The Privacy Act 1988 (the “Act”) regulates the handling of personal information about individuals. This includes the collection, use, storage and disclosure of personal information, and access to and correction of that information. The Act binds certain entities including the WESTERN SUBURBS LEAGUES CLUB ILLAWARRA LTD AND PORT KEMBLA GOLF CLUB ACN 000 964 152 (the “Club”) and (“we”) and establishes 13 Australian Privacy Principles (“APP”) that apply to the handling of personal information by the Club.
What personal information do we collect and hold?
The types of information that we collect and hold about you could include:
• ID information such as your name, postal and email address, telephone numbers, date of birth and occupation;
• other contact details such as social media handles;
• financial details such as your tax file number if you are a staff member;
• health information if you are a staff member; and
• other information we think is necessary.
We may collect information about you because we are required or authorised by law to collect it. There are laws that affect licensed clubs, including the Corporations Act, Registered Club’s Act and Anti-Money Laundering & Counter-Terrorism Financing Act, which require us to collect personal information. For example, we require personal information to permit you to join the Club or to use the Club’s premises of you are not a member. Sometimes, we may be required to verify your identity under the Anti-Money Laundering & Counter-Terrorism Financing Act also.
We understand that your personal information needs to be looked after. We appreciate that such information is generally not available to the public to view. For this reason, unless it’s unreasonable or impracticable, we will try to collect personal information directly from you (referred to as ‘solicited information’). For this reason, it’s important that you help us to do this and keep your contact details up-to-date.
There are many ways we seek information from you. We might collect your information when you fill out a membership application form to join the Club as a member, when you enter the Club as a temporary member of guest of a member or if you’ve given us a call. We also find using electronic means, such as email or SMS, a convenient way to communicate with you and to verify your details.
Sometimes we collect information about you from other sources. We do this only if it’s necessary to do so. Instances are where:
• we can’t get hold of you and we rely on publicly available information to update your contact details;
• at your request, we exchange information with representatives (such as accounting or legal) outside of the Club.
If you don’t provide your personal information to us, we may not be able to:
• admit you to membership of the Club or admit you into the Club as a temporary member or guest of a member;
• provide you with the activities, products, services or promotions you want;
• verify your identity or protect against fraud; or
• let you know about other activities, products, services or promotions provided by the Club that might better meet your requirements as a user of the Club’s facilities and amenities.
Because we are a big Club with thousands of members, people often share information with us we haven’t asked for (referred to as ‘unsolicited information’). Where we receive unsolicited personal information about you, we will check whether that information is reasonably necessary for our functions or activities. If it is, we’ll handle this information the same way we do with other information we seek from you. If not, we’ll ensure we do the right thing and destroy or de-identify it.
When we receive personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.
We store information in many different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the ways we do this are:
• confidentiality requirements of our employees;
• document storage security policies;
• security measures for access to our systems;
• only giving access to personal information to a person who is verified to be able to receive that information;
• control of access to our buildings; and
• electronic security systems, such as firewalls and data encryption on our websites.
We can store personal information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.
The Club is committed to ensuring the safe storage and management of your personal information. However, the Club has a policy in place in relation to any inadvertent disclosure of personal information, in accordance with the Privacy Amendment (Notifiable Data Breaches) Act 2017. The Club will act in accordance with its’ Data Breach Policy & Response Plan where necessary. You will be informed if a data breach occurs where it is likely to result in serious harm to you through unauthorised access or disclosure of personal information.
We’ll only keep your information for as long as we require it for our purposes. We’re also required to keep some of your information for certain periods of time under law, such as the Corporations Act, the Anti-Money Laundering & Counter-Terrorism Financing Act and Gaming Machines Act for example. When we no longer require your information, we’ll ensure that your information is destroyed or de-identified.
Because we hold a Club Licence and have members, the Registered Clubs Act and Corporations Act require us to collect your personal information to allow us to let you use the facilities and amenities of the Club. This allows us to use your personal information to:
• process your application for membership and provide you with products and services;
• process your application for temporary membership of the Club;
• provide you with information about the Club’s products and services;
• administer products and services which includes loyalty rewards programs and telephone enquiries about member services.
The Club exists to provide products and services to our members. For that reason, we like to share information about those products and services with you as often as we can. We may use or disclose your personal information to let you know about products and services offered or promoted by the Club that might better serve your needs as a member, including running competitions or promotions, upcoming events and functions and other opportunities which may be of interest to you.
We may conduct these marketing activities via email, telephone, SMS, iM, mail, or any other electronic means. We may also market our products to you through third party channels (such as social networking sites) or based on your use of the Club programs. We will always let you know that you can opt out from receiving our third party or the Club program marketing offers.
With your consent, we may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time. We won’t sell your personal information to any organisation outside of the Club.
You can let us know at any time if you no longer wish to receive direct marketing offers from the Club. Just drop in to one of the Club’s sites and inform our reception staff. We will process your request as soon as practicable.
We’ve set out above some of the main reasons why we collect your personal information. So here we set out some of the ways we use your personal information:
• identifying you as a member of the Club;
• telling you about other products or services that may be of interest to you, or running Club activities, competitions and other promotions (including gaming promotions) (this can be via email, telephone, SMS, iM, mail, or any other electronic means including via social networking forums) unless you tell us not to;
• assisting in arrangements with other organisations (such as loyalty partners) in relation to a product or service we make available to you;
• allowing us to run our business and perform administrative and operational tasks, such as:
o training staff;
o developing and marketing products, activities, services and promotions;
o risk management;
o systems development and testing, including our websites and other online channels;
o undertaking planning, research and statistical analysis;
• as required by law, regulation or codes binding us; and
• for any purpose for which you have given your consent.
