Effective 10th October 2019

Fewstone Pty Ltd as trustee for the City Beach Trust (ABN 11 885 795 792) and its related bodies corporate (City Beach) is committed to protecting the privacy of individuals and their personal information (as defined in the Privacy Act 1988 (Cth) [Privacy Act] in respect of individuals within Australia) or personal data (as defined in the General Data Protection Regulation [GDPR] in respect of individuals in the EU).

Please read this carefully as it will have important consequences for you in relation to the collection, use and disclosure of your personal information or personal data provided to City Beach.

You understand that:

1. City Beach is the party who is collecting your personal information or personal data and can be contacted at customerservices@citybeach.com.au or alternatively you can write to us at Customer Service, PO Box 2399, Mansfield, Qld, 4122, Australia.

2. City Beach will collect your personal information or personal data directly from you. In certain circumstances, City Beach may be required to collect personal information or personal data from third parties, depending on the nature of your enquiry.

3. The purpose of City Beach collecting your personal information or personal data is: (a) to process and record any enquiry you submit to us through our website, contact you and provide you with information in relation to your enquiry; and (b) to offer you updates, discounts, or other content or products and services that may be of interest to you and to provide you with direct marketing communications from us or our related entities and associates (using direct mail, telemarketing, email, SMS and MMS messages); and you acknowledge and agree to your personal information or personal data being collected and used for, and in connection with, these purposes and any other purpose described in our Privacy Policy.

4. If we do not collect this personal information or personal data in connection with the purposes in paragraph 3, then: (a) City Beach will be unable to process your enquiry or supply you with information in relation to your enquiry; and (b) we will be unable to send you direct marketing communications (unless you have consented to such communications through your other dealings with City Beach).

5. Your personal information or personal data may be disclosed to the following classes of people and organisations in connection with the purposes in paragraph 3: (a) City Beach, its personnel and any related entities; (b) third party service providers including without limitation marketing service providers, IT service providers, contractors and ecommerce service providers and other parties who assist us in providing our products and services to you; and (c) any other organisation as expressly covered in our Privacy Policy.

6. It is possible that some of the information collected may be disclosed to City Beach’s related bodies corporate or service providers outside of Australia. You consent to your information being disclosed to a destination outside Australia for this purpose, including but not limited to Singapore, the United Kingdom, the Republic of Ireland, Hong Kong, the United States and the Philippines, and you understand and acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures of your personal information or personal data.

7. City Beach’s Privacy Policy sets out the process as to how you can access and correct any of your personal information or personal data collected under this statement as well as to how you can make a complaint if City Beach has breached the Privacy Act in the handling of your personal information or personal data. City Beach’s Privacy Policy is available at www.citybeach.com.au/privacy or can be otherwise provided by requesting a copy from City Beach.

By continuing to submit your enquiry via this website, you indicate that you have read this statement and acknowledge that your personal information or personal data will be collected, used and disclosed in accordance with this collection notice and as otherwise detailed in City Beach’s Privacy Policy and, to the extent it is necessary, that you give your voluntary express consent to City Beach collecting, using, storing, disclosing and disposing of your personal information or personal data in this manner.

Where you interact with City Beach from a location within the European Union, City Beach is required to provide the following additional information to you:

8. City Beach is processing your personal data in the furtherance of the prospective or ongoing consumer relationship between you and City Beach, namely the provision of City Beach’s goods and services to you.

9. Your personal data collected in accordance with this statement will be stored until the later of: (a) the expiry of 12 months from City Beach’s last interaction with you in respect of your enquiry; and (b) the expiry of 12 months from the termination of your relationship with City Beach (e.g. the deactivation of your online account with City Beach), as requested by you or determined by City Beach considering, among other things, the regularity of your interactions with us.

10. The transfer of your personal data to entities in Singapore, Hong Kong, the United States and the Philippines is protected by way of contractual obligations between City Beach and each of these entities safeguarding the security of your personal data.

11. Under the GDPR, you are entitled to: (a) (access) request access to your personal data held by City Beach; (b) (rectification) request to update or rectify any of the personal data that we hold about you by contacting us at the details specified above and request personal data updates; (c) (erasure) request erasure of your personal data that we hold, where that data is no longer required for the purpose for which it was collected; (d) (restriction on processing) obtain from City Beach a restriction on processing of your personal data where: (1) the accuracy of the personal data is contested; (2) the processing by City Beach of the personal data is unlawful (and you oppose erasure but request restriction of use); (3) City Beach no longer needs your personal data; or (4) you have objected to processing pursuant to your right to object under Article 21(1) of the GDPR; (e) (data portability) request that City Beach: (1) provides you with a copy of the personal data that City Beach holds about you in a portable and machine readable form; or (2) share your personal data with a nominated third party.

12. City Beach does not engage in any automated decision-making (such as profiling) in respect of your personal data.

13. If you have any concerns in relation to City Beach’s collection or processing of your personal data pursuant to this statement, then you also have a right to complain to a supervisory authority (within the meaning of the GDPR).

Fewstone Pty Ltd as trustee for the City Beach Trust (ABN 11 885 795 792) and its related bodies corporate (City Beach) are committed to protecting the privacy of individuals and their personal information or personal data (as defined in the Privacy Act 1988 (Cth) [Privacy Act] in respect of individuals within Australia) or personal data (as defined in the General Data Protection Regulation [GDPR] in respect of individuals in the EU). Please read this carefully as it will have important consequences for you in relation to the collection, use and disclosure of your personal information or personal data you provide to City Beach. You understand that:

1. City Beach is the party who is collecting your personal information or personal data or personal data and can be contacted at customerservices@citybeach.com.au or alternatively you can write to us at Customer Service, PO Box 2399, Mansfield, Qld, 4122, Australia.

