Correct as of: March 28, 2019
Millett Group Pty Ltd Privacy Policy
1. THE MILLETT GROUP’S COMMITMENT TO PROTECTING PRIVACY
This privacy policy (“Policy”) applies to Millett Group, its subsidiaries and all of the businesses within the Portfolio of Brands (collectively, “Millett Group,” “we,” “our”, or “us”). At the Millett Group, we strive to deliver outstanding products, services, and experiences. We value your business and, more importantly, your loyalty. We recognise that privacy is an important issue. We have developed this Policy to explain our practices regarding the personal information we collect from you or about you on our websites, via our apps, through written or verbal communications with us, when you visit one of our properties, or from other sources. While this policy broadly describes the practices we have adopted across the group, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g., certain jurisdictions may require affirmative consent to send marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein in order to enable us to comply with local requirements.
Please note that this Policy does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies and other service providers, companies that organise or offer packaged arrangements, marketing partners, or corporate customers.
The Policy serves as a formal commitment to your privacy and describes how the Millett Group and use your data, but is not a contract.
2. CONSENT
This Privacy Policy outlines the terms and conditions you agree to when accessing any Millett Group services, including websites, reservation systems, etc.
By accessing or using any Millett Group service and providing personal information to us, or by booking any services with us (directly or indirectly), you agree and consent to the collection, use and disclosure of your personal information as outlined in this Privacy Policy.
We recommend that you read this document describing our customer privacy protection policy.
“Personal data” means any information collected and logged in a format that allows you to be identified personally, either directly (e.g. name) or indirectly (e.g. telephone number) as a natural person.
By using any of our products or services and/or by agreeing to this Policy, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this Policy.
3. MILLETT GROUP’S SEVEN PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
We respect your right to privacy and we aim to ensure you have a trustworthy experience with us across all services, and to the best of our ability uphold the seven principles listed below within all Millett Group businesses.
- Transparency: When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
- Legitimacy: We will collect and process your personal data only for the purposes described in this Policy.
- Relevance and accuracy: We will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
- Storage: We will hold your personal data for the period necessary for processing the same in compliance with the provisions of the law.
- Access, rectification, opposition: As governed by law, you may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information.
- Confidentiality and security: We will ensure reasonable technical and organisational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
Sharing and international transfer: We may share your personal data within the Millett Group or with third parties (such as commercial partners and/or service providers) for the purposes set out in this Policy. We will take appropriate measures to guarantee security when sharing or transferring such data. For any questions concerning the seven principles of Millett Group Data Protection, please contact the Data Privacy department whose details appear in the clause “Access and modification”.
4. WHAT OUR PRIVACY POLICY COVERS
This Policy applies:
- To all data processing implemented in our subsidiary and managed properties, i.e. those operating under a Millett Group brand name (Wake Up, The Lord Byron Hotel, The Mill House, Side Bar, etc.)
- To all Millett Group reservation websites including bookingbuttom.com but also brand sites (wakeup.com.au, themillhouse.com.au, sidebarsydney.com.au, etc.).
In relation to all third party and subsidiary interventions, the Millett Group will do its utmost to promote the seven principles set out in this Policy so that our brands comply with the applicable laws in relation to the processing of your personal data.
5. WHAT PERSONAL DATA IS COLLECTED?
At various times, we will be obliged to ask you, as a Millett Group customer, for information about you and/or members of your family, such as:
- Contact details (for example, last name, first name, telephone number, email)
- Personal information (for example, date of birth, nationality
- Information relating to your children (for example, first name, date of birth, age)
- Your credit card number (for transaction and reservation purposes
- Your membership number for any Millett Group loyalty program or another partner program (for example, the Hostels Australia program)
- If applicable, your booking/travel dates
- Your preferences and interests to assist in providing an enjoyable service
- Your questions/comments, during or following a visitation to one of our establishments.
We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation.
Moreover, depending on applicable local laws, other information could be considered sensitive, such as your credit card number, your leisure activities, personal activities and hobbies, and whether or not you are a smoker. We may be obliged to collect such information in order to meet your requirements or provide you with an appropriate service. In this case, depending on the laws in force in certain countries, your prior consent may be required with regard to the collection of sensitive information.
6. WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
- Business activities:
- Enquiry/reservation
- Checking-in and paying
- Correspondence, communications and messages
- Eating/drinking at the hotel bar or restaurant during a stay
- Requests, complaints and/or disputes.
- Participation in marketing programs or events:
- Account, registration or loyalty informaiton
- Participation in customer surveys (for example, a Guest Experience Survey)
- Online promotions or competitions
- Subscription to newsletters, in order to receive offers and promotions via email.
