For reference, our related bodies corporate are:
- Mangoberry Pty Ltd (ACN 077 254 052)
- Marketics Pty Ltd (ACN 620 568 238)
- RedBalloon Pty Ltd (ACN 097 376 442)
- RedBalloon NZ Ltd (CO. # 1417960)
- Redii.com Pty Ltd (ACN 607 261 978)
- The Huddle for Business Pty Ltd (ACN 618 271 800)
- Wrapped.com Pty Ltd (ACN 619 379 609)
- Adrenaline Experiences Pty Ltd (ACN 627 166 527)
- BRG Luminary Experiences Pty Ltd (ACN 632532579)
Table of Contents:
1.The kinds of information we collect and hold
2.How we collect your information
3.How we hold your Personal Information
4.How we use your information
5.When we disclose your information
7.How to access or correct your Personal Information
8.How to make a complaint about a breach of privacy
9.Changes to this Policy
Depending on the particular circumstances, we may collect and hold a range of different information about you.
1.1 Personal information
Personal information is information from an individual who is reasonably identifiable. Examples of the types of personal information we collect include:
- your name;
- contact details;
- identification information;
- history records of your communication and interaction with us;
- details or history of preference, interests and behaviour relation to transactions, products, services and activities on the Site;
As well as other similar Personal Information that is needed to register or subscribe you to our services or offers. If we ever ask for significantly different information, we will inform you. If you do not provide certain requested Personal Information to us, we may not be able to provide you with access to and use of the Site, provide you with access to our other products and services, or to fulfil one or more of our functions and activities applicable to you.
The following information we collect does not allow you to be identified until the point that you enter an email address into any form on our website. This information is data that is only labelled with individual identifiers in certain third party systems and is never stored within BRG owned databases. Within owned databases, the following information is not labelled with personal identifiers or has had the identifiers permanently removed, and by means of which no specific individual can be identified directly by BRG systems. When you visit the Site, our Company servers may automatically record non-identifiable information that your browser sends.
This data may include, but is not limited to:
- your computer’s IP address;
- browser type;
- webpage you were visiting before you came to the Site;
- the pages within the Site you visit;
- The products viewed, added to cart and ultimately purchased within the Site you visit;
- the time spent on those pages, items, and information searched on the Site, access times, dates and other statistics.
Non-identifiable information is collected for analysis and evaluation in order to help us improve the Site and the services and products we provide. This data will not be used in association with any other Personal Information
1.2 Third Party identifiable information
In certain circumstances, such as when you purchase a product, voucher or gift card for another individual, we may also collect the information that you provide to us on that individual which may include:
- Postal Address
We may collect your information in a number of ways, including:
- Directly from you, including but not limited to when you:
- browse the Site;
- save an item to either your wishlist or to the cart;
- register on the Site;
- log into the Site once registered;
- subscribe to marketing communications;
- participate in onsite, email or social promotions or competitions;
- redeem gift vouchers or gift cards on our site;
- make a purchase from us;
- contact our Customer Care for any reason on any channel;
- click on The Site banners, hyperlinks or plugins;
- accept location or notification pop ups on site;
- enter information into a form;
- interact with us on our social media; or
- have a conversation with our team members
- From third parties such as our related entities, business or commercial partners,
- From publicly available sources of information.
We may also collect information from you online. See more information in clause 6.
Our use of the personal information we collect is necessary in order for us to maintain the Site and facilitate users’ use of the Site. We do not collect any unnecessary personal data from users (for instance, their race or religious beliefs).
We may store your Personal Information in hard copy or electronic format, in facilities that we own and operate ourselves, or that are owned and operated by our service providers. We take the privacy and security of your Personal Information seriously and we use a number of procedures and processes to ensure, where possible, the security and integrity of your Personal Information.
We protect your Personal Information by:
- Restricting access to Personal Information;
- Maintaining technology products to prevent unauthorised computer access;
- Securely destroying your Personal Information when it is no longer needed for our record retention purposes.
The Big Red Group is committed to information security. We will use all reasonable endeavours to keep users’ personal information in a secure environment. For instance, each user’s personal information is encrypted whilst being sent to our server at the time of setting up an account. However, security cannot be guaranteed due to the nature of the internet.
