Book a Table

PRIVACY POLICY

MULGRAVE COUNTRY CLUB'S PRIVACY POLICY

Mulgrave Country Club (ABN 16 004 568 610) (otherwise referred to as MCC, the Club, we or us), acknowledges the importance of privacy and customer data security and takes seriously its obligations under the Privacy Act 1988 (Cth) (Privacy Act) and the associated Australian Privacy Principles (APPs) and any other applicable law.

This Privacy Policy describes the way in which we deal with the information and data you provide to us as a result of your membership with MCC, your use of our sporting facilities, your use of our Website (Website) and our mobile app (App), or whenever we otherwise deal with you. We are committed to ensuring that the information we collect about you is protected and is used, stored and disclosed in accordance with law and this Privacy Policy.

When you provide personal information to us, we may deem your provision of personal information to be consent to MCC collecting, using and disclosing your personal information:

  • set out in this Privacy Policy;
  • clearly explained to you at the time when the information is collected from you; or
  • permitted under the APPs.

This Privacy Policy will not apply to third-party Websites or apps which are linked to MCC’s Website and the App over which we have no control. We strongly recommend reviewing the relevant third-party privacy policy before using any linked website or app.

  • What personal and sensitive information does MCC collect?
    • Personal information

Personal information is information or an opinion from which it is possible to determine the identity of an individual.

The kind of personal information that we collect from you depends on the nature of your dealings with us. It may include, but is not limited to:

  • information that you provide to us, including information you submit to our staff members, information you submit to us digitally via our Website or through the App, or through any other means, including:
    • name,
    • residential address,
    • date of birth,
    • gender,
    • email address,
    • phone number(s),
    • passport number,
    • driver’s license number,
    • insurance details,
    • employment history,
    • gaming activity history (prize payments),
    • any information related to participation in loyalty and rewards programs (included but not limited to favourite team, anniversary date),
    • your likeness obtained through CCTV footage (see clause 4 (below) for more information),
    • facial images for Facial Recognition Technology use (see clause 5 (below) for more information),
    • qualifications,
    • bank account and credit or debit card information, or
    • other financial information;
  • records of correspondence, whether via the Website email, telephone or other means;
  • your responses to surveys or customer research that we carry out;
  • personally submitted preferences and service usage information;
  • details of the transactions you carry out with us;
  • details of your visits to the Website and the App including, but not limited to, traffic data, , weblogs and other communication data; and
  • identity verification information.

We are required by law to collect some personal information about people who use our services. We are required to collect certain information (including identity verification information) under the Anti-Money Laundering and Counter Terrorism Act 2006 (Cth).

In order to verify the personal information you provide us we may use a verification service which involves a request to have the information you provide matched against official records and may involve use of secure third-party systems and services.

We may also collect personal information from job applicants, our employees and individuals associated with our business partners and service providers. Usually, this information is limited to name and contact details and the other information we need for the purpose of processing a job application and managing our business relationships.

MCC may take (or may arrange another person to take) photographs and electronic images of you whilst in venue or facility. By attending a venue or facility, you acknowledge and agree that such photographs and other images are owned by MCC and MCC may use them for promotional, legal or other purposes without your further consent being necessary.

  • Sensitive information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, sexual preferences, criminal record, health information, biometric information.

Under certain circumstances, MCC may need to collect sensitive information about you. If we collect your sensitive information, we will only do so only with your consent, or as otherwise required or authorised by law. We take appropriate measures to protect the security of this information.

  • How do we collect your personal information?
    • Collection of information from you

We collect your personal information directly from you including when you:

  • interact with us over the phone, in person, online (including via social media), or in writing,
  • participate in or complete any application, consent form, surveys, feedback, complaint, questionnaires or incident reports,
  • present identification documents to us,
  • subscribe to any publication of MCC (including electronic publication),
  • complete any gaming related forms and receive payouts,
  • enter any venue or facility managed by MCC and are captured by CCTV footage or Facial Recognition Technology (see clause 4 and 5 (below) for more information), purchase, redeem or claim merchandise, products or services from MCC,
  • when responding to any inquires we make for compliance purposes,
  • become a member of any rewards or loyalty program,
  • access our Website or App,
  • participate in any program, activity, promotion, competition or event run by MCC (including as a participant, attendee, referee or spectator),
  • making an enquiry regarding a dinning, corporate or hospitality package or other function or event,
  • you or your organisation negotiate or enter into any arrangements or contracts with MCC,
  • apply for or gain employment or a volunteer position with MCC,
  • act as a contractors or consultants for the MCC, or
  • where MCC is required to do so by law (for example, the purposes of education, child protection, work health and safety, charitable collections, medical treatment, liquor and gaming).
    • Providing information

