COMMITMENT TO PROTECTING PRIVACY
A reference to “Luna Park,” “we,” “us,” “our,” or the “Company” is a reference to Luna Park Melbourne Pty Ltd.
Luna Park believes that the values of honesty and integrity in relation to our dealings with our customers also extend to the collection, storage and use of personal information. This policy summarises Luna Park’s approach to meeting this commitment.
At Luna Park we regularly collect and use personal data about consumers who visit our venue, or browse our websites and download our mobile apps. Personal data is any information that can be used to identify you as an individual. The protection of your personal data is very important to us, and we understand our responsibilities to handle your personal data with care, to keep it secure and to comply with legal requirements.
- WHO is responsible for looking after your personal data?
- WHAT personal data do we collect?WHEN do we collect your personal data?
- HOW do we use personal information?What legal basis do we have for processing your personal data?
- Who do we SHARE your personal data with?How long do we keep your personal data for?Your rights in relation to personal data
- Use of automated decision-making and profiling
- Linking to other websites / third party content
- How to contact us?1. WHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?
Luna Park Melbourne is the controller of your Personal Data. Known as a historic amusement park it opened on 13 December 1912, and is located on the foreshore of Port Phillip Bay, at 18 Lower Esplanade, St Kilda, Melbourne, Victoria, Australia. The Primary business purpose is providing carnival style entertainment to families and hosting seasonal events to the public. The secondary business activity is venue spaces hire in the multiple spaces available on the park grounds.
There will be a single point of contact for all Luna Park Melbourne who can be contacted using the details set in section 12 below. 2. WHAT INFORMATION DO WE COLLECT?
The personal information collected and maintained by Luna Park generally comprises:
- details of any concerns if you contact us with a query or issue;
- when you complete a survey to tell us how your experience of our attraction or event was and how we can improve, although you do not have to respond to them;
- details of transactions you carry out through our site and of the fulfilment of your bookings or orders including your credit/debit card details. Credit Card details are entered via a Credit Card portal, secured by Commonwealth Bank and website SSL Certificate, and not retained by Luna Park Melbourne anytime during the process;
- details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
- your name, address, telephone number and/or email address in order to contact you with details of your booking or order purchases, or in the unlikely event that we need to contact you urgently about your booking or purchase;
- collection of contact details such as your name, address, date of birth, telephone number and email address, engagement details including your purchase history and attraction visit history, your marketing preferences including interests / marketing list assignments, record of permissions or marketing objections, website data, device data including IP addresses and details about your browsing history, browser type, and session frequency and cookies – cookie allow website visitors to continue their purchase if they leave the website for a period of time.if you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival;
- photo images of identifiable people, including children, for example, our guests which were publicly posted by people on their Instagram or other social media accounts and shared with the public at large which images usually refer to Luna Park products, activities, venues or rides. 3. HOW DO WE USE PERSONAL INFORMATION?
It is important for us to know our users. We will use your personal data to:
- ensure that content from our site is presented in the most effective manner for you and for your computer;
- to ensure that we can match your purchase or booking details to prevent fraudulent activity or identity theft.provide you with information, products, or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
- carry out our obligations arising from any contracts entered into between you and us;
- allow you to participate in interactive features of our service, when you choose to do so;
We may disclose your personal information in a variety of circumstances including to:
- contractors, agents and suppliers we engage to provide products and/or perform services for us, for example customer feedback analysts, digital marketing agencies, contracted photo processing companies, and payment processors;
- commercial partners with whom we have agreed information sharing arrangements;
- our professional advisers, such as lawyers and accountants;
service providers, who help manage our IT and back office systems, and assist with our Customer Relationship Management activities;
- our website development agency;
- law enforcement bodies;a purchaser of all or part of Luna Park’s business;
- and any other person for any other purposes that would be reasonably expected (including if required by law).
We do not sell your name or other personal information to third parties.
