Our Tours
Reef Destinations
+61 (7) 4099 4200

Privacy Policy

Updated November 2025

Aristos Port Douglas Pty Ltd ACN 103 374 698 (referred to as ‘Sailaway’, ‘we’, ‘us’ or ‘our’) is firmly committed to the protection of your personal information in accordance with the Privacy Act 1988 (Cth) (‘Privacy Act’) and the Australian Privacy Principles (‘APPs’). We aim to maintain a safe and secure system of handling your personal information, while still providing access to your personal information when required.

This Privacy Policy explains how Sailaway collects, manages, uses and discloses personal information about any individuals covered under the Privacy Act (‘you’).

We aim to maintain a safe and secure system of handling your personal information, whilst still providing access to your personal information when required. If you wish to make inquiries regarding the Privacy Policy, please contact Sailaway using one of the methods set out below.
We may, from time to time, review and update this Privacy Policy. All personal information held by us will be governed by our most recent Privacy Policy which will be available on our website at: www.sailawayportdouglas.com

What is personal information?
‘Personal information’ is information or opinion (in recorded form or otherwise) about an identified, or reasonably identifiable individual, whether the information is true or not. This includes information such as your name, date of birth, contact details, and may also include information regarding any dealings you have with us.

‘Sensitive information’ is a type of personal information and includes information or opinions about your political opinions, memberships, religious beliefs, racial or ethnic origin, sexual orientation, health or criminal record, or biometric information.

What personal information do we collect?
The information we collect depends upon the nature of our dealings with you. We aim to collect your personal information directly from you during the course of our business relationship. However, where it is not reasonable or practicable to collect information directly from you, we obtain it from other sources.

Sailaway may collect and hold personal information about a range of people including current, former and prospective employees, clients, business associates, suppliers, independent contractors, and any of their employees, contractors or assigns.

We usually collect, hold and use the following kinds of personal information:

  • information about contacting you including your name, addresses, telephone numbers, email address;
  • details of the services you have purchased, considered or enquired about, and any additional information necessary to deliver those services and respond to your queries;
  • occupation information including your organisation and your role;
  • business or company information, including your relationships with third parties;
  • information provided by or on behalf of you or businesses looking to form a relationship with us;
  • information regarding dealings of people with us or our clients;
  • for employees, including prospective employees, police checks or working with children checks, and photos and videos of you;
  • payment information and financial information including bank account details;
  • government related identifiers such as Australian Business Numbers, Australian Company Numbers and Tax File Numbers;
  • information required to verify your identity including your date of birth, driver’s licence and passport information; and
  • any other personal information you provide to us from time to time, or required by us to provide our services.

We do not generally collect sensitive information. We cannot prevent sensitive information being provided to us voluntarily, and where you provide us with sensitive information, you consent to our collection of such sensitive information. In these cases, we will only use or disclose such information:

  • for the purpose for which it was provided or another directly related purpose; or
  • as allowed by law.

Why do we collect personal information?
We only collect, use or hold personal information about you if it is reasonably necessary for us to do so to perform our business functions and if you have consented to us doing so, or if the law allows us to do so without obtaining your consent.

We collect personal information for the purposes of:

  • providing you with our services and any related or incidental matters;
  • managing our relationship with you;
  • carrying on our business functions;
  • maintaining ongoing contact with you by providing you with our communications;
  • inviting you to events and activities from time to time; and
  • complying with our legal obligations and assisting government, law enforcement agencies or regulators.

By providing us with your personal information, you consent to your personal information being collected, held and used in this way and for any other use you authorise. We will only use your personal information for the purposes described in this Privacy Policy or with your express permission. Where it is lawful and practicable to do so, you have the option of remaining anonymous in your dealings with us, or not disclosing personal information. However, the consequences of this are that we may be unable to conduct our services or business operations.

If you provide us with personal information about someone other than yourself, you warrant to us that you have that person’s consent, including where applicable any necessary consent for disclosure to third parties in accordance with this Privacy Policy, to provide such information for the purpose specified and for us to treat such information in accordance with this Privacy Policy.

When do we collect personal information?
We collect personal information from you in various circumstances including:

  • when meeting with you, either face to face or online;
  • when you communicate with us by e-mail, telephone or in writing;
  • when you obtain a service from us;
  • as required by law, including as required to verify your identity;
  • in correspondence with you or third parties (such as government agencies or courts);
  • when you use our website;
  • when you request to receive information from us;
  • when you provide or offer to provide a product or service to us;
  • in respect of employment with us;
  • when you enter into a contract with us;
  • when you attend our or third-party presentations, conferences or events; and
  • when third parties, including our suppliers and providers of services, share it with us.

How do we hold your personal information?
We generally hold personal information in physical records or electronic records on our servers, computer systems and databases operated by either us or our external service providers. Where necessary we may store personal information on third party servers located overseas. If information about you is recorded in paper files, it is stored and disposed of securely.

