Privacy Policy
Privacy Policy
Reflections Holidays respects and values the privacy of its customers and for that reason we will only deal with your personal information as set out in our privacy policy. To download the full policy head here.
Policy statement
NSW Crown Holiday Parks Land Manager, trading as Reflections Holidays, respects and values the privacy of its guests, visitors, contractors and the general public and will take steps to protect their personal information including health information with the use of this policy as a reference and guidance tool.
Reflections Holidays supports compliance with the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) and the Health Records and Information Privacy Act 2002 (NSW) (HRIP Act).
As a State public sector agency, privacy legislation in New South Wales does not require Reflections Holidays to have or publish a privacy policy. Although not required to have a privacy policy, Reflections Holidays considers that having a privacy policy is good privacy practice to allow you to understand how the organisation manages your information.
Reflections Holidays will also support compliance with the European Union General Data Protection Regulation (GDPR) in relation to personal data collected from people the European Union.
Purpose
The purpose of this policy is to outline Reflections Holidays’ approach to ensuring compliance with its legislative obligations in relation to the management of personal information. The policy:
- Clearly communicates how Reflections Holidays, complies with the relevant legislation dealing with privacy in New South Wales;
- Describes the personal information handling practices of Reflections Holidays to enhance the transparency of its operations;
- Provides individuals with a better understanding of the type of personal information Reflections Holidays holds, and the way the organisation handles such information;
- Provide details on how individuals can obtain more information or make a complaint.
Scope
The Privacy Policy applies to all situations in which Reflections Holidays, collects, holds, uses and discloses personal information including health information in a record of a guest, visitors, contractor and/or the general public.
Collection of personal information
Reflections Holidays will collect personal information directly from you as a guest, visitor, contractor or member of the general public. In some circumstances your personal information may be provided by a third person as your authorised agent because, for example, you are visiting one of our parks as part of a group.
The information collected will be for lawful purposes directly related to the function of Reflections Holidays. Reflections Holidays will only request information that is necessary for collection. If you do not wish to provide personal information to Reflections Holidays, we may be unable to provide you with the services requested.
The type of personal information Reflections Holidays collects, includes but is not limited to:
- Name, address and telephone number/s
- Email address
- Driver licence number and/or passport number
- Vehicle details including registration, vehicle make and model
- Financial information, including payment information (i.e.: credit cards, PayPal and/or bank details)
- Details of previous dealings
- Your social media preferences
- Loyalty program details
- Special needs or preferences (which could include health information).
Reflections Holidays will take all reasonable measures to ensure that each individual, providing personal information, is informed and understands the purpose of collecting the information and the consequences (if any) of providing incomplete or inaccurate information.
Personal information and how the trust will use it
The information Reflections Holidays collects will be used to allow you to access the goods and services available at our parks and reserves.
Your personal information may be shared with our contractors, if necessary, to allow you to access our goods and services.
From time to time Reflections Holidays may use the personal information collected to identify services or products the organisation believes may be of interest to an individual. Reflections Holidays then may make contact with the individual to provide information which aligns with an individual’s customer experience. Reflections Holidays will only do this if you opt in to us using your information in this way. Any communications will also include the ability to opt out of future communications.
Reflections Holidays utilises the Cookies function for “remarketing” purposes to tailor advertisements to the user, based on the sections of the website recently viewed. Cookies do not allow Reflections Holidays to identify personal information or grant access to Reflections Holidays (an outside user) to an individual’s electronic device in any form.
Security of information
Reflections Holidays is committed to protecting and securing personal information. Reflections Holidays will employ appropriate technical, administrative and physical facilities to protect personal information from unauthorized disclosure, loss, misuse or alteration.
Access to information
You may request access to your own personal information by sending a written request to the Corporate Secretary.
Personal information collected will not be disclosed to any other person or body unless Reflections Holidays is required or authorised by law.
Privacy reporting or breach of PPIP Act or HRIP Act
Individuals may raise concerns and complaints about the way in which Reflections Holidays has handled their personal information. A privacy complaint should be addressed to the Corporate Secretary.
Where Reflections Holidays becomes aware of a breach, it will take appropriate steps to identify and address the breach. Reports of breaches or potential breaches should be sent to the Corporate Secretary.
Attachment one – Information protection principles
The Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act), outlines 12 Information Protection Principles (IPPs) as detailed in Sections 8 to 12 of the PPIP Act.
To support these principles, Reflections Holidays will:
Collection
1. Lawful
Only collect an individual’s personal information for a lawful purpose. It must be needed for the agency’s activities.
2. Direct
Collect the information from only the individual, unless exemptions apply.
3. Open
Tell the individual that the information is being collected, why and who will be using it and storing it. The individual must be told how to access it and make sure it’s correct.
4. Relevant
Make sure that an individual’s personal information is relevant, accurate, current and non-excessive.
Storage
5. Secure
Store your personal information securely. It should not be kept longer than needed and disposed of properly.
Access and Accuracy
6. Transparent
Provide you with details about the personal information they are storing, reasons why they are storing it and how you can access it if you wish to make it’s correct.
7. Accessible
Allow you to access your personal information in a reasonable timeframe and without being costly.
8. Correct
Allow you to update, correct or amend your personal information when needed.
Use
9. Accurate
Make sure that your personal information is correct and relevant before using it.
10. Limited
Only use your personal information for the reason they collected it.
Disclosure
11. Restricted
Only release your information if you consented. An agency, however, may also release your information if it’s for a related reason and can be reasonably assumed that you would not object. OR your information is needed to deal with a serious or impending threat to someone’s health and safety including your own.
12. Safeguarded
Not disclose your sensitive information without your consent. Such information includes: racial, ethnic information, political, religious and philosophical beliefs, sexual activity and trade union membership. Your information may only be released without consent to deal with a serious and impending threat to someone’s health and safety.