This Policy applies in relation to personal information collected as a result of the use of any of the services at the Airport, SCA’s websites and applications, attendance at SCA events, use of any supplementary SCA services, participation in SCA competitions or engagement with SCA in relation
to its service offerings.
Who we are?
When we refer to ‘SCAPL’, ‘SCA’, ‘we’, ‘us’ or ‘our’ in this Policy we are referring to Sunshine Coast Airport Pty Ltd. You can contact our Privacy Officer at Sunshine Coast Airport Management Office, 10 Electra Lane, Marcoola, Qld 4564 or email firstname.lastname@example.org.
What type of personal information do we collect?
Personal information is information or an opinion which identifies you as an individual or from which your identity can be reasonably ascertained.
For the purposes described in this Policy, SCA may collect the following types of personal information:
- identification and contact information (such as your name, phone number, postal address, e-mail address) when you are willing to provide it, for example when you register on our websites, make use of our airport services; sign up to receive publications or participate in events
- airport-related information such as flight details, gender, nationality, passport number, date and place of birth, drivers licence number and vehicle licence plate numbers
- medical information that may be needed; for example, if a health and safety incident occur
- business information
- payment information
- images, photos, or videos of you (or your voice) including by way of recordings through the use of Closed-Circuit Television (CCTV) systems, handheld devices, passenger processing systems and other surveillance devices
- location or GPS location
- frequency of use of certain services and/or your preferences relating to them
- communication and marketing preferences and interests
- feedback and survey responses
- your opinion on airport related issues
- the methods, purpose and frequency of travel including (without limitation) your travel
destination or preferred destination
- details of your travel group (for example who you are travelling with, who you are meeting and so forth)
- if you complete a financial transaction with us, your credit card details will be requested and either used by us or shared with our third-party financial institution who will process the financial transaction; and
- personal information about your interactions with us, including any contact we have with you by telephone, email, online or in person.
We may also receive personal information about you from third parties; for example, airport retailers, sub-contractors, consultants, marketing or advertising agencies. They will generally collect this information when you are participating in, accessing or signing up to a SCA service, event or activity
which they are managing for us. The types of personal information that they will provide us will generally be the same as described above.
In addition, we may collect your personal information from airlines, government departments, bodies or law enforcement agencies for the purpose of facilitating your efficient journey through Sunshine Coast Airport. The types of personal information that they will provide us will generally be the same as described above.
In the case of matters relating to security or airfield operations – for example, applications for an Aviation Security Identification Card (ASIC), other forms of identification or an Authority to Drive Airside (ADA) at Sunshine Coast Airport, or as part of our Drug and Alcohol Management Plan
(DAMP) – SCA (or its approved contractors such as medical centres) may collect additional personal information, including sensitive information, in order to manage and administer our business systems and comply with our legislative obligations.
This information includes:
- your place of birth, country of citizenship and gender
- your photo; and/or
- in the case of applications for an ASIC or other form of identification card, your previous residential addresses for the last 10 years, details of previous criminal offences, details of any pending prosecutions, and information provided to us by relevant government agencies (such as the outcome of criminal record checks, security assessments and immigration checks).
By providing your personal information you enable SCA (and where applicable its approved contractors) to provide you with services, information and content. You do not have to provide your personal information to us but, if you do not provide the information requested, we may not be able
to provide you with the services, information or content you have requested.
We do not knowingly collect personal information relating to children unless expressly stated.
The list above is not exhaustive, and in certain instances, we may need to collect your additional data for the purposes advised at the time.
How do we collect your personal information?
We generally collect personal information when you use the Sunshine Coast Airport or any of its services such as carparking. Also, we will collect your personal information through the use of CCTV systems, handheld devices, passenger processing systems and other surveillance devices.
In addition, we collect personal information if you choose to provide your details through our various channels which we own, operate, manage or control including but not necessarily limited to websites, social media sites, apps and e-commerce platforms (Channels). We may also collect personal
information from you in person (for example when you attend an event, meeting or otherwise liaise with our employees).
Sometimes, we may collect your personal information from someone else such as our related companies, agents, representatives or service providers or your organisation and representatives. We may also obtain personal information from other sources, both from companies and public documents (for example, our partner Visit Sunshine Coast may provide us with lists of people to contact for airport-related events). This Policy also applies to personal information collected by us in this manner.
During your communications with us you must not provide us with personal information of any other individual unless you have clear consent from that person to do so, let them know that we collect and handle their personal information in accordance with this Policy and provide them with a copy
of it or details of where to find it.
Some of the personal information we collect is collected pursuant to applicable laws or contracts. For example, when conducting competitions, we collect names and contact details of entrants so that we can meet our obligations under laws about competitions (sometimes called ‘trade
promotions’) (for example, the Charitable and Non-Profit Gaming Act 1999 (QLD)).
How do we use your personal information?
