Our privacy commitment
The Spotlight Retail Group (‘SRG’) is committed to protecting the privacy of your personal information or personal data, as defined below (hereafter referred to, collectively, as “personal information”). We strive to manage your personal information in an open and transparent way.
This Policy applies to all of the entities within the Spotlight Retail Group, including but not limited to Spotlight Pty Ltd (ACN 005 180 861), Anaconda Group Pty Ltd (ACN 107 364 563), Mountain Design Holdings Pty Ltd (ACN 627 475 085), Spotlight Ltd (NZ Company No. 553661) and Spotlight Pte Ltd (Co. Reg. No. 199504543C). In this Policy ‘we’, ‘us’, ‘our’ and ‘SRG’ refers the Spotlight Retail Group.
SRG will only use your personal information when it is necessary for us to deliver you a service or perform other necessary business functions and activities.
SRG will not use or disclose your personal information for purposes unrelated to the services we provide, unless we first obtain your consent.
This policy is structured so that you can view information relevant to you if you are a:
SRG is bound by the requirements of these laws, which regulates how we may collect, use, disclose and/or store personal information. These laws also specify how individuals may access and correct personal information held about them.
“Personal Information" (as defined in the Privacy Act 1988 (Cth) and Privacy Act 1993 (New Zealand)) means information or an opinion about an identified individual (or an individual who is reasonably identifiable), whether true or not, or recorded in a material form or not. For example, these types of information could include your name, contact details, age and health information.
“Personal data" (as defined in the Personal Data Protection Act (Singapore)) means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which the organisation has or is likely to have access.
From time to time, our policies and procedures will be reviewed and, if appropriate, updated. If any changes are made to this policy these will be posted on our websites.
How and why does SRG collect and hold your personal information?
What kind of personal information does SRG collect and hold?
How does SRG use your personal information?
In what circumstances will SRG disclose your personal information?
Who do we disclose your personal information to?
Does SRG disclose your personal information to overseas recipients?
Use of Government Identifiers
Data quality and Security
Links to Third Party Sites
How you can access or correct your personal information
How you can notify us of a privacy concern or contact our Privacy Contact Officer
SRG will only collect personal information about you by lawful and fair means, and not in an unreasonably intrusive manner.
It is SRG’s usual practice to collect personal information directly from you when you:
- submit a Spotlight VIP club or Anaconda Adventure club registration form or Mountain Designs Alliance Club registration form or amendment form;
- register with any of our other loyalty or marketing programs;
- complete any online form on one of our websites or online payment gateways;
- visit or use an SRG website (including any SRG forums);
- subscribe to marketing and sales material or communications;
- complete an online form on one of our social media channels;
- enter an SRG trade promotion or competition;
- register an SRG gift card;
- complete an online form on one of our online advertisements that is placed on a third party website;
- complete a hard copy form or provide information in one of our stores;
- complete and return to us a hard copy form that is provided with one of our products;
- complete and return to us a wholesale account application form;
- request delivery of SRG products;
- make a purchase, return or exchange a product where we request you to verify your identity;
- speak with us, or one of our representatives directly during a product or sales enquiry; or
- contact us directly by telephone, via mail, e-mail or online via our websites or social media channels.
We may collect personal information about you from a third party or a publicly available source, but only if you have consented to such collection, or would reasonably expect us to collect your personal information in this way.
Where we can, we will allow you to deal with us anonymously or by using a pseudonym. However, in some circumstances, this may not be possible, and SRG may need to collect personal information from you to provide you with a delivery or other service. In some cases, if you do not provide the required personal information we will not be able to provide you with a service.
If we receive information about you from a third party and it is not information we need in respect of our business activities, we will destroy or de-identify that information (provided it is lawful to do so).
Any personal information that you provide directly or via other channels is collected and managed by SRG.
