Australia and New Zealand Privacy Policy 

Last Updated: September 2023 

This is the Australian and New Zealand Privacy Policy of Oaks Hotels and Resorts Limited and its affiliates and subsidiaries (details of which are listed here) (collectively, "we", "us", "Minor Hotels").   Minor Hotels respects your privacy and is committed to protecting your personal information.  We comply with the Privacy Act 1988 (Cth) in Australia and the Privacy Act 2020 (NZ) in New Zealand (each a "Privacy Act") and the Australian Privacy Principles (“APP”) and the New Zealand Information Privacy Principles, which regulate how we may collect, use, disclose, store and protect your information. This policy is intended to keep you informed and help you to understand your rights (and our obligations) under the applicable Privacy Act. 

By using any of our products or services and/or by agreeing to this statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this policy.

What is 'personal information'?

Personal information in Australia is information or an opinion about you, whether true or not, which identifies you or from which your identity can be reasonably obtained. It does not include data where all identifying details have been removed.

Personal information in New Zealand is information about an identifiable individual. 

How is your personal information collected?

Minor Hotels collects and processes your personal information through your use of our website and other services provided by Minor Hotels (“Services”), including any data you may provide when you use our: 

  • Online services, such as websites owned or controlled by Minor Hotels, web and mobile applications, social media pages, email messages; or
  • Offline interactions, when you visit or stay as a guest at one of our properties, reach out to our call centre, or through other offline interactions.

We use different methods to collect data from and about you including through this website: 

  • Direct interactions: You may give us your personal information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide online when you book accommodation, sign up for a newsletter, or participate in a survey, contest or promotional offer. We collect personal information offline when you visit our properties, or use services such as restaurants, childcare services and spas.
  • Automated technologies or interactions: As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. The information we may collect by automated means includes, but is not limited to:
  • Information about the devices our visitors use to access our sites (such as the IP address and the device, browser and operating system type),
  • Pages and URLs that refer visitors to our sites, also pages and URLs that visitors exit to once they leave our sites,
  • Dates and times of visits to our sites,
  • Information on actions taken on our sites (such as page views, site navigation patterns or application activity),
  • A general geographic location (such as country and city) from which a visitor accesses our sites,
  • Search terms that visitors use to reach our sites.

We collect this personal information by using cookies, web beacons and other similar technologies. To learn more, please see our cookie statement for further details.

  • Security systems: When you visit our managed properties, information may be collected about you through such properties’ closed-circuit television systems, electronic key cards and other security systems.
  • Third parties or publicly available sources: We will receive personal information about you from various third parties and public sources including business partners, hotels managed by us, travel agents and aggregators. 

Types of personal information we collect 

We may collect, use, store and transfer different kinds of personal information about you which we have arranged according to the different purposes as follows:

  • Contact information (such as name, email address, mailing address and phone number);
  • Payment information (including payment card numbers, billing address and bank account information);
  • Demographic data (such as age, gender, country and preferred language);
  • Information related to your reservation, stay or visit to a property (including the property where you have stayed or outlet you have visited, date of arrival and departure, and goods and services purchased);
  • Information necessary to fulfil your special requests and/or specific accommodations;
  • Employment information (such as company name, job title and work contact information) to respond to requests for proposals or honour contractual arrangements;
  • Loyalty program member information, online account details, profile or password details, and any frequent flyer or travel partner program affiliation;
  • Copies of your correspondence if you contact us;
  • Your interests and preferences;
  • Feedback and survey responses;
  • Information collected through the use of closed-circuit television systems, card key and other security systems;
  • Information related to your use and interaction with our website and network; and
  • Information as requested by government authorities to fulfil our legal obligations.

We do not collect the following special categories personal information about you: your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data. Nor do we collect any information about criminal convictions and offences. We may collect data about your health such as food allergies or other information that you provide to us. 

Purposes for handling your personal information

We use personal information to provide you with Services, to develop new products and services, and to protect Minor Hotels and our guests as detailed below.

We will use this information for the following purposes:

  • Performing our customer service obligations, such as the creation and management of reservations and your stay in our properties, payment, catering to your requests, monitoring use of services (telephone, bar, pay TV, etc.), in response to a contractual relationship between you and us, such as a hotel booking or service request;
  • Improvement of our services, such as assessment of our services in hotels, restaurants and other outlets, improvement in the operation of our business as part of the contracted relationship between you and us;
  • Personalisation of our services and communications, for example to personalise content and tailor our digital customer experience and offerings, understand customers’ requirements to develop targeted marketing programs, newsletters and promotions. We will always seek and record your permission to opt in and participate in any of our marketing campaigns. Use of your information for marketing is presented in more detail under the Marketing section below. Personalisation of our website based on your preferences is covered in the Cookie Statement;
  • Administration of loyalty programs in partnership or alliance with GHA Discovery and other frequent flyer program partners;
  • Compliance with legal obligations in accordance with applicable laws, such as local privacy laws, GDPR, prevention of fraud or money laundering, police investigations, as required by a court or other laws to be disclosed and tourism regulations; and
  • Safety and security to maintain the safety, health and wellbeing of customers, and protecting Minor Hotels’ assets, assets owned by third parties in buildings Minor Hotels occupies and manages, and employees.