2. City Beach collects your personal information or personal data directly from you. In certain circumstances, City Beach may be required to collect personal information or personal data about you from third party services providers.

3. City Beach collects your personal information or personal data in order to conduct its marketing activities, including: (a) if you have registered for our loyalty membership program, sending you information about any of the following: discounts, promotions or member-only shopping events; (b) engaging with you on our website, blog posts and forums, and via our social media handles; (c) managing and facilitating any competitions with City Beach you have entered, and any promotional and publicity purposes related to the competition or being a winner of the competition; (d) sending you updates, discounts, newsletters or other content or information about products and services that may be of interest to you and providing you with direct marketing communications from us or our related bodies (using direct mail, telemarketing, email, SMS and MMS messages); and (e) conducting and facilitating any consumer feedback or surveys in respect of our services, and you acknowledge and agree to your personal information or personal data being collected and used for, and in connection with, these purposes and any other purpose described in City Beach’s Privacy Policy.

4. If City Beach does not collect this personal information or personal data in connection with the purposes in paragraph 3, or if the information is incorrect or incomplete then: (a) (if applicable) City Beach may not be unable to accept your competition entry, your entry may be disqualified or City Beach may be unable to deliver your prize if you are the winner; and (b) City Beach will be unable to send you direct marketing communications or otherwise engage with you in respect of its marketing activities (unless you have consented to such communications through your other dealings with City Beach).

5. City Beach may disclose your personal information or personal data to the following classes of people and organisations in connection with the purposes in paragraph 3: (a) City Beach, its personnel and related entities; (b) our contractors, agents or third party providers of City Beach who may be involved in its marketing activities or who may assist City Beach in providing our products and services to you, including but not limited to any IT service providers; and (c) any other organisation as expressly covered in City Beach’s Privacy Policy

6. It is possible that some of the information collected may be disclosed to City Beach’s related bodies corporate or service providers outside of Australia. You consent to your information being disclosed to a destination outside Australia for this purpose, including but not limited to Singapore, the United Kingdom, the Republic of Ireland, Hong Kong, the United States and the Philippines, and you understand and acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures of your personal information or personal data or personal data.

7. City Beach’s Privacy Policy sets out the process as to how you can access and correct any of your personal information or personal data collected under this statement as well as to how you can make a complaint if City Beach has breached the Privacy Act in the handling of your personal information. City Beach’s Privacy Policy is available at www.citybeach.com.au/privacy or can be otherwise provided by requesting a copy from City Beach.

By continuing to engage with us in respect of the marketing activities described above (and where you do not withdraw your consent to use of your personal information or personal data for these activities), you indicate that you have read this statement and acknowledge that your personal information or personal data will be collected, used and disclosed in accordance with this statement and as otherwise detailed in City Beach’s Privacy Policy and, to the extent it is necessary, that you give your voluntary express consent to City Beach collecting, using, storing, disclosing and disposing of your personal information or personal data in this manner.

Where you interact with City Beach from a location within the European Union, City Beach is required to provide the following additional information to you:

1. City Beach is processing your personal data in the furtherance of its marketing activities, and you give your express consent for this processing of your personal data.

2. Your personal data collected in accordance with this statement will be stored until the expiry of 12 months from City Beach’s last interaction with you in relation to City Beach’s marketing activities.

3. The transfer of your personal data to entities in Singapore, Hong Kong, the United States and the Philippines is protected by way of contractual obligations between City Beach and each of these entities safeguarding the security of your personal data.

4. Under the GDPR, you are entitled to: (a) (access) request access to your personal data held by City Beach; (b) (rectification) request to update or rectify any of the personal data that we hold about you by contacting us at the details specified above and request personal data updates; (c) (erasure) withdraw your consent to City Beach’s use of your personal data as described in this statement by deletion, or request erasure of your personal data that we hold, where that data is no longer required for the purpose for which it was collected; (d) (restriction on processing) obtain from City Beach a restriction on processing of your personal data where: (1) the accuracy of the personal data is contested; (2) the processing by City Beach of the personal data is unlawful (and you oppose erasure but request restriction of use); (3) City Beach no longer needs your personal data; or (4) you have objected to processing pursuant to your right to object under Article 21(1) of the GDPR; (e) (data portability) request that City Beach: (1) provides you with a copy of the personal data that City Beach holds about you in a portable and machine readable form; or (2) share your personal data with a nominated third party.

5. City Beach does not base its decisions regarding matters anticipated under this statement on automated decision-making (such as profiling) in respect of your personal data.

If you have any concerns in relation to City Beach’s collection or processing of your personal data pursuant to this statement, then you also have a right to complain to a supervisory authority (within the meaning of the GDPR).

To unsubscribe or opt out of marketing communication from City Beach, an unsubscribe link will be found at the bottom of all marketing emails and SMS. You can click this link and enter your email address to unsubscribe from the City Beach marketing communications.

Alternatively, you can also update your email and/or SMS preferences via your City Beach account by unchecking the 'Receive marketing emails' tick-box and clicking save.

If you have any questions about this Privacy Policy, or a complaint regarding the treatment of your personal information, please contact our Privacy Officer on the details are below.

• Email: customerservice@citybeach.com.au
• Phone: 1800 640 811
• Mail: Customer Service, PO Box 2399, Mansfield, QLD 4122