Depending on the circumstances, some types of information will be required to be provided to us and some information might be optional. If you do not provide some or all of the information requested, or remain anonymous or use a pseudonym, this may affect MCC’s ability to communicate with you or provide the requested products or services. By not providing requested information, you may jeopardise your ability to participate in programs or services or otherwise interact with MCC. If it is impracticable for MCC to deal with you as a result of you not providing the requested information or consent, MCC may refuse to do so.

  • Collection from third parties

MCC may collect personal information regarding a person from a third party where it is unreasonable or impractical to collect that information from the person directly. MCC may collect personal information regarding a child from the parent or other responsible from the person directly. We may collect personal information regarding a child from the parent or other responsible person associated with that child. In many circumstances, MCC collects information from other third parties (in accordance with the privacy policies of such third parties). Examples of such third parties could include, without limitation, the Tabcorp Group, government and law enforcement bodies.

  • For what purposes does MCC collect, store, use and disclose personal and sensitive information?
    • Use

We may use your personal information and data together with other information for the purposes of:

  1.  
  2.  
  • provide you with information or services that you request from us;
  • deliver to you a more personalised experience and service offering;
  • processing your application to become a MCC Member or your use of our loyalty or rewards program, and administer such membership or programs;
  • administer, manage and provide you with access to the Website and App; and 
  • complying with our legal and regulatory duties (including but not limited to those obligations in the Gambling Regulation Act 2003 (Vic), Liquor Control Reform Act 1998 (Vic) and the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth));
  • carrying out customer research, surveys and analyses;
  • improving the quality of and developing new products and services and to tailor our services to suit your needs;
  • providing you with marketing information about promotional offers and our products and services, where you have consented. This includes keeping you information or news or information relating to MCC events, activities, opportunities and competitions;
  • research, develop, run, administer and market programs, activities, ticketing opportunities, competitions and other events relating to the MCC’s activities;
  • verifying your identity and age (where applicable);
  • complete background checks;
  • provide employment to you as an employee of MCC;
  • provide volunteer opportunities to you as a volunteer of MCC;
  • ensuring the integrity of gaming operations this includes monitoring transactions and gaming activity for the purposes of preventing fraud, irregular gaming, money laundering and terrorism financing, and cheating or detecting suspicious behaviour;
  • taking appropriate action if we have reason to suspect that unlawful activity or misconduct of a serious nature has been, is being or may be engaged in that relates to our functions and activities;
  • complying with any responsible gambling commitments (for example, to implement any bans or exclusions or other exemption programs) that apply from time to time;
  • responding to enquiries and complaints from you and to establish, exercise or defend any legal claims;
  • process payments (this includes but is not limited to determining your liability to Australian GST and other taxes where applicable);
  • respond to emergency situation, including those which may involve or require medical treatment; and
  • other internal administrative purposes.
    • Disclosure

We will only disclose personal information to business partners, authorities and successors in title to our business and suppliers that are engaged to process such information on our behalf for the following purposes:

  • to the extent necessary, to provide the service you have requested or to meet the purpose for which your personal information was submitted;
  • to service providers and professional advisers for the purposes of providing services to us (e.g., auditors, lawyers, IT consultants, third parties) who might assist us to comply with identity verification and background check obligations, marketing, or other professional requirements;
  • to our sponsors and business partners/suppliers strictly for the purposes of our business relationship with them;
  • to actual or prospective purchasers of all or a part of our business, and their advisers;
  • if we have informed you of the particular third party to whom your personal information will be disclosed, at the time of collection;
  • in order to participate in activities with business partners, who will be identified to you when the relevant personal information is collected;
  • to check your age and identity;
  • for fraud and money laundering prevention and for other lawful purposes associated with the conduct of our business;
  • where requested from a government affiliated health department or similar department for the purpose of studies, such as identifying gambling trends and harm minimisation, with this information being strictly deidentified;
  • to external contractors who assist with venue operations;
  • to Tabcorp and Keno to facilitate their services;
  • regulatory reporting to the Victoria Gambling and Casino Control Commission and Liquor Control Victoria;
  • if the disclosure is:
    • permitted by law;
    • permitted by the APPs;
    • necessary to co-operate with the judicial process of a law enforcement agency;
    • necessary to protect and defend the rights or property of MCC or the Website or the App;
    • necessary to lessen, prevent or detect unlawful activity or serious threats to individuals, public health or safety; or
    • to establish or defend a legal claim.
  • Video Surveillance

