We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information and has been updated to be GDPR compliant. Please contact Dive Ningaloo if you any questions regarding your privacy.
What information do we collect and why?
We may collect, store and use the following kinds of personal information.
(a) information provided by YOU in regards to your booking with our company. This includes: name, phone number, email address, scuba diving qualifications, tour date, dietary requirements, accommodation while visiting Exmouth, and any other information you choose to send us. This information is usually obtained when you make a booking with us via our online booking system: Rezdy; or if you send us a message via our contact form or email. It is collected so we can run our tours efficiently and be prepared for your requirements.
(b) personal information provided in written form will also be stored, this includes details of dive logs recording: depth, time and air, for all divers, a signed waiver from you completed at the start of your tour, and a tour manifest with your name, contact number and pick up location. This information is stored for insurance and medical purposes if a diving incident was to ever occur.
(c) analytics as part of our website my be used to gather information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation). This information is obtained for search engine optimization purposes and so we can better target potential customers to Dive Ningaloo.
(d) if you make a booking with Dive Ningaloo, information relating to credit card transactions carried out between you and us will be recorded, including amount time and date, please note only the last 4 digits of your card will ne visible to us. This information is collected so we can easily see if you have any outstanding payments to be made to us for any of your tours.
How is your information used?
Personal information you provide us will not be used for any other purpose other than relating to your scuba diving tour with us. This is used by Dive Ningaloo staff in the form of a tour manifest so we can prepare for the tour and make sure we have all your requirements ready, we also use your name for our dive log so we know who is onboard the boat and at all times and to sign you in and out of the water.
Cookies and analytics
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We use “session” cookies and “persistent” cookies on the website. We will use the session cookies to: keep track of you whilst you navigate the website; We will use the persistent cookies to: enable our website to recognise you when you visit;
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.
What we do with your information?
We may use your personal information to:
(a) administer the website;
(b) improve your browsing experience by personalising the website;
(c) enable your use of the services available on the website;
(d) send you general (non-marketing) communications;
(e) send you email notifications which you have specifically requested e.g. booking confirmation/ payment receipt;
(f) send to you follow up email after your tour, which we think may be of interest to you by e.g. a reminder to write us a trip advisor review (you can inform us at any time if you no longer wish to receive communications);
(g) provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
(h) deal with enquiries and complaints made by or about you relating to your tour;
Where you submit personal information for publication (e.g. Trip Advisor), we will publish and otherwise use that information in accordance with the license you grant to us.
We will not provide your personal information to any third parties for the purpose of direct marketing.
When and why do we have to disclose your information to others?
In addition, we may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any legal proceedings or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling; and
(e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
How do we keep your information safe?
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. All third parties such as email servers and booking systems are all GDRP compliant.
Personal information recorded on paper (in the form of dive logs etc) is stored in our office in a locked filing cabinet. The government requirement is for us to keep this information for 7 years and then we will destroy it. These records only contain information you provide us, in relation to your tour, and no financial transactions or addresses are stored.
Your right to view your information and to be forgotten
You may instruct us to provide you with any personal information we hold about you, this is entirely your right. Provision of such information will be subject to the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
We may withhold such personal information to the extent permitted by law.
We do keep personal information in the form of your contact details if you contact Dive Ningaloo, however on our online contact form you also have the opportunity to opt-out of the use of your personal information for any purpose.
You have the tight to be forgotten. You may instruct us not to store personal information and to be completely deleted from our system. We have the ability in our booking system to completely delete your information.
What we will do in the event of a breach.
We believe in only collecting information relevant to your tour with Dive Ningaloo. We do not collect any unnecessary and personal information such as home address, income, education, political views etc. and only the information you provide to us. Therefore data collection is kept to a minimum. In the event that your information is breached, we are obliged to inform you as well as the appropriate authorities within 72 hours. Our primary data controller listed below, is responsible for managing breaches. We will inform you of the nature of the breach and how we are managing it.
Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Please let us know if the personal information which we hold about you needs to be corrected or updated.
The data controller responsible in respect of the information collected on this website is Kirsten Sheppard.