PRIVACY POLICY

Purpose and Scope

This policy sets out how Engadine Bowling and Recreation Club Limited ABN 96 744 536 639 and its sub-clubs (“Club”, “we”, “us” or “our”) collect, use, disclose and hold “personal information”.

We are committed to protecting the privacy of all individuals whose personal information we handle.

When we collect, use, store, disclose or correct your personal information, our actions will comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs).

Our practices also reflect our obligations as a registered club and reporting entity under the Registered Clubs Act 1976 (NSW), liquor and gaming laws, Corporations Act 2001 (Cth), Work Health and Safety Act 2011 (NSW) and Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) legislation.

 

Types of Personal Information Collected

We may collect personal information such as:

  • Identity and contact information: your full name, date of birth, residential address, email address, phone number, signature, gender and occupation.
  • Visitor information: information related to your visits to our premises and, if you are a temporary member, a temporary image of your driver’s licence or other ID from which we will extract your full name, date of birth, address and signature to maintain our registers.
  • Images of you: a photo of you for your membership card, CCTV footage and audio of you at our premises and photos of you and others participating in activities, functions and events at the Club.
  • Membership information: membership number, class of membership, joining date, visit history, positions held by you at the Club or any complaints made by or against you in connection with the Club.
  • Information about use of our products and services: what goods or services you buy or receive from us and your participation in social, sporting or other organised activities, your member card transactions, your use of our loyalty program, payment history and event bookings.
  • Gaming transactions: information about your use of our gaming machines, KENO and TAB, including prizes and payouts, player activity statements, your ID number (in certain circumstances) and other information we are required to collect to comply with our AML/CTF obligations (including your occupation, political associations and the source of your funds).
  • Exclusion information: whether you have excluded yourself or been excluded by a third party from using our gaming machines or entering our premises and information about you related to a liquor self-exclusion, banning order or a Liquor Accord.
  • Incidents at the Club: things you say or do (or things said about you) in connection with an incident or disciplinary proceedings at or in connection with the Club.
  • Financial information: bank account details required for us to process a gaming machine payment to you via EFT and other payment details when you book an event or make a reservation with us.
  • Digital interactions: information about your use of our websites, social media pages and Wi-Fi collected by website analytics, cookies/pixels and device identifiers, including information about your personal devices and IP address.
  • Employees & volunteers: recruitment information including information from your resume and referees, onboarding records, training records, police checks, health information, bank account and superannuation fund details and tax file numbers (note: certain employee records are handled in accordance with the employee records exemption in the Privacy Act).

 

Anonymity and Pseudonymity

If you don’t give us your personal information, you may not be able to become a member of our Club, use our services or facilities, or access our premises.

In most circumstances, you will be unable to deal with us anonymously or with a pseudonym because of our obligations under the Registered Clubs Act.

 

How We Collect Personal Information?

We collect personal information by recording information in hardcopy and by electronic and automated means.  We collect personal information:

  • Directly from you: when you:
    • Enter, visit or deal with us and our venues.
    • Apply for, or renew, your membership with us.
    • Fail to make a payment you are required to make to us.
    • Use your membership card.
    • Purchase goods or services from us or participate in activities, competitions and promotions we offer.
    • Plan or attend a function, event or show at a venue we operate.
    • Use our gaming machines.
    • Are excluded, suspended, banned or removed from any part of our premises.
    • Make a complaint or are involved in, witness or are connected to an incident or disciplinary proceedings at or in connection with the Club.
    • Apply for and/or receive sponsorship from us (including through ClubGRANTS).
    • Visit one of our websites or social media pages or use our Wi-Fi.
    • Make an enquiry with us and interact with our staff.
    • Apply for a job with us.
  • Systems and devices: via our electronic ID scanners, point‑of‑sale systems, booking software, access control systems, gaming management systems, CCTV system, website analytic tools and cookies/pixels. Some of these systems may involve forms of automated decision making.
  • From third parties: your parent or guardian (if you are a minor), service providers (e.g., payment processors and ticketing providers), regulators, law enforcement, gaming partners (Keno/TAB), your family and industry bodies (if you are subject to a third party gaming exclusion or a multivenue exclusion, such as ClubSAFE or BetSafe).

In general, if you contact us, we may keep a record of that correspondence.

Wherever practicable, we will notify you of the information being collected about you and provide you with an opportunity to refuse the collection of your information.

If you give us personal information about others, we expect that you will tell them about this policy.

 

Purposes of Handling Personal Information

We collect, hold, use and disclose personal information to perform the following activities and functions:

  • Consider applications and renewals of membership.
  • Identify who comes to our premises, including individuals who have been suspended, banned or self-excluded from our premises.
  • Provide a safe environment for you, other members and guests and our staff.
  • Maintain registers and comply with our legal, regulatory and accounting obligations, including our obligations under gaming, liquor, registered clubs governance and AML/CTF law.
  • Provide goods and services and hold events and activities at the Club.
  • Operate our rewards program.
  • Improve our goods and services and improve the functionality of our websites.
  • Send newsletters.
  • Operate our websites and provide Wi-Fi at the Club.
  • Conduct gaming operations and carry out responsible gambling and harm-minimisation activities.
  • Operate our sub-clubs, including publishing contact details of committee members.
  • Offer and manage sponsorships of community sports clubs and other local organisations.
  • Conduct elections of the Club’s Board and send notices of annual general meetings and other communications to our members.
  • Carry out marketing, competitions and promotions (including direct marketing).
  • Carry out administrative activities and functions.
  • Resolve complaints, investigate incidents and conduct disciplinary proceedings.
  • Assess a job applicant’s suitability for employment or a volunteer’s suitability for a role.
  • Promote the objects of the Club, increase membership and maintain a social record of the community.

