About this Policy
Intrepid Daintree Eco-Lodge Pty Ltd takes its data protection and privacy responsibilities seriously.
Who is the Intrepid Daintree Eco-Lodge Pty Ltd ?
We are part of a wide group of companies and references to ‘Intrepid Daintree Eco-Lodge Pty Ltd’, ‘Intrepid Accommodation Holdings Pty Ltd’, ‘Intrepid Property Assets’, ‘Daintree’, ‘Daintree Eco-Lodge’, ‘Intrepid’, ‘we’, ‘our’ and ‘us’ means Intrepid Daintree Eco-Lodge Pty Ltd and each of our affiliates and branded partners forming part of our group.
For the purposes of relevant data protection laws (including each of the EU and UK General Data Protection Regulation (EU/UK GDPR), the Intrepid Daintree Eco-Lodge Pty Ltd entity with whom you contract will be the primary controller of your personal data (for example, if you are a visitor to our website and book a stay with the hotel).
However, you should also review the online policies of the company that you engage with, where they may have separate notices on how they protect your information to satisfy yourself as to the way in which they process and handle your personal data.
What Information do we collect about you?
Making an Enquiry or Booking a Trip
We will collect certain information from you when you make an enquiry or book a trip with us. Depending on your interaction with us and what products and services you use, typically we collect the following personal information:
- your full name, date of birth, gender (i.e. male/female/other), title, postal address, phone number, email address, dietary requirements;
- we may also ask for medical / health information, such as pre-existing medical conditions, if you have a disability, medication that requires refrigeration, food allergies etc., some of which is considered sensitive information or special category data under relevant data protection laws; and
- any additional information you provide during the booking process to check if a trip is right for you, which may include personal information.
We also collect your technical identity data (including IP addresses, browser type and versions, other technology on the device that you use to access our websites, some of which is collected automatically), as well as information about your usage of our websites as you and others browse our websites (see our separate “Cookies” policy for more information).
We may also receive information about you from other sources. These include business partners, such as our affiliate partners, travel agents and other independent third parties. Anything we receive from these sources may be combined with information provided by you. When you use any of these services, you may provide reservation details to our business partners who, where permitted, then forward your details to us.
Travel providers (e.g. accommodation, hotel, transport and other similar local providers (Travel Providers) may also share personal information about you with us , for example, to ensure fulfillment of your travel reservation, if you have support questions about a tour or trip booked, or if any complaints or disputes arising about your reservation.
We also integrate with third party service providers (such as Windcave) and payment gateways to facilitate payments between you and us and our partners and tour operators and agents, as applicable. These service providers share payment information so we can administer and handle your reservation. All of our third-party payments providers are required to be PCI DSS compliant and process all payments on our behalf.
In the majority of cases, to make a payment via credit card for your reservation, you will use the secure online booking engine on the relevant website or platform that you are using or you will call your booking agent directly. In some limited cases you may provide us with your credit card details over the phone; for example if we need to provide you with a refund, your bank details may be collected and recorded by us for the purposes of providing the refund only.
We ask that you do not email or send in writing your payment card details to us or any of our partners at any time.
With your consent also, any calls with us, if any, may be recorded, and/or monitored for quality control, coaching and/or training and customer service purposes that assist in addressing your inquiries. As part of the recording we may collect information such as the identity of the caller, the date and time of the call and the subject and resolution of the issue. For clarity, any financial information that may be provided during a telephone call is not recorded or logged.
Photo and Video
When you are staying with us, as part of your experience a photo or video may be taken by us, an employee or one of our partners or another customer. We care about your privacy so if you do not wish for your photograph to be taken at any time, or to be included in any video, please us know. Any photos taken by Intrepid Daintree Eco-Lodge Pty Ltd staff will not be used for marketing purposes without your prior knowledge. Whilst we take every precaution to protect your privacy, we are not responsible for passengers who may take your photograph or video you without our knowledge.
Marketing and Other Interactions
We collect the following personal information from you for marketing purposes (as more fully described below):
- when you subscribe to the newsletter, we will collect your full name, country and email address
- via our preference centre, we will collect your phone number, date of birth, postcode/zip code, residential state and your travel preferences
- if you request a brochure, we will collect your full name and postal address
- if you enter a competition directly with Intrepid , or via one of Intrepid’s external partners, or click through on a n Intrepid advertisement, we may collect your full name, country, zip code, email address and phone number, as well as your travel preferences.
We may contact you to seek your interest in taking part in research projects, surveys feedbacks and interviews. This may include contacting you with a post-booking or post-trip feedback survey and asking to provide a score and comment on your experience.