The types of personal information SRG may collect includes your:
- date of birth;
- marital status and family details;
- residential, business and postal address;
- email address;
- contact telephone numbers;
- identification details;
- testimonials or opinions;
- photos of you;
- financial information, such as credit card details;
- written or verbal contact with SRG, including voice recordings of telephone conversations you have had with our employees; and
- activities, including but not limited to lifestyle and other interests.
Whilst you may opt not to provide us with your personal information, you should be aware that without this personal information, we may not be able to provide you with some of the services and/or products you are seeking.
If you provide us with information about any third party, you must obtain that third party's permission to give us the information and inform them that you have given the information to us.
We use your personal information for a variety of reasons including, but not limited to the following:
- to contact you in relation to our loyalty or marketing programs;
- to provide services and products to you;
- to answer your inquiries and deliver customer service to you;
- to tell you about other products that we think may be of interest to you;
- to enable us to undertake a credit assessment;
- to maintain and improve customer services;
- to manage your gift card balance;
- to meet our legal obligations;
- to consider making offers for employment purposes;
- to manage and resolve any legal, consumer or commercial complaints and issues;
- to carry out internal functions including training; and
- to conduct marketing research and analysis.
In the course of conducting our business and providing our products and services to you, we may disclose your personal information.
We only disclose personal information for the purposes for which it was given to us, or for purposes which are directly related to one of our functions or activities. We do not give it to anyone else unless one of the following applies:
- you have consented to the disclosure;
- you would reasonably expect, or have been told, that your information is passed to those individuals, businesses or agencies; or
- it is otherwise required or authorised by law.
If we engage third party agents or contractors, we will take all reasonable steps to ensure that they do not breach privacy requirements in relation to the information, before we share your personal information with them.
We may disclose your personal information to:
- another SRG business or entity;
- to companies that perform services on our behalf, such as delivery companies, data entry service providers, trade promotion or gift card administration and account management providers;
- professional advisers (such as lawyers or auditors);
- payment systems operators and financial institutions;
- organisations authorised by SRG to conduct promotional, research or marketing activities;
- upon lawful request from law enforcement agencies or government authorities; and
- any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives.
In all circumstances where your personal information is disclosed, we will take all steps reasonable to ensure that these third parties undertake to protect your privacy.
We are committed to compliance with all laws and requirements relating to the use of your personal information. We will only use or disclose your personal information for direct marketing purposes if you have provided your information for that purpose (and you would expect us to use the information for that purpose), or if you have provided consent for your information to be used in this way.
From time to time, we may contact you with information about products and services offered by us and our related entities and our business partners, which we think may be of interest to you. When we contact you it may be by mail, telephone, email, SMS/text message or social media message.
Where we use or disclose your personal information for the purpose of direct marketing, we will:
- allow you to request not to receive direct marketing communications (also known as ‘opting-out’); and
- comply with your request to ‘opt-out’ of receiving further communications within a reasonable timeframe.
SRG will only ever contact you if we have obtained your consent, and you can ask to be removed from our marketing lists at any time by contacting us directly.
If you do not wish to be contacted by SRG, please e-mail us at firstname.lastname@example.org.
Your personal information may be disclosed to other SRG entities, business partners and service providers in Australia and overseas for the reason and limited purpose explained below.
The countries this information may be disclosed to will vary from time to time, but may include Australia, New Zealand, Singapore, Malaysia, Fiji, Japan, and the United States of America.
Sometimes we use third party platforms and services to process sales, provide web support, send marketing messages, deliver products or otherwise deliver information. These services are hosted and managed by organisations other than ourselves, and some of these services are hosted overseas. We use products and services maintained in Australia, New Zealand, Singapore, Malaysia, Fiji, Japan, and the United States of America.
Your personal information may be stored in a secure and encrypted form overseas (e.g. in data storage and cloud computing facilities operated by us (or by third parties on SRG’s behalf) to prevent unauthorised access, use, disclosure, copying, modification and disposal thereof.
