What is Personal Information?
Personal information is defined by law as information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Some types of personal information, e.g. employee records are exempt from the Privacy Act.
The Privacy Act place more stringent obligations on us when we handle ‘sensitive information’. Sensitive information is a type of personal information and includes information about an individual's:
- health (including predictive genetic information)
- racial or ethnic origin
- political opinions
- membership of a political association, professional or trade association or trade union
- religious beliefs or affiliations
- philosophical beliefs
- sexual orientation or practices
- criminal record
- biometric information that is to be used for certain purposes
- biometric templates
We do not usually collect any sensitive information except for health information that may be relevant to the provision of the goods and services you have requested. However where that information is required we will only collect it and use it where we have your express consent to do so.
Why we collect personal information and how we may use it
Generally, we will collect personal information directly from you, and only to the extent necessary to provide our products or services, including our agency functions, or to carry out our internal administrative operations. An agency function means a service that we provide to you on behalf of another organisation, such as our travel and cruise partners.
The type of personal information we collect generally includes:
- first and last name,
- telephone number(s)
- postal and email addresses,
- billing information (such as credit card number, cardholder name, and expiration date)
- passport number
- age and date of birth
We may collect personal information from you when you:
- fill in an application form
- deal with us over the telephone; e-mail us
- ask us to contact you after visiting our website; or have contact with us in person
We will use your personal information only for the particular purpose that you provided it, or for a directly related purpose. We may otherwise use your personal information where that other use is:
- required or permitted by law; or
- with your express or implied consent.
We may also collect personal information about you from your use of our websites and information you provide to us through contact mailboxes or through the registration process.
You may choose not to provide certain information to us, but in general some information about you is required in order for you to register as a member; book cruises and travel; participate in a survey, contest, or sweepstakes; ask us a question; or initiate other transactions on our site. Refusal to provide such information may affect your use of our websites or your ability to purchase or use our products and services.
Additionally, we may periodically obtain both personal and non-personal information about you from affiliated entities, business partners and other independent third-party sources and add it to our account information. Examples of information we may receive include: updated delivery and address information, purchase history, and demographic information. In addition, if you sign up using your social media account, or link your account with us to your social media account, we may access information about you via that social media provider in accordance with the provider's policies. The information may include but is not limited to your name, email address, profile picture, gender, list of friends, and other information that you authorise us to receive. Depending on the privacy settings of your social media accounts, we may access information that you provide to a social media provider regarding your respective locations ("Location Data") to provide you with relevant content. Please note that your Location Data may also be shared with your friends on a social media provider in accordance with your privacy settings for that social media provider.
We hold personal information in hard copy and electronic formats. We take security measures to protect the personal information we hold, including physical (for example, security passes to enter our offices and storage of files in lockable cabinets) and technology (for example, restriction of access, firewalls, the use of encryption, passwords and digital certificate) security measure. We also have document retention policies and processes.
We want you to feel confident about interacting with us and we are committed to protecting the information we collect. While no website can guarantee security, we have implemented appropriate administrative, technical, and physical security procedures to help protect the personal information you provide to us. For example, only authorised employees are permitted to access personal information, and they may only do so for permitted business functions. In addition, we use encryption when transmitting your sensitive personal information between your system and ours, and we employ firewalls and intrusion detection systems to help prevent unauthorised persons from gaining access to your information.
Information collected on this website
We may collect non-personal information from you such as browser type, operating system, and web pages visited to help us manage our website.
Our internet server logs the following information which is provided by your browser for statistical purposes only:
- the type of browser and operating system you are using your Internet Service Provider and top level domain name (for example - .com, .gov, .au, .uk etc) the address of any referring web site (for example - the previous web site you visited), and
- your computer's IP (Internet Protocol) address (a number which is unique to the machine through which you are connected to the internet)
All of this information is used by us for aggregated statistical analyses or systems administration purposes only. No attempt will be made to identify users or their browsing activities, except where required by or under law.
We also may collect information about your online activity, such as cruises / deals viewed and bookings made. Our goals in collecting this automatic information include helping customise your user experience and inhibiting fraud.
A "cookie" is a packet of information that allows our servers (the computer that houses our web sites) to identify and interact more effectively with your computer.
