PRIVACY & SECURITY

Last Updated: May 31, 2018

Pacific Whale Foundation™ and Pacific Whale Foundation Eco Adventures Australia PTY LTD Website Privacy Policy

Summary

Thank you for visiting the Pacific Whale Foundation™ and Pacific Whale Foundation Eco Adventures Australia PTY LTD website(s) located at https://pacificwhale.com.au/ (the “Site”). The Site is an Internet property of Pacific Whale Foundation and Pacific Whale Foundation Eco Adventures Australia PTY LTD (collectively, “Company” “we,” “our” or “us”). The following Pacific Whale Foundation™ and Pacific Whale Foundation Eco Adventures Australia PTY LTD Website Privacy Policy (“Privacy Policy”) sets forth our policy with respect to the collection, storage and usage of your “Personal Data.” For purposes of this Privacy Policy, “Personal Data” means any information concerning the personal or material circumstances of an identified or identifiable individual. This includes information such as your name, your address, your phone number and your email address.

Data Controller

Please note, Company is considered the “Data Controller” in connection with the Personal Data collected pursuant to this Privacy Policy for purposes of applicable data protection laws, including the General Data Protection Regulation (“GDPR”).

Legal Basis

We collect Personal Data that you provide to us, e.g. during the registration and check out process, to fulfill your request to receive additional information and promotions or for the purpose of handling the contractual relationship that you have with Company. We also collect personal information from you passively. We use tracking tools like browser cookies and web beacons to provide and support our Site. Third-party analytics services may use cookies and web beacons through our Site to provide us with information about how you use and interact with our Site and, where we have your consent, to deliver advertisements to you. Cookies help us to track your use of the Site and enable us to recognize you when you return to the Site so that you do not need to input your log in information during each visit. Cookies are also used for security purposes and help us to detect certain kinds of fraud.

We only use and store your Personal Data if we have a legal basis for doing so, including where you have given us your express consent, where we have a legitimate business interest or pursuant to the contractual relationship between you and Company.

Individual Rights: Deleting, Modifying and Updating Your Personal Data

At your request, we will: (a) inform you of what Personal Data we have on file for you, in a machine readable format; (b) amend the Personal Data that we have on file for you; and/or (c) completely remove Personal Data that you have provided to us, or that we have collected, from: (i) our servers/databases; and (ii) the servers/databases of any third-party that we have provided your Personal Data to. You may do so by e-mailing us at: [email protected] We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests.

Please be advised that deleting your Personal Data may terminate your access to certain of the Site Offerings (as defined below). If you wish to continue using the full complement of Site Offerings, you may not be able to delete all of the Personal Data that we have on file for you.

Please be further advised that, after you delete your Personal Data, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems.

Background

This Privacy Policy covers our treatment of Personal Data and other information that we collect when you: (a) access or use the Site; (b) access and/or download any of the blog posts, events calendar, publications, guides, text, audio, video, photographs, graphics, artwork, testimonials and/or other content featured on the Site (collectively, “Content”); (c) register to receive the Company newsletter or other promotional information about the Company’s offerings (“Newsletter”); (d) access text, video, links and/or other information pertaining to career opportunities with Company including, where available, job listings (“Careers Content”); (e) access links to Pacific Whale Foundation’s™ social media pages/accounts on third-party social media websites, such as Facebook®, Instagram®, TripAdvisor®, Twitter®, Yelp® and YouTube® (collectively, “Social Media Pages”); (f) access links to third-party environmental and other resources and/or information (“Third-party Links”); (g) purchase Company and third-party merchandise featured on the Site (collectively, “Merchandise”); (h) make a donation to the Pacific Whale Foundation™ (“Donation Services”); (i) book a cruise or eco-outing as offered by Pacific Whale Foundation Eco Adventures Australia PTY LTD (“Booking Services”); and/or (j) purchase a Pacific Whale Foundation™ membership (“Membership” and together with the Site, Content, Newsletter, Careers Content, Social Media Pages, Third-party Links, Merchandise, Donation Services and Booking Services, the “Site Offerings”).

IF YOU DO NOT AGREE TO TERMS OF THIS PRIVACY POLICY IN THEIR ENTIRETY, YOU MAY NOT ACCESS OR OTHERWISE USE THE SITE OFFERINGS.

Facebook® and Instagram® are registered trademarks of Facebook, Inc. (“Facebook”). TripAdvisor® is a registered trademark of TripAdvisor, Inc. (“TripAdvisor”). Twitter® is a registered trademark of Twitter, Inc. (“Twitter”). Yelp® is a registered trademark of Yelp, Inc. (“Yelp”). YouTube® is a registered trademark of Google, Inc. (“Google”). Please be advised that Company is not in any way affiliated with Facebook, Google, TripAdvisor, Twitter or Yelp, nor are the Site Offerings endorsed, administered or sponsored by any of the foregoing entities.

