Privacy Policy

At Hyde Park Management Pty Ltd trading as Cable Beach Club Resort & Spa, we recognise the importance of protecting your information.

This privacy policy sets out how we collect, use, disclose, dispose and otherwise deal with information which you may supply to us or which we may collect about you.

We reserve the right, at our discretion, to modify or remove portions of this privacy policy from time to time. You should review this privacy policy periodically to ensure you are updated on any changes.

What kinds of information can we hold?

We are permitted to collect and/or hold, with your consent, the following kinds of information:

  • Personal information, being information or an opinion about an identified individual, or an individual who is reasonably identifiable.

  • Sensitive information, being information or an opinion about an individual’s personal preferences or characteristics (such as race, ethnicity, political views, memberships, religious or philosophical beliefs and sexual preference), health information and/or biometric information.

Sensitive information is afforded a higher level of protection than other kinds of information under the Privacy Act 1988 (Cth) (Privacy Act) and Australian Privacy Principles (APPs).  We collect and hold sensitive information only when you knowingly and voluntarily submit it. We will rarely collect and hold this kind of information. 

What personal information do we collect?

We may collect your personal information such as your name, date of birth, contact details, residential and postal address, email address, age, sex, marital status, information associated with your web browsing (such as your IP address) phone number(s), location, other contact details and occupation.

We may also collect your financial information, proof of identity documents and credit card details for any goods and/or services you purchase from us.
This website is an Australian based website, and it is not intended to provide services to EU residents, and its terms may not be fully consistent with the General Data Protection Regulation. If you are an EU resident and you choose to use the Website then you do so at your own risk, and on the terms of the Site. We protect all Personal Information in accordance with applicable Australian privacy laws.

If we are unable to verify your identity, then we may be unable to provide services to you.

How do we collect your information?

We collect your information through a variety of means, including:

  • From you

    • You may provide us with your information when interacting with us and purchasing goods and services. This includes providing your personal information to us when filling out forms, making a booking, ordering goods, entering promotions or competitions, signing up to loyalty programs, registering interest in our events, purchasing and redeeming gift cards, signing up to newsletters, using our website or mobile applications, interacting with or following our social media pages.

  • From collecting it ourselves

    • We may collect your information when you interact with us, including when browsing our websites, social media pages and using any mobile applications provided by us (including via cookies). For instance, we may collect information about your use of our website and mobile applications, including the time and duration of your visit, the referring URL, your Internet Protocol (IP) address, the type of device you use and its operating system, your advertising ID (e.g., AAID and IDFA), and other device identifiers.

    • When entering our property, you may be photographed or recorded on CCTV. The recorded footage may contain your likeness and other identifiable information such as your vehicle number plate. This information may be provided to law enforcement and government bodies, internal staff, subcontractors, third parties who provide us with services from time to time, insurers and retailers.

    • When entering our premises and car parks, your personal information, car licence plate details and images may be collected. We may also collect your personal information and images from third parties (for example, the police or retailers) in connection with the management and security of the premises and car parks.

    • When you park in our car parks with a ticketless parking system or car locator functionality, you consent to provide us with your car licence plate details and, in some circumstances, other information including name, email address and telephone number. These details are used for measuring and analysing car parking dwell times and customer behaviour to improve services provided, for marketing purposes and to assist customers to locate their cars including via online and mobile applications.

    • When interacting with our customer service offerings, we may record personal information related to your query, so that we can address your query and contact you later.

  • From third parties

In the event we receive your information from a third party, via referral and/or via a purchase list, and we consider that you have not otherwise consented to Hawaiian’s receipt of the information, we will take reasonable steps to inform you of that and seek your consent for our collection of that information.

  • Using our Wi-Fi, Bluetooth

    • We may collect your information when you use one of our Wi-Fi networks in our centres or venues. The information may include your details necessary for you to log-in and use our Wi-Fi networks, as well as information about your use of our Wi-Fi networks, including your location, browsing history and IP address.

    • We may use Bluetooth (BLE) Beacons, Wi-Fi, and similar technologies within some of our centres that may communicate with your (mobile) device and identify its location if the device has Bluetooth and/or Wi-Fi enabled and is properly configured. As a result, we may collect your Wi-Fi and/or Bluetooth MAC Address and send BLE signals to your device. To opt out of BLE Beacons and/or the collection of your MAC address, turn off your device Bluetooth and Wi-Fi capabilities.

Social media

When you browse and make use of our social media pages (such as Facebook, Instagram,  X or LinkedIn, Tik Tok, You Tube and other social media platforms), you are using an external site and are therefore subject to the privacy policies and practices of that site.  If you have any questions or concerns regarding that site’s privacy policies and practices, you should review the privacy policy of the relevant site. We do not endorse, and are not accountable for, any views expressed by third parties using those sites.

