Burswood Nominees Limited ABN 24 078 250 307 trading as Crown Perth
The Crown Perth Privacy Policy
Your Privacy is Important to Crown Perth
Crown Perth is committed to protecting the privacy of its patrons and customers.
The purpose of Crown Perth’s privacy policy is to communicate clearly the personal information handling practices of our organisation. Privacy policies enhance the transparency of the operations of organisations. They also give individuals a better and more complete understanding of the sort of personal information an organisation holds and the way it handles that information. The Crown Perth (
Crown) Privacy Policy has been developed with these goals in mind.
This Privacy Policy explains Crown’s personal information handling practices across the organisation including about how we collect, use, disclose and store your personal information.
What does the Crown Perth Privacy Policy cover?
Part A – Crown’s Personal Information Handling Practices: explains the general information handling practices across Crown Perth, including information about how Crown collects, uses, discloses and stores your personal information.
Part B – Crown’s Websites: explains Crown’s personal information handling practices when you visit any of Crown’s websites.
Part C – Complaints: explains how you may complain about a breach of the Australian Privacy Principles and how Crown will deal with such a complaint.
Part D – How to contact Crown: You can find more information by contacting Crown (please refer to the “How to contact Crown” section of this Privacy Policy).
Part A – Crown’s Personal Information Handling Practices
Crown’s obligations under the Privacy Act
Crown is an organisation that is covered by the Privacy Act 1988 (Cth) (Privacy Act). This Policy sets out how Crown complies with its obligations under the Privacy Act. and the Australian Privacy Principles (APPs), which are contained in the Privacy Act. Under the APPs, Crown is required to have a clearly expressed and up to date policy on its management of personal information.
Crown is bound by the APPs in the Privacy Act which regulate how organisations may collect, use, disclose and store personal information and how individuals may access and correct personal information held about them and complain about a breach of the APPs.
In this Policy, personal information (as defined in the Privacy Act) means information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. Personal information includes things such as your name, image, date of birth, phone number(s), postal address and email address and other contact details. The type of personal information we collect from you depends on your interaction with us.
Collection – Personal and Sensitive Information
Personal Information – Collection
It is Crown’s usual practice to collect personal information directly from the individual, for example when a customer joins Crown Rewards, makes a hotel, restaurant, leisure or event booking, participates in a promotion or applies for a job.
Crown only collects personal information for purposes which are directly related to its functions or activities, and only when it is necessary for or directly related to such purposes. These purposes may include those related to:
- Crown Rewards;
- hotel reservations and related services;
- Crown Spa;
- Hair and beauty services;
- food and beverage outlets;
- entertainment;
- retail;
- marketing;
- competitions and promotions;
- financial transactions;
- complaint handling;
- recruitment and employment;
- conferences and events;
- casino operations;
- security matters; and
- legal and regulatory obligations.
Crown also collects personal information:
- as part of its normal communication processes directly related to those purposes, including:
- when an individual emails staff members;
- when an individual phones Crown; and
- when an individual hands Crown their business card; and
- by recording information about an individual’s personal identification at those venues where entry is conditional on identification being scanned. At these venues, personal identification will be scanned and recorded, and a separate photo may also be taken and recorded as a condition of entry.
Crown holds personal information in both electronic and hard copy form.
Collection of Sensitive Information
Sensitive personal information is information or an opinion about an individual’s racial or ethnic origin, political opinions or memberships, religious beliefs or affiliations, philosophical beliefs, sexual preferences, criminal record, health information, genetic information or membership of a trade union.
Crown’s general approach is not to collect, use or disclose sensitive information. However in limited circumstances, Crown will collect sensitive information where it is necessary for one of Crown’s functions or activities and you have consented to the collection of that information.
For example, Crown will collect health information from you before providing a service at Crown Spa (such as performing a massage or providing a beauty service). Crown Security will collect health information for the purpose of security-related services. Crown medical personnel will collect health information as part of providing medical services to patrons and customers.
Collection from Public Sources or Third Parties
Crown occasionally collects personal information from time to time from a third party or a publicly available source, but only if the individual provides consent to such collection or would reasonably expect Crown to collect their personal information in this way. These sources (which may be located overseas) include:
- credit reporting bodies (if we request information about your credit history);
- other casinos;
- Crown’s related entities.
Collecting information required by law
Crown also collects your personal information where we are required or authorised to do so by an Australian law, or court or tribunal order, for example, pursuant to anti-money laundering and counter terrorism financing or taxation laws.
Use and disclosure
Crown only uses personal information for the purposes for which it was given, or for purposes which are directly related to one of its functions or activities and the individual would reasonably expect their information to be used or disclosed for that purpose. Crown does not give it to other organisations or anyone else unless one of the following applies:
• the individual has consented;
• the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies;
• it is required or authorised by law;
• it will prevent or lessen a serious and imminent threat to somebody's life or health; or
• it is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue, or any other law.
