This Privacy Statement, October 2023, sets out the C.ex Groups commitment to safeguard your personal information.
“We”, “us”, “our” and “C.ex Group” means Coffs Ex Services Memorial & Sporting Club Ltd through all its affiliated clubs. The affiliated clubs involved in C.ex Group include C.ex Coffs, C.ex Woolgoolga and C.ex Urunga.
For further information about our affiliated clubs, please contact our CEO on the details below.
- PERSONAL INFORMATION WE COLLECT AND HOLD
Information considered as personal information under the Privacy Act 1988 (Cth) includes information or an opinion about a person who is identified or reasonably identifiable.
Protecting your personal information is important to us.
The C.ex Group Limited and all its related bodies corporate (The C.ex Group, we, us, our) is committed to conducting our business in a manner which is safe, ethical, professional and compliant with the law.
We may collect and hold personal information about you, depending on your interactions with us, which may include your name, postal or email addresses, date of birth, image, video or audio recordings, gaming play history and financial details.
1.1 Sensitive Information
It may be necessary in some circumstances for us to collect some forms of sensitive information about you, for example in order to provide specific services to you. Sensitive information includes information about a person’s race, sexual orientation, disability, ethnic origin, political opinions, health, religious or philosophical beliefs, biometric information used for automated biometric verification or identification purpose, biometric templates and criminal record. The C.ex Group will only collect sensitive information where:
- we have obtained your consent and the information is reasonably necessary for one or more of our functions or activities;
- we are required to do so under a law that applies to our business; or
- we are otherwise permitted by law to do so.
1.2 Third party website and applications
In some instances, you may desire to remain anonymous. We will make every effort to assist with any such request, however we are not required to provide this option if:
- it is impracticable for us to deal with unidentifiable individuals; or
- we are required or authorised by law or a court or tribunal order to deal with identified individuals.
You should advise us if you do not wish to be identified and wish to remain anonymous. This will, however, limit your access to the C.ex Group Clubs.
- HOW WE COLLECT AND HOLD PERSONAL INFORMATION
We generally collect information directly from you when you use our products and services, when you visit our premises or via business arrangements.
In some instances, we may collect personal information from third parties.
2.1 Information Collected from your Computer or other Electronic Devices
- provide better online experiences;
- deliver more relevant and targeted advertising; or
- develop reports on matters such as usage trends and visitation data which may be shared with third party marketing partners and affiliates.
The information collected and used may include your Internet Protocol (IP) address; domain name; browser type; date and time of your request; your internet service provider, mobile carrier, or data services provider; and your online behaviour, such as information on the pages you visit, links you click, features you use, how and when you interact with the services or the content, images and advertisements you select.
If you use a mobile device to access our websites or online resources, we may collect information about your device, such as your device ID and device type, as well as usage information about your device and your use of our mobile websites and other mobile resources.
Most internet browsers and mobile devices can be set to inform you when tracking technologies are being used or sent to your device. They also provide you with the option of refusing the use of tracking technologies, however, this may negatively impact the display or function of certain areas or features of our services.
2.2 Security of Personal Information
The C.ex Group will take all reasonable steps to protect the personal information we hold about you and monitor that it is accurate, up-to-date and, when that personal information is used or disclosed, relevant to the purpose for which the information is being used or disclosed.
Your personal information is held on secure servers or in storage located in controlled environments.
Our team members and service providers are required to maintain the confidentiality of any personal information held by us.
- THE PURPOSE OF COLLECTING, RETAINING, USING AND DISCLOSING YOUR PERSONAL INFORMATION
We collect, hold, use and disclose your personal information to provide you with goods and services, to manage your membership to our rewards program, to meet legislative requirements, where it is in our legitimate interests to do so and to continue to improve the goods and services we provide to you.
Sometimes, we are required to or may choose to share information that we hold about you with government regulators, other venue operators or law enforcement bodies. We may disclose information to those entities or receive information from them. This may include information obtained about you from audio recordings and from CCTV or facial recognition surveillance when you visit our premises, such as your voice, image or facial biometric information. It may also include your name, contact details, date of birth, copies of your photo ID, other images of you and information about any exclusion or other restriction on access to premises that applies to you.
