Personal information is any information about an identified individual or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not.
Sensitive information is any personal information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health, genetics, biometrics or biometric templates. Other than details of any medical conditions that you have which may be relevant to your use of our venues, products and services) or information about your professional or trade associations or trade union membership (which may be relevant to networking functions or business related promotions), we generally do not wish to be informed of a person’s sensitive information. We, in any event, will collect, use or disclose sensitive information about you only as allowed by law, for example where we have received your consent to do so or the collection is required by law.
Passive information collection
As you navigate through this website, as well as our other websites and social media sites (such as our webpages on Facebook), and attend our venues, certain information can be passively collected (that is, gathered without you actively providing the information) through various technologies, such as cookies, internet tags or web beacons, navigational data collection, and Wi-Fi, Bluetooth and other wireless networks.
These websites, social media sites and Wi-Fi, Bluetooth and other wireless networks may use and combine such passively collected anonymous information to provide better services to users or visitors, customise the digital or physical experience based on your preferences, compile and analyse statistics and trends and otherwise administer and improve for your use. Such information is not combined with personally identifiable information collected elsewhere unless you have consented.
How we collect your personal information
We collect personal information that is necessary for our business activities and in order to provide and develop our services. We may do this in a number of ways, including:
- directly from you, when you provide it to us or our employees, authorised representatives, agents or contractors, including through:
- your use of our website (including making bookings or purchases), social media sites and applications;
- your use of our venues, including accessing any of our Wi-Fi, Bluetooth and other wireless networks;
- completing and submitting forms via our website and waiver platform;
- any request received from you for access to or to receive our electronic direct mail communications, newsletters and other publications;
- directly from you, if you send us an email or otherwise contact us;
- talking to our staff, including about any health issues that you may suffer from that is relevant to your use of our venues, products and services;
- from parents or guardians in the case of a person under the age of 16 or where a family member nominates you;
- from publicly available resources; or
- by analysing our own records of your use of our venues, products, services and website.
We also may collect your personal information when legally required to do so by law.
What personal information do we collect and why?
The type of personal information we collect may include your name, date of birth, address, postcode, telephone number, email address, social media account information, use of our venues, products and services, details of your surfing ability and surfing habits, whether you have recommended our venues, products and services to anyone else (via our referral system), details of your health and fitness (including preferences for activities such as events and training),any medical conditions that you have that may be relevant to your use of our venues, products and services, and your preferences regarding our venues, products and services. If we are not provided with the personal information that we request, we may not be able to meet your request or provide our products or services to you.
The personal information you provide us may be used for a number of purposes connected with our business operations, which include to:
- verify your identity;
- facilitate the provision of our products and services to you;
- address or respond to any requests from you;
- inform you of existing and proposed products and services which we provide;
- better understand your surfing, skateboarding, training, fitness, events, leisure, entertainment, food, beverage, retail, hire and health needs;
- develop and improve the quality and scope of our venues and the products and services we provide, and seek your feedback;
- help ensure your safety while at our venues, and while using our products and services; and
- optimise our marketing, communications and promotional activities.
Your personal information may be used so that we, our wholly-owned subsidiaries, employees, authorised representatives, agents and contractors can provide you with information about our venues, products and services, such as by way of direct mail or telemarketing, and, where you have opted in, by email, SMS and MMS, or to request your feedback for promotional purposes. You always have the right to opt-out of receiving such information. You may exercise that right by contacting us as set out below.
We may also use your personal information for purposes related to those described above, which would reasonably be expected by you.
We will not use your information for purposes other than those described above unless we have your consent or as permitted by law (including for law enforcement or public health and safety reasons).
Sharing your personal information
We may disclose your personal information in certain circumstances, such as where we are required or authorised by law or where you have consented to us doing so.
We also may disclose your personal information to:
- others in accordance with a request made by you;
- our related companies, employees, authorised representatives, agents, contractors and business partners;
- persons engaged in providing us with professional, business, marketing, communications, technology and corporate services, when reasonably required;
- healthcare professionals where this is required to help ensure your health and safety; and
When making such a disclosure we will take reasonable steps to ensure that the recipient is bound by privacy obligations.
Unless you consent, we otherwise will not disclose your personal information to third parties.
Does my personal information leave Australia?
We will only send your personal information outside Australia:
- if we are authorised to do so by law;
- if you have consented to us doing so.
In the course of our ordinary business operations we commonly disclose personal information to third parties located in the following countries:
- New Zealand; and
- United States.
Access and correction
You may request access to any of the personal information we hold about you by contacting us as specified below. We reserve the right to charge a reasonable fee for the costs of retrieval and supply of any requested information.
We will take all reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up to date. To ensure your personal information is accurate, please notify us of any errors or changes to your personal information and we will take appropriate steps to update or correct such information in our possession.
Storage and security
We will take all reasonable precautions to safeguard your information from loss, misuse, unauthorised access, modification, disclosure or destruction. We may store your files in hard copy and/or digital copy. We implement a range of physical and electronic security measures to protect the personal information that we hold, including that hard copies are kept in locked cupboards and for digital copies, on servers that have technical measures in place to protect the personal information under our control. You should keep in mind that no internet transmission is ever completely secure or error-free. In particular, e-mails sent to or from this website may not be secure.
Links to other websites
Notifiable Data Breaches scheme
In the event of any loss or unauthorised access or disclosure of your personal information that is likely to result in serious harm to you, we will:
- investigate; and
- notify you and the Australian Information Commissioner as soon as practicable,
in accordance with the Act.
URBNSURF Group Pty Limited will take any privacy complaint seriously and will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 30 days.
URBNSURF Group Pty Limited expects our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also make a formal complaint with the Officer of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia):
Office of the Australian Information Commissioner (OAIC)
Complaints must be made in writing
1300 363 992
Director of Compliance
Office of the Australian
GPO Box 5218
Sydney NSW 2001
How to contact us