1. FUNLAB HOLDINGS PTY LIMITED ACN 606 795 733 Funlab and its subsidiaries and related entities (as those terms are defined in the Corporations Act 2001 (Cth)) (“Funlab” “we” “our” or “us”) operate a variety of entertainment businesses throughout Australia. Through these operations, Funlab from time to time gathers information from Customers and other parties with whom we deal for a variety of reasons including, in particular, to enable us to improve the nature of the services we provide.
2. WHY FUNLAB COLLECTS PERSONAL INFORMATION
2.2 Collection of Information As a provider of a wide range of services, Funlab frequently finds that it is necessary to collect Personal Information during the course of transactions. In accordance with the APPs, where practical, Personal Information may be collected about Customers via the following means:
(a) competition entry forms;
(b) application forms (including online applications to access Wi-Fi internet at some of Funlab’s subsidiaries’ entertainment precincts);
(c) Funlab’s contractors, in relation to services operated by Funlab in conjunction with such contractors;
(e) websites (social media sites; eg Linked In – and in some instances cookies);
(f) online transactions;
(g) networking functions (eg: business cards);
(h) over the phone;
(i) credit card details via credit card purchases on our payment platforms; and
(j) Information collected from third parties.
In all cases, Funlab will only collect Personal Information by lawful and fair means and not in an unreasonably intrusive way.
2.3 Information given to Customers At or before the time Funlab collects Personal Information about an individual (or if that is not possible, as soon as practicable after the collection of the Personal Information), Funlab will advise the Customer as to:
(a) our identity and contact details;
(b) the fact that he or she is able to gain access to the information including how to access and seek correction of such information;
(c) the purpose for which the information is collected;
(d) the types of organisations to which their Personal Information may be disclosed;
(e) any law that requires the Personal Information to be collected;
(f) the key consequences if all or some of the information cannot be collected;
(g) how to make a complaint about Funlab’s handling of the Customer’s personal information and how Funlab will deal with the complaint; and
(h) whether Funlab is likely to disclose personal information about the individual to overseas recipients and, if it is practicable, the country such recipients are likely to be located. If it is reasonable and practicable to do so, we will collect Personal Information about a Customer only from that customer. Where we collect Personal Information about a Customer from a third party, and the Customer has not previously consented to that third party providing the information to us, we will take such steps that are reasonable and practicable to ensure that the Customer is or has been made aware of the information about their Personal Information listed in this point 2.3. We request that individuals obtain the consent of the person or otherwise comply with any relevant privacy legislation before providing us with any Personal Information about that person.
2.4 ‘Sensitive Information’ We will not ask a Customer for information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or details of health, disability or sexual activity or orientation, unless:
(a) the Customer provides their consent;
(b) the collection of that information is specifically authorised by law;
(c) the collection is necessary to lessen a serious or imminent threat to the health or safety of a person;
(d) the collection of the information is necessary for the establishment, exercise or defence of a legal claim; or
(e) for any other reason authorised by the Privacy Act.
2.5 Customer consent Wherever practical, Funlab will obtain the express consent of Customers to the collection of Personal Information. In some situations, Funlab will interpret a Customer’s actions as indicating that a Customer consents to the collection of Personal Information. This may occur where the Customer has provided Personal Information for a particular purpose and that purpose cannot be achieved without Funlab making use of the Customer’s Personal Information.
2.6 What happens if Personal Information is not provided Where relevant, Funlab will endeavour to make Customers aware that Funlab may not be able to provide a proper service to them if Personal Information is not provided upon request.
3. Use and Disclosure
3.1 Funlab may use and disclose the Personal Information it collects for the primary purposes for which such information was collected as set out in point 2.1 of this policy. This may include using and disclosing Personal Information to individuals and other organisations such as our staff, outsourced service providers, marketing and market research advisors and payment platforms.
3.2 Funlab will not use or disclose Personal Information about an individual for a different purpose (“the secondary purpose”) other than the primary purpose of collection unless:
(a) both of the following apply:
(i) the secondary purpose is related to the primary purpose of collection and, if the personal information is sensitive information, directly related to the primary purpose of collection; and
(ii) the individual would reasonably expect Funlab to use or disclose the information for the secondary purpose- for example, we may disclose your Personal Information to an entity or individual in order to assist us to meet the primary purposes for which we collected your information;
(b) the individual has consented to the use or disclosure;
(c) it is unreasonable or impracticable for Funlab to obtain the individual’s consent and Funlab reasonably believes that the use or disclosure is necessary to lessen or prevent:
(i) a serious threat to an individual’s life, health or safety; or
(ii) a serious threat to public health or public safety;
(d) Funlab has reason to suspect that unlawful activity or misconduct of a serious nature that relates to Funlab’s activities or functions has been, is being or may be engaged in, and we use or discloses the Personal Information as a necessary part of our investigation of the matter or in reporting our concerns to relevant persons or authorities;
(e) the use or disclosure is required or authorised by or under law or a court or tribunal order;
(f) Funlab reasonably believes that the use or disclosure is reasonably necessary for one or more enforcement activities conducted by, or on behalf of, an enforcement body;
(g) Funlab reasonably believes that the use or disclosure is reasonably necessary to assist an APP entity, body or person to locate a person who has been reported missing;
(h) if the information has been collected from the Customer is not sensitive information and the use of the information is for the purpose of direct marketing:
(i) in each direct marketing communication with the Customer, Funlab draws to the Customer’s attention, or prominently displays a notice, as to how the Customer may make a request to not receive any further direct marketing communications;
(ii) each written direct marketing communication by Funlab with the individual (up to and including the communication that involves the use) sets out Funlab’s business address and telephone number and, if the communication with the individual is made by fax or other electronic means, a number or address at which Funlab can be directly contacted electronically; and
(iii) the individual has not made a request of Funlab to not receive direct marketing communications from Funlab.