The C.ex Group uses and, in some instances shares, personal information (including in some cases, sensitive information) for reasons including:
- provision of requested products or services and benefits gained in relation to that product or service;
- management and administration of ongoing products and services, including gaming and other activities;
- promotion of safety, security and patron welfare in the C.ex Group properties;
- collection and use of the physical location of your mobile device for security purposes, to provide you with specific services and to provide you with alerts, notifications and other information related to our products or services (we may collect this information through the C.ex Group’s free Wi-Fi network or through the Bluetooth functionality on your mobile device – to opt-out, disable Wi-Fi and Bluetooth on your mobile device);
- obtaining a credit report or other information from a credit reporting agency or financial services provider to assess an application for credit related service made by you;
- employment of our personnel and engagement of contractors and sub-contractors;
- for our business purposes such as entering into or relating to an alliance or joint venture;
- for analytics purposes to develop our understanding of our customers and the market in which we operate;
- to seek to prevent illegal or undesirable activities;
- complying with obligations that we may have under laws that apply to our business or to meet reasonable requests from regulatory bodies which regulate our business, such as preparing player activity statements and monitoring the responsible provision of gambling services in our clubs, including the exclusion of patrons from our clubs; and
- to otherwise assist law enforcement bodies.
Facial images collected through CCTV surveillance, from facial recognition cameras, from law enforcement bodies or from other venue operators, and faceprints derived from those images, may be stored and compared for the above purposes. We may share these images and faceprint data amongst our clubs, with our facial recognition technology providers, with regulators and law enforcement bodies and with other venue operators. By entering our premises, you consent to the collection and use of your personal information in these ways.
We may collect and use your personal information to promote and market our own or an affiliate of ours’ products and services, promotions and upcoming events (including for example by way of direct mail, telemarketing, targeted digital advertising, SMS, MMS messages, and notifications and alerts to your mobile device).
We will only send you this information if you have indicated your consent to receiving such information.
We will send this information to keep you informed of our new products and services and special offers. You may opt out of receiving direct marketing communications by following the directions in our direct marketing material, for example by clicking the unsubscribe link in the footer of the email communication you have received, or at any time by contacting us (see contact information below).
We may use external service providers to assist us in marketing activities.
We may collect, use and disclose personal information about you for security purposes, including:
- biometric information about you including your photograph or facial biometric information; or
- scanning or otherwise collecting information from your driver’s licence or other identification document/card when you enter our properties; or
- storing your photo from your driver’s licence or other identification document/card, and a faceprint made from it, in our facial recognition system to help identify, exclude or remove from the premises individuals to whom we may lawfully deny access and for other purposes relating to gaming, safety and security and preventing illegal or undesirable activities; or
- collecting your car number plate details when you park in the car park of one of our properties; or
- using information from your driver’s licence or other identification document/card or from your car number plate details, to match with personal information we hold about you.
The C.ex Group’s properties are subject to CCTV, facial recognition and audio surveillance for security and other reasons. We may collect your personal information through those means.
Details of suspected or actual illegal and undesirable activities and other security-related information (including facial images and photos) may be shared with our related companies, our service providers, other clubs, industry bodies and forums, law enforcement bodies and regulatory bodies such as NSW Independent Liquor & Gaming Authority and AUSTRAC.
This may include both disclosure of your personal information by us, and the receipt of your personal information by us.
3.3 Excluded Persons
When you visit our premises we may collect, use and disclose personal information about you, including your facial biometric information, for the purpose of verifying whether you are an excluded person or a person whom we may otherwise lawfully deny access to the premises. We may also collect your image or facial biometric information from law enforcement bodies and other venue operators for this purpose.
If we identify such a person we may exclude or remove them from our premises in accordance with our policies and our legal and regulatory obligations.
When we receive personal information (including sensitive information) from another venue operator about persons who are excluded or otherwise lawfully denied access to other premises, we may use it to give exclusion orders to such persons and may also use it to otherwise lawfully deny such persons access to our premises.
- SHARING INFORMATION WITH OTHER ORGANISATIONS
There are circumstances in which we may disclose personal information to another organisation for purposes that are important to help us to operate our business.
We will not sell your personal information to organisations outside the C.ex Group.