As part of this contact, we may collect your full name, email address, booking number and departure code. You will be asked to provide a score and comment on your stay experience. This information will be linked to any comments you make about your stay.
Where you have provided the relevant details, we may also contact you in response to your feedback to discuss your comments.
If you apply for a job with us, we will collect your CV details and supporting documents which include personal information. We will also request you fill in a form and will ask for your personal information, where necessary, such as your full name, contact details, home address, date of birth, sex, ethnicity (optional), accessibility requirements and details in relation to your passport and immigration information.
Why do we collect your information?
We collect, hold and handle your personal information for a variety of business purposes (further information on each of which is set out below), including to:
- provide you with our and our partner travel products and services, administer your reservations, manage your booking account settings and generally administer and manage our customer relationship with you;
- if you are a business partner, supplier or agents, to manage our business relationship with you;
- if you subscribe we may send email newsletters (where permitted by you) or sending printed materials to your postal address;
- contact you and process your communications with us, for example, to respond to your queries or complaints, or if we need to tell you something important, or invite you to complete a booking (e.g. if started but not finished a reservation online);
- generally improve our products and services and your user experience with us ;
- comply with our legal obligations and assist government and law enforcement agencies or regulators; and
- carry out our marketing activities, including identify and tell you about other travel related products or services that we think may be of interest to you, process feedback forms and other similar communications.
Under applicable privacy and data protection laws (including EU/UK GDPR), for Intrepid to collect, hold, use, share and process your information we must have a purpose and legal basis to do so. The legal basis may differ depending on your interaction with us and what information we collect and process, which will fall under:
Necessary for the performance of a contract – When you make a booking a stay with us or any of our partners, we rely on the legal basis that the processing of your personal information is necessary for the performance of your contract with us i.e. completing a travel reservation.
Legitimate Interest – Our legitimate interest means your information has a commercial business purpose and is necessary in order to provide a product or service to you and does not override your rights and freedoms as an individual. For example as a travel customer, we collect your email address for the purpose of communicating with you when necessary to communicate about the product or service you’re requesting or booking, and to provide you with relevant information. If you are a business partner, we may process your contact information in order to manage our relationship with you. We also rely on our legitimate interests to improve our products and services, and to prevent fraudulent activity on our online platforms and accounts (as set out more specifically below). When using personal data to serve our or a third party’s legitimate interest, we will always balance your rights and interests in the protection of your personal information against our rights and interests or those of the third party, including by using your information in a way which is proportionate and respects your privacy.
Legal Obligations – in certain circumstances we will need to use your information to comply with our legal obligations, for example, to comply with local laws in the country you are visiting.
Vital Interest – we rely on the legal basis of vital interest in certain limited circumstances where it is essential to you and your health that we process your personal information; for example, to contact medical providers / insurance providers in the case of any medical emergency.
Consent – where required by applicable laws, we will obtain your prior consent prior to processing your personal information, including before sending you electronic marketing materials or as otherwise required by law.
You can revoke your consent or object to our marketing in certain circumstances.
Providing your personal data to us is voluntary. However, we may not be able to fulfill your reservation and your experience may be affected if certain personal information is not provided. We may only be able to provide you with some products and services if we can only collect some personal data. For example, we can’t process your travel booking if we don’t collect your name and contact details.
Making an Enquiry or Booking a Stay
We use your personal information to arrange and provide you with the products and services you have requested and booked. The following will provide more insight into these purposes:
- Your personal information will be used by our staff to identify you and ensure your safety during the stay.
- Depending on you’re the stay booked for you, we may be required by the supplier to provide certain types of personal information in order to secure the booking. We may also be legally required by local laws and governments to provide travel documentation such as passport details or a passport scan.
- Your contact details will be collected in order to manage our relationship with you, including updates about your booking, providing relevant information and any applicable tickets, handling feedback and complaints, and to contact you in the event of an emergency.
- Providing relevant information, which may include sensitive information, to insurance providers, their agents and medical staff in circumstances where we/they need to act on your behalf or in the interest of passengers or in an emergency.
- Where permitted by law, where it is in your vital interest or you provide your consent to do so, your medical/health information may be shared to ensure that we understand any specific needs you may have, before and during your stay. Any pre-existing medical conditions could impact your enjoyment of the stay, and by informing us of any conditions, issues or limitations, we can ensure that we are better prepared to assist if required.
Other than where it is in your vital interests or required by relevant laws, medical/health information can only be used by with your consent. This is because medical/health information is considered sensitive and by consenting, you are showing us that you understand and agree to us processing this information. Providing medical/health information and consenting to its use is optional, however, it is highly recommended that information be provided (including if requested) for your safety and wellbeing.