We implement and maintain processes and stringent security measures to ensure that your personal information remains protected from misuse, interference or loss, and from unauthorised access, modification or disclosure. These processes and systems include that:

  • all electronic databases contain strict password access as well as virus and firewall protection procedures;
  • security measures are implemented to assess and handle potential external and internal threats;
  • all staff members are bound by confidentiality duties; and
  • some personal information is on a restricted access basis within our systems and is limited to specific staff members.

When do we disclose your personal information?
We may be required to disclose personal information to third parties while providing our services to you. These third parties may include:

  • professional advisers and insurers;
  • government departments such as the Australian Securities and Investments Commission, Australian Competition and Consumer Commission or any relevant land title office;
  • regulators, courts, tribunals, government agencies and law enforcement agencies or as otherwise required by law; and
  • others where you have provided your consent (whether express or implied) to us.

We may disclose your personal information to an entity in a foreign country if it is appropriate. It is possible that such entity may be subject to foreign laws that do not provide the same level of protection of personal information as the laws in Australia. We take steps to ensure that an entity overseas is bound by obligations to protect the privacy and security of your personal information.

Business transfers and restructures
In the event that we sell, transfer, or merge all or part of our business or assets, or undergo a corporate restructure, we may disclose your personal information to prospective or actual purchasers, investors, or successors in connection with such transaction. This may include disclosure for the purposes of:

  • due diligence investigations and assessments;
  • facilitating the transfer of our business operations; and
  • enabling the purchaser or successor to continue providing services to you.

We will take reasonable steps to ensure that any prospective or actual purchaser or successor is bound by obligations to protect your personal information in accordance with the Privacy Act and the APPs. Where practicable, we will notify you of any such transfer, although in some circumstances (such as where commercial confidentiality is required) we may not be able to provide advance notice.

If you do not wish your personal information to be transferred in connection with a business sale or restructure, you may contact us to request that your personal information be de-identified or destroyed, subject to our legal and regulatory obligations to retain certain information.

Information collected on our website

Cookies
When you use and access our website, a data file called a “cookie” may be stored on your internet enabled device. Cookies are text files containing small amounts of information which are stored to your device (e.g. computer, mobile phone etc) by a website you visit. Cookies are widely used to make websites work effectively as well as provide website usage information such as user identity, and website visiting patterns to the owner of a website.

We use cookies to provide you with an improved experience when you access our website. If you wish to restrict, block or delete the cookies you can do this by adjusting the settings on the browser you use. The “Help” function within your browser should provide you with relevant information regarding process of disabling cookies.

If you opt to disable cookies, then our website may not function effectively, and you may not be able to access/use all or some areas of our website.

Click Stream Data
Our website’s host may collect and record non-personal information when you visit and browse our website. We will not attempt to identify any click stream that may make you identifiable unless:

  • we are required to do so by law;
  • we suspect that an improper activity has occurred that needs to be investigated; or
  • we are required to assist law enforcement.

Our website host may automatically collect the following click stream data:

  • your server address;
  • your browser type;
  • the date, time and duration of your visit to the website;
  • any pages you accessed and/or downloaded;
  • your top-level domain name (e.g. .com); and
  • every click, page navigation, and interaction within the website.

How to access and correct your information?
We will take reasonable steps to ensure that the personal information we hold is accurate, complete and up to date.

If you would like access to any records of personal information we have about you or if you believe any information we have about you requires correction or needs to be updated, you can request us to do so by contacting us using one of the methods set out below.

There are some circumstances in which we are not required to give you access to your personal information. If we deny your request for access, we will give you a written notice which sets out (unless the law allows us not to specify a reason) the reasons for our refusal and how you can complain about our refusal.

How long will we keep your information?
We will keep your personal information only for as long as it is required for our business functions or otherwise as required by law.

We will take reasonable steps to destroy/delete or permanently de-identify personal information from our systems that is no longer required by us for any purpose.

If you would like to have your personal information de-identified or destroyed and we are not required to retain it for legal, taxation, or internal risk management purposes, please contact us using one of the methods set out below. We will take reasonable steps to comply with your request.

Changes to this policy
We regularly review our Privacy Policy. From time to time, we may make changes to our policy without notice to you. Any changes to our policy will be published on our website.

You may obtain a copy of our current policy from our website or by contacting us using one of the methods set out below.

This Privacy Policy was last reviewed on 28 November 2025.

How to contact us about any enquiries, concerns or complaints?
If you have any enquiries, problems, concerns or complaints about this privacy policy, our conduct, the handling of your personal information or our compliance with the Privacy Act, the APPs or any related Act or any related codes, please contact us in any of the following ways:

We aim to respond in writing within a reasonable timeframe for your request, which may be delayed if we require further information to respond to you.

You can obtain more information about the Privacy Act and the APPs from the Australian Information Commissioner. You can contact the Australian Information Commissioner at https://www.oaic.gov.au/.