Protecting Your Privacy
Bimbadgen is committed to providing you with exceptional service, and this includes protecting your privacy and being open and transparent about what we do with your personal information. In abiding with the Australian Privacy Principles and the Privacy Act 1988, we take all possible steps to ensure information about you, is not disclosed to or accessed by unauthorised persons.
Collecting your information
In the course of our business we collect and hold information about our customers, including former and potential customers. This information is usually personal information (any information including sensitive information from which your identity is apparent). Generally we only collect personal information from you, unless it is not reasonable or practical to do so.
Information we collect from you
We collect information about you and your interactions with us, for example if you make an enquiry or reservation to dine or stay with us, have your wedding or other event with us, if you become a member of our wine club, if you purchase our products online, if during your visit with us an individual is injured, there has been a complaint made or where there has been a threat or damage to personal property, and when you phone, email or write to us, or visit our website. When you use our website we may collect information about your location or activity including IP address, and whether you have accessed third party sites. Some of this website information we collect using Cookies (for more information please contact our IT department). The information we collect from you may include your identity and contact details (including address and email address), and bank account or credit card details.
Information we collect from others
We also collect information from others, such as booking agents and service providers. For example when you enquire about staying with us through a holiday booking agent and you have agreed for your information to be shared with us.
Using your information
We collect, use and exchange your information so that we can:
- establish your identity
- process a payment, including credit card payment
- contact you and manage our relationship with you;
- identify and tell you about other products or services that we think may be of interest to you;
- conduct, manage and improve our business and our customers experience with us;
- design, price and administer our products and services;
- manage our risks and help identify and investigate illegal activity, such as fraud; and
- comply with our legal obligations and assist government and law enforcement agencies or regulators.
- We may also collect, use and exchange your information in other ways where permitted by law.
If you don’t want to receive direct marketing, you can tell us by emailing us at firstname.lastname@example.org or write to us at Level 5, 99 Macquarie Street Sydney, NSW 2000 Australia.
Exchanging your information
We may exchange (i.e. collect from and disclose to) your personal information with the following parties for the following purposes:
- any of our associates, related entities or contractors;
- agents and persons who assist us to provide our products or services to you;
- trade insurers;
- any industry body, tribunal, or court;
- financial consultants, accountants, lawyers and advisers;
- any person considering acquiring an interest in our business or assets;
- any organisation providing online verification of your identity or bank account, credit card or other payment information;
- service providers, for example payment clearing houses;
- those to whom we outsource certain functions, for example, postage, direct marketing, statement production, debt recovery and information technology support;
- claims-related providers, such as assessors and investigators, who help us with claims;
- financial institutions, for example so that we can process a claim for mistaken payment;
- auditors, insurers and re-insurers;
- government and law enforcement agencies or regulators;
- entities established to help identify illegal activities and prevent fraud; and
- any person where we are required by law to do so.
Sending Information Overseas
Occasionally we may send your information overseas, but only directly to our own offices or agents in an overseas location, and to service providers or other third parties who operate or hold data outside Australia. Where we do this, we make sure as far as reasonably possible that appropriate data handling and security arrangements are in place. Please note that Australian law may not apply to some of these entities.
We will take all reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification or disclosure. We will destroy or permanently de-identify personal information we no longer need or which we are no longer required by law to retain. We have physical, electronic and procedural safeguards to protect your information which is held by us. Your information, both hard-copy and/or electronic records, are held at our secure office premises and at secure offsite premises using trusted third parties. Our office premises are protected against unauthorised access by electronic security passes which are held only by our staff, alarms and cameras. Access to information stored, including electronic records which require login and password authorisation, is restricted to our staff whose job purpose requires access. All our staff undertake information security and privacy training. We have firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses accessing our systems.
Wherever it is lawful and practicable, we will give you the option of not providing information when entering into transactions with us. However, in most cases, if you do not provide the full and complete information requested we will be unable to provide our products or services to you.
How do you access your information?
You may ask us what personal information we hold about you, and you may make a request to access to this information at any time. You may make a request by us by contacting our PRIVACY OFFICER (see below contact details). We may ask you to complete a PERSONAL INFORMATION REQUEST FORM and will process your request within a reasonable time and try to make this information available within 30 days of your request. Before we give you the requested information we will need to confirm your identity.
We generally will not charge you a fee in respect of such access but reasonable administrative costs may be charged in some circumstances. If there is an access charge, we will give you an estimate first and ask you to confirm that you would like us to proceed, if you would like us, upfront payment will be required. Generally, the access charge is based on an hourly rate plus any other reasonable costs incurred by us, such as photocopying and postage. We do not need to provide access to your information in several circumstances; for example, the information is commercially sensitive, the request is frivolous or would unreasonably interfere with another person’s privacy or be in breach of the law, or, where to provide access would pose a threat to health or public safety. If we refuse you access we will advise you of our reasons for doing so.
How do you Correct or update your information?
You may ask us at any time to correct the information we hold about you or that we have provided to others by contacting our PRIVACY OFFICER (see below contact details). We will process your request within a reasonable time and try to correct the information within 30 days. If it looks like it will take longer, we will let you know the reason for the delay and try to agree to an extended timeframe with you.
If we are able to correct your information because it is inaccurate, we will inform you when it is so corrected.
If we disagree with you that the information is inaccurate and should be corrected, we will inform you in writing of our reasons. You may request that we attach a statement to the information noting that you consider it is inaccurate misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.
What can you do if you have a complaint?
If you are not happy in respect of how we have dealt with your personal information or in gaining access to it, please contact our PRIVACY OFFICER to discuss your concerns (see below contact details). If we do not resolve your complaint to your satisfaction or we are unable to resolve your complaint, you have the right to refer the matter to the Office of the Federal Privacy Commissioner – Privacy Hotline on 1300 363 992 or visit their website at www.oaic.gov.au or writing to GPO Box 5218 Sydney NSW 2001.
How to contact us:
Level 5, 99 Macquarie Street
Sydney NSW 2000 Australia
Phone: +61 2 9270 6186