We record all information posted to our social media pages and use that information for the purposes of administering the pages, for record keeping, for considering and/or addressing any comments made and for running competitions and campaigns.  No attempt will be made to further identify social media subscribers except where requested and authorised by law.

Receipt of unsolicited personal information

We may receive your personal information as unsolicited personal information. 

Unsolicited personal information is received by an organisation, such as Cable Beach Club Resort & Spa, where it took no active steps to collect that information.

When and where Cable Beach Club Resort & Spa receives unsolicited information, we will determine whether it could have collected the information under Australian Privacy Principle 3 (which governs the collection of solicited personal information).  Where we could not have collected the information consistent with Australian Privacy Principle 3, we will destroy or de-identify the information as soon as practicable, so long as it is lawful and reasonable for it to do so.

How and in what circumstances will Cable Beach Club Resort & Spa use or disclose my personal information?

We may, in certain circumstances, collect, hold, use and/or disclose your personal and/or sensitive information. 

By way of a guide, these terms are defined as follows in section 6 of the Privacy Act and in the Australian Privacy Principles Guidelines:

An entity “holds” personal information “if the entity has possession or control of a record that contains personal information”.

An entity “uses” personal information “where personal information is handled, or an activity is undertaken with the information, within the entity”.

An entity “discloses” personal information “when it permits that information to become known outside the entity and releases it from its effective control”.

We will use and disclose your personal information to provide our services to you or to fulfill administrative functions associated with these services. 

In general, we will use and disclose your personal information for the following purposes:

  • to provide you with the best service experience possible on the website;

  • to notify you about an event you may wish to be involved in;

  • to communicate with you;

  • to provide and market our goods and services;

  • to help us manage and enhance our services;

  • to purchase from you;

  • for any purpose for which the information was provided; or

  • any other purpose related to any of the above.

We will disclose personal information when we permit that information to become known outside Cable Beach Club Resort & Spa and where we release it from our effective control.  For example, we will have disclosed your personal information where:

  • we share your personal information with another entity;

  • we publish your personal information on the internet, so it is accessible by others;

  • where one of our staff reveals your personal information in the course of a conversation with a person who does not work for us; or

  • where one of our staff members sends a document containing your personal information to someone who is not you.

    • In terms of information collected when entering Cable Beach Club Resort & Spa premises and car parks, this information may be used in connection with the management and security of the premises. This information may be provided to law enforcement and government bodies, internal staff and subcontractors, third parties who provide Cable Beach Club Resort & Spa with services from time to time, insurers and retailers for those purposes.

Primary purpose and secondary purposes

Your personal and/or sensitive information will only be used and disclosed for the primary purpose for which it was submitted or for such other secondary purposes that are related to that purpose, unless we disclose other uses in this privacy policy or at the time of the collection of that information. 

Definition pursuant to Australian Privacy Principles Guidelines:

Primary purpose refers to the particular purpose for which the information in question was collected. 

Secondary purpose is any purpose other than the primary purpose for which we have collected your personal information.

We will only make use of or disclose your personal information for a secondary purpose if:

  • you have consented to the use or disclosure of that information; or

  • you would reasonably expect us to use or disclose the information for the secondary purpose; or

  • the use or disclosure of that information is required or authorised by or under legislation or court/tribunal order; or

  • a “permitted general situation” exists in relation to the use or disclosure of the information by Cable Beach Club Resort & Spa; or

  • Cable Beach Club Resort & Spa reasonably believes that the use of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

When collecting your information we will inform you of the primary purpose of our collection and/or any anticipated secondary purpose that may arise.   The purpose of our collection will vary from project to project, depending on the nature of the project and the nature of your involvement and/or interest in the project.   

Who can access my personal information and what conditions apply to their use of my personal information?

As a general rule, your personal and sensitive information will only be accessed and/or viewed by Cable Beach Club Resort & Spa staff and officers, as and when it is appropriate or necessary.  However, your personal information may also be accessed, from time to time, by:

  • Cable Beach Club Resort & Spa contractors;

  • Cable Beach Club Resort & Spa project partners;

  • Cable Beach Club Resort & Spa suppliers; or

  • Cable Beach Club Resort & Spa professional advisors.

Where a party, other than an employee or officer of Cable Beach Club Resort & Spa, has access to the personal information of individuals, they will be required to comply with the applicable Australian privacy legislation and, where appropriate, to enter into privacy agreements with Cable Beach Club Resort & Spa.

