For reference, our related bodies corporate are:
Depending on the particular circumstances, we may collect and hold a range of different information about you.
Personal information is information from an individual who is reasonably identifiable. Examples of the types of personal information we collect include:
As well as other similar Personal Information that is needed to register or subscribe you to our services or offers. If we ever ask for significantly different information, we will inform you. If you do not provide certain requested Personal Information to us, we may not be able to provide you with access to and use of the Site, provide you with access to our other products and services, or to fulfil one or more of our functions and activities applicable to you.
The following information we collect does not allow you to be identified until the point that you enter an email address into any form on our website. This information is data that is only labelled with individual identifiers in certain third party systems and is never stored within BRG owned databases. Within owned databases, the following information is not labelled with personal identifiers or has had the identifiers permanently removed, and by means of which no specific individual can be identified directly by BRG systems. When you visit the Site, our Company servers may automatically record non-identifiable information that your browser sends.
This data may include, but is not limited to:
Non-identifiable information is collected for analysis and evaluation in order to help us improve the Site and the services and products we provide. This data will not be used in association with any other Personal Information
In certain circumstances, such as when you purchase a product, voucher or gift card for another individual, we may also collect the information that you provide to us on that individual which may include:
We may collect your information in a number of ways, including:
Directly from you, including but not limited to when you:
We may also collect information from you online. See more information in clause 6.
Our use of the personal information we collect is necessary in order for us to maintain the Site and facilitate users' use of the Site. We do not collect any unnecessary personal data from users (for instance, their race or religious beliefs).
We may store your Personal Information in hard copy or electronic format, in facilities that we own and operate ourselves, or that are owned and operated by our service providers. We take the privacy and security of your Personal Information seriously and we use a number of procedures and processes to ensure, where possible, the security and integrity of your Personal Information.
We protect your Personal Information by:
The Big Red Group is committed to information security. We will use all reasonable endeavours to keep users' personal information in a secure environment. For instance, each user's personal information is encrypted whilst being sent to our server at the time of setting up an account. However, security cannot be guaranteed due to the nature of the internet.
The Big Red Group security measures are designed to assist in ensuring that users' personal information is not accessed by unauthorised personnel, lost or misused. If you reasonably believe that there has been unauthorised use or disclosure of your personal information, please let us know by contacting our Privacy and Data Protection Officer (see clause 10).
The security of your sensitive financial details is important to us. Credit card details are never stored by the Big Red Group. Credit card data is encrypted when being transferred through the payment gateway. Not only are all transactions secured using industry strength SSL encryption but, as additional protection, we also enforce the entry of the 3 or 4 digit credit card security numbers (CCV number).
Once any information is in our possession, we will take reasonable steps to protect that information from misuse, loss, unauthorized access, and modification or disclosure. In the event of a security incident we have in place procedures to promptly investigate the incident and determine if there has been a data breach involving personal information, and if so, to assess if it is a breach that would require notification. If it is, we will notify affected parties in accordance with the Privacy Act requirements.
While we strive to protect such information, we cannot guarantee 100% the security of any information (personal or other) you transmit to us. Therefore, we will not be liable for any breach of security or unintended loss or disclosure of information due to the Site being linked to the Internet.
We will retain your information for as long as the Big Red Group account is active or as necessary to comply with our legal obligations, resolve issues, address queries and enforce our agreements. If you no longer wish to use our Site or Services, you may request that your account be deactivated by email@example.com or calling our Customer Experience Team on 1300 875 500 (AU) or 0800 555 023 (NZ)
Users' personal information is uploaded to, and kept on, the servers that we maintain or that are maintained by third parties that comply with strict contractual privacy obligations. It is not otherwise transferred internationally, other than New Zealand and the United States, except where a copy is sent to the user at their request. Users consent for their personal information to be transferred and stored in this manner is obtained at the time of registration.
