Burswood Nominees Limited ABN 24 078 250 307 trading as Crown Perth
The Crown Perth Privacy Policy
Your Privacy is Important to Crown Perth
Crown Perth is committed to protecting the privacy of its patrons and customers.
The purpose of Crown Perth’s privacy policy is to communicate clearly the personal information handling practices of our organisation. Privacy policies enhance the transparency of the operations of organisations. They also give individuals a better and more complete understanding of the sort of personal information an organisation holds and the way it handles that information. The Crown Perth (
Crown) Privacy Policy has been developed with these goals in mind.
This Privacy Policy explains Crown’s personal information handling practices across the organisation including about how we collect, use, disclose and store your personal information.
What does the Crown Perth Privacy Policy cover?
Part A – Crown’s Personal Information Handling Practices: explains the general information handling practices across Crown Perth, including information about how Crown collects, uses, discloses and stores your personal information.
Part B – Crown’s Websites: explains Crown’s personal information handling practices when you visit any of Crown’s websites.
Part C – Complaints: explains how you may complain about a breach of the Australian Privacy Principles and how Crown will deal with such a complaint.
Part D – How to contact Crown: You can find more information by contacting Crown (please refer to the “How to contact Crown” section of this Privacy Policy).
Part A – Crown’s Personal Information Handling Practices
Crown’s obligations under the Privacy Act
Crown is an organisation that is covered by the Privacy Act 1988 (Cth) (Privacy Act). This Policy sets out how Crown complies with its obligations under the Privacy Act. and the Australian Privacy Principles (APPs), which are contained in the Privacy Act. Under the APPs, Crown is required to have a clearly expressed and up to date policy on its management of personal information.
Crown is bound by the APPs in the Privacy Act which regulate how organisations may collect, use, disclose and store personal information and how individuals may access and correct personal information held about them and complain about a breach of the APPs.
In this Policy, personal information (as defined in the Privacy Act) means information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. Personal information includes things such as your name, image, date of birth, phone number(s), postal address and email address and other contact details. The type of personal information we collect from you depends on your interaction with us.
Collection – Personal and Sensitive Information
Personal Information – Collection
It is Crown’s usual practice to collect personal information directly from the individual, for example when a customer joins Crown Rewards, makes a hotel, restaurant, leisure or event booking, participates in a promotion or applies for a job.
Crown only collects personal information for purposes which are directly related to its functions or activities, and only when it is necessary for or directly related to such purposes. These purposes may include those related to:
- Crown Rewards;
- hotel reservations and related services;
- Crown Spa;
- Hair and beauty services;
- food and beverage outlets;
- entertainment;
- retail;
- marketing;
- competitions and promotions;
- financial transactions;
- complaint handling;
- recruitment and employment;
- conferences and events;
- casino operations;
- security matters; and
- legal and regulatory obligations.
Crown also collects personal information:
- as part of its normal communication processes directly related to those purposes, including:
- when an individual emails staff members;
- when an individual phones Crown; and
- when an individual hands Crown their business card; and
- by recording information about an individual’s personal identification at those venues where entry is conditional on identification being scanned. At these venues, personal identification will be scanned and recorded, and a separate photo may also be taken and recorded as a condition of entry.
Crown holds personal information in both electronic and hard copy form.
Collection of Sensitive Information
Sensitive personal information is information or an opinion about an individual’s racial or ethnic origin, political opinions or memberships, religious beliefs or affiliations, philosophical beliefs, sexual preferences, criminal record, health information, genetic information or membership of a trade union.
Crown’s general approach is not to collect, use or disclose sensitive information. However in limited circumstances, Crown will collect sensitive information where it is necessary for one of Crown’s functions or activities and you have consented to the collection of that information.
For example, Crown will collect health information from you before providing a service at Crown Spa (such as performing a massage or providing a beauty service). Crown Security will collect health information for the purpose of security-related services. Crown medical personnel will collect health information as part of providing medical services to patrons and customers.
Collection from Public Sources or Third Parties
Crown occasionally collects personal information from time to time from a third party or a publicly available source, but only if the individual provides consent to such collection or would reasonably expect Crown to collect their personal information in this way. These sources (which may be located overseas) include:
- credit reporting bodies (if we request information about your credit history);
- other casinos;
- Crown’s related entities.
Collecting information required by law
Crown also collects your personal information where we are required or authorised to do so by an Australian law, or court or tribunal order, for example, pursuant to anti-money laundering and counter terrorism financing or taxation laws.
Use and disclosure
Crown only uses personal information for the purposes for which it was given, or for purposes which are directly related to one of its functions or activities and the individual would reasonably expect their information to be used or disclosed for that purpose. Crown does not give it to other organisations or anyone else unless one of the following applies:
• the individual has consented;
• the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies;
• it is required or authorised by law;
• it will prevent or lessen a serious and imminent threat to somebody's life or health; or
• it is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue, or any other law.
Crown may share your personal information with an associated entity, other companies acting on Crown’s behalf or other casino operators, which may include those located overseas, for example in countries where Crown or an associated entity has staff or a business, including without limitation, the United Kingdom, United States of America, Vietnam, Thailand, Indonesia, Singapore, Malaysia, India and Taiwan. Such disclosure is more likely if you are a customer residing outside of Australia.