While you are at the MCC venue, your movements may be subject to video and audio monitoring and recording by security and surveillance systems, including CCTV and facial recognition technology for the purpose of:

  • maintaining the safety and security of all staff and guests.
  • verifying whether you are a person that is prohibited from entering the venue or parts of the venue due to self-exclusion programs and/or supporting harm minimisation initiatives.
  • Facial Recognition Technology (FRT)

The use of FRT is strictly aligned with the principles of privacy, transparency, and compliance with the Privacy Act and the APPs.

FRT analyses facial features of individuals entering specific areas within our venues. This analysis is conducted in temporary memory and only for the purpose of identifying matches against predefined databases, such as self-excluded individuals or banned patrons.

No biometric data is stored or retained after the analysis. If no match is found, the data is automatically purged from memory in real-time.

At no point is the facial data linked to an individual’s identity unless a match occurs, and even in those cases, no biometric template is retained by our systems.

Individuals are informed about the use of FRT through clearly visible signage at venue entry points. Additional information about the use of FRT is available upon request.

All data collected and processed is limited to what is necessary to achieve specific safety and compliance objectives.

  • How FRT data is stored
  • Temporary Memory Only: All facial data processed by FRT is held in temporary memory for the sole purpose of conducting real-time comparisons. This data is not stored in any database or retained after processing.
  • Anonymous Analytics: We may store aggregate, anonymised data for operational insights, such as people counts, gender demographics, and approximate age ranges. This data is fully anonymised and cannot be linked to any individual or facial profile.
    • How FRT is used
  • Self-Exclusion Compliance: FRT is used to assist in identifying individuals who have voluntarily enrolled in self-exclusion programs or have received formal ban notices.
  • Operational Insights: Anonymous and aggregate data may be used to optimise venue operations, such as managing crowd density and enhancing service offerings. This data contains no personal or identifiable information.
  • Use of cookies, action tags and analytical tools

We collect data about you in the use of our Website and our App and what your preferences may be. This enables us to recognise you as a repeat customer. In better recognising you and your online preferences, we can provide you a more user friendly and tailored experience with us online that is less key stroke intensive.

We may use cookies action tags (also known as single-pixel gifs or web beacons) and other analytics tools such as Google Analytics (GA4) as a means of collecting information from a web server, following a customer’s use of the Website or the App. This includes using your personal information to market our products and services to you – and to show you advertisements. If you register with us or if you continue to use the Website or the App, you agree to our use of cookies, action tags and other analytical tools.

  • What are cookies?

The OAIC defines cookies as being “…small data files transferred onto computers or devices by Websites for record-keeping purposes and to improve your Website and App user experience.” Cookies contain information that is transferred to your computer’s hard drive.

Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience. Cookies may tell us, for example, whether you have visited the Website or the App before or whether you are a new visitor. Cookies may also help your browser remember your preferences such as text sizes, location or sign-in information. They can also help us to ensure that adverts you see online are more relevant to you and your interests. Cookies help us to improve the Website and the App and to deliver a better and more personalised service. Some of the cookies we use are essential for the Website and the App to operate. There are two broad categories of cookies:

  • First party cookies served directly by us to your device when you visit our Website or the App; and
  • Third-party cookies, which are served by a third party on our behalf who supplies content (like advertising) on other Websites you may visit. Many Websites feature advertising from third parties and those parties may use cookies to track your browsing activities.

Cookies can remain on your computer or mobile device for different periods of time. Some cookies are temporary (called “session cookies”), meaning that they exist only while your browser is open. These are deleted automatically once you close your browser. Other cookies are persistent (called “permanent cookies”), meaning that they survive after your browser is closed. They can be used by the Website or the App to recognise your device.

  • What are action tags?

