Compliance with privacy and data protection laws

We recognise that your privacy is important to you and we value the privacy of every individual and are committed to the protection of personal data. Our privacy policy complies with applicable privacy laws in processing personal data including the Privacy Act 1988 (Cth) and the General Data Protection Regulation (“GDPR”) (which gives certain rights to individuals who are based in the European Union (“EU”) during their interactions with us). Our policy sets out how we collect, use, disclose and otherwise manage personal information about you. We invite you to check our website regularly for any updates to this privacy policy.

General Privacy Statement

You may visit the Cultural Attractions of Australia website without telling us who you are or revealing any personal information about yourself. However Cultural Attractions of Australia does give you the opportunity to provide to us some of your personal contact information in order to interact with you and with our member attractions. This information includes your name, email address and country of residence and state or territory, if you are from Australia. We will only use this information for the purposes described in this policy statement.

Types of information collected

We may collect and hold personal information about you, that is, information that can identify you, such as your name, address, contact details and other information relevant to providing you with the services you are seeking.

Purposes of collection of data

We will collect and use your personal information generally for one or more of the following reasons:

  • providing information and services to you or someone else you know;
  • processing an application you have made;
  • undertaking various activities required by law;
  • providing you with information about other services that may be of interest to you that we, our members and other affiliated organisations, may offer;
  • providing you with promotional information about us, our members and other affiliated organisations;
  • facilitating our internal business operations, including compliance with any legal requirements; and
  • analysing our services and customer needs with a view to developing new or improved services.

We will only process personal data that is necessary to carry out our services as determined by the nature of your interaction with us.

Methods of collection

Personal information will generally be collected directly from you through the use of our standard forms, or over the internet, or through interaction with our social media channels, or via email or through telephone conversations or meetings with you. There may, however, be some instances where personal information about you will be collected indirectly because it is impractical to collect personal information directly from you. We may obtain personal information about you from our members or other affiliated organisations, where the transfer of your information to us is appropriate and lawful, and in keeping with this privacy policy.

Failure to provide information

You acknowledge that if the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you with the services you or they are seeking.

Internet users

If you access our website, we may collect information about your interaction via our website in the form of your IP (internet protocol) address and domain name. Also, our website may from time to time use cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not contain personal information per se, but they may link back to a database record about you. We may use cookies to monitor usage of our website and to create a record of when you visit our website and what pages you view so that we may serve you more effectively.

We have carefully chosen these cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times. In addition to the controls that we provide, you can choose to enable or disable cookies in your internet browser. No attempt will be made to identify users or their browsing activities unless we are compelled to do so by law. The data and log files may be preserved indefinitely and used at any time and in any way necessary to prevent security breaches and to ensure the integrity of the information supplied by Cultural Attractions of Australia. Your personal information will not be released unless the law permits or requires it or your permission is granted.

Links to other websites

This website contains hyperlinks to websites owned and operated by third parties. You acknowledge that we will not be liable in respect of any breach of data protection or privacy laws arising out of your interaction with a third party or third party website (whether or not you have accessed the third party website via a link from our website).

Security of personal data

If and when we provide your personal information to our members or other affiliated organisations, we will use our reasonable endeavours to ensure that those third parties have in place adequate policies in order to provide similar protection of your personal data and privacy in accordance with applicable privacy laws. However we do not accept any responsibility or liability for the privacy practices for any third parties.

Use and disclosure

We use and disclose personal information about you generally for the purposes for which it is collected. We may also disclose personal information about you to:

  • service providers who assist us in operating our business. These service providers may not be required to comply with our privacy policy;
  • other service providers who provide the various services that you have requested or that we have arranged with your express or implied consent. These service providers may not be required to comply with our privacy policy;
  • our members, and other affiliated organisations, for the purposes of providing you with information about services and various promotions that might be of interest to you. Our members include the various cultural attractions about which you may make enquiries or be referred or linked to via our website.
Storage of your personal information

We keep your personal information for as long as is reasonably necessary for the purposes for which it has been collected. In any communication we send you, there will be the option for you to unsubscribe. We will actively review the personal data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or consumer need for it to be retained.