When you access our websites, we send you a temporary or "session cookie" that gives you a unique identification number. A different identification number is sent each time you use our websites. Cookies do not identify individual users, although they do identify a user's internet browser type and your Internet Service Provider. Shortly after you end your interaction with our web site, the cookie expires or "crumbles". This means it no longer exists on your computer and therefore cannot be used for further identification or access to your computer.
Without cookies certain personalised services cannot be provided to users of our website, accordingly you may not be able to take full advantage of all of our website features if cookies have been disabled.
We use session cookies in the following manner:
- Log-on and log-off administration - If you decide to register with our site, for example, to use one of our online services, session cookies help with the log-on and log-off process. The cookies enable us to recognise your log-on ID when you log-on so that we do not establish a duplicate registration record for you.
- Transactions and site usability - We use session cookies to improve how you navigate through our website and conduct transactions. As examples, session cookies are used to maintain your online session as you browse over several pages; to store and prepopulate information so that you do not have to re-enter the same information twice
We use persistent cookies as follows:
- Site usage measurement - Our site measurement tool uses a persistent cookie to assist us in measuring how and when our web site and its various components are used. It functions as a "visit cookie," so we can determine if you are a repeat visitor to our site. This allows us to know if we are attracting new visitors and what aspects of the site seem most useful. The cookie will expire up to a year after your last visit.
Other cookies allow us to remember certain information related to prior website interactions, such as web form submissions and user preferences. These features and cookies are strictly at your request and for your convenience.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser's instructions or help screens to learn more about these functions.
Links to other sites
Our sites contains links to other sites. We are ultimately not responsible for the privacy practices or the content of such websites. We encourage you to read and understand the privacy policies on those websites prior to providing any information to them.
Some of the content appearing on our websites may be supplied by third parties, for example, by framing third party websites or the incorporation through "framesets" of content supplied by third party application service providers. In such cases we will ensure that our contractual arrangements with these third parties protect your personal information in compliance with privacy laws.
Search terms that you enter when using our search engine are collected, but are not associated with any other information that we collect. We use these search terms for the purpose of aggregated statistical analyses so we can ascertain what people are looking for on our website, and to improve the services that we provide.
Also, from time to time, we may use external companies to provide us with detailed aggregate statistical analyses of our website traffic. At no time is any personal information made available to these companies, nor is the aggregate information ever merged with personal information such as your name, address, email address or other information you would consider sensitive or would compromise your privacy.
We are committed to keeping your trust by protecting and securing your personal information.
We employ appropriate technical, administrative and physical procedures to protect personal information from unauthorised disclosure, loss, misuse or alteration.
We limit access to personal information to individuals with a business need consistent with the reason the information was provided. We keep personal information only for as long as it is required for business purposes or by the law.
We protect your personal information by complying with industry best-practice standards relating to technology, information security and risk management.
Website security and privacy
We understand that you may be concerned about the security of the personal information we collect from you online.
Accordingly, we have systems in place to ensure our online dealings with you are as secure as your dealings with us in person, or on the telephone.
In those instances where we secure your personal information in transit to us and upon receipt, we use the industry standard encryption software, Secured Socket Layer (SSL) 128 bit encryption. The URL in your browser will change to "HTTPS" instead of "HTTP" when this security feature is invoked. Your browser may also display a lock symbol on its bottom task bar line to indicate this secure transmission is in place.
For site security purposes and to ensure this service remains available to all users, we employ software programs to monitor network traffic in order to identify unauthorised attempts to upload or change information, or otherwise cause us damage. Except for authorised law enforcement investigations, no other attempts are made to identify individual users or their usage habits other than those uses identified in this policy. Unauthorised modification or misuse of information stored in this system will be investigated and may result in criminal prosecution.
If we transfer personal information to countries outside Australia or into the “cloud”, we will only do so in compliance with all applicable Australian data protection and privacy laws. At present we have some staff based in the Philippines providing booking and fulfillment services for us and also name and date of birth information is sent to the USA to lock bookings into our registration system.
We will take reasonable steps to protect personal information no matter what country it is stored in or transferred to. We have procedures and data transfer contracts as appropriate to help ensure this.
Disclosure of Personal Information
We use personal information you provide only for purposes consistent with the reason you provided it, or for a directly related purpose.
We will not use your personal information to market to you unless we have either your implied or express consent but in situations where it is impractical to obtain your prior consent, we will ensure you have an ability to opt out of future such communications.
