Updated May 2019
This policy outlines the ways in which Corporate Travel Connections Pty Ltd ACN 150 274 445 trading as ‘Connections Group of Companies, CT Connections, Totem Group and The Departure Lounge’ and Executive Edge Travel Pty Ltd ACN 007964203 (“We”) collect, use, disclose, store, secure, manage and dispose of your Personal Information in accordance with the Australian Privacy Principles (“the APP’s”).
Where the words “Personal Information” are used in this policy, that expression means information or an opinion that is either specifically about you, or if you are not specifically identified but you are reasonable capable of being identified, irrespective as to:
a) Whether the information or opinion is true or not; and
b) Whether the information or opinion is recorded in a material form or not.
The Kinds of Personal Information We Collect and Hold
The kinds of Personal Information we collect from you may vary depending upon the nature of the travel services you have engaged us to provide. Generally, we will collect the following kinds of personal information concerning an individual:
a) Your name, address and contact details;
b) Your gender;
c) Your nationality;
d) Your employment details including in some cases superannuation information (in the case of group travel packages facilitated by your employer);
e) Your financial and credit information for payment purposes;
f) Your frequent flyer information and travel preferences.
Where you are booking an international travel package through us, we may also request the following further personal information from you or the representative you have appointed to engage us to process your booking on your behalf:
a) Personal identification documents such as your driver’s licence or birth certificate;
b) Your passport details;
c) Information concerning your visa status or information reasonably required in order to assist you in obtaining a visa in a jurisdiction other than Australia.
Where you or your representative have engaged us to assist you in obtaining travel insurance or other similar services, we may also collect and hold sensitive information regarding your personal health and medical history. Pursuant to our obligations arising under the Privacy Act 1988 (Cth), we will only obtain such information if we are required to by law or with your express prior consent.
How We Collect and Hold your Personal Information
We will collect the majority of your Personal Information from you directly, usually through telephone, email or face to face communication, through your completion of a form, subscription to a mailing list, or any combination of these. We may also however obtain your Personal Information from:
a) Your employer or colleagues, where a travel package is being booked by them on your behalf;
c) In the case of prospective employees, recruitment agents;
d) Third parties who hold mailing lists to which you have subscribed; and
e) Third party service providers such as airlines or accommodation providers where your booking is required to me made or amended by us on your behalf.
We will obtain your consent before contacting any third party for the purposes of collecting your Personal Information.
The Purposes for which we Collect, Hold, Use and Disclose your Personal Information
We collect, hold, use and disclose your Personal Information for the following purposes:
a) Providing travel, accommodation and event services to you, your business or your employees;
b) Providing you with information about other services that we, our related entities and other
organisations that we have affiliations with, offer that may be of interest to you;
c) Facilitating our internal business operations, including the fulfillment of any legal requirements;
d) Documenting our relationship with current and prospective employees; and
e) Analysing our services and client needs with the view of developing new or improved services.
How you May Access or Seek the Correction of Personal Information Held by Us
You may access or seek the correction of any Personal Information held by us by contacting the agent acting on your behalf in any of your current bookings with us. Alternatively, you may contact our State Head Offices using the contact details available at our website www.connectionsgroup.com.au or by written request forwarded to:
|69 Kooyong Road
Caulfield North VIC 3161
80 Jephson Street
Toowong QLD 4066
223 Liverpool Street
Sydney NSW 2010
|Garden Office Park,
Building C, Level 2
355 Scarborough Beach Road
Osborne Park WA 6017
How You May Complain about a Breach of the APP’s by Us
If at any stage you feel we have breached the APP’s in our collection, use, disclosure, storage, security, management or disposal of your Personal Information, you may lodge a complaint with our Privacy Officer in writing using the contact details available on our website www.connectionsgroup.com.au.
We are committed to protecting your privacy and as such we treat all complaints very seriously. Our Privacy Officer will address your concerns with our Company Directors and contact you to ensure you are satisfied with our proposed resolution. If we do not respond to you within 30 days or you are not satisfied with our response, you are entitled to lodge a “Privacy Complaint Form” with the Office of the Australian Information Commissioner. Copies of this form and details relating to lodgment are available at www.oaic.gov.au/privacy/making-a-privacy-complaint.
Notifiable Data Breaches (NDB) Scheme
A data breach is defined as when personal information (e.g. name; contact details; banking details; passport information; etc.) is accessed or released without proper authorisation either with or without intent or as a result of accidental or inadvertent loss.
In the event there has been a compromise of the Australia Privacy Principles, you will be notified promptly about data breaches if CT Connections Travel Group believes you are likely to be at risk of harm.
CT Connections Travel Group under the Privacy Act 1988 (Privacy Act) must notify individuals affected by certain data breaches under the Notifiable Data Breaches (NDB) Scheme. In a notification, we will provide you information about the data breach and recommend steps you can take to reduce the chance of harm.
CT Connections Travel Group will notify you directly via e-mail or phone in the event of a breach. We will provide the following information:
· Personal information involved in the breach
· Description of the data breach
· Recommendations for what steps you can take in response
CT Connections Travel Group will also notify the OAIC (Office of the Australian Information Commissioner) about any data breaches that could result in any serious harm.
Our Disclosure of Your Personal Information to Overseas Recipients
We may in the course of providing travel services to you disclose your Personal Information to overseas recipients. This may occur in the following circumstances:
a) Where you instruct us to disclose, whether in writing or verbally, information which contains your Personal Information to an overseas party;
b) Where your Personal Information is disclosed for the purposes of facilitating a booking on your behalf, and the employee, agent, representative, or contractor retained to provide travel, accommodation or event services to you is based overseas; or
c) Where we are required by law to disclose your Personal Information to an overseas party in order to progress your visa or other immigration documentation on your behalf in accordance with your instructions.
Countries in Which Overseas Recipients Likely to be Located
Given the nature of our business, we disclose Personal Information to a broad array of international destinations. We will only disclose your Personal Information to third parties in the country or countries to which you will be travelling during your booking made by us on your behalf. If we intend to disclose your Personal Information to parties outside of this jurisdiction or there jurisdictions, we will obtain your consent prior to such disclosure.
We collect website activity statistics such as the number of visitors, pages visited, time and date of visit and where you accessed our website from, so that we can make informed decisions relating to improving our website and the services we deliver. This information is anonymous and does not identify a person.
When you visit our website a cookie is placed on your computer. The cookie does not contain personal information that can identify you, but may contain information about the page you visited on our website. If you do not wish for this to occur, you can remove cookies from your computer, by following the standard procedures applicable to your internet browser.
Copies of this Policy are available free of charge upon request.