Security

We store your personal information in different ways, including on paper and in electronic form. We take commercially acceptable measures and comply with all applicable privacy laws to ensure that your personal information is stored safely to protect it from misuse, loss, unauthorised access, modification or disclosure. These may include both electronic and physical security measures.

Access

You may be entitled to access the personal information we hold about you, or request for this information to be deleted, upon written request. We will endeavour to provide you with access to the personal information requested within 30 days. We may charge you a reasonable fee for processing your request. We may decline a request for access to personal information where privacy laws require us to do so. If, upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, you should notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.

Data Protection Officer

Our Data Protection Officer is responsible for all matters concerning the proper management and legal compliance of data protection and privacy matters. The Data Protection Officer:

  • provides all necessary assistance with the interpretation and compliance regarding applicable privacy laws and the implementation of our data protection and privacy policy;
  • manages data protection and privacy related queries, incidents and complaints;
  • conducts necessary audits of data management practices;
  • develops and publishes any documentation or upgraded policies which assist in the application of our data protection and privacy policy; and
  • coordinates privacy related training, when necessary, of staff of Cultural Attractions of Australia.
Reporting data and privacy incidents

If you become aware of a data or privacy incident, including an actual or suspected data breach, you should immediately report this incident via the Contact Us page on our website.

A data or privacy incident means an actual or suspected data breach as defined under applicable privacy laws including:

  • the use or disclosure of personal data for a purpose that is not authorised by the individual or by law; or
  • the loss, accidental or unlawful destruction, misuse, unauthorised access, alteration or unauthorised disclosure of personal data.
Complaints relating to how we handle your personal data

If you are concerned that your personal data has not been handled in accordance with our data protection and privacy policy, you may lodge a written complaint to our Data Protection Officer and your complaint will be appropriately investigated and a response provided to you as soon as practicable.

If you are unhappy with the way that we are using your personal data, or if you are not satisfied with our response to a complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (to the extent that the Privacy Act 1988 (Cth) applies) or, if the GDPR applies, with the Data Protection Authority.

Feedback

If you have any queries about our privacy policy or the way in which we handle your personal information, please contact us:

Data Protection Officer
Cultural Attractions of Australia
PO Box 93
Farifield Vic 3078

More information

For more information about privacy in general, including advice regarding making a complaint or notifying of a data breach, you can visit the office of the Australian Information Commissioner at www.oaic.gov.au

This privacy policy may change from time to time. The policy was last updated in March 2019

Photo: Tourism Western Australia

img18 img21

SIGN UP TO CULTURAL ATTRACTIONS OF AUSTRALIA’S NEWSLETTER

We use cookies on this site to provide you with a great browsing experience. Want to know more or withdraw your consent to all or some cookies? Click here for details and controls.