We use the personal information described above for several purposes specified at the time of collection or hereafter in this Policy based on your consent, or legitimate interest, or performance of contractual obligations, or for compliance with legal obligations, including, but not limited to the following:
- to enable the efficient processing of your travel
- to process any application for the issue of an authority, license, pass or permit needed to enable you to gain access to or use the Sunshine Coast Airport or any services within or related to it
- to provide information, materials, services, events, activities, products and content to address and respond to your requests and enquiries
- to provide you, or permit selected third parties to provide you, with information about our offers, promotions, products, services, activities and events where you have requested to receive this (if you no longer want us to use your information in this way please use the unsubscribe facility in the message or let us know by contacting us at the address in the “Who are we?” section above)
- to analyse and improve the services and content we offer and the events and activities we undertake
- to personalise the way we engage with you (e.g. by tailoring our services and communications we provide you with content, marketing and promotions that you are most likely to be interested in based on your profile)
- for service administration purposes e.g. to provide you with a password or to notify you that a particular service, event, or activity is taking place
- to contact you about a submission, article or correspondence that you have made or sent
- to verify, maintain and update information we hold
- to carry out our obligations arising from contracts entered into between you and us, or to take requested action in anticipation of such a contract
- for purposes relating to law enforcement and investigations, protecting our lawful interests and acquisition or sale of our business
- market research purposes
- to manage any registered accounts, you have with us
- for general research and analysis purposes
- protecting you and other individuals and maintaining safety, health and welfare (e.g. at an SCA event
- as required or authorised by applicable law; and
- any other purposes notified to you at the time.
We will make every effort to deliver content that you will be most interested in. By developing a better understanding of you through the personal information that you provide us and the transactions you have with us, we can tailor our services and communications to provide you with content, marketing and promotions that you are most likely to be interested in based on your profile.
Who do we share your personal information with?
The only time that we will share your personal information will be with:
- our related bodies corporate and affiliated entities for the purposes described above
- third party companies with which we may have commercial or non-commercial relationships with for the purpose of marketing, promoting, collaborating on or managing airport related events and products (including prize suppliers for our competitions)
- our agents or service providers who assist us with technical infrastructure solutions, customer contact processes and archival, auditing, accounting, legal, business consulting, banking, payment, delivery, data processing, marketing, insurance, advertising and website or technology services
- regulatory and law enforcement authorities or parties involved in any legal process (for example, in connection with complaints, claims, investigations, misconduct, criminal activity and security breaches)
- parties involved in any relevant sale or potential sale of our business, or other corporate transaction
- applicable authorities as required or authorised under law such as aviation laws, counter terrorism legislation or such other security, customs and immigration rules; and
- any other entities identified at the time of collecting your personal information.
For the purpose of Australian privacy law only, note that where your personal information is provided to entities outside Australia, you acknowledge that by agreeing to the disclosure of your personal information to these overseas entities, we will no longer be required to take reasonable steps requiring the overseas recipient’s compliance with the Australian privacy law in relation to your personal information and we will not be liable to you for any breach of the Australian privacy law by these overseas recipients. On this basis, you consent to disclosure of your personal information to these overseas recipients.
Opting in or out
At the point of collection, we may also ask you to “opt in” to consent to us using or disclosing your personal information for broader purposes than set out in this Policy.
You can opt-out of receiving marketing information from us at any time by using the opt-out method provided in the specific communication or contacting our Privacy Officer via the contact details set out above.
Links to third party websites
If you would like to access, correct or rectify any personal information we hold about you or take any other action with respect your personal information, please contact us via the contact details set out above. We will seek to deal with your request without undue delay, and in accordance with all applicable laws. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
Storage and security
Your personal information we collect may be held in electronic databases and in paper files, both at our own premises and with the assistance of our service providers.
SCA and its infrastructure providers have taken reasonable steps regarding physical and technical access intrusion security measures to protect the personal information we hold against loss, misuse, interference and from unauthorised access, alteration or disclosure. However, if you are considering sending us any personal information through any of our Channels, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). You must also take care to protect your usernames and passwords and notify us immediately
via the contact details set out above if you become aware of any security breaches.
We take reasonable steps to destroy or anonymise personal information once we no longer require it for a permitted purpose (being the purpose for which we collected it).
This may apply, for example, if we cease to operate our business and do not transfer it to a new owner. Sometimes we are subject to legal obligations to retain particular types of personal information for specific periods.
In the event of any security breach affecting personal information, we will comply with applicable legal obligations in respect to minimising the impact of the breach, notifying affected individuals and reporting to relevant authorities.
We may collect from your technical data and other related information about your device, systems, application software, and peripherals. Such information could be your internet protocol address, your operating system and platform details, browser type and version, referrer website as well as
information about your preferences, viewed/searched for products and on-site activity. Some of this information may be capable of personally identifying you.
This information will often be collected by using cookies. A cookie is a piece of data that is stored on your digital device so that when you browse the internet, your digital device can be recognised at a later time.
SCA uses the technical information from cookies to store visitors’ preferences, record session information, record user-specific information such as what pages users access or visit, alert visitors to new areas that we think might be of interest to them when they return to our site, and record past
activity at a site in order to provide better service when visitors return to our site, for example customise web page content based on visitors’ browser type or other information that the visitor sends.
You can configure your web browser to reject cookies, however you may find some parts of our Channels then have limited functionality
How to make a complaint
If you wish to make a complaint about a breach of this Policy or applicable privacy and data protection laws, you can contact us using the contact details set out above. You will need to provide us with all relevant details of your complaint and any supporting evidence.
We will refer your complaint to our Privacy Officer who will investigate your complaint and determine the steps that we will undertake to resolve it. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. If you are not satisfied with our determination, you can contact us to discuss your concerns or contact the applicable privacy or data protection authority. In Australia, this is the Office of the Australian Information Commissioner, which can be contacted on 1300 363 992 or via www.oaic.gov.au/.
How to make a complaint
This Policy may change from time to time, so you should check it each time you visit any of our Channels. The date of the most recent revision appears at the bottom of this Policy. If material
changes are made to our Policy, we will notify you as required by law. We will post an updated copy of the Policy on our website(s).