Action tags are a form of visitor identification technology which counts visitors who have come to the Website after being exposed to an advertisement on a third-party site. We do not use this technology to access your personal information and it is only used to compile aggregated statistics about visitors who come to the Website to gauge effectiveness of our ads.

The information collected about you using action tags will not ordinarily be your personal information, because you will not be identified or reasonably identifiable to us from it.

  • What are other analytical tools?

To eliminate spam attacks, analyse the effectiveness of our Website and the App, and to distinguish you from a bot, we may use analytical tools such as Google Analytics 4 (GA4) to collect data about how you interact with our Website and the App, including:

  • search terms and pages visited on the Website;
  • Website traffic sources;
  • date and time when pages were accessed;
  • mouse movements;
  • downloads, time spent on page and bounce rate;
  • referring domain and out link if applicable;
  • device type, operating system and browser information;
  • device screen size; and
  • geographic location (city).

The use of analytical tools such as GA4 does not provide us with access to IP addresses or persistent devices IDs. While IP addresses may be used transiently by Google for location processing, they are not stored, visible, or accessible to use.   

  • Third party usage of action tags and cookies

We may use third parties to place advertisements on the Website or the App. These companies may employ cookies and action tags (also known as single-pixel gifs or web beacons) to measure advertising effectiveness. We ensure that any third parties placing advertisements on our Website are only those who keep any information collected via cookies and action tags completely anonymous.

  • Using web browser’s privacy settings

Different web browsers have different settings and features that you can use to help control your personal information online. Common options include deciding whether to accept cookies and how long to allow them to stay on your device. Many browsers allow you to view in private mode, which usually means your browsing history won’t be saved to your device, but it doesn’t mean the browser will automatically block all tracking of your activities online.

If you want to delete any cookies already stored on your computer or stop the cookies that keep track of your browsing patterns on the Website you can do so by deleting your existing cookies and/or altering your browser’s privacy settings to block cookies (the process you follow will differ from browser to browser). If you would like more information on how to do this, please visit http://www.allaboutcookies.org/. Please note that deleting our cookies or disabling our future cookies means that you may not be able to access certain areas or features of the Website. Please note however, that some data may still be collected separately by analytical tools, even though you may have set your browser preferences to reject all cookies.

  • Transfer of personal information overseas

Given that the internet is a global environment, using the internet to collect and process personal data necessarily involves the transmission of data internationally. Usually, all our storage of personal information is local and is not transferred overseas, with limited exceptions.

However, such a transfer of data (and any other overseas transfer of personal information that were to occur in the future) does not take place unless we reasonably believe that:

  • we have taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the APPs; and
  • the recipient of personal information outside Australia is subject to principles of fair processing that are substantially similar to the APPs or stronger, or otherwise part of a federal government whitelist; and one or more of the following apply:
  • the transfer is necessary for the performance of a contract between you and us, or for the implementation of pre-contractual measures taken in response to a request by you;
  • the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party; or
  • all of the following apply:
    • the transfer is for your benefit;
    • it is impracticable to obtain your consent to the transfer;
    • if it were practicable to obtain such consent, you would be likely to give it;

Information posted on bulletin boards or communicated within a social media environment (e.g. Facebook, Twitter, Instagram, Reddit, WhatsApp and general chat rooms) and any chat room spaces on the Website or App (if provided) becomes public information, including within private direct messaging. We cannot guarantee the security of this type of disclosed information.

  • Children’s privacy

If you’re under 18, you should only use our services with involvement of a parent or guardian. For their protection, we ask anyone under 18 years of age to not attempt to register with MCC as a member or otherwise provide us with any personal information without the consent of a parent or legal guardian. It is, however, ultimately the responsibility of parents or guardians to monitor their children’s activities.

  • Direct marketing and other direct communications

On occasion, we may use and disclose your personal information to inform you about MCC products, services, or promotional MCC offers or activities, which we believe may interest or benefit you. We may do this via email, SMS, telephone, mail or notification on your mobile device if you have provided consent for us to do so.

If you have indicated your consent to receive such direct marketing (such as selecting this option on sign-up) (“opt-in”), you may withdraw this consent at any time by accessing the “settings” options in your account.

Alternatively, you may contact us directly using the contact details provided on the “Contact Us” page on the Website (by email at Information@MulgraveCC.com.au  or by our support line at 03 9582 4600). You may also follow the “opt-out” prompts displayed on commercial electronic messages from us.