We will only give another organisation access to your personal information when:
- the other organisation is providing services to us that help us to operate our business or to provide a service to you;
- there is another business reason for us to provide your personal information to that organisation; or
- we are required or permitted by law to provide your personal information to that organisation.
Organisations include those that assist us:
- to provide, manage or administer the products and services that we offer. This includes service providers (such as mail house providers, printers and advertising agencies), postal services, call centres, customer research agencies and our advisers;
- to maintain, review, and develop our business systems, procedures and infrastructure, including testing or upgrading our computer software;
- with reviews of our business operations and structure;
- to analyse data to provide insight into our business practices;
- to collect outstanding debts; and
- with developing and planning new products and services.
We may share personal information with another organisation in relation to potential or threatened legal proceedings or disputes (whether between you and that organisation or between us and that organisation), including for the purposes of gaining legal advice, or to take action considered appropriate in relation to suspected unlawful activity or serious misconduct, including investigating any such alleged activity.
We may also share personal information with an organisation where we have obtained your consent.
- SENDING INFORMATION OVERSEAS
Your personal information may also be accessed and used by our service providers located outside Australia who assist us to send marketing communications to you.
When we disclose personal information overseas we will take reasonable steps to ensure that the overseas entity complies with the Australian Privacy Principles, unless an exception applies under those principles such that we are not required to do so. We will take reasonable steps to put in place suitable confidentiality protections in relation to personal information we provide to an overseas entity.
- ACCESS TO, CORRECTION AND DELETION OF PERSONAL INFORMATION WE MAY HOLD ABOUT YOU
6.1 How you can contact us to seek access to information we may hold about you
You are welcome to ask for access to personal information that we hold about you. To do so, please attend the relevant Club from which you want to request the information and complete a request for information form, including your full name, address, account or membership number (if relevant), and signature.
If you are unable to attend our properties to make a request, you can obtain a copy of the request for information form from the C.ex Groups website and send the completed form (along with a copy of your photo identification) to the C.ex Group’s Compliance Officer.
A copy of your information will usually be made available to you within 30 days. However, there are circumstances under the Australian Privacy Principles in which we are not required to give you access to personal information. We shall advise you if one of these exceptions applies to your request.
If we intend to charge you a fee for us to find the information you have requested, we will inform you of this cost before we provide the information to you.
6.2 How you can contact us to seek correction of information we may hold about you
If you find that your personal information is inaccurate or out-of-date, please let us know using the contact details below.
6.3 How you can contact us to seek deletion of your Star Rewards information
If you have a Star Rewards account, you may email firstname.lastname@example.org to request that we delete your personal information associated with your account.
We will use reasonable efforts to comply with your request subject to any technical limitations, legal requirements we may have to retain information and reasonable business requirements we may have to retain information (for example for security purposes, to help us resolve any complaint or dispute between you and us or where the information is needed in relation to our provision of other goods or services to you).
Deletion of this information may limit your ability to use Star Rewards.
6.4 Verification of your identity
We may require evidence of your identity before fulfilling your request to access, correct or delete any of your personal information.
- QUERIES AND COMPLAINTS
If you have a question in relation to your personal information, please contact us using the details below:
The C.ex Group
PO Box 2068
For more information about privacy issues and the protection of privacy, visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au
Privacy complaints will normally be assessed, reviewed and responded to within 30 days. If necessary, the Compliance Officer shall investigate the matter and advise of any corrective or other action taken by the business to address the matter.
If you are not satisfied with the outcome of your complaint, you can refer your complaint to the Office of the Australian Information Commissioner.
- ADMINISTRATION OF THE POLICY
8.1 Policy Owner
This Policy is owned by the Compliance Officer (Policy Owner).
The Policy Owner is authorised under this Policy to make minor changes to content without the approval of the Policy Approver which are related to changes in position title or minor spelling or grammatical changes, or to update appendices.
The Policy Owner is responsible for conducting a full review of this Policy at least every two years. Last Review – November 2023
8.2 Policy Approver
Approval of this Policy is the responsibility of the Board of Directors (Policy Approver) of the Coffs Harbour Ex Services Memorial & Sporting Club.
Download a Privacy Request Form here.