In order to provide you with our services, we keep track of how you interact with us. This includes links in emails we send you and links that appear on our website. The following information is logged for statistical purposes when you look at our website:

• server address / IP address
• the date and time of your visit to our site
• the pages you accessed
• your top-level domain name
• the documents you downloaded
• the previous website you have visited
• the type of browser you are using to access our website
• if you have visited our website before
• the type of device you are using
• location data

Sensitive information is information about your origin, beliefs, membership, sexual preferences or health.

Rainbow Sea Resort will not collect sensitive information from you without your consent. If we collect sensitive information from you, we will disclose to you the reason for seeking it.

In handling personal and sensitive information with respect to guests and customers, we only process this information for the purpose of providing the services or products that the guest or customer has requested or, in the instance of an emergency, providing those services that the guest or customer reasonably requires. This is often spelt out in our agreements or communications with our guests and customers. We do not use or retain personal and sensitive information for any purpose other than the delivery of the service and for auditing or legal reasons.

We process personal and sensitive information relating to our guests and customers to better understand their needs and to provide them with information about our products and services. Your personal and sensitive information is protected so that only those employees with a business requirement to have access to this personal or sensitive information will be granted access. In the instance of a medical emergency, consent to supply sensitive information to a third party for the purposes of administering medical treatment will be deemed to have been granted by the guest or customer.

Rainbow Sea Resort generally explains how it will use or disclose personal and sensitive information at the time it collects the information. In addition, personal and sensitive information may be disclosed when:

• To manage your reservation and booking.
• To manage your stay at our apartments.
• To improve our services including to better understand your needs and requests and to tailor our products and services to better suit your desires.
• To send you emails, newsletters, promotions and marketing material about our offers or to contact you by telephone.
• To secure and improve your use of our services.
• To comply with any obligations imposed on us by law.
• When it is necessary to implement our terms of service.
• If it is necessary to protect the rights, property or personal safety of another Rainbow Sea Resort guest or customer, any member of the public or Rainbow Sea Resort
• The assets and operations of Rainbow Sea Resort business are transferred to another party as a going concern

A cookie is a very small text file that is sent to a visitor's browser from a web server and stored on the visitor's computer hard drive. It assigns the computer a unique identifier. It is essentially the visitor's identification card when she/he/they return to the Rainbow Sea Resort website. Cookies save visitors time because they help us to provide the visitor a customized experience without having to remind us of her/his/their preferences each time she/he/they return to our web pages. Rainbow Sea Resort cookies cannot damage visitor files, nor can they read information from the visitor's hard drive.

Cookies help us provide our visitors with a personalized online experience in the following ways:

• They remember visitor names and passwords for future visits so log-in is easier and faster
• They ensure visitors are provided with the appropriate frames and content
• They ensure visitors obtain the information requested
• They help us deliver communications that are relevant and targeted to our visitors' interest

Rainbow Sea Resort cookies do not follow visitors when traveling on the internet after leaving Rainbow Sea Resort website. We track the usage of our website in order to modify it according to our visitors' need. We pay attention to what information is requested and attempt to make it easier to find such information in the future.

If visitors do not want the benefits of these cookies they can set their browser to reject the cookies. Visitors should consult the instructions for their particular browser on how to do this. However, visitors should understand that rejecting cookies might affect their ability to perform certain transactions on our website and our ability to recognize their browser from one visit to the next.

Based on your activities on our website, targeted adverts and internet-based offers in the form of varying display banners may be presented to you whilst browsing. Our partner organisations may also use cookies to gather information based on your browsing interests and activities to provide you with advertising. Advertising cookies allow advertisers to show you the most relevant products, offers, and advertisements on the site and third-party sites, or through emails or other message platforms.

The use of tracking technologies (including cookies) by our Service Providers is not covered by our Privacy Policy. We do not have access or control over these cookies.

Like most large organisations, we use a range of service providers to help us maximize the quality and efficiency of our services and our business operations. This means that individuals and organisations outside of Rainbow Sea Resort, such as mail houses, will sometimes have access to personal information held by Rainbow Sea Resort and may use it on behalf of Rainbow Sea Resort. We require our service providers to adhere to strict privacy guidelines that require them not to keep this information or use it for any unauthorised purposes. We do not provide guests or customers sensitive information to service providers, except in the case of medical emergencies as outlined above.