The access and use of your personal or sensitive information by a third party will be restricted to the purpose for which it was first collected and/or to a closely related secondary purpose.

Use of Aggregate Data

Cable Beach Club Resort & Spa may use personal information in aggregate form to improve services and make them more responsive to the needs of customers. This statistical compilation and analysis of information may also be used by us or provided to others as a summary report for marketing, advertising or research purposes.

Direct marketing

Definition pursuant to the Australian Privacy Principles Guidelines:

Direct marketing involves the use and/or disclosure of personal information to communicate directly with an individual to promote goods and services.  A direct marketer may communicate with an individual through a variety of channels, including telephone, SMS, postal mail, e-mail and online advertising.

Cable Beach Club Resort & Spa will not use or disclose your personal information for the purpose of direct marketing, unless:

  • we collected the information from you;

  • we obtained your consent to the use or disclosure of the information for that purpose (except where it was impracticable to do so); and

  • you would reasonably expect Cable Beach Club Resort & Spa to use or disclose the information for that purpose; and

  • we provide you with an easy-to-use means of opting out of receiving any further direct marketing communications; and

  • you have not requested that we cease sending you direct marketing communications.

Cable Beach Club Resort & Spa will only make use of your sensitive information for direct marketing purposes if you have consented to the use or disclosure of that information for that purpose.

If you receive direct marketing communications from us or from an associated entity, you are entitled to:

  • request that you receive no further direct marketing communications for Cable Beach Club Resort & Spa;

  • and/or the associated entity; and

  • request that we disclose the source of the information.


Cable Beach Club Resort & Spa will take reasonable steps to facilitate a request by you to opt-out of receiving direct marketing communications.  This may be a request to opt-out of receiving certain communications, or to opt-out altogether. 

Cable Beach Club Resort & Spa will not charge you for making such a request or for giving effect to such a request. 

Cable Beach Club Resort & Spa will take reasonable steps to give effect to such request within a reasonable period of time after the request is made and will reply to a request for the source of the information in a reasonable period of time (unless it is unreasonable or impracticable for us to do so). 

E-mail Marketing

We may use your e-mail address to send you Cable Beach Club Resort & Spa publications, newsletters, marketing emails and information relating to seminars or events.  We may also contact you by e-mail to seek your opinion or comment on our website and our service offerings. 

Cable Beach Club Resort & Spa, at all times, aims to comply with the terms of the Spam Act 2003 (Cth) and will not send unsolicited commercial electronic messages or “spam”.

All commercial electronic messages sent by us include information about the individual or organisation who authorised the sending of the message.

You can unsubscribe from our e-mails at any time.  You can also contact us and instruct us not to send further information to you.


We strive to ensure the security of your information and we take reasonable steps to protect your information from:

  • from misuse, interference and loss; and

  • from unauthorised access, modification or disclosure.

We regularly review and update our physical and data security measures in light of current technologies. Unfortunately, no data transmission over mobile data and communication services can be guaranteed to be totally secure.

In addition, our employees and contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.

We do everything reasonably within our power and control to prevent unauthorised use or disclosure of your information. However, we will not be held responsible for events arising from any unauthorised use or access to your information except to the extent that such unauthorised use or access is as a result of our failure to comply with our legal obligations in relation to the reasonable steps taken to secure the information we hold about you.

Accuracy of your personal information

We take reasonable steps to ensure that your personal information that we collect, use or disclose is accurate, complete and up-to-date. However, the accuracy of the information held by us largely depends on the accuracy of the information that you supplied to us. If at any time you discover that any information concerning you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us to correct the information.

Access to your personal information and complaints

Your privacy is very important to us and we take the matter very seriously. If you have any concerns about your privacy or how your personal information is being handled, please contact us at the email address at the bottom of this policy. We will respond within a reasonable time after the request is made and give access to the information in the manner you request, unless it is impracticable to do so.

All complaints will be considered by the Data Privacy Officer, and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

Please note that we will verify your identity before granting access to the personal information we hold about you.

If at any time you believe that the personal information we hold about you is incorrect, incomplete or inaccurate, then you may request that we amend such personal information. If we refuse your correction request, we will give you written reasons and provide you with information about our complaints-handling process should you not be satisfied with our reasons. Where we correct the personal information we hold about you, we will take reasonable steps to notify third parties bound by the APPs of the correction made to your personal information.

Third party websites

From time to time we may provide links to third party websites (Linked Sites). These Linked Sites are not under our control and we do not accept responsibility or liability for the conduct of the Linked Sites or their businesses and the information available on the Linked Sites. We recommend that you refer to the privacy policy of the Linked Sites before disclosing your personal information to the Linked Sites.

