Privacy Policy
Last updated: 12th September 2025
About this Policy
Autra Resort Pty Ltd (“Autra Resort”, “we”, “us”, “our”) respects your privacy and handles personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). This Policy explains what we collect, how and why we use it, who we share it with, and your choices.
This Policy applies to our websites, booking platforms, social channels we control, and our guest services. Separate notices may apply for specific promotions or partners—please review those as well.
What we collect
The personal information we collect depends on how you interact with us:
• Identity & contact: name, email, phone, postal address.
• Booking & stay details: dates, cabin selection, special requests, communications, incident/maintenance notes.
• Payment references: payment confirmations or tokens from our payment gateway (we don’t store full card numbers).
• Marketing preferences: newsletter subscriptions, competition entries, communication choices.
• Technical data: IP address, device/browser type, pages viewed, and cookies (see Cookies).
• Feedback & research: survey responses, ratings, comments.
• Recruitment: CV/resume, cover letter, interview notes, right-to-work and onboarding details (if you seek employment).
We may also receive information from booking partners, payment providers, analytics and marketing platforms, and guests who book on someone else’s behalf.
How we collect information
• Directly from you: website forms, bookings, emails, phone calls, surveys, in-person interactions.
• Automatically: via cookies, pixels and similar technologies on our sites.
• From third parties: booking/marketing partners, payment processors, analytics providers, referees (for job applicants).
Why we use your information
We use personal information to:
• Provide services: take and manage bookings; send confirmations, updates and pre-arrival details; support your stay.
• Operate our business: troubleshoot, improve our websites and booking flow, develop new services, run analytics and reporting.
• Communicate: respond to enquiries and complaints; send essential service messages (these aren’t promotional).
• Marketing (optional): send offers, news and surveys based on your preferences (you can opt out anytime).
• Legal & safety: meet legal obligations, manage insurance and incident reporting, and respond to lawful requests.
• Recruit: assess and manage job applications and onboarding.
Legal basis (international guests)
For guests protected by overseas laws (e.g., EU/UK), our legal bases typically include: performance of a contract (bookings), legitimate interests (service improvement, security, limited direct marketing), legal obligations, vital interests (emergencies), and consent (where required, e.g., certain marketing cookies). You can withdraw consent at any time.
Disclosing your information
We may disclose personal information to:
• our staff and related entities;
• service providers: website hosting, IT/security, booking and PMS platforms, payment gateways, customer support tools, marketing and analytics, research and survey platforms, couriers and print houses;
• on-site partners/landowners where necessary to deliver your stay;
• professional advisers (legal, accounting, insurance);
• regulators, law enforcement or courts where required or authorised by law;
• parties to a business transaction (e.g., merger or acquisition), subject to confidentiality.
Where we share information overseas, we take reasonable steps to ensure recipients protect it appropriately (e.g., contractual safeguards).
Marketing choices
If you opt in to marketing, we may email you about Autra Resort stays, offers and news. You can unsubscribe using the link in our emails or by contacting us. Some online advertising relies on cookies/pixels; see Cookies for how to manage your settings.
Access, correction and deletion
• Access/Correction: You can request access to, or correction of, your personal information.
• Deletion/Objection: You may request we delete information or stop certain processing where the law allows.
We’ll respond within a reasonable timeframe and explain any lawful limits (e.g., records we must retain).
Retention
We keep personal information only as long as needed for the purposes described or as required by law (e.g., tax, insurance, disputes). We may retain minimal records after account closure to meet legal/accounting obligations and to maintain accurate business records.
Security
We use reasonable physical, technical and organisational measures to help protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure. No method is 100% secure—please take care when sending information online. We maintain breach-response procedures and will notify you and regulators where legally required.
Children
Our services are designed for adults. We do not knowingly collect personal information from children without appropriate consent and safeguards.
Third-party links & widgets
Our sites may link to third-party websites or include social widgets (e.g., “Like” buttons). Those third parties may collect information subject to their own privacy policies. We are not responsible for their practices, so please review their policies.
Cookies & website usage
We use cookies and similar technologies to run our sites, remember preferences, measure performance, and deliver relevant advertising. You can manage cookies in your browser settings and (where available) via our site-level cookie controls. Disabling some cookies may impact site functionality.
Changes to this Policy
We may update this Policy from time to time. The “Last updated” date shows the latest version. Material changes will be highlighted on our website.
Contact us
Questions, requests or complaints:
• Email: admin@autraresort.com
We aim to respond within a reasonable timeframe. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au.