We must comply with the Commonwealth’s privacy laws and the Australian Privacy Principles. Personal information is defined in these laws, and for the purposes of this policy, all the information on your photo ID is considered to be personal information
This Policy describes how we will meet our obligations under the privacy laws, and sets out our commitment to protect your personal information collected as part of the ID scanner process.
If you are not involved in an incident your personal information will be permanently deleted within 30 days.
PatronScan is a live ban network and other establishments may be notified if you are involved in an incident.
We only collect the following information and is limited to:
All personal information is securely held and managed in a secure Australian data centre.
The ID scanner system does not collect or use unsolicited personal information.
Your personal information is not stored locally at any venue, and it cannot be accessed except as described below.
Group Security Solutions has access to the collected information for the purpose of maintaining the system and responding to lawful requests from:
If you have been issued with a temporary or long-term banning order, the system operator will alert us that you are not allowed to enter a connected venue. No other information is shared with us.
If you have been issued with a venue banning order your banning order may be shared with other connected venues, in which they may refuse you entry into the venue.
We do not have access to your personal information once it is scanned, and therefore we cannot use or disclose this information for the purpose of direct marketing.
Your personal information is securely managed and held by Group Security, and by law we cannot transfer this information outside of Australia except to New Zealand.
Government issued identifiers such as passport numbers are not collected or used as part of the ID scanner system.
Data is stored in an encrypted form and is only accessible through the system software. All data communications are encrypted and your personal information is not stored in plain text.
Venue staff do not have access to your personal information, and each scanner venue has a unique login ID, which is subject to an audit trail.
Your personal information is automatically and permanently deleted from the ID scanner system 30 days after it was collected, except where:
If you believe we have breached your privacy, or if you want to raise any issues you may have about privacy at our venue, please contact us by the following methods:
In making a complaint to us about privacy, please give us enough details to be able to identify your concerns and respond appropriately. You must provide us with your name and contact details and a description of your complaint. We will respond to you in a reasonable time frame (usually not more than 30 days).
We are also required by law to notify the Secretary, NSW Trade & Investment, within 14 days of any written complaint by you about a breach of privacy.
If you are unhappy with how we handle the complaint, you have a right to take the complaint to the Office of the Australian Information Commissioner.
Office of the Australian Information Commissioner: