1 - PURPOSE
The Star Entertainment Group Limited and all its related bodies corporate (SGR) is committed to conducting business in a manner which is safe, ethical, professional and compliant with the law.
This Policy sets out key information regarding how SGR manages personal information provided to us in the conduct of our businesses including its collection, use and disclosure.
2 - SCOPE
This Policy covers dealings with SGR and describes how we will comply with our obligations under the Privacy Act 1988 and the associated Australian Privacy Principles.
This Policy describes the purposes for which SGR may collect, use and disclose personal information. Subject to any applicable exceptions in the Privacy Act 1988 or any other relevant legislation, this Policy applies whenever SGR receives personal information either directly or indirectly through the use of SGR products, services or business activity.
This Policy covers how you can communicate with SGR in relation to private information that we may hold about you including the rights available to individuals and the means by which to make a complaint.
3 - POLICY REQUIREMENTS
Information considered as personal information under the Privacy Act 1988 includes information or an opinion about a person who is identified or reasonably identifiable. This information may include name, postal or email addresses, date of birth, image and financial details.
The type of personal information collected by SGR will depend on the interaction with the individual. For example, more information would be required for application for membership of a rewards program than is required for the entering of a competition.
Information is generally collected from individuals directly when SGR products and services are used, or through business arrangements.
In some instances, SGR may collect personal information from third parties.
SGR has obligations to collect personal information under anti-money laundering and counter terrorism legislation and to maintain records relevant to the casino regulators in the jurisdictions in which SGR operates.
3.2 - Sensitive Information
SGR will not usually collect information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal records, or health information.
If we do, we will only collect such information where:
- we are required to do so under a law that applies to our business, for example to comply with our obligations to maintain the security and integrity of our properties under the Casino Control Act 1982 (QLD) or Casino Control Act 1992 (NSW); or
- we have obtained your consent; or
- we are otherwise permitted by law to do so; or
- if you apply for a job with SGR; or
- if you use our gambling properties, where we are required to do this under laws that apply to our business.
3.3 - Use
We may use the information collected to keep you informed about our products and services, and the products and services of third parties with whom we have a relationship, where they are relevant to your continued use of those products and services.
Information about the way and frequency with which you use our products and services may be used by us for the purposes of quality control and to develop and improve the products and services that we are able to offer.
If you elect not to provide personal information to us, we may not be able to provide you with some or all of the goods or services you wish to obtain or that we would otherwise provide.
SGR uses and in some instances, shares, personal information for reasons including:
- Provision of requested products or services and benefits gained in relation to that product or service
- Management and administration of ongoing products and services
- Promotion of safety and security in SGR properties
- collection and use of the physical location of your mobile device for security purposes and to provide you with alerts, notifications and other information related to our products or services
- obtaining a credit report or other information from a credit reporting agency or financial services provider to assess an application for a cheque cashing facility which may be extended or offered to you; and
- complying with obligations that we may have under laws that apply to our business or to meet reasonable requests from regulatory bodies which regulate our business, such as preparing player activity statements and monitoring the responsible provision of gambling services in our casinos, including the exclusion of patrons from our casinos.
3.4 - Marketing
SGR may collect and use personal information to promote and market a related third party’s or our own products and services, promotions and upcoming events (including for example by way of direct mail, telemarketing, targeted digital advertising, SMS, MMS messages, and notifications and alerts to your mobile device).
SGR will only send you this information if:
- you have indicated your consent to receiving such information
- such information is related to the purpose for which SGR originally collected your personal information; or
- when otherwise permitted to do so under relevant laws.
SGR will send this information to keep you informed of our new products and services and special offers. You can contact us at any time to let us know that you no longer want to receive this information.
Marketing may be undertaken by one or more of the companies in The Star Entertainment Group using your personal information. SGR may use external service providers to assist us in these marketing activities.
SGR may collect and use personal information about you for security purposes, including:
- collecting information from your driver's licence or other identification document/card when you enter our properties; or
- collecting your car number plate details when you park in the car park of one of our properties; or
- using information from your driver's licence or other identification document/card or from your car number plate details, to match with personal information we hold about you.
SGR’s properties are subject to CCTV and audio surveillance for security reasons. SGR may collect your personal information through those means.
Details of suspected or actual illegal and undesirable activities and other security-related information may be shared with other casinos, industry bodies and forums, law enforcement bodies and regulatory bodies such as the casino regulator in each of New South Wales and Queensland.
This may include both disclosure of your personal information by us, and the receipt of your personal information by us.
3.6 Disclosure of Personal Information
SGR may disclose personal information where required or authorised to do so by law or where disclosure is reasonably required to enforce the law or for enforcement related activities conducted by or on behalf of an enforcement body.
Laws which may necessitate this type of information sharing include:
- Anti-Money Laundering and Counter Terrorism Financing Act 2006
- Casino Control Act 1992 (NSW)
- Gaming and Liquor Administration Act 2007 (NSW)
- Casino Control Act 1982 (QLD)
- Income Tax Assessment Act 1997
SGR may share information due to obligations relating to the responsible provision of gambling services.
Where authorised by law or by a reasonable request, or for any of the purposes outlined in this Policy, SGR may disclose personal information to:
- Australian Taxation Office
- Australian Securities and Investments Commission
- Child Support Agencies
- Australian Financial Security Authority
3.7 Sharing information with other organisations
There are circumstances in which we may disclose personal information to another organisation for particular purposes that are important to help SGR to operate its business.
We will not sell your personal information to organisations outside SGR.
We will only give another organisation access to your personal information when:
- the other organisation is providing services to us that help us to operate our business or to provide a service to you;
- there is another business reason for us to provide your personal information to that organisation; or
- we are required or permitted by law to provide your personal information to that organisation.
Organisations include those that assist us:
- to provide, manage or administer the products and services that we offer. This includes service providers (such as mail house providers, printers and advertising agencies), postal services, call centres, customer research agencies and our advisers;
- to maintain, review, and develop our business systems, procedures and infrastructure, including testing or upgrading our computer software;
- with reviews of our business operations and structure;
- to collect outstanding debts; and
- with developing and planning new products and services.
SGR may share personal information with another organisation in relation to potential or threatened legal proceedings or disputes (whether between you and that organisation or between us and that organisation), including for the purposes of gaining legal advice, or to take action considered appropriate in relation to suspected unlawful activity or serious misconduct, including investigating any such alleged activity.
SGR may also share personal information with an organisation where we have obtained the individual’s consent.
3.8 Sending Information Overseas
For international guests, we may share your personal information overseas with your agents and/or representatives (including, but not limited to your tour operator or arranger and their representatives) in your country of origin or in Hong Kong, Macau or Singapore, as the case may be. In addition, for international gaming guests, we may share your personal information to conduct credit or other background checks, including with other casinos and credit rating and other reporting agencies in Singapore, Malaysia, the Philippines, Macau, Hong Kong, South Korea, the United States of America and/or New Zealand.
Your personal information may also be accessed and used by our service providers located outside Australia who assist us to send marketing communications to you.
When we disclose personal information overseas we will take reasonable steps to ensure that the overseas entity complies with the Australian Privacy Principles, unless an exception applies under those principles such that we are not required to do so. We will take reasonable steps to put in place suitable confidentiality protections in relation to personal information we provide to an overseas entity.
3.9 Privacy and internet use
You should keep confidential all of your passwords or access codes. They are used to control your access to our products and services and are important in helping us to maintain the security of your personal information and the integrity of our internet services.
We provide links to other websites. These linked websites are not under our control. We are not responsible for the conduct of organisations linked to our website. We suggest that you review the privacy policies of any linked sites that you may access from our website before disclosing your personal information on them.
3.10 Information Collected from your Computer or other Electronic Devices
- provide better online experiences
- deliver more relevant and targeted advertising
- develop reports on matters such as usage trends and visitation data. These reports may then be shared with third party marketing partners and affiliates.
The information collected and used may include your Internet Protocol (IP) address; domain name; browser type; date and time of your request; your internet service provider, mobile carrier, or data services provider; and your online behaviour, such as information on the pages you visit, links you click, features you use, how and when you interact with the services, the content, images and advertisements you select.
If you use a mobile device to access our websites or online resources, we may collect information about your device, such as your device ID and device type, as well as usage information about your device and your use of our mobile websites and other mobile resources.
Most internet browsers and mobile devices can be set to inform you when tracking technologies are being used or sent to your device. They also provide you with the option of refusing the use of tracking technologies, however, this may negatively impact the display or function of certain areas or features of our services.
4. SECURITY OF PERSONAL INFORMATION
SGR will take reasonable steps to protect your personal information and monitor that it is accurate, up-to-date and, when that personal information is used or disclosed, relevant to the purpose for which the information is being used or disclosed.
Your personal information is held on secure servers or in storage located in controlled environments.
Our employees and service providers are required to maintain the confidentiality of any personal information held by us.
5. RIGHTS AVAILABLE TO INDIVIDUALS
You have the right to request access to and correction of information about you held by SGR.
In some instances, an individual may desire to remain anonymous. SGR is not required to provide this option if:
- it is impracticable for us to deal with unidentifiable individuals; or
- we are required or authorised by law or a court or tribunal order to deal with identified individuals.
You should advise us if you do not wish to be identified and wish to remain anonymous or use a pseudonym when entering into transactions with us.
We will endeavour to assist with any such request:
- provided it is not impracticable to operate and communicate with you if you have not identified yourself in the circumstances; or
- except where we are required by law or an order from a court or tribunal requires us to only deal with you if you have identified yourself. For example, anti-money laundering and counter-terrorism finance legislation may require you to be identified in order to be provided a service. In addition, you may be required to be identified to maintain the safety and security of our premises and to comply with legislation relating to gaming and service of alcohol.
6. ACCESS TO AND CHANGING YOUR PERSONAL INFORMATION
You are welcome to ask for access to personal information that we hold about you. To do so, please attend the relevant property from which you want to request the information and complete a request for information form, including your full name, address, account or membership number (if relevant), and signature.
If you are unable to attend our properties to make a request, you can obtain a copy of the request for information form from the relevant property's website and send the completed form (along with a copy of your photo identification) to SGR’s Privacy Officer.
A copy of your information will usually be made available to you within 30 days. However, there are circumstances under the Australian Privacy Principles in which we are not required to give you access to personal information. We shall advise you if one of these exceptions applies to your request.
If we intend to charge you a fee for us to find the information you have requested, we will inform you of this cost before we provide the information to you.
If you find that your personal information is inaccurate or out-of-date, please let us know.
If you have a question in relation to your personal information, please contact us using the details below:
The Star Entertainment Group
PO Box Q192
QVB Post Office
Sydney NSW 1230
7. CHANGES IN THE FUTURE
8. ADDITIONAL INFORMATION ON PRIVACY
For more information about privacy issues and the protection of privacy, visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au
Electronic addresses that are published on our websites are for professional communications only and this is not an invitation to send unsolicited commercial emails that are not related to our business.
Should you wish lodge a privacy related complaint, this can be made in writing to:
The Star Entertainment Group
PO Box Q192
QVB Post Office
Sydney NSW 1230
Privacy complaints will normally be assessed, reviewed and responded to within 30 days. If necessary, the Privacy Officer shall investigate the matter and advise of any corrective or other action taken by the business to address the matter.
10. ADMINISTRATION OF THE POLICY
The Chief Risk Officer is responsible for maintaining this Policy.
This Policy shall be reviewed annually and any changes approved by the SGR Board.
Authorised person means an individual to which the data relates.
Personal information means data or opinions about an identified individual, or an individual who may be reasonably identifiable.
Sensitive information is data that is a subset of personal information. It is information that can be reasonably linked to an identifiable person which is:
a) data or an opinion about the individual’s:
- racial or ethnic group
- political membership/affiliation/association
- political opinions
- religious beliefs/affiliations
- philosophical beliefs
- memberships of professional or trade associations
- membership of a trade union
- sexual orientation of practices
- criminal records
b) Health information about an individual.