Your California Privacy Rights

Company will never share, sell, rent, exchange or barter your Personal Data to or with any third-party for financial gain or marketing purposes. Nevertheless, we may, in certain limited instances, share your Personal Data with third parties who perform administrative functions on our behalf. If you are a resident of the State of California and would like to learn how your “personal information” (as defined in the Shine the Light Law, Cal. Civ. Code § 1798.83) is shared with third parties, what categories of personal information that we have shared with third parties in the preceding year, as well as the names and addresses of those third parties, please e-mail us at: [email protected]; call us at: 1731 848 562; or send us mail to: Pacific Whale Foundation, Shop 4, Great Sandy Straits Marina, Urangan Queensland.

Personal Data Collected

We collect Personal Data when you access certain of the Site Offerings and complete the required information request form and/or otherwise provide such information to us. The information that you must supply on the applicable form may include, without limitation: (a) your name; (b) your mailing/billing address; (c) your e-mail address; (d) your telephone number; (e) your credit card information (where purchasing Merchandise, using the Donation Services, using the Booking Services and/or purchasing a Membership); and/or (f) any other information requested by us on the applicable registration form. For purposes of this Privacy Policy, item (e) in the preceding sentence shall be considered “Sensitive Information.”

Use of Personal Data

Company will never share, sell, rent, exchange or barter your Personal Data to or with any third-party for financial gain or marketing purposes. By making that Personal Data available Company, you grant Company the right, subject to applicable law, to use that Personal Data (other than Sensitive Information) to contact you by telephone and email regarding your use of the Site Offerings (including in connection with the Booking Services, Membership, Donation and/or purchase of any Merchandise). If you wish to stop receiving future communications from us, please follow the instructions at the end of each such marketing message or see the “Opt-Out/Unsubscribe” section below.

We will also use your Personal Data for customer service, to provide you with information that you may request, to customize your experience with the Site Offerings and/or to contact you when necessary in connection with your use of the Site Offerings. We may also use your Personal Data for internal business purposes, such as analyzing and managing our service offerings including, without limitation, the Site Offerings.

We may also employ other companies and individuals to perform certain functions on our behalf. Examples include sending direct and electronic mail, removing duplicate information from user lists, analyzing data and providing marketing analysis. The agents performing these limited functions on our behalf shall have access to our users’ Personal Data solely as needed to perform these functions for us, but we do not permit them to use user Personal Data for other purposes.

At times, we may want to contact you via telephone regarding your use of the Site Offerings. To enable us to contact you by telephone regarding your use of the Site Offerings, you agree that by submitting your Personal Data by and through the Site Offerings, and where you provide your consent as required under the GDPR, such act constitutes an inquiry and/or application for purposes of the Amended Telemarketing Sales Rule (16 CFR §310 et seq.), as amended from time to time (the “Rule”) and applicable state do-not-call regulations. As such, notwithstanding that your telephone number may be listed on the Federal Trade Commission’s Do-Not-Call List, and/or on applicable state do-not-call lists, we retain the right to contact you via telemarketing in accordance with the Rule and applicable state do-not-call regulations.

At times, we may want to contact you via your mobile device regarding your use of the Site Offerings. To enable us to contact your mobile device, you agree that, where you provide your consent as required under the GDPR, and where you have provided your “prior express written consent” within the meaning of the Telephone Consumer Protection Act (47 USC § 227), and its implementing regulations adopted by the Federal Communications Commission (47 CFR § 64.1200), as amended from time-to-time (“TCPA”), you consent to receive telephone calls, including artificial voice calls, pre-recorded messages and/or calls delivered via automated technology, to the telephone number(s) that you provided.  Please note that you are not required to provide this consent in order to obtain access to the Site Offerings, and your consent simply allows Company to contact you via these means. Please be advised that by agreeing to this Privacy Policy, you are obligated to immediately inform us if and when the telephone number that you have previously provided to us changes.  Without limiting the foregoing, if you: (a) have your telephone number reassigned to another person or entity; (b) give up your telephone number so that it is no longer used by you; (c) port your telephone number to a landline or vice versa; or (d) otherwise stop using that telephone number for any reason (collectively “Phone Number Change”), you agree that you shall promptly notify Company of the Phone Number Change via e-mail at: [email protected], or by using one of the methods set forth in the “Contact Us” section below.