SRG will not use Government Identifiers, such as a driver's licence number as its own identifier of individuals.
We will take all reasonable steps to ensure that your personal information is stored securely and is protected from misuse and loss and from unauthorised access, modification or disclosure.
The personal information that we collect about you is stored on our database servers & filing systems managed by us in Australia.
Our websites are professionally hosted and operate in a secure environment. You should however be aware that there is always an inherent risk in transmitting your personal information via the Internet.
We use secure payment platforms to process online orders in an SSL-secure environment. Customers can see their cards being debited in real time.
We take website and credit card security extremely seriously, and always endeavour to provide a secure safe platform on which to conduct online transactions. All our websites use 2048- bit SSL with up to 256- bit encryption for capturing personal information and processing transactions. We do not store your credit card details
To ensure you are accessing a secure server, check for the unbroken key or closed lock symbol located generally either at the bottom left or top right of your browser window. If it appears, then SSL is active. You can double check this by looking at the URL as well. If SSL is active, then the first characters of that line will read ‘https’ rather than just ‘http’. It is important for you to protect against unauthorised access to your password and to your computer.
Ensure you logout when you have finished visiting our websites especially if you accessed them from a shared computer.
If you visit an area of the website where you are not required to log on, to read, browse or download information, our system will record the date and time of your visit to our site, the pages viewed and any information downloaded.
The information generated by the cookie or other technologies about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.
We may share the Google data with our third party service providers and the data may be used to optimise marketing or advertising initiatives. Every time you visit an SRG website, certain customised information and advertising may be delivered to you based on the data stored in the cookies.
Whilst links to third party websites may be provided on our website, we are not responsible for the content or practices of these third-party websites.
These links are provided for your convenience and do not represent SRG's endorsement of any linked third-party website. We recommend that you check the privacy policies of these third parties prior to providing them with your personal information.
No links may be made to this website without our prior written consent.
You can request access to the personal information we hold about you at any time, and we will
provide you with that information unless we are prevented by law from giving it to you.
If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request.
You will not be charged for accessing your information, although we might have to charge a reasonable fee for processing your request, including photocopying, administration and postage. We will provide you with a written estimate of any fee payable before we process your request.
If you believe that your personal information is not accurate, complete or up to date, please contact us via the contact details below and we will correct this information.
- have queries, concerns or complaints about the manner in which your personal information has been collected or handled by SRG;
- or would like to request access to or correction of the personal information we hold about you;
please write to:
Australia and New Zealand: The Privacy Officer, Legal Department, SRG Retail Group Level 6, 111 Cecil Street South Melbourne Vic 3205 Australia
Singapore: The Privacy Officer, 68 Orchard Road Plaza Singapura #05-11/19 Singapore 238839
Phone: 1300 305 405 (Australia) or 0800 276 222 (New Zealand) or (65) 6733 9808 (Singapore)
If you consider your privacy concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements, you can contact:
The Office of the Australian Information Commissioner on 1300 363 992 or visit their website at www.oaic.gov.au.
Privacy Commissioner (New Zealand) on 0800 803 909 or visit their website at www.privacy.org.nz
Personal Data Protection Commissioner (Singapore) on +65 6377 3131 or visit their website at www.pdpc.gov.sg.
SRG collects personal information (which may include sensitive information) from its employees (past, current and future) in order to provide a range of employment related services.
SRG collects personal information directly from job applicants (and their referees) or from recruitment agencies and relates service providers. The information we collect may include your name, address contact details, employment and education history, the names of your referees and other relevant information.
This information we collect about you will be used for evaluative purposes in recruitment and may be disclosed to third party service providers who provide recruitment related services to us. This may include overseas recruitment related services located in Australia, New Zealand, Singapore and Malaysia.
We collect information from our suppliers to facilitate sourcing and purchasing products and services. This information can be collected directly from suppliers and related service providers. We may share supplier information with entities located overseas in the Asia Pacific Region.