Also, if we were to sell part of our businesses we would need to transfer your personal data to the purchaser. 6. HOW DO WE SECURE PERSONAL DATA?
Luna Park takes reasonable steps to maintain the security of your personal information and to prevent the misuse, interference, loss, modification and unauthorised access to or disclosure of your personal information.
We have implemented a variety of electronic and physical security measures to safeguard the privacy of your personal information. These measures include:
- your information is stored on secured networks consistent with industry standards, and is only accessible by those employees and agents who have special access rights to such systems;
- our websites use a secure server so that credit card details provided when purchasing tickets or paying for goods, for example, are transmitted via Secure Socket Layer (SSL) technology;
- industry-standard encryption technologies are used when transferring or receiving sensitive information supplied by users;
- where your information is in hard copy form, such documents are stored in secured areas only accessible by those employees and agents with special access rights;
- our Eftpos terminals for credit card transactions at the retail outlets are PCI Compliant to provide necessary security over credit card data;
- our IT networks undergo necessary penetration testing to continually identify and remediate potential opportunities for unauthorised data access;
- and periodic data recon is carried out on our point of sale systems to ensure no credit card details are stored without encryption.
We also ensure where possible that our contractors, agents, commercial partners and third party service providers have the same information security measures in place.
While we strive to protect your personal information, we cannot guarantee or warrant its complete security. No data transmission over the Internet can be guaranteed to be 100% secure. If you have an online account with one of our businesses, your account will be able to be accessed by anyone who knows your login details. You should keep your login details, and any other information you use to remember these details, private and secure.
We will retain your personal data for as long as is reasonably necessary for the specific purposes. In particular, where there has been no interaction from a consumer (e.g. a purchase, email open, newsletter sign up), a record will be archived after 1 year and deleted after 3 years.
Where we are required to do so to meet legal, regulatory, tax or accounting requirements, we will retain your personal data for longer periods of time, but only where permitted to do so, including so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a possibility of legal action relating to your personal data or dealings.
We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required and we do not have a legal requirement to retain it, we will ensure it is either securely deleted or stored. 8. YOUR RIGHTS IN RELATION TO PERSONAL DATA
Should you have any concerns regarding the information which we hold in respect of you then please contact us so that we can rectify any issues. You have the right to
- request a copy of your personal data,
- request inaccurate personal data is corrected,
- request that personal data is erased,
- opt out of receiving communications from us.
You have the right to access the personal information that we hold about you. If the information we hold about you is incorrect, we will modify the information as soon as practicable. Your personal information may not be stored at Luna Park. We will comply with any reasonable request for access to your personal information as soon as it is possible to do so. In the event that we will incur a significant cost due to compliance with such a request, we may seek payment of these costs before the request is granted. Should we feel it necessary to refuse a request for access to personal information held by us about you, you will be informed of the reasons for that refusal.
When contacting us, we may require evidence of your identity. We aim to deal with your request within 30 days. We may in need to explain to you the repercussions of deleting your data from our records and its effect on current purchases, bookings, or annual passes.
People with any further questions regarding this should contact the Office of the Australian Information Commissioner (www.oaic.gov.au). 9. USE OF AUTOMATED DECISION-MAKING AND PROFILING
‘Automated Decision Making’ refers to a decision which is taken through the automated processing of your personal data alone – this means processing using, for example, software code or an algorithm, which does not involve any human intervention. We do not carry out any automated decision making, however we do carry out profiling using automated processing to tailor marketing materials for a specific customer.
A cookie is a small data file that contains information about your visit to our web site. Your computer provides this information during your first visit to our web server. The server records this information in a text file and stores this file on your hard drive. When you visit our web site again, the server looks for the cookie and structures itself based on the information provided.
Google will use this information for the purpose of evaluating your use of our websites, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
If you would like further information regarding this Policy, please contact us via any of the following means:Telephone:
(03) 9525 5033Email: email@example.comAddress:
Luna Park Melbourne
PO Box 1083
St Kilda South, VIC. 3182