Types of personal information collected
The types of personal information that we collect and hold will vary depending on your dealings with us. This information may include any or all of the following:
- name, address(es), telephone number(s) and other contact details;
- electronic address(es);
- payment information, including credit card type and expiry date (this information is stored by our third party payment processor);
- frequent flyer loyalty reward program number;
- driver's licence number;
- flight number;
- other personal information required to provide our services, including age and residency status; and
- transaction details relating to your use of our products, services or benefits.
We will not collect sensitive information from you or any third party.
You do not have to provide us with any personal information, however if you do not do so we may not be able to provide you with the products, services or benefits you have requested.
We also collect the following information from you when you use our website:
- anonymous non-personal information about how you use our website; and
- “cookie” based information that makes your use of our website easier by recording your preferences so that when you return to our website the “cookie” re-loads that information into your web browser. More information set out below.
How we collect personal information
Generally, we collect personal information directly from you, such as:
- when you submit information through our websites or one of our apps;
- when you call us, email, or or use the 'Live Chat' function to speak with one of our customer service agents;
- in person;
- in the course of us providing you with a requested product, service or benefit;
- when you interact with us via a social media platform; or
- when you have other dealings with us.
We also collect personal information through:
- our related bodies corporate;
- our business partners; and
- third parties who supply services to us.
Why we collect, use and disclose personal information
We will collect personal information for the following purposes:
- to establish and maintain your relationship with us;
- to provide the products or services you have requested from us; or
- to answer any inquiry you make.
We will disclose personal information as required to the providers of the products and services you have booked or purchased (such as car rental and insurance companies). You accept that not all recipients of your information may have privacy policies or be subject to privacy laws equivalent to us and consent to the disclosure of your personal information for that purpose.
We may also disclose your personal information to third parties who work with us in our business to provide, promote or improve the products or services you have requested or are interested in, such as:
- marketing consultants and promotions companies; website hosts;
- consultants and professional advisers
- your company or organisation if you use our services under a corporate account;
- one of our program partners if you are a member of their frequent traveller program and you have asked us to send them details of your rental agreement with us;
- our contracted service providers (including our payment gateway, market research company and our mail house);
- debit and credit card providers;
- credit reporting and fraud checking agencies;
- debt collection agencies, if you default in payment of monies owed to us;
- councils, government and private organisations responsible for the processing or handling of traffic related infringements or the payment of road and traffic tolls;
- in relation to an accident or claim, insurers, the police and other persons involved in the accident or claim;
- driver licensing authorities; and
- government, regulatory and law enforcement agencies where the disclosure is required or authorised by law.
We will also use and disclose your personal information to send direct marketing to you from
- us; and
- our related bodies corporate.
The direct marketing may relate to:
- our products and services;
- the products and services of other parties (such as car rental and insurance companies);
- new developments we believe may be of interest to you.
You may opt-out of receiving this direct marketing through the unsubscribe function that will be made available to you with each direct marketing communication.
How we store and protect personal information
We store personal information in a combination of computer storage facilities, paper-based files and other records. In so doing, we have taken numerous steps to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure.
Additionally, we take reasonable steps to destroy or permanently de-identify personal information when we no longer need it.
The internet is not a secure method of transmitting information. Accordingly, other than where we use secure socket layer technology (SSL) to ensure information is securely transmitted and processed, we cannot and do not accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information.
Do we send personal information overseas?
We are likely to disclose some of your personal information, for the purposes described above, to organisations in New Zealand, United Kingdom, USA, Hong Kong, the Philippines and Ireland.
By providing your personal information to us, you consent to our disclosure of your personal information to organisations in those countries even though it may not receive the same protections that it would in Australia. You may request us not to transfer your personal information to the countries listed above, but if you do so we may not be able to provide the services or products you have requested from us.
How you can access your personal information
We will take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up to date. If your personal details change, such as your address or phone number, please contact our Privacy Officer by email or at the address detailed below.
At your request, we will provide you with a copy of any personal information which we hold about you, unless an exception under the Privacy Act 1988 applies. We may charge a fee for retrieving this information, in which case we will inform you of the fee and obtain your agreement to that fee before providing the information.
We will promptly acknowledge and investigate any complaint about the way we manage personal information.
Information is also generated whenever a page is accessed on our website that records information such as the time, date and specific page. We collect such information for statistical and maintenance purposes that enables us to continually evaluate our website performance.
We do not tie the information gathered using third party analytics to your personal information.
We take data breaches seriously and will act in compliance with the Notifiable Data Breaches scheme established by the Privacy Amendment (Notifiable Data Breaches) Act 2017.
We will use our best endeavours to contain, assess and remedy actual and suspected data breaches as soon as possible and no later than 30 calendar days after the date of the actual or suspected data breach in accordance with our company data breach response policies and procedures.
Where your personal information held by us is lost or subjected to unauthorised access, modification, use or disclosure or other misuse, and this is this is likely to result in serious harm to you or other individuals, we will take steps to remedy the risk of serious harm as quickly as possible. If we have not been able to prevent the likely risk of serious harm with remedial action, we will notify you, other affected individuals, and the Office of the Australian Information Commissioner.
How to contact us or make a complaint
The Privacy Officer
Level 1A, 10 Finchley Street, Milton, Queensland, 4064
We will take reasonable steps to remedy any issues resulting from our failure to comply with our privacy obligations.
If you are not satisfied with the outcome of your complaint you may refer the matter to the Office of the Australian Information Commissioner (OAIC).
Telephone: 1300 363 992
OAIC complaints page: http://www.oaic.gov.au/privacy/privacy-complaints
Last updated on 21 August 2018