We reserve the right to release current or past Personal Data, including Sensitive Information: (i) in the event that we believe that the Site Offerings are being or have been used in material violation of the Site’s Terms and Conditions or to commit unlawful acts; (ii) if the information is subpoenaed; provided, however, that, where permitted by applicable law, we shall provide you with e-mail notice, and opportunity to challenge the subpoena, prior to disclosure of any Personal Data pursuant to a subpoena; (iii) to comply with a legal obligation, including sharing your name/e-mail address with third-parties to assist you with your opt out requests in compliance with applicable law, including the GDPR and the CAN-SPAM Act of 2003, as amended from time-to-time; (iv) to protect and defend the rights or property of Company and/or its users; (v) to act in urgent circumstances to protect the personal safety of our users or the public; or (vi) if we are sold, merge with a third-party, are acquired or are the subject of bankruptcy proceedings; provided, however, that if Company is involved in a bankruptcy proceeding, merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on the Site of any change in ownership or uses of your Personal Data, as well as any choices that you may have regarding your Personal Data.

Credit Card Transactions

Company utilizes third-party service providers to provide credit card payment processing services. If you choose to purchase Merchandise, a Membership, use the Booking Services and/or make a donation using the Donation Services, the credit card information provided will either be collected directly by such third-party service provider, or we will share that payment information with our contracted third-party service provider(s). Company requires that its third-party payment processing service provider(s) has/have in place privacy policies and practices consistent with this Privacy Policy; provided, however, that we cannot guarantee the privacy practices of our third-party payment processing service provider(s).

Social Media Websites

If you engage in any interaction with Company, other users or any third-party on any Social Media Pages, you should be aware that: (a) the personal information that you submit by and through such Social Media Pages can be read, collected and/or used by other users of these websites/services (depending on your privacy settings associated with your accounts with the applicable Social Media Websites), and could be used to send you unsolicited messages or otherwise to contact you without your consent or desire; and (b) where Company responds to any interaction on such Social Media Pages, your account name/handle may be viewable by any and all members/users of Company’s social media accounts. We are not responsible for the personal information that you choose to submit on any Social Media Websites.

In addition, the Site contains Social Media Website widgets and buttons (“Widgets”), such as the Facebook® and Twitter® share buttons. These Widgets may collect your IP address, as well as which page you are visiting on our Site, and may set a Cookie on your browser to enable the Widget to function properly. The Widgets are owned and operated by the applicable Social Media Websites. The Social Media Websites operate independently from Company, and we are not responsible for such Social Media Websites’ interfaces or privacy or security practices.

Your interactions with the Social Media Pages and Widgets are governed by the privacy policies of the applicable Social Media Websites. We encourage you to review the privacy policies and settings of the Social Media Pages and/or Widgets with which you interact to help you understand those Social Media Websites’ respective privacy practices. If you have questions about the security and privacy settings of any Social Media Pages and/or Widgets that you use, please refer to the applicable Social Media Website’s privacy notices or policies.

Non-Personal Data Collection and Use

IP Addresses/Browser Type

We may collect certain non-personally identifiable information about you and your desktop computer and/or mobile device when you visit many of the pages of the Site. This non-personally identifiable information includes, without limitation, the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet service provider (e.g., Verizon, AT&T). We use the non-personally identifiable information that we collect to improve the design and content of the Site Offerings and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze usage of the Site Offerings.

Cookies

When a user visits the Site, we send one (1) or more cookies and/or gif files (collectively, “Cookies”) to assign an anonymous, unique identifier to the applicable user’s computer. A Cookie is a piece of data stored on your hard drive containing non-personally identifiable information about you. Cookies have many benefits to enhance your experience at the Site. To find out more about Cookies, please visit www.cookiecentral.com. We use Cookies to improve the quality of the Site Offerings, including for storing user preferences and tracking Site-user trends (such as pages opened and length of stay at the Site).

Most Internet browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. To disable and reject certain Cookies, follow the instructions associated with your Internet browser. Even in the case where a user rejects a Cookie, he or she may still use the Site Offerings; provided, however, that certain functions of the Site Offerings may be impaired or rendered inoperable if the use of Cookies is disabled. We reserve the right to retain Cookie data indefinitely.

Behavioral Tracking

Other than as expressly set forth in this paragraph, neither Company, nor any third-party, uses Cookies, pixels and other tracking technology on the Site for purposes of tracking users’ activities after they leave the Site. Only where you have provided your affirmative express consent, when you visit the Site, we may use cookies, pixels and other tracking technology for purposes of serving you Company-related advertisements after you leave the Site and visit social media websites including, without limitation, Facebook®, as well as websites that run Google® advertising applications. You may be able to opt out of some of this tracking by utilizing the options associated with Google Ads®, by Clicking Here. You can opt-out of all of this tracking by contacting us at: [email protected] Users may also be able to disable some or all of this tracking activity by utilizing the “Do Not Track” setting or similar options within most major Internet browsers.