We do not share your personal information with other organisations unless you give us your express consent, or where sharing is otherwise required or permitted by law, or where this is necessary on a temporary basis to enable our contractors to perform specific functions.
When we temporarily provide personal information to companies who perform services for us, such as specialist information technology companies, mail houses or other contractors to we require those companies to protect your personal information as diligently as we do.
We may disclose your Personal Information to:
- Third-party vendors who provide services or functions on our behalf, including credit card processing, business analytics, and distribution of surveys or sweepstakes programs. Third-party vendors have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose. They are also required to follow the same data security practices that we ourselves adhere to.
- Business partners with whom we may jointly offer products or services, or whose products or services may be offered on our website. You can tell when a third party is involved in a product or service you have requested because their name will appear, either alone or with ours. If you choose to access these optional services, we may share information about you, including your personal information, with those partners. Please note that we do not control the privacy practices of these third-party business partners.
- Referring websites. If you were referred to one of our websites from another site (for example, through a link you clicked on another site that redirected you), we may share some information about you with that referring website. We have not placed limitations on the referring websites use of your personal information and we encourage you to review the privacy policies of any website that referred you to us.
We also may share your Personal Information where that disclosure is:
- authorised or required by law
e.g. disclosure to various government departments and agencies such as the Australian Taxation Office, CentreLink, Child Support Agency, or disclosure to courts under subpoena.
- in the public interest
e.g. where a crime, fraud or misdemeanour is committed or suspected, and disclosure against the customer's rights to confidentiality is justified.
- with your consent
your consent may be implied or express and it may also be verbal or written.
We also may share aggregate or anonymous information with third parties, including advertisers and investors. For example, we may tell our advertisers the number of visitors our website receives or the most popular cruises and vacation destinations. This information does not contain any personal information and is used to develop content and services we hope you will find of interest.
We understand the importance of protecting children’s privacy, especially in an online environment. In particular, our websites are not intentionally designed for or directed at children under the age of 13. It is our policy to never knowingly collect or maintain information about anyone under the age of 13, except as required to facilitate you or your family’s use of our goods and services, for example, as part of a travel booking.
Your rights and choices
You may interact with us anonymously where this is lawful and practicable.
You have the right to request access to the personal information you provide, and to correct or update your personal information. This right is subject to certain exceptions allowed by law.
You may instruct us to remove any previous consent you provided to receive marketing communications from us.
We will collect personal information from you by lawful and fair means and not in an unreasonably intrusive way.
Every personalised marketing contact sent or made by us will include a means by which customers may opt out of receiving further marketing information.
Updating your information
It is inevitable that some personal information which we hold will become out of date. We will take reasonable steps to ensure that the personal information which we hold remains accurate and, if you advise us of a change of details, we will amend our records accordingly.
We will, upon your request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we ask that you identify, as clearly as possible, the type/s of information requested.
We will deal with your request to provide access to your personal information in a reasonable time - usually within 30 days of receipt of your request.
We will not charge you for lodging such a request but we may recover from you our reasonable costs incurred in supplying you with access to this information.
Notifiable Data Breaches
Since 22 February 2018 the Privacy Act now requires us to notify individuals and regulators of data breaches where there it is possible that individuals will experience serious harm as a result of that breach. We have a Notifiable Data Breach Response Plan in place that reflects these obligations and follows guidance issued by the Office of the Australian Information Commissioner.
We place privacy, customer service and commitment to you at the heart of what we do. We strive to get it right, first time, every time. But occasionally, things don't go as planned. If this happens we’d really like your feedback as not only does it allow us to discuss the issue with you but also helps us to improve our product and service.
Most of your concerns can be dealt with by our front line teams and they will do their best to resolve the matter quickly to your satisfaction.
If you feel your complaint has not been fully addressed you can let us know via our online feedback form or contact us directly, see the “Contact us” section below.
We will endeavour to reply to you within 30 days of receipt of your correspondence and, where appropriate, we will advise you of the general reasons for our resolution of your complaint.
If you complaint is related to a privacy matter and you are not satisfied with the outcome, you can refer your complaint to the Office of the Australian Information Commissioner.
Write to us:
Privacy Contact Officer
PO Box 3065 Westfield TC,
Helensvale, QLD 4212 Australia
Call our Customer Contact Centre 1300 830 786 between 8.30am and 6.00pm AEST Monday to Friday.