Data Quality
Crown takes steps to ensure that the personal information it collects is accurate, up to date and complete. These steps include maintaining and updating personal information when it is advised by individuals that their personal information has changed, and at other times as necessary.
Data Security
Crown takes steps to protect the personal information it holds against loss, interference, unauthorised access, use, modification or disclosure and against other misuse. These steps include password protection for electronic files, securing paper files in locked cabinets and physical access restrictions.
When no longer required, personal information is destroyed in a secure manner or deleted.
Access and correction
If an individual requests access to the personal information Crown holds about them, or requests that it changes that personal information, Crown will allow access or make the changes unless it considers that there is a sound reason under the Privacy Act or other relevant law to withhold the information.
If Crown does not agree to make requested changes to personal information the individual may make a statement about the requested changes and Crown will attach this to the record.
Individuals can obtain further information about how to request access or changes to the information Crown holds about them, update their marketing preferences or unsubscribe by contacting Crown (see details below).
Part B – Crown’s Websites
Users are advised that there are inherent risks in transmitting information across the internet. Individuals may contact Crown by phone or mail if they have concerns about making contact via the internet. For further information see “How to contact Crown” in Part D of this Policy.
Collection
Where applicable, Crown will also collect the following information from you:
- where devices are enabled to connect to, or are identifiable by, the Crown complex infrastructure (for example Wi-Fi networks or bluetooth infrastructure), we and our third party providers may automatically collect data from those devices including usage, type of device, location within the complex and arrival and departure time;
- the fully qualified domain name from which you accessed our websites, or alternatively, your IP address;
- the web browser that you are using and the pages you accessed;
device ID number (MAC address);
- the date and time you accessed each page on our websites;
- the URL of any webpage from which you accessed our websites or by using the complex Wi-Fi, and the details of any mobile Apps you have accessed from a device using the complex Wi-Fi;
- publicly accessible social media posts and any personal information you allow us to collect by linking your account on our website with a third-party social-networking site including but not limited to Facebook, Twitter, or Google+; and cookies which track your visits to our websites (see below).
How we use Cookies
A cookie is a small text file that can be placed on your device when you interact with online content (such as this website) that allows us to recognise and remember your browser ID. When you visit our site, cookies gather and store some information about the way you use our website. Visit our Cookies Policy to see how we use cookies and to enable or disable cookies in your web browser.
Use and disclosure
Crown only uses personal information collected via its websites for the purposes for which it was provided.
Crown does not share personal information about individuals with other organisations or anyone else unless one of the following applies:
• the individual has consented;
• the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies;
• it is required or authorised by law;
• it will prevent or lessen a serious and imminent threat to somebody's life or health; or
• the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue or any other law.
When an individual’s email address is received by Crown because the individual sent a message to Crown, the email address will only be used or disclosed for the purpose for which they have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without the individual’s consent.
Where applicable, we are collecting this information (and may use or hold this information) to provide, improve and develop our services to you and the customer experience.
Crown may use this anonymised data to inform our promotional and marketing strategies, as well as for research and profiling purposes including customer demographics, interests and behaviours based on personal information and other information provided to us. This research may be compiled and analysed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. This aggregate information does not identify you personally. We may also disclose aggregated information in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
Crown may connect information you provide to us for one purpose with other information for use for one or more of the above purposes. If you access or log-in to the complex Wi-Fi service, and we already hold other information (both personal or non-personal) that can be associated to you or the device on which you are accessing the Wi-Fi service (including, but not limited to a device ID number (MAC address)), then that information may be linked with personal information we hold about you as set out in this policy, and will be treated in the same manner as the personal information to which it has been linked.
Data quality
Crown maintains and updates personal information collected from or published on its website as necessary or when it is advised by individuals that their personal information has changed.
Data security
Individuals who choose to join Crown’s email lists, complete online forms or lodge enquiries will have their contact details stored on password protected databases.Staff members associated with website maintenance have access to Crown’s website backend system which is password protected. Crown’s website server is also password protected.
Access and correction
For information about how to access or correct personal information collected on Crown’s websites see Access and Correction in Part A of this Policy.
Part C - Complaints
Individuals have a right to request access to the personal information about themselves which Crown holds.
Crown takes its obligations pursuant to the Privacy Act seriously. Individuals may complain about a breach of the APPs by Crown by submitting their complaint in writing to Crown’s Privacy Officer (using the address in Part D “How to contact Crown” section of this Policy).
Any complaint should set out in as much detail as possible all the relevant particulars relating to the complaint, including why the individual says that Crown has breached the APPs.
Upon receiving a written complaint, Crown will acknowledge receipt of the complaint in writing within 7 days. Crown will investigate the matters described in the complaint and then will endeavour to provide a substantive written response in approximately 28 days from the date the written complaint was received by Crown.
Part D - How to contact Crown
Individuals can obtain further information in relation to this Privacy Policy, or provide any comments, by contacting Crown:
Telephone: +61 8 9362 7777
Post:
Privacy Officer
Crown Perth
Great Eastern Highway
Burswood Western Australia 6100
Email:
privacy@crownperth.com.au