Grayza Holdings Pty Ltd ACN 637 066 552 (we/us/our) understand that you are concerned about your privacy, along with the confidentiality and security of any personal information that you provide to us. We consider your privacy to be of crucial importance and approach our protection of it with the utmost seriousness.
We treat all personal information collected in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APP’s) contained within the Privacy Act and this Policy. If there is any inconsistency between the Privacy Act and this Policy, the Privacy Act will prevail to the extent of the inconsistency.
Personal information is information or an opinion of an individual whose identity is apparent or can be reasonably ascertained. We collect a wide variety of personal information that is reasonably necessary for the purposes of conducting and improving our business and our services. Personal information is collected from a range of sources including:
- through our website at https://www.grayza.com/ or our software application (the Site);
- through our account creation process;
- through our guest check out process;
- through marketing research;
- through business interactions;
- via surveys;
- by otherwise having some form of contact with us such as by mail, telephone, email, internet or intranet; and/or
- through any of our other business activities or events.
Personal information collected by us may include:
- your name;
- your gender;
- your date of birth;
- your address;
- your occupation;
- your bank account details;
- your contact details such as your mobile number, telephone number and email address;
- your reasons for using our services;
- your preferences and opinions relating to our services; and
- all logs, which may include information such as your internet protocol (IP) address, browser type, browser version, clickstream data, referring URLs, the pages of our Site that you visit, the time spent on any pages of our Site and other log related information relating to your use of our Site.
We endeavour to only collect personal information about you where it is reasonably required.
Use of personal information
We automatically gather personal information to monitor the use of our Site and to support our service delivery. The vast majority of data we collect (other than your personal details) is aggregated and effectively anonymous to us.
Sometimes you will be asked to confirm that you agree to a particular activity, or the collection of your personal information for a specific purpose. We will always make it clear to you if any information is being collected in a way that could personally identify you.
Generally, we gather and use your personal information to enable you to effectively use our services, including for providing, evaluating, improving, personalising and developing our Site and our services. More specifically we use personal information for:
- improving the satisfaction of our users;
- providing support to you;
- promoting and marketing our services to you (each person may opt-out of marketing and sales communications);
- determining whether a candidate is suitable for a position within our business, as an employee or contractor for a current or future project;
- our internal research and statistical purposes (including market segmentation, market analysis, trend identification and customer value analysis);
- enabling us to forward to you other information or material which we believe may be of interest to you (each person may opt-out of our information sharing communications); and
- quality assurance and insurance purposes.
Third party sites
We do not operate these Linked Sites. Accordingly, we have no control over, and assume no responsibility for, nor do we endorse the content, privacy policies, or practices of any Linked Sites.
You should be aware that the data you share with a third party on a Linked Site, and your ability to opt-out of a tool or platform used by a Linked Site will depend on the conditions governing your agreement with them.
Disclosure of personal information
We do not disclose your personal information to any third party without your personal consent, except where that third party requires the information to assist us in an advisory, technical or services sense.
We will only disclose personal information, other than as mentioned above, where we are legally required or compelled by a law enforcement or government agency to do so.
Information you make public
Certain services we provide are open to other account holders to view. Any information you create or post in these locations will not be private. We urge you to exercise caution when deciding to disclose your personal information in a public space. You agree to assume all responsibility for all personal information that you have made public on our Site.
Users will be notified as soon as reasonably possible, where allowable by law, if any request is made for your information to be disclosed.
Consent to limited disclosure
You consent to us providing your personal information on a confidential basis to Venues after you have made a purchase.
Protecting your personal information
Steps we take
We take thorough steps to protect the personal information we hold from:
- misuse, interference and loss; and
- unauthorised access, modification or disclosure.
The precautionary steps we take to protect personal information include:
- adopting measures to protect our computer systems and networks for storing, processing and transmitting personal information;
- adoption of procedural and personnel measures for limiting access to personal information by our staff;
- regularly reviewing our information collection, storage and processing practices; and
- such other security measures we consider reasonable and appropriate from time to time.
Notwithstanding that we use our best endeavours to protect all personal information we collect and hold, we unfortunately cannot guarantee its complete security.
De-identifying your personal information
When personal information is no longer required to be kept by us, we will take reasonable steps to destroy or delete the personal information in a confidential manner.
Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some features of the Site.
Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier (similar in function to cookies) and are used to track the online movements of web users or to access cookies.
Unlike cookies which are stored on the user’s computer hard drive, web beacons are embedded invisibly on web pages or in an e-mail.
Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns.
Like many sites, we use web beacons to collect information which is done in accordance with this policy.
To provide customer support, perform back-office functions, store personal information, undertake fraud prevention tasks or to otherwise assist us in providing our services to you, we may engage staff or third-party service providers that are located in a country other than that in which you are based. For example, we utilise the services of Google Analytics to improve both our Site and our range of Services as detailed in clause 9.1.
This does not lessen our obligation to protect your personal information, and we have implemented security measures to protect the security of your personal information. However, as with any transfer of data, there are still risks of data breaches.
Disclosure for analytics
We may use Google Analytics to track your usage of our Site. Google Analytics is a web analysis service provided by Google. Google utilises the data collected to track and examine the use of the website, to prepare reports on the site’s activities and share them with other Google services.
Consent to overseas disclosure
In all other circumstances we will only disclose your personal information to an overseas recipient if:
- you consent to the transfer; or
- the disclosure of the information is required or authorised by or under an Australian law, other applicable law or a court/tribunal order.
We will take reasonable steps to ensure such overseas recipients do not breach the APP’s and are subject to laws or a scheme substantially similar to the APP’s.
Accessing and updating your personal information
Access to Personal Information
We will provide you with access to your personal information held by us unless:
- giving access would be unlawful; or
- denying access is required under the Privacy Act or any other applicable law.
Request for Access
If you would like access to your personal information aside from your account information, you must contact us in writing making such a request. Following receipt of your request, we will contact you and either provide you with the information you have sought, or an explanation detailing why we will not provide you with the information.
Amending your personal information
We endeavour to keep all personal information we hold accurate, up to date and complete. If at any time you wish to correct any of your personal information and you have an account you may do so freely at any time via your account profile following your log on.
If you wish to amend personal information that we hold that is not editable under your account, please contact us to request amendment. If we elect not to correct your information, we will notify you, within a reasonable time, detailing the reason for our refusal, the mechanisms available for you to complain about our refusal and such other matters required by the Privacy Act.
If you wish to have your personal information deleted, please let us know and we will take all reasonable steps to delete it, unless we need to keep it for legal reasons.
If you are located outside Australia and choose to provide your personal information to us, your personal information will be processed in Australia and in accordance with this Policy.
We strive to ensure strict compliance with this Policy and to regularly review our practices against it.
If at any time you have a complaint against us regarding our Policy, including a breach of the Privacy Act, we invite you to make a compliant by emailing [Insert]. All complaints made will be dealt with in confidence. We endeavour to respond within 30 days of receipt of a complaint with a resolution or proposed resolution to the issue raised.
Please note that you may also make a complaint to the Office of the Australian Information Commissioner about the handling of your personal information. Information on making a privacy complaint can be found on their website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
We reserve the right to vary this Policy from time to time without further notice to you. Any variations made will be updated on our website. We will not reduce your rights under this Policy without providing you with notice.
It is your responsibility to check our Policy every now and again to ensure you are aware of any changes made to it.
You may contact us by emailing firstname.lastname@example.org