Privacy Policy

Caringbah Bowling and Recreation Club Limited – Privacy Policy

1. Club Privacy Commitment

  • Caringbah Bowling and Recreation Club Limited, trading as The Willarong – Greens (ABN 41 000 253 878) (“the Club”), is committed to safeguarding personal privacy in accordance with the Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”). This commitment includes ensuring that individuals have access to this Privacy Policy and that any personal information collected is handled in accordance with these principles.

2. Compliance

  • The Club operates in compliance with the Privacy Act and APPs, maintaining transparency regarding the collection, use, disclosure, storage, and protection of personal information.

3. Scope

  • This policy describes the purposes for which the Club may collect, use, disclose, and store personal information, and how it manages data in physical and digital environments.
  • “Personal information” means any information or opinion about an identified individual, or an individual who is reasonably identifiable, regardless of accuracy or whether recorded in material form.

4. Definitions

  • Sensitive information: personal data about health, race, religion, or other special categories under the Privacy Act.
  • Health information: information about an individual’s physical or mental health, including medical history and treatment.
  • Privacy Officer: the Club representative detailed below is responsible for policy administration, handling access/correction requests, complaints, and breach notifications.

5. Collection of Personal Information

  • The Club collects personal information—from members, guests, visitors and other individuals—through forms, transactions, digital channels, loyalty systems, surveillance, and public sources.
  • Notification at Collection
    • At or before collection the Club will notify individuals of:
    • the Club’s identity and the Privacy Officer’s contact details
    • the purposes of collection
    • any consequences if information is not provided
    • categories of recipients to whom the information may be disclosed
    • how to access and correct personal information

6. Government-related Identifiers

  • Driver’s licence and vehicle plate data collected under screening and surveillance are used only for identity verification and safety.
  • Such data is retained only for as long as necessary for verification or compliance, then securely destroyed.

7. Collection Channels include

  • membership application/renewal forms (online or in person)
  • competitions, promotions, and bowls registration
  • use of sign-in terminals and loyalty card readers in gaming areas and outlets
  • automatic data capture via website, apps, cookies, pixel tags, and analytics
  • bookings, purchases, and engagement with Club facilities or staff
  • electronic/manual payment records
  • publicly available identity, geographic, and demographic sources
  • connection of wireless devices to Club networks (IP address, device/browser data, location, usage)
  • video and audio surveillance for safety, security, and responsible service of alcohol
  • bowling members area and supervised play-area disclosures (consent or as permitted by law)

8. Storage of Personal Information

  • Reasonable steps are taken to protect data from misuse, interference, loss, and unauthorised access, modification, or disclosure. Staff training, technical solutions, physical security, and internal governance safeguard both hard-copy and electronic records stored on-site or by approved service providers.
  • Personal information is regularly reviewed for accuracy and relevance; outdated or excessive data is deleted or de-identified, except where retention is required by law or legitimate business needs.

9. Use and Disclosure of Personal Information

  • Use and disclosure are limited to:
    • identity verification, age confirmation, membership processing
    • compliance with Registered Clubs Act, Corporations Act, AML/CTF, Income Tax Act, liquor licensing, and other laws
    • responsible provision of gaming and wagering services
    • marketing Club events, promotions, offers, loyalty-based communications, and service alerts (telemarketing; digital ads; email, SMS, MMS; push notifications)
    • issuing statutory and constitutional notices
    • analysis of facility, goods, and online usage for service improvement
    • delivery of requested goods or services and associated benefits
    • responses to enquiries, feedback, and complaints
    • internal operations (accounting, auditing, risk management)
    • monitoring patron behaviour, security, and safety compliance
  • All loyalty-system and marketing activities comply with the Privacy Act, Spam Act 2003 (Cth), and relevant industry codes. Opt-out instructions are provided in each communication.

10. Illegal and Undesirable Activity

  • The Club employs surveillance, incident reporting, and operational protocols to detect and address illegal or undesirable conduct.
  • Suspected or confirmed illegal activity may be disclosed to other clubs, law enforcement, Liquor & Gaming NSW, or the Independent Liquor & Gaming Authority, as authorised by law.

11. Anonymity and Pseudonymity

  • Where lawful and practicable, individuals may engage anonymously or via pseudonym.
  • Anonymity cannot be accommodated if legal or operational requirements necessitate verified identity (e.g. membership, age-restricted services).

12. Third-Party Disclosure

  • Data may be shared with contracted agents, service providers, partners, and professional advisors under confidentiality and security agreements.
  • Disclosures are also made to government agencies (ATO, ASIC, Centrelink, Child Support, AFSA), law enforcement, courts, and regulators where required or authorised by law or reasonable request.
  • Prior to any third-party disclosure, reasonable steps are taken to ensure APP compliance by the recipient.

13. Cross Border Disclosure

  • Overseas data transfers occur only with:
    • recipient safeguards substantially similar to APPs
    • individual consent
    • contractual necessity or performance
    • benefit to the individual where consent is impracticable but likely
    • reasonable steps to ensure consistent handling under APPs
  • Individuals consenting to overseas transfer acknowledge limited recourse under the Privacy Act for overseas breaches.

14. Access to and Correction of Personal Information

  • Requests for access or correction are made in writing to the Privacy Officer. Access is granted unless legally exempt; corrections are made within a practicable timeframe.

14. Acceptance of Privacy Policy

  • Provision of personal information constitutes acceptance of this policy. Individuals who do not consent should refrain from using Club services or supplying data.

14. Privacy Complaints

  • Complaints are submitted in writing to the Privacy Officer. Investigations include a timeframe for response and a written outcome. Unresolved matters may be referred to the Office of the Australian Information Commissioner.

15. Data Breach Response

  • In the event of a suspected notifiable data breach (Part IIIC, Privacy Act), the Club will:
    • assess the breach and its likely harm
    • contain and mitigate risk
    • notify affected individuals and the OAIC without undue delay
    • review and strengthen controls to prevent recurrence

16. Changes to This Privacy Policy

  • This policy is subject to annual review by the Privacy Officer, or more frequently following legislative change.
  • Updated versions will be published on the Club’s website. Continued use of services or data submission after amendment constitutes acceptance.
  • Opt-out of direct marketing at any time via the Privacy Officer or unsubscribe links in communications. The Club does not sell personal information for marketing.

17. Contact – Privacy Officer

  • For privacy enquiries, access/correction requests, or to opt out of marketing, CEO Ian Kirk will act as the Privacy Officer:
    • Contact: CEO Ian Kirk
    • Phone: (02) 9525 1977
    • Email: privacy@thewillarong.com.au
    • Mail: Attention: CEO, Caringbah Bowling and Recreation Club Ltd – The Willarong, 105B Willarong Road, Caringbah NSW 2229
    • Ian Kirk, Chief Executive Officer

Last edited: Sunday, 28 September 2025