Photo and Video
Taking a photo or video is something many people love to do, especially as a way to capture special moments. This is likely to be the reason why you may be included in visual media taken on your trip. On occasion, visual media captured by our team and employees are so good our team may wish to use them in our brochures or on our website for promotional purposes. There may also be a professional photographer scheduled on your trip for the purpose of taking promotional images. In these cases, a consent and waiver form will be provided to you. You do not have to sign this consent or waiver form and providing such information is entirely voluntary. We will respect your privacy and your preferences when processing any personal information collected using visual media.
Marketing and Other Interactions
We may use your information for marketing purposes including:
- to identify and tell you about our products and services we think you may be interested in;
- to offer you deals on partner products and services;
- to tell you about trip deals, discounts and promotions;
- to administer promotions, feedback surveys and the like;
- to enrol you for our email communication which will tell you about discounts and competitions.
These products and services may be offered by us, our associated companies, or our brand partners.
We will only engage in direct marketing in accordance with the laws of the relevant country or jurisdiction you are located in.
To protect privacy rights and to ensure you have control over how we manage marketing with you we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you based on the products and services which you have purchased or have registered your interest in purchasing to date. Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication. For example, if you are subscribed to any promotional marketing newsletters, you have the choice to unsubscribe from these communications by scrolling to the bottom of the e-mail enclosing the newsletter and clicking the ‘unsubscribe’ link at any time. You can also change and manage your marketing preferences at any time on your preference centre. Alternatively, or in case of any issue, you can contact us at firstname.lastname@example.org.
You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser. We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.
We conduct research and analyse your information, including feedback and comments, to help us improve our products and services and to enhance your customer experience, including customising online content, and to improve your booking and website experience. We also look for trends and future destinations and itinerary opportunities.
We may use your de-identified data for internal reporting (i.e. if a partnership was successful), creating new marketing strategies and to identify trends.
We may contact you to seek your interest in taking part in research projects, surveys, and interviews. These interactions are designed to help us gain insight and understand certain things such as how to improve the services we provide, help us to understand our customers’ needs and expectations, what media they consume, what their concerns are, why do they travel, etc. Your information and details from our research activities may be stored or kept on file for future reference if relevant and will be de-identified where possible.
Information collected from job applicants will be used to process your application, decide if you are right for the role you are applying for and for us to communicate with you. We will also use your de-identified information to analyse and understand who is applying for our jobs, understand where barriers might exist and to improve our job offerings and recruitment processes in future.
If you are successful in your application, the details you have provided to us will be transferred through to our Human Resources system to begin building your employee profile.
How do we collect your information?
Your information may come to us in a variety of different ways. You may provide information directly to us or our sales agents, travel agents, business partners and other third parties (including insurance and medical providers) when communicating via email, phone, letter, web chat or in person. Please see more information here. You may also provide us with your information by filling in an online or printed form, leaving feedback, completing a survey, or subscribing to a newsletter or a loyalty program.
Your information may also be provided to us by a friend/family member who is booking on your behalf.
Sharing your information
Making an Enquiry or Booking a Stay
In order to handle your enquiry, fulfil your product or service request, or manage your booking, we may share your personal information with the following:
- any member of Intrepid Daintree Eco-Lodge Pty Ltd and our internal contractors and staff;
- our network and branded partners;
- travel providers;
- other third-party operators (i.e. local operators, couriers, mailing houses, payment processors, etc.);
- other suppliers and service providers (e.g. transfer drivers); and
- in some cases, Government authorities.
You should familiarise yourself with the privacy policies of all travel providers and tour operators you select to provide a trip or travel-related services. We are not responsible for the privacy practices of third-party travel providers and tour operators with whom you may choose to book travel product and services.
We share your personal information with third parties that help us operate, provide, improve, integrate, customise, support and market our products and services. This includes the following:
- IT Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, support and troubleshooting for quality assurance purposes, payment processing, analysis, and other services for us, which may require them to access or use information about you.
- Marketers: We work with a global network of partners who help us market and promote our products (for example, by providing consulting and sales services), who send marketing material for us, generate leads and resell our services.
- Research: We use third parties to assist us with research and analytics, including surveys, interviews and other data gathering, including in respect of the Intrepid Foundation activities. We may share your information with these partners in connection with their services.
We seek to ensure that your information is protected at all times including that these third parties have agreed confidentiality restrictions and only use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
Sharing within the Intrepid Daintree Eco-Lodge Pty Ltd
As we are a large international group, your information may be shared within the Intrepid Daintree Eco-Lodge Pty Ltd and any of our related entities worldwide.
We may share or transfer information in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the services if a transaction takes place, as well as any choices you may have regarding your information.