The Big Red Group security measures are designed to assist in ensuring that users’ personal information is not accessed by unauthorised personnel, lost or misused. If you reasonably believe that there has been unauthorised use or disclosure of your personal information, please let us know by contacting our Privacy and Data Protection Officer (see clause 10).
The security of your sensitive financial details is important to us. Credit card details are never stored by the Big Red Group. Credit card data is encrypted when being transferred through the payment gateway. Not only are all transactions secured using industry strength SSL encryption but, as additional protection, we also enforce the entry of the 3 or 4 digit credit card security numbers (CCV number).
Once any information is in our possession, we will take reasonable steps to protect that information from misuse, loss, unauthorized access, and modification or disclosure. In the event of a security incident we have in place procedures to promptly investigate the incident and determine if there has been a data breach involving personal information, and if so, to assess if it is a breach that would require notification. If it is, we will notify affected parties in accordance with the Privacy Act requirements.
While we strive to protect such information, we cannot guarantee 100% the security of any information (personal or other) you transmit to us. Therefore, we will not be liable for any breach of security or unintended loss or disclosure of information due to the Site being linked to the Internet.
3.1 How long we hold a user’s personal information
We will retain your information for as long as the Big Red Group account is active or as necessary to comply with our legal obligations, resolve issues, address queries and enforce our agreements. If you no longer wish to use our Site or Services, you may request that your account be deactivated by firstname.lastname@example.org or calling our Customer Experience Team on 1300 875 500 (AU) or 0800 555 023 (NZ)
3.2 Transfer of your data outside of Australia
Users’ personal information is uploaded to, and kept on, the servers that we maintain or that are maintained by third parties that comply with strict contractual privacy obligations. It is not otherwise transferred internationally, other than New Zealand and the United States, except where a copy is sent to the user at their request. Users consent for their personal information to be transferred and stored in this manner is obtained at the time of registration.
We may use your information for a range of different purposes, including:
- to provide products and services to you;
- to communicate with you, including about products and services, competition results, special offers, and events which might interest you (see clause 4.1);
- to provide personalised recommendations based on past browsing behaviour both on site and within marketing email communications;
- to answer your questions and provide you with information or advice;
- to create orders, transaction records, agreements for the sale of products or services, accounts, tax invoices or receipts;
- To provide booking reminders and expiry notifications in relation to products purchased and held by you as:
- the purchaser of a product or experience voucher,
- the recipient of a product or experience voucher;
- the redeemer of an experience voucher or;
- the participant of an experience booked via the Site;
- to gain an understanding of your information to improve or develop our products and services;
- to provide you with better customer services;
- to perform research and analysis;
- to carry out administration, marketing, planning, fraud and loss prevention activities, procurement, product and service development, quality control and research to improve the way The Big Red Group and our related bodies corporate and service providers provide products and services to you; and;
- to comply with laws or regulations or to comply with any directions given by regulators or authorities.
We may also use your information so that we, our related entities, other business or commercial partners can promote and market products, services and special offers that will be of interest to you (which may include products, services and offers provided by a third party).
We collect aggregated information about you which informs us about our users. The browser information we collect is used in an aggregated, anonymous manner in our internal analysis of traffic patterns within the Site. This information is used by us to administer and improve our products and services.
4.1 Direct Marketing
The User will also be given the option to sign up for our email newsletter. Once subscribed, the Big Red Group and its related bodies corporate may use personal information about the User for the primary purpose of providing User with services from the Big Red Group or its partner suppliers, and for other purposes for which you would reasonably expect us to use that information. This includes sending the User information about new ‘experiences’, products, services and special offers by post, telephone or any form of electronic communication. By subscribing, the User authorises the Big Red Group to use any email address or other contact information he/she has provided at any time for this purpose.
The User will also be given the opportunity to ‘opt-out’ of receiving emailed information or other correspondence, by simply clicking the unsubscribe link at the bottom of any newsletter email you receive from us, replying ‘Opt out’ to any SMS or changing your push notification settings within your selected browser. The User agrees and acknowledges that even if he/she opts out of receiving marketing material, the Big Red Group may still send the User essential information that it is legally required to send the User relating to the services they have acquired from us.