Like most businesses, marketing is important to Rainbow Sea Resort continued success. We believe we have a unique range of products and services that we provide to guests and customers at a high standard. We therefore like to stay in touch with guests and customers and let them know about new products and services. When you provide your personal information to Rainbow Sea Resort, we ask you to choose whether or not you wish to receive further information about new products, services and promotions. If you are receiving promotional material and/or communications from us and you decide you no longer wish to receive them, you may remove your name from our marketing list by contacting us via email holiday@rainbowsea.com.au or mail:

Rainbow Sea Resort
3 Ocean View Pde
PO Box 410
Rainbow Beach
Queensland 4581
Australia

Please allow 28 days for this request to be processed.

We are committed to take reasonable precautions to protect the security of your personal information. This includes limiting access to our computer systems by use of passwords and other security devices and to prevent unauthorized access, modification, use or disclosure and backup systems to prevent accidental or malicious loss of data or information.

We will take such steps as are reasonable to destroy any personal information that we have about you if there is no longer any need for us to keep that information.

We will take reasonable steps to ensure that any information which we hold about you and use is accurate, up to date, complete and relevant. On request, we will provide you with access to the information we hold about you, including for the purpose of correcting or updating that information, unless there is an exception which applies under the Australian Privacy Laws.

Access can be obtained by emailing holiday@rainbowsea.com.au or writing to:

Rainbow Sea Resort
3 Ocean View Pde
PO Box 410
Rainbow Beach
Queensland 4581
Australia

Please contact us at should you wish your personal information to be removed from all marketing databases. We may require further identification to be able to process your request. If you request that your personal or sensitive information be deleted, we will take all reasonable steps to delete it unless we need to keep it for legal reasons. Personal and sensitive information may also be retained in certain files in order to resolve disputes or for auditing purposes. Please note that we are required legally to retain operational data relating to transactions for seven (7) years as per Australian taxation legislation.

Rainbow Sea Resort will generally need to know who you are in order to provide you with our products and services. Despite this, in some circumstances you are entitled to deal with us anonymously, or by using a pseudonym (fake name), for example when making general enquiries about the services we offer. You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether or not your real name is required to access those services.

In some circumstances, you may receive a better service or response if we know who you are. For example, we can keep you up-to-date and better understand a complaint you might have if we know who you are and the circumstances of your complaint.

We do not knowingly collect personal information from or target individuals under the age of 18. If you are a parent or legal guardian and know of or have reason to believe your children under the age of 18 have provided us with personal information without your permission, please contact us at holiday@rainbowsea.com.au

Rainbow Sea Resort understands the importance of personal and sensitive information security. We endeavor to take all reasonable steps to keep secure any personal and/or sensitive information which we hold about you, and to keep this personal and/or sensitive information accurate and up to date. We require our employees and service providers to respect the confidentiality of any personal and sensitive information held by Rainbow Sea Resort.

No data transmission over the Internet can be guaranteed secure. As a result, while we endeavour to protect your personal and sensitive information, we cannot guarantee the security of any personal and sensitive information you transmit to us when you access our website. Please note that Rainbow Sea Resort does not control and will not be responsible for the privacy policies of third party websites, or websites not controlled or authorized by Rainbow Sea Resort. Third party websites that are accessed through links on our websites have separate privacy and data collection practices, and security measures. We have no responsibility or liability for the practices, policies and security measures implemented by third parties on their websites. We encourage you to contact them to ask questions about their privacy practices, policies and security measures before disclosing personal information.

Our business will continue to evolve as we introduce new services and products for our guests and customers. As a result, our Privacy Policy may be reviewed from time to time. Rainbow Sea Resort reserves the right to change its Privacy Policy and insert an updated version of the policy on its website. The amended Privacy Policy will apply between us whether or not we have given you specific notice of any change.

If you are interested in obtaining further information about the Australian Privacy Laws, you can visit the Australian Government website - https://www.legislation.gov.au/Details/C2018C00034