUSTOMER PERSONAL DATA PROTECTION POLICY

  1. PROTECTING YOUR PRIVACY

We consider you an important customer. Our priority is to offer you exceptional experience during your stay with us at Seahaven Noosa Resort.

This charter formalizes our commitments to you and describes how the Seahaven Noosa Resort and it affiliated businesses, uses your personal data.

  1. SCOPE OF APPLICATION

In this charter, “Seahaven Noosa” means:

  • Seahaven Noosa Resort with registered business address 15 Hastings Street Noosa Heads, Queensland, 4567
  • 60 Seaworld Pty Ltd (ACN: 153 893 040) as trustee for the 60 Seaworld Trust (ABN: 37 515 167 001) with registered company address Suite 4 / 47 Park Road, Milton, QLD, 4064
  • Noosa Seahaven Management Pty Ltd (ABN: 41 159 303 465)
  • JV Property Management Pty Ltd (ABN: 46 134 269 622) with registered company address Suite 4 / 47 Park Road, Milton, QLD, 4064
  • and Subsidiary or “family” companies of the JVL Investment Group
  1. NINE PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA

In accordance with applicable regulations, we have instituted the following ten principles throughout Seahaven Noosa:

  1. Lawfulness: We use personal data only if:
    • we obtain the consent of the person, OR
    • it is necessary to do so for the performance of a contract to which the person is a party, OR
    • it is necessary for compliance with a legal obligation, OR
    • it is necessary in order to protect the vital interests of the person, OR
    • we have a legitimate interest in using personal data and our usage does not adversely affect the persons’ rights
  2. Fairness: We can explain why we need the personal data we collect.
  3. Purpose limitation and data minimisation: We only use personal data that we really need. If the result can be achieved with less personal data, then we make sure we use the minimum data required.
  4. Transparency: We inform people about the way we use their personal data
  5. We facilitate the exercise of the people’s rights: access to their personal data, rectification and erasure of their personal data and the right to object to the use of their personal data
  6. Storage limitation: We retain personal data for a limited period
  7. We ensure the security of personal data, i.e. its integrity and confidentiality.
  8. If a third party uses personal data, we make sure it has the capacity to protect that personal data.
  9. If personal data is compromised (lost, stolen, damaged, unavailable…), we notify such breaches to the respective responsible authority and to the person/s concerned, if the breach is likely to cause a high-risk in respect of the rights and freedoms of this person.

For any questions concerning the ten principle data protection policies, please contact [email protected].

  1. WHAT PERSONAL DATA IS COLLECTED?

At various times, we may collect information about you and/or the persons accompanying you, including the following:

  • Contact details (for example, last name, first name, telephone number, email)
  • Personal information (for example, date of birth, nationality)
  • Information relating to your children (for example, first name, date of birth, age)
  • Your credit card number (for transaction and reservation purposes)
  • Information contained on a form of identification (such as ID card, passport or driver licence)
  • Your arrival and departure dates
  • Your preferences and interests (for example, preferred floor, type of bedding, type of newspapers/magazines, sports, cultural interests, etc.)
  • Your questions/comments, during or following a stay
  • Technical and location data you generate as a result of using our websites and applications.

The information collected in relation to persons under 16 years of age is limited to their name and date of birth, which can only be supplied to us by an adult. We would be grateful if you could ensure that your children do not send us any personal data without your consent (particularly via the Internet). If such data is sent, you can contact [email protected] to arrange for this information to be deleted.

In order to meet your requirements or provide you with a specific service, we may have to collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation. In this case, we will only process this data if you provide your express prior consent.

5.WHEN IS YOUR PERSONAL DATA COLLECTED?

Personal data may be collected on a variety of occasions, including:

Hotel activities:

  • Booking a room
  • Checking-in and paying
  • Hotel stays and services provided during a stay
  • Requests, complaints and/or disputes.
  • Participation in marketing programs or events:
  • Signing up for loyalty programs
  • Participation in customer surveys (for example, the Guest Satisfaction Survey)
  • Online games or competitions
  • Subscription to newsletters, in order to receive offers and promotions via email.
  • Transmission of information from third parties:
  • Tour operators, travel agencies (online or not), GDS reservation systems and others

Internet activities:

  • Connection to seahavennoosa.com.au website (IP address, cookies in accordance with our Policy about the use of tracers)
  • Online forms (online reservation, questionnaires, Seahaven Noosa pages on social networks, social networks login devices such as Facebook login, conversations with chatbot, etc.).
  1. WHAT PURPOSES IS YOUR DATA COLLECTED FOR AND HOW LONG DO WE RETAIN IT?

The table below sets out why we process your data, the lawful basis for the processing and the associated retention period:

Purpose / Activity

Lawful Basis

Retention Period

Processing a reservation for a room, including accommodation requests and the creation of legal documentation in accordance with accounting standards

Compliance with Legal Obligations (ie Taxation Legislation)

 

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

Up to 10 years from the date of your stay.

Managing your stay at the hotel including access to rooms, resort facilities and the monitoring of services you are using.

Managing your booking with Seahaven Noosa

 

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

The duration of your stay.

Managing Customer Relations:

  • Inputting details into the customer database
  • Segmental analysis based on reservation history and customer travel preferences with the view to send targeted communications.
  • Predicting and anticipating future customer behaviours
  • Developing & reporting statistics and commercial scores
  • Understanding and managing the preferences of new and repeat visitors
  • Sending newsletters, promotions, tourist, hotel or service offers from Seahaven Noosa or its commercial partners

Managing your booking with Seahaven Noosa

 

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

6 years from the date of your last stay with us

 

In the case of our email database, until you manually unsubscribe from the list or request to management to be removed from the list.