Notifiable data breaches

We are committed to protecting information we hold about you, and to compliance with the Notifiable Data Breaches scheme.

Where we become aware of a potential data breach which is likely to result in serious harm to any individuals about whom we hold information, we will:

  • investigate the suspected breach and determine scope of any breach that has occurred and the risk of harm to affected individuals whose information may have been compromised;

  • notify you and the Privacy Commissioner of the potential breach; and

  • take steps to minimise any harm caused to affected individuals as a result of the breach.

Lodging a complaint

If you wish to complain about an alleged breach of the privacy of your personal/sensitive information, or an alleged breach of the APPs, the complaint should be made in writing and addressed to the attention of our Listed Company Secretary at the below address:


Post              177 St Georges Terrace, Perth WA 6000

Phone          +61 8 9426 8888 

We will acknowledge receipt of your complaint and we will endeavour to deal with your complaint and provide you with a response within a reasonable time following our receipt of your complaint (generally 30 days from our receipt of your complaint). Where a complaint requires a more detailed investigation it may take longer to resolve. If this is the case, we will provide you with progress reports.

We will verify your identity and seek (where appropriate) information from you in connection with the complaint.

Where required by law, we will acknowledge your complaint in writing and provide information in writing to you on how we will deal with your complaint. Further, if required to do so by law, we will provide our determination on your complaint to you in writing.

We may refuse to investigate and deal with a complaint if we consider it to be vexatious or frivolous.

If you are dissatisfied with the outcome of your complaint, you may seek an internal review of our decision, which will be completed by an officer not previously involved in your complaint. If you remain dissatisfied, you may escalate your complaint to the Office of the Australian Information Commissioner.

Contact us

If you have any further queries relating to our privacy policy or you have any comments or feedback, please contact us at:


Post     177 St Georges Terrace, Perth WA 6000

Phone +61 8 9426 8888


For more information about privacy issues in Australia and protecting your privacy, visit the Australian Government, Office of the Australian Information Commissioner website

Cookies Policy

What are cookies?

A cookie is a small text file stored on your computer’s browser.  Many cookies from websites will be visible from your browser.  You will usually find information on cookies and how to manage them under “options” or “settings” in your browser.  You can choose to see cookies before deleting them and to keep cookies from some sites.

There are several different types of cookies (some of which are used on our website):

·                      First party cookies:  A “first party” cookie is sent from a website to your web browser when you visit that site.  This is how websites “record” or “remember” things like your customised settings (such as your location), your shopping cart contents and your log in details.

·                      Temporary cookies: Temporary cookies generally only last for one browsing session (until you close your web browser).

·                      Persistent cookies: Persistent cookies remain on your computer after you close your browser and will be sent back to the applicable website each time you visit it.

·                      Third party cookies: Third party cookies are sent by businesses that provide content, such as advertising, on websites that you visit.  Many websites feature advertising from third parties and those third parties may use cookies to track your browsing activities.  They will normally use this information to “show” you targeted advertising – that is, advertising relating to products or services they think you will be interested in based on your prior web searches.

·                      Tracking / web pixels (also known as “web beacons”): Tracking pixels are clear picture files used to keep track of your navigation through a single website or a series of websites.  Tracking pixels are normally used by websites that use third party traffic monitoring and tracking services.

·                      Local Stored Object cookie or “flash cookies”: Flash cookies contain more information than the other kinds of cookies referred to above and are not generally cleared when you clear cookies in your web browser.

How and why does Cable Beach Club Resort & Spa use cookies?

Generally we use cookies to learn about the way you interact with our content and to help us to improve your experience when visiting our website.

We may record your visit through the use of cookies and may log the following information for purely statistical purposes:

  • your server address;

  • your top-level domain Name (e.g. .com, .gov, .au, etc);

  • the date and time of your visit to our site;

  • the pages accessed and documents downloaded by you;

  • the previous site(s) visited by you; and

  • the type of browser used by you.

Most of the information collected by cookies will not be sufficient to identify you – this is because the information collected will be very “general” in nature, relating to your interests (i.e. the products you have looked at) and the websites you have visited previously.  Information collected via cookies will only be deemed to be “personal information” for the purposes of the Privacy Act or the Australian Privacy Principles if it makes you or any other individual reasonably identifiable.

We will not facilitate the merging of personally identifiable information with non-personally identifiable information collected through any cookies, tracking/web pixels or Google advertising products or features, unless we have robust notice of and the relevant party’s consent to that merger.

Cable Beach Club Resort & Spa’s Privacy Policy was last updated: May 2024



DD slash MM slash YYYY