We may also contact you in relation to the opening, service, management and administration of your MCC membership. These communications can be via any of the modes of contact recorded when you signed up, or when you otherwise update your contact preferences, or which we otherwise collect for the purposes of opening and maintaining your membership. Such communication is separate from any and all marketing communications and is not affected by your “opt-in” or “opt-out” status for direct marketing communications.

  • How do we manage and secure your personal information?

We will take all reasonable steps to ensure that your information is kept secure and protected at all times. We will take all reasonable steps to ensure that the personal information, which we collect, use or disclose, is correct and is stored in a secure environment that is accessed only by authorised persons.

We hold personal information physically in paper-based forms, and in an electronic database owned and operated by us. We take reasonable steps to protect the security of the personal information that we hold from both internal and external threats by ensuring that our physical storages and database are subject to strict standards of maintenance, security and compliance. Once received, we will take reasonable steps to protect your personal information from misuse, loss and unauthorised access, modification and disclosure including by implementing the following security and monitoring controls:

  • storing paper-based forms that hold personal information in locked filing cabinets in locked rooms accessible by staff only;
  • using password protected systems and databases and Secure Socket Layer (SSL) technology for our website;
  • regularly assessing the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information;
  • taking measures to address those risks, for example, by keeping a record (audit trail) of when someone has added, changed or deleted personal information held in our databases and regularly checking that staff only access those records they are permitted to and when they need to;
  • adopting other strict confidentiality requirements of our employees, volunteers and service providers;
  • conducting regular audits to assess whether we have adequately complied with or implemented these measures; and
  • by implementing and regularly updating our data breach response plan to ensure that we meet our obligations under the notifiable data breach scheme under the Privacy Act.

We will take reasonable steps to destroy or permanently de-identify the personal information we hold when it is no longer required for any purpose permitted under the APPs, including our legal or operational obligations. Legal obligations including under the Anti Money Laundering and Counter Terrorism Financing Act 2006 (Cth) require retention of certain personal information for a minimum 7 years. If you believe we hold personal information about you that we should no longer hold, you may request deletion of your personal information by contacting us at the details below. Any requests made for the deletion of personal information will be reviewed in accordance with this policy.

  • Access to information

We will take all reasonable steps to ensure that personal information we collect is accurate, complete and up to date. You are entitled to access and correct the information held about you. This can be done by using the contact details provided on the “Contact Us” page on the Website or App (by email at  Information@MulgraveCC.com.au or by our support line at 03 9582 4600).

  • Changes to our privacy policy

In using our sporting facilities, venues, our Website and our App, you agree to be bound by the terms of this Privacy Policy. We may review, change or update this Privacy Policy periodically and we reserve the right to change the Privacy Policy at any time at our discretion by posting such changes on the Website. This Privacy Policy is specifically designed to evolve to follow any legislative and other legal or policy changes, which may impact our collection and management of your information under this Privacy Policy. We will publish our current Privacy Policy on the Website and any changes will take effect immediately at the time of publication. Your continued use of our facilities, venues, Website, and App following publication will constitute your acceptance of those changes. You should review this Privacy Policy regularly and remain familiar with its terms.

  • Disclaimer

To the extent that this Privacy Policy exceeds the minimum obligations of MCC under Commonwealth and state legislation, this Privacy Policy serves as a documentation of our voluntarily self-imposed standards. While we are determined to meet those standards as best we can, to the extent permitted by law, MCC is not liable if it does not adhere to any of these voluntarily self-imposed standards for any loss, liability, costs, expense or damage arising as a result of MCC failing to meet any of the voluntarily self-imposed standards in this Privacy Policy.

  • Contact details

If you have any queries, requests for access or correction, or complaints relating to the handling of your personal information which has not been or you feel cannot be appropriately handled by Customer Service, please contact:

Compliance Officer

Address: Corner of Wellington
and Jells Roads
Wheelers Hill, Vic. 3150

Tel: 03 9582 4600

Email: Information@MulgraveCC.com.au

Further information about privacy concerns or complaints in Australia may be found on the Office of the Australian Privacy Commissioner’s (OAIC) Website at www.oaic.gov.au.

Version: 1.0

Effective date: 11 February 2026