Additionally, we may also handle your personal information for the following purposes, particularly if you interact with our website: 

Booking process: To manage booking requests made by users, including any modifications and cancellations, as well as confirmation communications of these transactions. To register and manage your online check-in. To manage payment or prepayment, if it is required. To review your guest profile in order to unify guests’ profiles and personalise services provided. If user consent is given for direct marketing communications – sending you personalised promotional offers and event details, subscribing and unsubscribing you when you request it. The lawful grounds for these processes are the performance of the contract, our legitimate interest and user consent.

Check-in online: To manage your check-in online and personalise your services if you request it. To manage any other services required by the user. The lawful grounds for these processes are the performance of the contract and user consent.

Best-rate guarantee: To manage claims or requests made by the user including contacting you to resolve the claim or request. To verify the information provided by the user. The lawful grounds for these processes are user consent and legitime interest.

Newsletter: Direct marketing communications – sending you promotional offers and event details, subscribing and unsubscribing you, when you request it. The lawful grounds for these processes are user consent.

Management of general and hotel enquiries: To manage communications, provide information and respond to general requests from users through the channels available for this purpose on the website or other Contact Us functions. To manage booking or services requests related to reservations at the hotels. To receive feedback about products and services provided. The lawful grounds for these processes are user consent, the performance of the contract and legitimate interest.

Electronic gift cards: To manage the sales of electronic gift cards, including communication to the seller and recipient and processing of payment. The lawful grounds for these processes are the performance of the contract.

Membership programs: To administer and operate voluntary membership program such as the GHA DISCOVERY program and frequent flyer program. The data may be processed for the purposes of recording stay and transactional data, earning and redeeming rewards, points or credit in connection with the program. Direct marketing communications – sending you promotional offers and event details, subscribing and unsubscribing you, when you request it. The lawful grounds for these processes are the performance of the contract and user consent.

User-generated content (UGC) on social media platforms: To display UGC on our websites for promotional purposes. The lawful grounds for these processes are user consent.

Social platforms log-in: If you register or sign in with your Facebook, Apple ID, Google or other third-party accounts to our sites, you give such third-party service providers permission to share your personal information from those accounts (such as your registration and profile information). This information varies and is controlled by third-party service providers or as authorised by you via your privacy settings.

Disclosure of personal information 

Our goal is to provide you with the highest level of hospitality and Services, and to do so, we share personal information with the following parties:
  • Minor Hotels: We disclose personal information to other companies within the Minor Hotels chain for the purposes described in this privacy policy, such as providing and personalising Services, communicating with you, facilitating loyalty programs, and our business purposes. Oaks Hotels and Resorts Limited is the party responsible for the management of the jointly controlled personal information. We share your personal information used for making a reservation with the operator of the applicable property to fulfil and complete your reservation. 
  • Strategic business partners: We disclose personal information and other data to business partners who provide goods, services and offers that enhance your experience at our properties. By sharing data, we are able to make personalised services and unique travel experiences available to you. For example, this sharing enables spa, restaurant, health club, concierge and other outlets at our properties to provide you with services.
  • Service providers: We disclose personal information to third-party service providers for the purposes described in this privacy policy. Examples of service providers include companies that provide website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery and marketing,
  • Public administrations and police bodies: We disclose personal information to public administrations and police under requirement, in order to comply with obligations under the regulations, and to cooperate with these entities in the performance of their duties and as a result of a request of any court.
  • Franchisees: We disclose personal information to franchisees of brands in the Minor Hotels chain for the purposes described in this privacy policy, such as providing and personalising Services, communicating with you, managing your booking. Minor Hotels is the party responsible for the management of the jointly controlled personal information. We share your personal information used for making a reservation with the operator of the applicable property to fulfil and complete your reservation. 

We require all third parties to respect the security of your personal information and to process it in accordance with the law and our policies. We do not allow our third-party service providers to use your personal information for their own purposes, and only permit them to process your personal information for specified purposes and in accordance with our instructions (unless you separately consent to that use).

Protection of your personal information 

Minor Hotels stores information in both physical and electronic form including using third party IT providers. We maintain appropriate physical, procedural and technical security for our offices and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information.  This also applies to disposal of personal information.

We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.