Crown may share your personal information with an associated entity, other companies acting on Crown’s behalf or other casino operators, which may include those located overseas, for example in countries where Crown or an associated entity has staff or a business, including without limitation, the United Kingdom, United States of America, Vietnam, Thailand, Indonesia, Singapore, Malaysia, India and Taiwan. Such disclosure is more likely if you are a customer residing outside of Australia.
Data Quality
Crown takes steps to ensure that the personal information it collects is accurate, up to date and complete. These steps include maintaining and updating personal information when it is advised by individuals that their personal information has changed, and at other times as necessary.
Data Security
Crown takes steps to protect the personal information it holds against loss, interference, unauthorised access, use, modification or disclosure and against other misuse. These steps include password protection for electronic files, securing paper files in locked cabinets and physical access restrictions.
When no longer required, personal information is destroyed in a secure manner or deleted.
Access and correction
If an individual requests access to the personal information Crown holds about them, or requests that it changes that personal information, Crown will allow access or make the changes unless it considers that there is a sound reason under the Privacy Act or other relevant law to withhold the information.
If Crown does not agree to make requested changes to personal information the individual may make a statement about the requested changes and Crown will attach this to the record.
Individuals can obtain further information about how to request access or changes to the information Crown holds about them, update their marketing preferences or unsubscribe by contacting Crown (see details below).
Part B – Crown’s Websites
Users are advised that there are inherent risks in transmitting information across the internet. Individuals may contact Crown by phone or mail if they have concerns about making contact via the internet. For further information see “How to contact Crown” in Part D of this Policy.
Collection
When individuals only browse Crown’s websites, Crown does not collect their personal information.
Sometimes, Crown collects personal information that individuals choose to give it via online forms or by email, for example when individuals:
- ask to be on an email list;
- make a booking request at a restaurant;
- send Crown a written comment via Crown's main website; or
- enter a promotion.
When an individual looks at Crown’s websites a record is made of the individual’s visit and Crown logs the following information for statistical purposes:
- the individual’s server address;
- the individual’s top level domain name (for example .com, .gov, .org, .au, etc);
- the pages the individual accessed and documents downloaded;
- the previous site the individual visited; and
- the type of browser being used.
Crown does not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect server logs.
Cookies
Cookies are pieces of information that a web site transfers to your computer’s hard drive for record keeping purposes. Cookies simply operate as a unique identifier, which helps Crown to know what its customers find interesting and useful on its websites. Data collected from website use does not identify the user, allowing you to remain anonymous in Crown’s data collection.
Most web browsers are set to accept cookies, however, if you do not wish to receive any cookies, you may set your browser to refuse them. In some instances this will mean that you will not be able to take full advantage of parts of the website that provide you with improved service.
When an individual closes their browser the session cookie set by our websites is destroyed and no personal information is maintained which might identify an individual should they visit Crown’s website at a later date.
Use and disclosure
Crown only uses personal information collected via its websites for the purposes for which it was provided.
Crown does not share personal information about individuals with other organisations or anyone else unless one of the following applies:
• the individual has consented;
• the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies;
• it is required or authorised by law;
• it will prevent or lessen a serious and imminent threat to somebody's life or health; or
• the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue or any other law.
When an individual’s email address is received by Crown because the individual sent a message to Crown, the email address will only be used or disclosed for the purpose for which they have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without the individual’s consent.
Data quality
Crown maintains and updates personal information collected from or published on its website as necessary or when it is advised by individuals that their personal information has changed.
Data security
Individuals who choose to join Crown’s email lists, complete online forms or lodge enquiries will have their contact details stored on password protected databases.Staff members associated with website maintenance have access to Crown’s website backend system which is password protected. Crown’s website server is also password protected.
Access and correction
For information about how to access or correct personal information collected on Crown’s websites see Access and Correction in Part A of this Policy.
Part C - Complaints
Individuals have a right to request access to the personal information about themselves which Crown holds.
Crown takes its obligations pursuant to the Privacy Act seriously. Individuals may complain about a breach of the APPs by Crown by submitting their complaint in writing to Crown’s Privacy Officer (using the address in Part D “How to contact Crown” section of this Policy).
Any complaint should set out in as much detail as possible all the relevant particulars relating to the complaint, including why the individual says that Crown has breached the APPs.
Upon receiving a written complaint, Crown will acknowledge receipt of the complaint in writing within 7 days. Crown will investigate the matters described in the complaint and then will endeavour to provide a substantive written response in approximately 28 days from the date the written complaint was received by Crown.
Part D - How to contact Crown
Individuals can obtain further information in relation to this Privacy Policy, or provide any comments, by contacting Crown:
Telephone: +61 8 9362 7777
Post:
Privacy Officer
Crown Perth
Great Eastern Highway
Burswood Western Australia 6100
Email:
privacy@crownperth.com.au