NSW Crown Holiday Parks Land Manager, trading as Reflections Holiday Parks, respects and values the privacy of its guests, visitors, contractors and the general public and will take steps to protect their personal information including health information with the use of this policy as a reference and guidance tool.
Reflections Holiday Parks supports compliance with the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) and the Health Records and Information Privacy Act 2002 (NSW) (HRIP Act).
Reflections Holiday Parks will also support compliance with the European Union General Data Protection Regulation (GDPR) in relation to personal data collected from people the European Union.
The purpose of this policy is to outline Reflections Holiday Parks’ approach to ensuring compliance with its legislative obligations in relation to the management of personal information. The policy:
- Clearly communicates how Reflections Holiday Parks, complies with the relevant legislation dealing with privacy in New South Wales;
- Describes the personal information handling practices of Reflections Holiday Parks to enhance the transparency of its operations;
- Provides individuals with a better understanding of the type of personal information Reflections Holiday Parks holds, and the way the organisation handles such information;
- Provide details on how individuals can obtain more information or make a complaint.
COLLECTION OF PERSONAL INFORMATION
Reflections Holiday Parks will collect personal information directly from you as a guest, visitor, contractor or member of the general public. In some circumstances your personal information may be provided by a third person as your authorised agent because, for example, you are visiting one of our parks as part of a group.
The information collected will be for lawful purposes directly related to the function of Reflections Holiday Parks. Reflections Holiday Parks will only request information that is necessary for collection. If you do not wish to provide personal information to Reflections Holiday Parks, we may be unable to provide you with the services requested.
The type of personal information Reflections Holiday Parks collects, includes but is not limited to:
- Name, address and telephone number/s
- Email address
- Driver licence number and/or passport number
- Vehicle details including registration, vehicle make and model
- Financial information, including payment information (i.e.: credit cards, PayPal and/or bank details)
- Details of previous dealings
- Your social media preferences
- Loyalty program details
- Special needs or preferences (which could include health information).
Reflections Holiday Parks will take all reasonable measures to ensure that each individual, providing personal information, is informed and understands the purpose of collecting the information and the consequences (if any) of providing incomplete or inaccurate information.
PERSONAL INFORMATION AND HOW THE TRUST WILL USE IT
The information Reflections Holiday Parks collects will be used to allow you to access the goods and services available at our parks and reserves.
Your personal information may be shared with our contractors, if necessary, to allow you to access our goods and services.
From time to time Reflections Holiday Parks may use the personal information collected to identify services or products the organisation believes may be of interest to an individual. Reflections Holiday Parks then may make contact with the individual to provide information which aligns with an individual’s customer experience. Reflections Holiday Parks will only do this if you opt in to us using your information in this way. Any communications will also include the ability to opt out of future communications.
Reflections Holiday Parks utilises the Cookies function for “remarketing” purposes to tailor advertisements to the user, based on the sections of the website recently viewed. Cookies do not allow Reflections Holiday Parks to identify personal information or grant access to Reflections Holiday Parks (an outside user) to an individual’s electronic device in any form.
SECURITY OF INFORMATION
Reflections Holiday Parks is committed to protecting and securing personal information. Reflections Holiday Parks will employ appropriate technical, administrative and physical facilities to protect personal information from unauthorised disclosure, loss, misuse or alteration.
ACCESS TO INFORMATION
You may request access to your own personal information by sending a written request to the Corporate Secretary.
Personal information collected will not be disclosed to any other person or body unless Reflections Holiday Parks is required or authorised by law.
PRIVACY REPORTING OR BREACH OF PPIP ACT OR HRIP ACT
Individuals may raise concerns and complaints about the way in which Reflections Holiday Parks has handled their personal information. A privacy complaint should be addressed to the Corporate Secretary.
Where Reflections Holiday Parks becomes aware of a breach, it will take appropriate steps to identify and address the breach. Reports of breaches or potential breaches should be sent to the Corporate Secretary.
ATTACHMENT ONE – INFORMATION PROTECTION PRINCIPLES
The Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act), outlines 12 Information Protection Principles (IPPs) as detailed in Sections 8 to 12 of the PPIP Act.
To support these principles, Reflections Holiday Parks will:
|1||Lawful||Only collect an individual’s personal information for a lawful purpose. It must be needed for the agency’s activities.|
|2||Direct||Collect the information from only the individual, unless exemptions apply.|
|3||Open||Tell the individual that the information is being collected, why and who will be using it and storing it. The individual must be told how to access it and make sure it’s correct.|
|4||Relevant||Make sure that an individual’s personal information is relevant, accurate, current and non-excessive.|
|5||Secure||Store your personal information securely. It should not be kept longer then needed and disposed of properly.|
|Access and Accuracy|
|6||Transparent||Provide you with details about the personal information they are storing, reasons why they are storing it and how you can access it if you wish to make it’s correct.|
|7||Accessible||Allow you to access your personal information in a reasonable timeframe and without being costly.|
|8||Correct||Allow you to update, correct or amend your personal information when needed.|
|9||Accurate||Make sure that your personal information is correct and relevant before using it.|
|10||Limited||Only use your personal information for the reason they collected it.|
|11||Restricted||Only release your information if you consented. An agency, however, may also release your information if it’s for a related reason and can be reasonably assumed that you would not object. OR your information is needed to deal with a serious or impending threat to someone’s health and safety including your own.|
|12||Safeguarded||Not disclose your sensitive information without your consent. Such information includes: racial, ethnic information, political, religious and philosophical beliefs, sexual activity and trade union membership. Your information may only be released without consent to deal with a serious and impending threat to someone’s health and safety.|