We may use your information for a range of different purposes, including:
We may also use your information so that we, our related entities, other business or commercial partners can promote and market products, services and special offers that will be of interest to you (which may include products, services and offers provided by a third party).
We collect aggregated information about you which informs us about our users. The browser information we collect is used in an aggregated, anonymous manner in our internal analysis of traffic patterns within the Site. This information is used by us to administer and improve our products and services.
The User will also be given the option to sign up for our email newsletter. Once subscribed, the Big Red Group and its related bodies corporate may use personal information about the User for the primary purpose of providing User with services from the Big Red Group or its partner suppliers, and for other purposes for which you would reasonably expect us to use that information. This includes sending the User information about new 'experiences', products, services and special offers by post, telephone or any form of electronic communication. By subscribing, the User authorises the Big Red Group to use any email address or other contact information he/she has provided at any time for this purpose.
The User will also be given the opportunity to 'opt-out' of receiving emailed information or other correspondence, by simply clicking the unsubscribe link at the bottom of any newsletter email you receive from us, replying 'Opt out' to any SMS or changing your push notification settings within your selected browser. The User agrees and acknowledges that even if he/she opts out of receiving marketing material, the Big Red Group may still send the User essential information that it is legally required to send the User relating to the services they have acquired from us.
Once you opt out of receiving marketing material from us, you agree and acknowledge that this removal from our distribution lists may take several business days after the date of you request to be removed.
We engage a range of third parties to provide services and perform business support functions for us. Some of those third parties need access to Personal Information in order to provide the services or perform the functions we require. Therefore, we may disclose your information to these third parties to:
Where we share your Personal Information with third party service providers, they will be contractually bound to use the information only for the purposes of providing the services or performing the functions required by us and to store the information securely, for example, storing in non-human readable form to ensure the security of your information.
We may disclose certain information about you including your personal information to our related bodies corporate.
In the event of a security incident involving unauthorised access, use or disclosure of personal information where a third party with whom we share personal information is involved, we will seek to work cooperatively with them to protect the personal information we have shared with them.
We use "cookies" when you visit the Site. It is a technology that enables us to operate an efficient service and track the patterns of behaviour of visitors to the Site. There are four main types of cookies - here's how and why we use them.
By using the Site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the Site in the future. You can modify the settings on your device to prevent cookie use. Please note by disabling cookies, your user experience may be affected and you might not be able to take advantage of certain functions of the Site
Notwithstanding any other provision, we may also engage a third party service provider who may combine your information with information from other data sources; and may place or recognize a unique cookie on your browser for the purpose of identifying users and delivering to them interest-based content and advertisements. To opt-out of third party cookies, please contact us firstname.lastname@example.org
The personal information we hold about a user is kept so that we may correctly identify that user. Users can update their personal information anytime from within the 'My Account' area of the Site.
We take all reasonable steps to ensure that personal information held by us is accurate, up-to-date, complete, relevant and not misleading. If you believe that any of your personal information is not accurate, up-to-date, complete, relevant and not misleading, please contact us (see below) and we will take all reasonable steps to correct it within a reasonable time.
Users have a right to get a copy from us of the personal information we hold about them and can also request that we delete personal information we hold about them. If you wish to receive a copy of this information or for it to be deleted, please address your request to the Privacy and Data Protection Officer (see clause 10). We will deal with your request promptly and in any case at least within 30 days of the date of receiving it. We will give access to the information in the manner you request and will delete it, if you wish us to do so, where reasonable and practicable. This will be subject to any exemptions allowed under the Privacy Act. We will correct or delete inaccurate or incomplete personal information we hold about you at your request.
You can find more information about privacy and the protection of your Personal Information on the website of the OAIC athttps://www.oaic.gov.au/
Privacy and Data Protection Officer
The Big Red Group, Level 17, 5 Martin Place, Sydney, NSW, 2000.
When contacting us you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if it is impracticable for us to communicate with you that way or we are required or authorised under Australian law to only deal with individuals who have identified themselves.