- Transmission of information from third parties:
- Reservation systems, tour operators, travel agencies, and others
- Internet activities:
- Connection to Millett Group websites (IP address, cookies, etc.)
- Online forms (online reservation, questionnaires, Millett Group pages on social networks, etc.).
7. FOR WHAT PURPOSES?
We collect your personal data for the purposes of:
- Meeting our obligations to our customers, including: operating website facilities and functions, reservation systems, managing accounts/registrations, reviews, forums and other services such as making changes to your bookings and profile at your request.
- Conforming to local legislation through management of the creation and storage of legal documents in compliance with standards relating to bookings, payments, and other contracts
- Managing your stay at the properties (hotel, hostel, restaurant, etc)
- Monitoring your use of services (Wi-Fi, telephone, bar, pay TV etc.)
- Managing access to rooms/areas
- Internal management of lists of non-compliant customers across any Millett Group property
- Improving our services, especially:
- Adapting our products and services to better meet your requirements
- Processing your personal data in our customer marketing program in order to carry out marketing operations, promote brands and gain a better understanding of your requirements and wishes
- Customising commercial offers and the promotional messages
- Informing you of special offers and any new services created by Millett Group or one of its subsidiaries.
- Carrying out surveys and analyses of questionnaires and customer comments
- Managing claims/complaints
- Offering you the benefits of our loyalty programs.
- Managing our relationship with customers
- Managing our loyalty programs
- Providing details for the customer database
- Segmentation operations based on history and customer preferences with a view to sending targeted communications
- Developing statistics and reports to predict and anticipate future behaviours and needs
- Managing the preferences of new or repeat customers
- Managing requests to unsubscribe from any marketing/advertising
- Securing and enhancing your use of Millett Group websites, especially:
- Improving navigation
- Implementing security and fraud prevention.
8. DISCLOSURE OF YOUR PERSONAL DATA
As we utilise the services of reservation systems and agencies, your data is shared with internal and external recipients subject to the following conditions:
a. Within the Millett Group, in order to offer you the best service, we can share your personal data and give access to authorised personnel, including:
- Property management
- Reservation staff using Millett Group reservation tools IT departments
- Commercial partners and marketing services
- Medical services if applicable
- Legal services if applicable
- Generally, any appropriate person within the Millett Group entities for certain specific categories of personal data.
b. With third-party service providers and partners: your personal data may be sent to a third party for the purposes of supplying you with services and improving your stay, for example:
- External service providers to carry out a service/reservation request
- Commercial partners: Millett Group may, unless you specify otherwise to the Data Privacy department, enhance your profile by sharing certain personal information with its preferred commercial partners. In this case, a trusted third party may cross- check, analyse and apply certain devices to your data. This data processing will allow Millett Group and its privileged contractual partners to determine your interests and your customer profile, and will allow us to send you personalised offers.
- Social networking sites in order to target personalised and relevant ads to you where appropriate.
c. Local authorities: We may also be obliged to send your information to local authorities if this is required by law or as part of an inquiry and in accordance with local regulations.
9. PROTECTION OF YOUR PERSONAL DATA
We are committed to doing what we reasonably can to keep your personal information secure, and we are obliged by law to put in place appropriate technical and organisational measures against unauthorised or unlawful collection, use and disclosure of your personal information and against accidental loss or destruction of, or damage to, your personal information. We have accordingly implemented security policies, rules and technical measures with a view to achieving this.
We maintain administrative, technical and physical safeguards (appropriate to the sensitivity of such information) designed to protect against unauthorised use, disclosure or access of the personal information we collect. Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, while we are committed to protecting your personal information, we cannot ensure or warrant the security of any information you provide to us. All third parties that obtain personal information from us (e.g. service providers or sub-contractors that perform functions on our behalf) are contractually required to protect your confidentiality and personal information in a manner consistent with this policy, and/or as required by law.
Storage of your personal information
The personal information we collect from you online or in person is stored by us and/or our service providers on databases protected through a combination of physical and electronic access controls, firewall technology and other reasonable security measures.
Your security measures
For your own privacy protection, we encourage you to maintain anti-virus and other malware protection software on your computers and other devices, and to maintain your own measures to protect your personal information. Please do not include sensitive personal information in any e-mails you may send to us, including payment card information.
We also encourage you to be careful about who you give personal information to. We never contact you to ask you for sensitive personal information, such as payment card information, or sensitive personal information such as passport numbers or log-in details, and we will only ask you for such information in person or through our website, or by telephone in connection with a booking you are making or have made. Please let us know if you someone purports to contact you in our name.