For the security of all that enter the Club a CCTV system is operated in the club premises.
This vision is not shared with any organisation outside the Club except the Police and other agencies that may require it for security purposes.
The Club does not permit video recording in the clubs without express permission and pre-approved authority from anyone that may be videoed.
To make sure we can meet your specific needs and for the purposes described in ‘Using your personal information’, we sometimes need to share your personal information with others. We may share your information with other organisations for any purposes for which we use your information.
We may need to share your personal information with your representative or any person acting on your behalf (for example, lawyers, accountants, executors, administrators, trustees, brokers or auditors).
• loyalty program partners;
• fraud reporting agencies (including organisations that assist with fraud investigations and organisations established to identify, investigate and/or prevent any fraud, suspected fraud, crime, suspected crime, or misconduct of a serious nature);
• government or regulatory bodies (including ASIC and the Australian Tax Office) as required or authorised by law (in some instances these bodies may share it with relevant foreign authorities);
• our accountants, auditors or lawyers and other external advisers;
• organisations that maintain, review and develop our business systems, procedures and technology infrastructure, including testing or upgrading our computer systems;
• organisations that participate with us in payments systems including merchants, payment organisations and organisations that produce membership cards and loyalty program cards;
• our joint venture partners that conduct business with us;
• organisations that assist with our product planning, research and development;
• mailing houses and telemarketing agencies who assist us to communicate with you;
• other organisations involved in our normal business practices, including our agents and contractors; and
• where you’ve given your consent.
We‘ll always give you access to your personal information unless there are certain legal reasons why we can’t. You can ask us to access your personal information that we hold by attending reception at a Club site. You may be required to complete a Personal Information Access Form before we can assist you. In some cases, we may be able to deal with your request over the phone or immediately at reception.
We will give you access to your information in the form you want it where it’s reasonable and practical (such as a copy of your membership details – we can print it out for you). We may charge you a small fee to cover our costs when giving you access, but we’ll always check with you first.
We’re not always required to give you access to your personal information. Some of the situations where we don’t have to give you access include when:
• we believe there is a threat to life or public safety;
• there is an unreasonable impact on other individuals;
• the request is frivolous;
• the information wouldn’t be ordinarily accessible because of legal proceedings;
• it would prejudice negotiations with you;
• it would be unlawful;
• it would jeopardise taking action against serious misconduct by you;
• it would be likely to harm the activities of an enforcement body (e.g. the police); or
• it would harm the confidentiality of our commercial information.
If we can’t provide your information in the way you’ve requested, we will tell you why in writing. If you have concerns, you can complain.
Contact us if you think there is something wrong with the information we hold about you and we’ll try to correct it if it’s:
• out of date;
• irrelevant; or
If you are worried that we have given incorrect information to others, you can ask us to tell them about the correction. We’ll try and help where we can - if we can’t, then we’ll let you know in writing.
Whether we made the mistake, or the mistake has been made by someone else, we are required to help you ask for the information to be corrected. So we can do this, we might need to talk to others. However, the most efficient way for you to make a correction request is to send it to the organisation which made the mistake.
If we’re able to correct the information, we’ll let you know within five (5) business days of forming that view. If there are any instances where we can’t do this, then we’ll let you know in writing.
If we’re unable to correct your information, we’ll explain why in writing. We will try to do this within five (5) business days of making this decision. If you have any concerns, you can make a complaint to the Office of the Australian Information Commissioner.
If we agree to correct your information, we’ll do so within thirty (30) days from when you asked us, or a longer period that’s been agreed by you.
If we can’t make corrections within thirty (30) days or the agreed time frame, we must:
• let you know about the delay, the reasons for it and when we expect to resolve the matter;
• ask you to agree in writing to give us more time; and
• let you know you can complain to the Office of the Australian Information Commissioner.
If you have a complaint about how we handle your personal information, we want to hear from you. You are always welcome to contact us.
You can contact us by:
• calling the Club’s Privacy Officer on (02) 4239 5800; or
• sending us an email at: email@example.com; or
• writing to us at:
PO BOX 349
Unanderra NSW 2526
Attention: Privacy Officer
• speaking to us in person at a Club site reception at either:
o 1 Hargreaves Street, Unanderra NSW 2526; or
o Golf Place, Primbee NSW 2502
We are committed to resolving your complaint and doing the right thing by our members. Most complaints are generally resolved quickly, and you should hear from us within ten (10) business days.
If you have contacted us by phone, post, email or in person and feel your issue still hasn’t been resolved, the next step is then you can raise your concern with the Office of the Australian Information Commissioner:
• Online: www.oaic.gov.au/privacy
• Phone: 1300 363 992
• Email: firstname.lastname@example.org
• Fax: +61 2 9284 9666
• Mail: GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. We might not always be able to interact with you, but that will generally depend on the nature of the questions being asked. As a public company with lots of members we are sometimes restricted in the information we can discuss with people who are unknown to us. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
• it is impracticable; or
• we are required or authorised by law or a court/tribunal order to deal with you personally.
This Policy may change. We will let you know of any changes to this Policy by posting a notification on our website at www.westsillawarra.com.au and www.portkemblagolfclub.com.au. Any information collected after an amended privacy statement has been posted on the site, will be subject to that amended privacy statement.