Accept and continue

DATA PROTECTION AND PRIVACY POLICY


Compliance with privacy and data protection laws
We recognise that your privacy is important to you and we value the privacy of every individual and are committed to the protection of personal data. Our privacy policy complies with applicable privacy laws in processing personal data including the Privacy Act 1988 (Cth) and the General Data Protection Regulation ("GDPR") (which gives certain rights to individuals who are based in the European Union ("EU") during their interactions with us). Our policy sets out how we collect, use, disclose and otherwise manage personal information about you. We invite you to check our website regularly for any updates to this privacy policy.
General Privacy Statement
You may visit the Cultural Attractions of Australia website without telling us who you are or revealing any personal information about yourself. However Cultural Attractions of Australia does give you the opportunity to provide to us some of your personal contact information in order to interact with you and with our member attractions. This information includes your name, email address and country of residence and state or territory, if you are from Australia. We will only use this information for the purposes described in this policy statement.
Types of information collected
We may collect and hold personal information about you, that is, information that can identify you, such as your name, address, contact details and other information relevant to providing you with the services you are seeking.
Purposes of collection of data
We will collect and use your personal information generally for one or more of the following reasons: We will only process personal data that is necessary to carry out our services as determined by the nature of your interaction with us.
Methods of collection
Personal information will generally be collected directly from you through the use of our standard forms, or over the internet, or through interaction with our social media channels, or via email or through telephone conversations or meetings with you. There may, however, be some instances where personal information about you will be collected indirectly because it is impractical to collect personal information directly from you. We may obtain personal information about you from our members or other affiliated organisations, where the transfer of your information to us is appropriate and lawful, and in keeping with this privacy policy.
Failure to provide information
You acknowledge that if the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you with the services you or they are seeking.
Internet users
If you access our website, we may collect information about your interaction via our website in the form of your IP (internet protocol) address and domain name. Also, our website may from time to time use cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not contain personal information per se, but they may link back to a database record about you. We may use cookies to monitor usage of our website and to create a record of when you visit our website and what pages you view so that we may serve you more effectively. We have carefully chosen these cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times. In addition to the controls that we provide, you can choose to enable or disable cookies in your internet browser. No attempt will be made to identify users or their browsing activities unless we are compelled to do so by law. The data and log files may be preserved indefinitely and used at any time and in any way necessary to prevent security breaches and to ensure the integrity of the information supplied by Cultural Attractions of Australia. Your personal information will not be released unless the law permits or requires it or your permission is granted.
Links to other websites
This website contains hyperlinks to websites owned and operated by third parties. You acknowledge that we will not be liable in respect of any breach of data protection or privacy laws arising out of your interaction with a third party or third party website (whether or not you have accessed the third party website via a link from our website).
Security of personal data
If and when we provide your personal information to our members or other affiliated organisations, we will use our reasonable endeavours to ensure that those third parties have in place adequate policies in order to provide similar protection of your personal data and privacy in accordance with applicable privacy laws. However we do not accept any responsibility or liability for the privacy practices for any third parties.
Use and disclosure
We use and disclose personal information about you generally for the purposes for which it is collected. We may also disclose personal information about you to:
Storage of your personal information
We keep your personal information for as long as is reasonably necessary for the purposes for which it has been collected. In any communication we send you, there will be the option for you to unsubscribe. We will actively review the personal data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or consumer need for it to be retained.
Security
We store your personal information in different ways, including on paper and in electronic form. We take commercially acceptable measures and comply with all applicable privacy laws to ensure that your personal information is stored safely to protect it from misuse, loss, unauthorised access, modification or disclosure. These may include both electronic and physical security measures.
Access
You may be entitled to access the personal information we hold about you, or request for this information to be deleted, upon written request. We will endeavour to provide you with access to the personal information requested within 30 days. We may charge you a reasonable fee for processing your request. We may decline a request for access to personal information where privacy laws require us to do so. If, upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, you should notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
Data Protection Officer
Our Data Protection Officer is responsible for all matters concerning the proper management and legal compliance of data protection and privacy matters. The Data Protection Officer:
Reporting data and privacy incidents
If you become aware of a data or privacy incident, including an actual or suspected data breach, you should immediately report this incident via the Contact Us page on our website. A data or privacy incident means an actual or suspected data breach as defined under applicable privacy laws including:
Complaints relating to how we handle your personal data
If you are concerned that your personal data has not been handled in accordance with our data protection and privacy policy, you may lodge a written complaint to our Data Protection Officer and your complaint will be appropriately investigated and a response provided to you as soon as practicable. If you are unhappy with the way that we are using your personal data, or if you are not satisfied with our response to a complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (to the extent that the Privacy Act 1988 (Cth) applies) or, if the GDPR applies, with the Data Protection Authority.
Feedback
If you have any queries about our privacy policy or the way in which we handle your personal information, please contact us: Data Protection Officer Cultural Attractions of Australia PO Box 93 Farifield Vic 3078
More information
For more information about privacy in general, including advice regarding making a complaint or notifying of a data breach, you can visit the office of the Australian Information Commissioner at www.oaic.gov.au This privacy policy may change from time to time. The policy was last updated in March 2019
Up