What information does Rainbow Sea Resort collects?
Rainbow Sea Resort collects personal and sensitive information from several sources. Mostly, the personal and sensitive information we collect comes directly from guests and customers when they register at Rainbow Sea Resort. We also collect information on employees and contractors.
Our records about guests and customers will generally include contact details and general health and/or religious information. This health and religious information is regarded as sensitive under the Privacy Act, and must be treated with a higher standard of care. Rainbow Sea Resort only collects this kind of information if a guest or customer provides it to us for a specific purpose, for example to inform us of particular health needs relevant to their general well being at Rainbow Sea Resort or religious requirements for wedding celebrations or services.
How we handle personal information?
In handling personal and sensitive information with respect to guests and customers, we only process this information for the purpose of providing the services or products that the guest or customer has requested or, in the instance of an emergency, providing those services that the guest or customer reasonably requires. This is often spelt out in our agreements or communications with our guests and customers. We do not use or retain personal and sensitive information for any purpose other than the delivery of the service and for auditing or legal reasons.
Using and disclosing personal information
We process personal and sensitive information relating to our guests and customers to better understand their needs and to provide them with information about our products and services. Your personal and sensitive information is protected so that only those employees with a business requirement to have access to this personal or sensitive information will be granted access. In the instance of a medical emergency, consent to supply sensitive information to a third party for the purposes of administering medical treatment will be deemed to have been granted by the guest or customer.
Rainbow Sea Resort generally explains how it will use or disclose personal and sensitive information at the time it collects the information. In addition, personal and sensitive information may be disclosed when:
- Required by law
- We believe it necessary to provide a guest or customer with a product or service that they have requested
- It is necessary to implement our terms of service
- It is necessary to protect the rights, property or personal safety of another Rainbow Sea Resort guest or customer, any member of the public or Rainbow Sea Resort
- The assets and operations of Rainbow Sea Resort business are transferred to another party as a going concern.
Like most large organisations, we use a range of service providers to help us maximize the quality and efficiency of our services and our business operations. This means that individuals and organisations outside of Rainbow Sea Resort, such as mail houses, will sometimes have access to personal information held by Rainbow Sea Resort and may use it on behalf of Rainbow Sea Resort. We require our service providers to adhere to strict privacy guidelines that require them not to keep this information or use it for any unauthorised purposes. We do not provide guests or customers sensitive information to service providers, except in the case of medical emergencies as outlined above.
Rainbow Sea Resort
3 Ocean View Pde
PO Box 410
Please allow 28 days for this request to be processed.
Access to information
The Privacy Act sets out the rights that you have as a guest or customer to see any personal or sensitive information that Rainbow Sea Resort may have concerning you. If you would like to:
• See your personal and/or sensitive information
• Change any inaccurate or out of date personal and/or sensitive information
• Have your personal and/or sensitive information deleted
Rainbow Sea Resort
3 Ocean View Pde
PO Box 410
Our file of your information will be made available to you within 28 days. In some cases we may need to impose a charge for providing access to personal or sensitive information. This charge reflects the administrative cost of finding this information and providing it to you.
Deleting the information
If you request that your personal or sensitive information be deleted, in the manner described in above, we will take all reasonable steps to delete it unless we need to keep it for legal reasons. Personal and sensitive information may also be retained in certain files in order to resolve disputes or for auditing purposes. In addition, personal or sensitive information is never completely removed from our databases due to technical and legal constraints, including stored "back up" systems. Therefore, guests and customers should not expect that all of their personal and sensitive information will be completely removed from our databases in response to their request.
Storage and security
Rainbow Sea Resort understands the importance of personal and sensitive information security. We endeavor to take all reasonable steps to keep secure any personal and/or sensitive information which we hold about you, and to keep this personal and/or sensitive information accurate and up to date. We require our employees and service providers to respect the confidentiality of any personal and sensitive information held by Rainbow Sea Resort.
No data transmission over the Internet can be guaranteed secure. As a result, while we endeavour to protect your personal and sensitive information, we cannot guarantee the security of any personal and sensitive information you transmit to us when you access our website. Please note that Rainbow Sea Resort does not control and will not be responsible for the privacy policies of third party websites, or websites not controlled or authorized by Rainbow Sea Resort. Third party websites that are accessed through links on our websites have separate privacy and data collection practices, and security measures. We have no responsibility or liability for the practices, policies and security measures implemented by third parties on their websites. We encourage you to contact them to ask questions about their privacy practices, policies and security measures before disclosing personal information.