3.3 Data Quality
Funlab takes reasonable precautions to ensure that the personal information it collects, uses and discloses is accurate, complete, relevant and up-to- date. However, the accuracy of that information depends to a large extent on the information customer’s provide. That’s why we recommend that customers:
(a) let us know if there are any errors in your personal information; and
(b) keep us up-to- date with changes to their Personal Information such as their name or address. The Customer may change their personal details by using the relevant facility on our website or by contacting us care of the contact details provided in point 10.
3.4 Data Security
(a) Funlab will take reasonable steps to protect the Personal Information from misuse, interference, loss and unauthorised access or disclosure. This may include taking reasonable steps to destroy or permanently de-identify personal information once it is no longer needed for any purpose for which the information may be used or disclosed.
(b) Funlab will not attempt to match de-identified or anonymous data collected through surveys or such online devices as “cookies”, with information identifying an individual, without the consent of the relevant individual.
3.5 Accessing and Correcting Personal Information
(a) Funlab will permit records containing the Customer’s Personal Information to be accessed by a Customer when the Customer contacts us c/o the contact details at point 10 below. We may, however, refuse to provide the Customer with access to its Personal Information if, for instance, granting the Customer such access would pose a serious threat to the Customer’s life or to the health and safety of any individual or have an unreasonable impact on the privacy of any other individual.
(b) If the Customer believes that the Personal Information we hold about the Customer is incorrect, incomplete or inaccurate, then the Customer may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the Personal Information stating that the Customer disagrees with it.
(c) If the Customer:
(i) wishes to lodge a request to access and/or correct its Personal Information; or
(ii) has been refused access to its Personal Information by us for any reason described in this Policy and the Customer wishes to challenge that refusal; the Customer may do so by contacting our Privacy Officer as per the details in point 10 below. The procedure for challenging such a refusal is also set out in point 10 below.
(d) We will not normally charge a fee for processing an access request unless the request is complex or is resource intensive. We do, however, reserve the right to charge an administration fee if an individual requests access to their personal information more than once in a three month period.
(e) Where we offer online account management facilities, customers can use this capability to control aspects of their account, including amending or updating certain personal information.
Funlab has adopted the position proposed by the Privacy Commissioner that a young person is able to give their consent when he or she has a sufficient understanding and maturity to understand what is being proposed. Where Funlab is aware that it is gathering information from a minor, Funlab will obtain consent from a legal guardian for the collection of the information. Where this is not possible, Funlab’s staff will make a determination as to the minor's understanding of why the Personal Information is being collected, before deciding to collect that information.
The office of Funlab’s Privacy Officer will be the first point of contact for inquiries about privacy issues. If you wish to make an inquiry or complaint regarding privacy you should do so by contacting this office as per the details in Point 10.
7. STAYING ANONYMOUS
(a) We will not make it mandatory for visitors to our website to provide personal information unless such information is required to answer an inquiry or provide a service. We may, however, request visitors to provide personal information voluntarily to us (for example, as part of a competition or questionnaire).
(b) We will allow our customers to transact with us anonymously or by using a pseudonym wherever that is reasonable and practicable.
8. TRANSFERRING INFORMATION OVERSEAS
(a) We will only transfer personal information about an individual to someone who is in a foreign country if:
(i) we reasonably believe that the recipient of the information is subject to a law, or binding scheme, which effectively overall upholds principles for protection of the information that are substantially similar to the Australian Privacy Principles, and there are mechanisms that an individual can access to take action to enforce that law or binding scheme;
(ii) we have taken such steps as are reasonable in the circumstances to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the Australian Privacy Principles; or
(iii) the individual has been expressly informed that if they consent to the transfer, paragraph 8(a)(i) will not apply, and the individual consents to the transfer.
Note: By providing your Personal Information to us, you consent to the transfer of information to someone who is in a foreign country, even if paragraph 8(a)(i) does not apply, in circumstances where:
(i) we consider that it is necessary for us to do so in order to properly provide you with the required services, including by confirming an appointment or responding to your queries with respect to your engagement of us;
(ii) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between us and a third party;
(iii) all of the following apply:
(A) the transfer is for the benefit of the individual;
(B) it is impracticable to obtain the consent of the individual to that transfer; and
(C) if it were practicable to obtain such consent, the individual would be likely to give it.
10. CONTACT US
Funlab Holdings Pty Limited
90-94 Nicholson Street
Abbotsford, 3067 VIC
Once the Privacy Officer receives a complaint from you, the Privacy Officer will within a reasonable time after receiving the complaint begin investigating the complaint. In investigating the complaint the officer may use additional resources within our organisation to determine the nature of the complaint. We may contact you during this investigation if necessary. If a breach is found, the Privacy Officer will escalate the matter to management to ensure that the process which caused the breach is remedied. We will also contact you to inform you of the outcome of the investigation within a reasonable time after the conclusion of the same. We will treat your complaint during the investigation period confidentially and aim to resolve your complaint in a timely fashion and a satisfactory manner. Further information on privacy can be obtained from the Privacy Commissioner at www.privacy.gov.au.
This policy was last updated on 27/03/2017.