Cross Device Tracking

Company tracks users’ use of the Site Offerings across various devices, including your personal computer and mobile device, in order to optimize and personalize your Site Offerings experience. Company may collect certain of your personal information across various devices. If you would like to opt-out of having your use of the Site Offerings tracked across multiple devices, please e-mail us at: [email protected] Please be advised that where you opt-out of having your use of the Site Offerings tracked across devices, you may need to upload certain information multiple times and/or input your log-in information multiple times.

Aggregate Data

Company reserves the right to transfer and/or sell aggregate or group data about users of the Site Offerings for lawful purposes. Aggregate or group data is data that describes the demographics, usage or other characteristics of Site Offerings users as a group, without disclosing personally identifiable information.

Third-Party Websites

The Site may contain links to third-party owned and/or operated websites including, without limitation, the Social Media Websites. Company is not responsible for the privacy practices or the content of such websites. In some cases, you may be able to make a purchase through one of these third-party websites. In these instances, you may be required to provide certain information, such as a credit card number, to register or complete a transaction at such website. These third-party websites have separate privacy and data collection practices and Company has no responsibility or liability relating to them.

Security

We endeavor to safeguard and protect our users’ Personal Data. When users make Personal Data available to us, their Personal Data is protected both online and offline (to the extent that we maintain any Personal Data offline). Where our registration/application process prompts users to enter Personal Data, and when we store and transmit such Personal Data, that information is encrypted with advanced TLS (Transport Layer Security).

Access to your Personal Data is strictly limited, and we take reasonable measures to ensure that your Personal Data is not accessible to the public. All of our users’ Personal Data is restricted in our offices, as well as the offices of our third-party service providers. Only employees or third-party agents who need the Personal Data to perform a specific job are granted access to Personal Data. Our employees are dedicated to ensuring the security and privacy of all user Personal Data. Employees not adhering to our firm policies are subject to disciplinary action. The servers that we store Personal Data on are kept in a secure physical environment. We also have security measures in place to protect the loss, misuse and alteration of Personal Data under our control.

Please be advised, however, that while we take every reasonable precaution available to protect your data, no storage facility, technology, software, security protocols or data transmission over the Internet or via wireless networks can be guaranteed to be 100% secure. Computer hackers that circumvent our security measures may gain access to certain portions of your Personal Data, and technological bugs, errors and glitches may cause inadvertent disclosures of your Personal Data; provided, however, that any attempt to breach the security of the network, our servers, databases or other hardware or software may constitute a crime punishable by law. For the reasons mentioned above, we cannot warrant that your Personal Data will be absolutely secure. Any transmission of data at or through the Site, other Site Offerings or otherwise via the Internet or wireless network, is done at your own risk.

In compliance with applicable federal and state laws, we shall notify you and any applicable regulatory agencies in the event that we learn of an information security breach with respect to your Personal Data. You will be notified via e-mail in the event of such a breach. Please be advised that notice may be delayed in order to address the needs of law enforcement, determine the scope of network damage, and to engage in remedial measures.

Minors

Visitors under eighteen (18) years of age are not permitted to use and/or submit their Personal Data at the Site. Company does not knowingly solicit or collect information from visitors under eighteen (18) years of age. Company encourages parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children.

Opt-Out/Unsubscribe

To opt-out of receiving e-mail communications from us, you can follow the instructions at the end of the applicable e-mail message or e-mail us at: [email protected] To restrict the processing of your Personal Data, please e-mail us at: [email protected]

Notwithstanding the foregoing, we may continue to contact you for the purpose of communicating information relating to: (a) the fulfillment of our contractual relationship (including in connection with your purchase of a Membership, purchase of Merchandise, use of the Donation Services and/or use of the Booking Services); (b) your request for Site Offerings; and (c) to respond to any inquiry or request made by you. To opt-out of receiving Site Offerings-related and/or inquiry response-related messages from Company, you must cease requesting and/or utilizing the Site Offerings and/or cease submitting inquiries to Company, as applicable.

Changes to this Privacy Policy

Company reserves the right to change or update this Privacy Policy at any time by posting a notice on the Site that we are changing our Privacy Policy. If the manner in which we use Personal Data changes, Company will notify users by: (a) sending the modified policy to our users via email; and/or (b) by any other reasonable means acceptable under applicable state and federal law. You will have a choice as to whether or not we use your information in this different manner and we will only use your information in this different manner where you opt-in to such use.

Contact Us

If you have any questions about this Privacy Policy, you can utilize the options made available on the Site’s “Contact Us” page, or e-mail us at: [email protected]; call us at: 1731 848 562; or send us mail to: Pacific Whale Foundation, Shop 4, Great Sandy Straits Marina, Urangan Queensland.

Filing a Complaint with the Federal Trade Commission

To file a complaint regarding our privacy practices, please Click Here.

OZ_WWW_Cert-Icons_052517-1