Improving our services:

  • Adapting our products and services to better meet your requirements
  • Customising commercial offers and promotional messages we send you

Managing your booking with Seahaven Noosa

 

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

6 years from the date of your last stay with us

Use a trusted third party to cross-check, analyse and combine your collected data at the time of booking or at the time of your stay, in order to determine your interests and develop your customer profile and to allow us to send you personalized offers.

Necessary for our legitimate interests in promoting our services, performing direct marketing activities (considering your commercial relationship with us) and improving our services.

6 years from the date of your last stay with us

Carrying out surveys and analyses of questionnaires and customer comments

Managing claims/complaints

Performance of our contract with you

 

Necessary for our legitimate interests in promoting our services, performing direct marketing activities (considering your commercial relationship with us) and improving our services.

6 years from the date of closure of your file in case of a claim or a complaint or from the date you last interacted with us.

Securing and enhancing your use of Seahaven Noosa website by:

  • Improving navigation;
  • Maintenance and support;
  • Implementing security and fraud prevention.

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

13 months from the collection of the information.

Securing properties and persons and preventing non-payments by holding credit card information.

Necessary for the general operations of our business and for the purpose of providing you with requested products and services.

122 days from registration.

Conforming to any applicable legislation (for example, storing of accounting documents), including:

  • Managing requests to unsubscribe from newsletters, promotions, tourist offers and satisfaction surveys
  • Managing data subject’s requests regarding their personal data.

Necessary to comply with a legal obligation.

Up to 7 years

  1. CONDITIONS OF THIRD-PARTY ACCESS TO YOUR PERSONAL DATA

We share your data with several authorised people and departments in at Seahaven Noosa in order to offer you the best experience. The following teams may have access to your data:

  • Hotel staff
  • IT staff (Third-Party Providers)
  • Commercial partners and marketing services
  • Medical services if applicable
  • Legal services if applicable

Generally, any appropriate person within Seahaven Noosa entities for certain specific categories of personal data.

With service providers and partners: your personal data may be sent to a third party for the purposes of supplying you with services and improving your stay, for example:

External service providers: IT sub-contractors, international call centres, banks, credit card issuers, external lawyers, dispatchers, printers.

Commercial partners: Unless you specify otherwise, we may enhance your profile by sharing certain personal information with its preferred commercial partners. In this case, a trusted third party may cross-check, analyse and combine your data. This data processing will allow Seahaven Noosa and its privileged contractual partners to determine your interests and customer profile to allow us to send you personalized offers.

Social networking sites: Seahaven Noosa may communicate your email address to social networks in order to identify whether you are already a user of the concerned social network and in order to post personalized, relevant adverts on your social network account if appropriate.

With local authorities: We may be obliged to send your information to local authorities if this is required by law or as part of an inquiry. We will ensure that any such transfer is carried out in accordance with local regulations.

  1. DATA SECURITY

Seahaven Noosa takes appropriate technical and organizational measures, in accordance with applicable legal provisions (in particular: Art. 32 GDPR), to protect your personal data against illicit or accidental destruction, alteration or loss misuse and unauthorized access, modification or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.) to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. In relation to the submission of credit card data when making a reservation, SSL (Secure Socket Layer) encryption technology is used to guarantee a secure transaction. Organizational measures ensure the security of the processing.

  1. COOKIES

Our website integrates and links with social media sites such as Facebook, Instagram and others. You should review the privacy policy of these sites if you wish to share or like content on these services. If you are a member of (or sign up with) a social media site, the interfaces with our website may allow the social media site to connect your visits to this site with other Personal Information. We may use this information to provide advertising that is more relevant to your interests.

If you contact us via this website we collect the information you provide such as the email, phone number, name and other information. This information may be shared with other operators / providers / third parties however only for the purposes in which it was provided and/or if required by law.

We are always looking to improve the user experience of our website. To do this we may use small text based files called ‘cookies’ that our site may place on your computer as a tool to remember your preferences. You can turn off cookies using the setting on your web browser however if you do this you may not be able to use all features of our website. We may from time to time also use advertising cookies to deliver advertising that is more relevant to your interests.

We use screen recording software and Google Analytics for tracking site usage in an anonymous manner. We use Google Analytics reporting to track website traffic and improve our website and our services. By using our website you consent to the Google’s Privacy Policy. You can opt out using the steps here.

By using our website you consent to allow advertising / marketing partners to use your data and personal information for advertising and marketing purposes. Any information shared with these partners will be only used in relation to our companies specific marketing communications and will not be used for third party communications

  1. YOUR RIGHTS

You have the right to obtain information about and access your personal data collected by Seahaven Noosa, subject to applicable legal provisions. Also, you have the right to have your personal data rectified, erased or have the processing of it restricted. Furthermore, you have the right to data portability and to issue instructions on how your data is to be treated after your death.  You can also object to the processing of your personal data.

In the event that you wish to exercise any of your rights, please contact resort management by sending an email to [email protected] or by writing to the address below:

Attn: Manager
Seahaven Noosa Resort
15 Hastings Street,
Noosa Heads, QLD, 4567

For the purposes of confidentiality and personal data protection, we will need to check your identity in order to respond to your request. In case of reasonable doubts concerning your identity, you may be asked to include a copy of an official piece of identification, such as an ID card or passport, along with your request. A black and white copy of the relevant page of your identity document is sufficient.

All requests will receive a response as swiftly as possible.

You also have the right to lodge a complaint with a data protection authority. For your information,

  1. UPDATES

We may modify this charter from time to time. Consequently, we recommend that you consult it regularly, particularly when making a reservation.

  1. QUESTIONS AND CONTACTS

For any questions concerning the Seahaven Noosa personal data protection policy, please contact the manager at Seahaven Noosa Resort – [email protected]