Once you opt out of receiving marketing material from us, you agree and acknowledge that this removal from our distribution lists may take several business days after the date of you request to be removed.
We engage a range of third parties to provide services and perform business support functions for us. Some of those third parties need access to Personal Information in order to provide the services or perform the functions we require. Therefore, we may disclose your information to these third parties to:
- assist us in providing products and services you have requested, such as delivery service providers and fulfilment managers;
- for the provision of joint promotions or anonymised data analysis;
- conduct market research and marketing strategy analysis; and
- manage or develop our business and corporate strategies and functions.
Where we share your Personal Information with third party service providers, they will be contractually bound to use the information only for the purposes of providing the services or performing the functions required by us and to store the information securely, for example, storing in non-human readable form to ensure the security of your information.
We may disclose certain information about you including your personal information to our related bodies corporate.
In the event of a security incident involving unauthorised access, use or disclosure of personal information where a third party with whom we share personal information is involved, we will seek to work cooperatively with them to protect the personal information we have shared with them.
We use “cookies” when you visit the Site. It is a technology that enables us to operate an efficient service and track the patterns of behaviour of visitors to the Site. There are four main types of cookies – here’s how and why we use them.
- Site functionality cookies – these cookies allow you to navigate the Site and use our features, such as “Add to Cart”, “Live Chat”, “Subscribe”, “My Account” and “Add to Wishlist”.
- Site Google analytics cookies – these cookies allow us to measure and analyse how our customers use the Site, to improve both its functionality and your shopping experience.
- This cookie has enabled Google Signals which collates Google information from accounts of signed-in users who have consented to this association for the purpose of ads personalization. This Google information may include end user location, search history, YouTube history, and data from sites that partner with Google—and is used to provide aggregated and anonymized insights into your users’ cross device behaviours. The data collected through Signals is anonymised and may be accessed and/or deleted by via My Activity . These features are also subject to the Google AnalyticsAdvertising Features policies.
- Customer preference cookies – when you are browsing or shopping on The Site, these cookies will remember your preferences (such as location), so we can make your shopping experience as seamless as possible, and more personal to you.
- Targeting or advertising cookies – these cookies are used to deliver marketing and advertising materials that are relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.
- Session Recording Services – utilises first-party cookies and local storage to maintain a coherent scope for a user session across multiple pages on a single website.
By using the Site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the Site in the future. You can modify the settings on your device to prevent cookie use. Please note by disabling cookies, your user experience may be affected and you might not be able to take advantage of certain functions of the Site
Notwithstanding any other provision, we may also engage a third party service provider who may combine your information with information from other data sources; and may place or recognize a unique cookie on your browser for the purpose of identifying users and delivering to them interest-based content and advertisements. To opt-out of third party cookies, please contact us at email@example.com
The personal information we hold about a user is kept so that we may correctly identify that user. Users can update their personal information anytime from within the ‘My Account’ area of the Site.
We take all reasonable steps to ensure that personal information held by us is accurate, up-to-date, complete, relevant and not misleading. If you believe that any of your personal information is not accurate, up-to-date, complete, relevant and not misleading, please contact us (see below) and we will take all reasonable steps to correct it within a reasonable time.
Users have a right to get a copy from us of the personal information we hold about them. If you wish to receive a copy of this information please address your request to the Privacy and Data Protection Officer (see clause 10). We will deal with your request promptly and in any case at least within 30 days of the date of receiving it. We will give access to the information in the manner you request, where reasonable and practicable. This will be subject to any exemptions allowed under the Privacy Act. We will correct or delete inaccurate or incomplete personal information we hold about you at your request.
You can find more information about privacy and the protection of your Personal Information on the website of the OAIC at https://www.oaic.gov.au/.
Privacy and Data Protection Officer
The Big Red Group, Level 11/50 Carrington St, Sydney, NSW, 2000.
When contacting us you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if it is impracticable for us to communicate with you that way or we are required or authorised under Australian law to only deal with individuals who have identified themselves.