10. DATA SECURITY
Millett Group takes appropriate technical and organisational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.).
11. COOKIES
Use of cookies by the Millett Group
You are advised that the Millett Group utilises cookies and other analytics programs collect information about your visits to, browsing of, and use of our websites and social networks, unless your web browser blocks this. The range of data we collect will depend on how you interact with our website.
By visiting and using our websites you or your computer may provide personal information. This includes: information which is automatically provided by your browser to our servers; information record on our web servers about your interaction with our website and pages viewed; information we capture or place on your computer or generate using cookies or other technologies on our website; and information you input into forms and fields on our website.
This information may include: your IP address (a unique identifier allocated to your computer for your connection to the internet); your computer device details (PC, tablet, smartphone, watch etc.); the make and version of web browser (e.g. Internet Explorer, Firefox, Safari, Opera, Chrome) you are using; your operating system (e.g. Windows, Windows Phone, OSX, iOS, Android, Linux etc); your time-zone; your browser plug-ins; any web-page you came from, identified as the referrer web page address by your web browser; cookies; page response times; download error; pages and parts of pages you visit; usage you make of our website, including enquiries and searches undertaken, and registrations for accounts, forums etc.; services and products you viewed; length of visit to website and pages; page interaction information (such as scrolling, keys pressed, mouse clicks, touches, and mouse-overs). This will normally be collected and used anonymously to optimise user experience, implement security measures, and improve user experiences.
Why use cookies?
Cookies are employed to optimise your experience when using our website, including but not limited to:
- Authentication of website visitors and the associated security measures, and ensure proper functioning of the authentication module
- Optimisation of user experience and facilitate browsing, in particular determining “technical routes” for browsing
- Providing statistical data to improve the comfort of users by helping us understand interactions with our websites (most visited pages, applications used, site usability, etc.);
- Implementation of security measures
- Adapting Millett Group Websites to the display preferences of your device (language, currency, display resolution, operating system used, configuration and settings of the display of web pages based on the device you are using and its location, etc.)
- Third party cookies allowing internal and external referrals, including social network applications. In some cases the social networks may identify you even if you did not click on the application button. We recommend that you read the policies of these social networks to familiarise yourself with how they use the browsing information they may collect, especially with regard to advertising.
Consent of cookie use
Although most browsers are set by default to accept cookies, you can, if you desire, choose to accept all cookies, always block cookies, or choose which cookies to accept based on their senders.
You can also set your browser to accept or block cookies on a case-by-case basis before they are installed. Your browser also allows you to regularly delete cookies from your device. Remember to configure all the browsers in your different devices (tablets, smartphones, computers, etc.).
Regarding management of cookies and your preferences, configuration varies for each browser. This is described in the Help menu of your browser, as well as how to edit your preferences with regard to cookies.
Saving a cookie to your device depends on your wishes, which you can exercise and change at any time and free of charge using the settings offered by your browser software.
If your browser is set to accept cookies on your device, the cookies embedded in the pages and content that you view may be temporarily stored in a dedicated space on your device. They can only be read by their issuer.
However, you can set your browser to block cookies. Keep in mind that if you set your browser to block cookies, some features, pages and spaces on Millett Group Websites will not be accessible, and we cannot be held responsible in this case.
12. STORAGE OF DATA
We keep your personal information for as long as is reasonably necessary for the purposes for which we use it, and if longer, for any duration required by law, and for statutory claims limitation periods where your personal information may be relevant to any possible liability we may have to you.
13. ACCESS AND MODIFICATION
You have the right to access your personal data collected by Millett Group and to modify it subject to applicable legal provisions. You may also exercise your right to object by writing to the address below. In the event of difficulty exercising your rights, please contact the Data Privacy department for the Millett Group directly by sending an email to privacyofficer@millettgroup.com.au or by writing to the address below:
Millett Group ATTN: Privacy Officer
509 Pitt Street, Haymarket
2000 NSW Australia
For the purposes of confidentiality and personal data protection, we will need to identify you in order to respond to your request. You will be asked to include a copy of an official piece of identification, such as a driver’s license or passport, along with your request.
If your personal data is inaccurate, incomplete or not up to date, please send the appropriate amendments to the Data Privacy department as indicated above.
All requests will receive a response as swiftly as possible and in accordance with applicable law.
14. CHANGES TO THIS PRIVCY POLICY
We may modify this Policy from time to time. Consequently, we recommend that you consult it regularly, particularly when using any of our services.
15. QUESTIONS AND CONTACTS
For any questions concerning the Millett Group’s personal data protection policy, please contact the Data Privacy department (“Access and modification” clause).