MANDURAH QUAY RESORT

PRIVACY POLICY

Last updated: 5 February 2026

Mandurah Quay Resort (“we”, “us”, “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By making a booking, staying with us, or using our services, you consent to the handling of your personal information as described in this policy.

1. Information We Collect

We may collect:

• Personal identification (name, address, email, phone, date of birth, photo ID)
• Booking and stay information
• Payment information
• CCTV footage
• Access card logs
• Website or WiFi technical data

2. How We Collect Information

We collect information when you:

• Make a booking
• Check in or check out
• Contact us
• Use our website or WiFi
• Are captured on CCTV
• Complete forms (e.g., pet waiver)

3. How We Use Information

We use your information to:

• Process bookings
• Verify identity
• Manage payments
• Communicate with you
• Ensure safety and security
• Comply with legal obligations
• Improve services

We do not sell or trade personal information.

4. Credit Card Security (RMS Cloud)

RMS Cloud provides:

• PCIDSS Level 1 compliance
• Tokenised card storage
• Encrypted transmission
• Restricted staff access
• Automatic deletion after final settlement

5. CCTV

CCTV operates throughout the resort for safety, security, and incident investigation. Footage may be provided to law enforcement if required.

6. WiFi

Technical data may be collected for network performance and security. Illegal or abusive use is prohibited.

7. Disclosure of Information

We may disclose information to:

• RMS Cloud
• Law enforcement
• Emergency services
• Service providers assisting resort operations

8. Data Storage and Security

We take reasonable steps to protect your information from misuse, loss, unauthorised access, modification, or disclosure.

9. Access and Correction

You may request access to or correction of your personal information. Identification may be required.

10. Retention and Deletion

Information is retained only as long as necessary for legal, accounting, or operational purposes. Credit card data is automatically deleted once all charges are finalised.

11. Cookies and Analytics

If enabled on our website, cookies may be used to improve functionality and user experience.

You may disable cookies through your browser.

12. Complaints

If you have concerns about your privacy, contact us directly.

If unresolved, you may contact the Office of the Australian Information Commissioner (OAIC).

13. Updates

This policy may be updated periodically. The latest version will always be available on our website.