We may share your information with relevant regulators, which may include privacy regulators and supervisory authorities in other jurisdictions, and with courts and law enforcement to comply with all applicable laws, regulations and rules, and requests of law enforcement (e.g. police), regulatory and other governmental agencies
We also share personal information with insurance providers and/or medical personnel, which may be for identification of fraud or error, for regulatory reporting and compliance, or if we believe the disclosure is necessary to lessen or prevent a threat to life, health, or safety.
We may share in aggregate, statistical form, non-personal information regarding the visitors to our website, traffic patterns, and website usage with our advertisers.
We do not and will not sell your personal information under any circumstances.
As we have stated earlier, it is necessary for us to share your information with our Group entities, partners and third parties, many of which are located overseas. When we transfer your information overseas, we seek to ensure appropriate privacy, confidentiality and security measures are in place, and that we comply with all applicable data protection and privacy laws.
Further, we operate with different service providers in over 120 countries, across all regions of the world, so it is not possible for us to provide a list of all these countries in this Policy. Our key service providers are located in Australia and the United States. If you have any specific questions about where or to whom your personal information will be sent, please see the Contact Us section below.
In some jurisdictions, including the EEA, the UK and Australia, data protection laws restrict transferring personal information outside the jurisdiction. We take appropriate steps to ensure that your personal information receives an adequate level of protection (by putting in place appropriate safeguards, such as contractual clauses e.g. EU approved standard contractual clauses), or that we are able to rely on an appropriate derogation under applicable privacy and data protection laws. You have a right to request access to any safeguard which we use to transfer your personal information outside of the UK and the EEA.
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments).
What are your rights
We want you to feel reassured that you have control of the information you provide to us. Subject to certain exemptions, and depending on relevant data protection laws, including in some cases upon our legal basis for processing your information there are certain rights you have over your personal information. These include:
- You can ask us to update any inaccurate, incomplete or out-of-date information we hold about you
- You can ask us to provide you with a copy of the information we hold on you, or that we transfer that information to another service provider
- You may request that we stop processing or using your information
- You may request that we delete any / all information we hold about you
- You may withdraw consent that you have provided to us
Where possible we will comply with your request, however, there may be instances where we cannot fulfil your request, or there will be consequences if we were to fulfil your request. We will always communicate with you about any consequences before going forward, or give you written reasons for any refusal.
Under certain data protection laws, including the EU/UK GDPR, you may also (subject to certain exceptions):
- withdraw consent to our use of your information for marketing purposes;
- object to the processing of your personal data, where we collect your personal data for our legitimate interest;
- request your personal information be transferred to yourself or a third party without hindrance in a commonly used format.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
We will only perform the activities outlined above to the extent that such activities will not compromise privacy, security, or any other legal interests.
You may also wish to make a complaint about the way we have handled your personal information or other interference with your privacy rights.
You can exercise any of these rights at any time by contacting us (see the Contact Us section) or your relevant privacy or data protection authority.
If you would like to exercise your rights, as listed above, you can also do this by contacting the privacy team via the below form.
We will contact you within a reasonable time frame after receiving your enquiry or request to verify who you are in order to locate any accounts or bookings you may have with us or ask any follow up questions to better understand your enquiry.
We will inform you whether we will conduct an investigation and the estimated completion date for the investigation process. After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view. If you are unsatisfied by our final response, you may escalate your complaint to the relevant regulatory body.
Complaint to the Data Protection Authority
If you have any concerns or complaints about how we are collecting or processing your personal information, you can complain to your local data protection authority. We would ask that you first contact us to seek to resolve the concern or complaint in the first instance.
If you are in the UK/EU, please follow this link to locate the data protection authority most relevant to you: https://edpb.europa.eu/about-edpb/board/members_en
If you are in Australia, you may contact the Privacy Commissioner at the Office of the Australian Information Commissioner (www.oaic.gov.au/).
We retain and store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you may be recorded in paper files that we store securely.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements.
In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
How we keep your information secure
The Intrepid Daintree Eco-Lodge Pty Ltd is dedicated to keeping your personal information secure. We have implemented various physical, electronic, and managerial security procedures in order to protect your information and reduce the risk of loss and misuse, and from unauthorized access, modification, disclosure and interference.
We have put in place adequate procedures to deal with any actual or suspected personal information breach and will notify you and any applicable regulator of any data breach where we are legally required to do so.
Whilst we take all reasonable steps to ensure that your personal information is secure, we would ask you to be aware that the internet is inherently insecure, so please take precautions when disclosing any personal information online to us.
Links to Third Party Sites
Cookies & Website Usage
Our websites use a standard technology called ‘cookies’ and web server log. To find out more about the cookies we use, please see our Cookies Policy.