Direct marketing 

From time to time we may send you direct marketing communications regarding our products and services.  If you have opted in to receive marketing communications, we may contact you by electronic messages (e.g. email), online (e.g. through our website), by mail and by other means if you or your organisation.  You have the right to withdraw consent to marketing communications at any time by contacting us using the details at the bottom of this privacy policy or by using the opt out mechanism included in our marketing messages.
 
Please note that opting out of marketing communications will not opt you out of receiving important business communications, such as communications about your stay.

Accessing and correcting your personal information 

You may contact us using the contact details below to request access to, or a correction of, the personal information that we hold about you.  We will deal with your request within a reasonable time.  On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the applicable Privacy Act that we rely on to refuse access.  We will also provide you with avenues to complain about our refusal to provide you with access to the information.

Overseas transfer of personal information 

As a global hospitality company, we may transfer your personal information across multiple jurisdictions. Insofar as it is necessary for the purposes, your personal information may be transferred to the following locations:

  • Countries where our corporate offices are located;
  • Countries in which we manage and operate hotels, residences, and/or sales offices; and
  • Countries where our third-party service providers, advisors and consultants are located, which changes from time to time.

In respect of countries in which our corporate offices are located or in which we manage and operate hotels, residences, and/or sales offices, a list of those countries is located here (https://www.minor.com/en/businesses/minor-hotels).

When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, Singapore or where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to.  Where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, or to a third party where we have approved transfer mechanisms in place to protect your personal data, for example, by entering into the European Commission’s Standard Contractual Clauses.

By providing your personal information to us, you consent to us disclosing your personal information to any such overseas recipients for the purposes described in this privacy policy and agree that APP 8.1 will not apply to such disclosures and acknowledge that such overseas recipients may not be subject to laws that require them to protect your personal information in a way that is comparable to the safeguards in the applicable Privacy Act.  For the avoidance of doubt, in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able seek redress under, the Privacy Act.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal information.

Application of legal requirements and other privacy rights

We are subject to each Privacy Act and a range of other privacy laws.  In addition to this privacy policy, please read our Global Privacy Statement (https://www.minorhotels.com/en/privacy-statement), which contains more information concerning about our global information handling practices and additional rights that apply to residents of some jurisdictions.  Nothing in this privacy policy is intended to limit our obligations or permitted handling of information under those laws.
 
Subject to certain limitations and restrictions (e.g. depending on circumstances such as where you reside) you may have the right to exercise additional rights in relation to your personal information. These may include the right to:
  • request erasure of your personal information; 
  • object to processing of your personal information; 
  • request restriction of processing of your personal information; 
  • transfer your personal information (i.e. the right to data portability);
  • not be subject to automatic decision making; 
  • withdraw consent; and 
  • request correction of your personal information.

Your rights concerning your data may vary depending on the applicable data protection or privacy law applying to your personal information.  Some of the above rights may not apply to you, if they are not required by the relevant data protection or privacy law. If you wish to exercise these rights or obtain details of any of the rights set out above you may do so at any time by contacting us using the contact details at the end of this privacy policy, or at the bottom of our Global Privacy Statement (https://www.minorhotels.com/en/privacy-statement). We may require further information in order to assess whether the right is applicable to you.

Resolving personal information concerns 

Please contact Minor Hotels using the details below if you have any questions, concerns or complaints regarding this privacy policy or our handling of your personal information.

Minor Hotels
Email: privacy.corporate@minorhotels.com.au; or
Post: PO Box 473, Cotton Tree, QLD 4558, Australia

Minor Hotels takes all complaints seriously and will respond to your complaint within a reasonable period.

Should you believe that we have not fulfilled our obligations under the relevant Privacy Act, have not complied with the terms of this policy, or would like to appeal a decision made by us relating to your personal information, you can make a complaint in writing to our Privacy Officer using the details set out in this Privacy Policy. We will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.

In the event that you are dissatisfied with a response you have received, and if the relevant Privacy Act is applicable, you have the option of referring your complaint to the Office of the Australian Information Commissioner (OAIC) for Australian related matters or to the Office of the Privacy Commissioner (OPC) in New Zealand for New Zealand related matters. The OAIC and OPC contact information may be found below:

OAIC - listed on their website: https://www.oaic.gov.au/ 

  At the date of this policy, the OIAC’s details are:

Office of the Australian Information Commissioner
Post: GPO Box 5218, Sydney  NSW  2001
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au

OPC - listed on their website: https://privacy.org.nz/  

  At the date of this policy, the OPC’s details are:

Office of the Privacy Commissioner (Te Mana Mātāpono Matatapu)
Post: PO Box 10 094,Wellington 6143
Telephone:0800 803 909
Email: enquiries@privacy.org.nz

Changes to this privacy policy

We reserve the right to change the terms of this privacy policy from time to time, without notice to you. An up-to-date copy of this privacy policy is available on our website.