 

Direct Marketing

We may use your personal information to send you information about products and services, including information from third parties. This may include newsletters, information about events, promotions and partner offers.

You can opt out of direct marketing at any time by contacting us (please see the “How to contact us” section below for our contact details) or by clicking unsubscribe in our emails.

 

Disclosure of Personal Information

We may need to disclose your personal information to our third party service providers, our insurers, exclusion program operators, Clubs NSW, our legal and financial advisers and other members of the Club.

Your personal information will only be disclosed for a purpose permitted by the Privacy Act and/or this policy and, where required, after obtaining your consent.

We will also disclose your personal information to law enforcement agencies and government bodies if we are required or authorised to do so by law, including AUSTRAC, the Department of Communities and Justice and the Australian Taxation Office.

 

Overseas Disclosure

We do not ordinarily disclose personal information overseas but if you agree to information being put on our websites or social media pages, then this could be accessed by people in other countries.

Our membership database is stored electronically on our primary servers, which are located at our premises. Our physical records are also located at the Club.

Our back-up servers are physically located in New South Wales.

Where we use third party providers located overseas, or disclose data to partners outside Australia, we will take reasonable steps to ensure that the recipient will comply with the APPs, unless we reasonably believe that the recipient is subject to laws which requires them to handle personal information in a substantially similar way to the APPs.

 

CCTV and Surveillance

All our venues are subject to CCTV surveillance for security reasons, including to monitor the safety of members, guests and employees and to protect our assets.  We may use CCTV footage to investigate incidents and in disciplinary proceedings.

Access to footage is restricted but we may disclose footage to law enforcement agencies, regulatory authorities, our insurers and our legal representatives where required.  CCTV recordings are retained for a minimum period of 30 days and are destroyed when they are no longer needed.

 

Websites, Cookies and Analytics

Our websites and social media pages may use cookies, tags and pixels to operate the site, measure usage, and personalise content/ads. If you use our websites or Wi-Fi, we will also collect information about your device including your MAC address and the host name of your device. We will handle any information collected as a result of your use of our websites and Wi-Fi in accordance with this policy.

You can manage cookies via your browser settings but some features of our websites may not function without them.

Our websites may also contain hyperlinks to websites operated by third parties. Any hyperlinks are provided for reference only and we are not responsible for their content of third party websites or the privacy practices of those third parties.

There will also be instances when dealing with our websites where you will be redirected to a third party’s website or platform. For example, you will be redirected to a third-party payment platform to make an online payment to us.

Generally, we do not have control over these third-party providers and how they collect and handle personal information that you provide to them.  We also typically have limited access to the information they collect and hold.  We do not accept any liability for the actions of any such third-party providers and strongly encourage you to read their privacy policies.

 

Data Quality and Security

We take reasonable steps to ensure personal information we collect, use and disclose is accurate, up‑to‑date and complete, and that information we hold is protected against misuse, interference, loss, and unauthorised access, modification or disclosure. Those measures include role‑based access, multi-factor authentication, encryption, firewalls, use of secure databases, staff training and vendor due diligence. Your personal information is securely destroyed when it is no longer needed or becomes out of date.

 

Notifiable Data Breaches

We have various security measures in place to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

If our security measures are compromised, we will comply with our obligations for responding to data breaches under the Privacy Act.

As soon as we become aware of a data breach, we will take urgent steps to contain the breach, mitigate any risk of harm and determine who may have been affected by the breach.  We will then assess the breach and determine whether the breach is likely to result in serious harm to any person whose data was involved.

If we have reasonable grounds to believe that the breach is likely to result in serious harm to you, we will notify you of the breach as soon as possible. We will also notify the Office of the Australian Information Commissioner.

Following a breach, we will conduct a review of our security measures and implement any additional measures we consider necessary to enhance the security of your information.

Access to and Correction of Personal Information

You have a general right to request access to the personal information we hold about you and to request correction if it is inaccurate, incomplete or out of date.  We will respond to your request within a reasonable time.

To assist us to comply with your request, we may need you to verify your identity and provide us with evidence of your new details. In some cases, we may be unable to give you access to, or amend, your personal information.  If so, we will provide you with written reasons.

 

Retention and Destruction

We retain personal information for as long as it is required for the purposes described in this policy. When it is no longer required, we take reasonable steps to destroy or de‑identify personal information.

 

How to Contact Us

You can contact our Privacy Officer as follows:

Phone:               02 9548 2022

Email:                 reception@engadinebowling.com.au

Post:                   Engadine Bowling and Recreation Club Ltd

                              PO Box 62

                              Engadine NSW 2233

Attention:        Privacy Officer

 

Queries and Complaints

If you have any privacy-related queries or believe we have breached the Privacy Act or any of the APPs, please contact our Privacy Officer.

When contacting our Privacy Officer, please give us enough details to be able to identify you, understand your issue or complaint and respond appropriately.

We will acknowledge receipt of your complaint and investigate.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC). Please see the OAIC’s website for contact details: https://www.oaic.gov.au/about-us/contact-us/.

 

Changes to this Policy

We may update or revise this policy at any time to reflect operational changes or changes in our legal obligations.

This privacy policy was last updated on 23 April 2026.

Social media & sharing icons powered by UltimatelySocial