The Cronulla Sharks recognises the importance of your privacy and your right to control your Personal Information and is committed to complying with applicable privacy laws (including the Privacy Act and GDPR). We will only request Personal Information that is reasonably necessary for us to perform our functions and activities as a Club. Please be aware, you are under no obligation to provide us with your Personal Information, but if you choose not to provide your Personal Information, you may not be able to take advantage of one or more of the features we offer. On request and wherever it is lawful and practicable, we will offer you the opportunity of not identifying yourself, or of using a pseudonym, when entering transactions, or otherwise dealing with, the Cronulla Sharks.
2. HOW WE SHARE YOUR INFORMATION AS PART OF THE RUGBY LEAGUE EXCHANGE
The Cronulla Sharks is always seeking to better understand our player and fan preferences including by analysing your Personal Information to understand trends and interests. The Cronulla Sharks has, in conjunction with the NRL, other clubs, Queensland Rugby League (QRL), New South Wales Rugby League (NSWRL), Country League of NSW and selected third parties, established a data storage architecture and data sharing platform for processing Personal Information with this aim (Rugby League Exchange).
3. WHAT TYPES OF PERSONAL INFORMATION MAY WE COLLECT?
The types of Personal Information the Cronulla Sharks may collect depends on the purposes for which such information is collected but may include (without limitation):
(a) your name, gender, date or birth, occupation, residential address, email address, telephone number and other contact details;
(b) memberships, subscriptions and attendance history at Cronulla Sharks matches (whether you have used your membership to purchase tickets, or as a casual ticket purchaser);
(c) purchasing preferences and financial details which we collect when you buy tickets, purchase merchandise, Purchase food and beverage, attend events and/or as part of competitions and promotions; and
(d) browsing details and history across Cronulla Sharks platforms, including but not limited to; sharks.com.au, corporate.sharks.com.au, store.sharks.com.au, membership.sharks.com.au, sharkshaveheart.com.au and sharkies.com.au
The Cronulla Sharks will generally not collect Sensitive Information from you. However, where the Cronulla Sharks seeks to collect Sensitive Information from you, it will do so in accordance with applicable privacy laws, (including the Privacy Act and GDPR), for instance by obtaining your express consent for such a collection.
4. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Where it is reasonable and practicable to do so, the Cronulla Sharks will collect Personal Information directly from you (without limitation):
(a) when you order merchandise through our online store located at store.sharks.com.au and
(b) when you purchase a Cronulla Sharks membership at membership.sharks.com.au
(c) when you join the Cronulla Sutherland Leagues Club
(d) when you browse at sharks.com.au, corporate.sharks.com.au, store.sharks.com.au and membership.sharks.com.au and sharkies.com.au
In addition to collecting Personal Information directly from you, we may also collect Personal Information from:
(a) the NRL, Queensland Rugby League, New South Wales Rugby League and selected third parties (for instance, Ticketek and Ticketmaster);
(b) other third parties, including but not limited to, Stackla, Marketo, Tealium, Google, Pascal51, eBet
5. WHY DO WE COLLECT, USE, HOLD AND DISCLOSE YOUR PERSONAL INFORMATION?
The Cronulla Sharks generally only collects, uses, discloses or holds Personal Information that is reasonably necessary for the Cronulla Sharks to perform one or more functions or activities as a club including (without limitation):
(a) organisation, conduct and promotion of matches involving the Cronulla Sharks (for instance, providing you information about upcoming ticket offers and deals for the next home matches);
(b) promotion and sale of Cronulla Sharks merchandise;
(c) direct marketing of Cronulla Sharks products or services; and
(d) Through Sharks Media and the promotion of Sharks Partner offers
We only use, disclose or hold your Personal Information for the primary purpose for which it was collected, a related secondary purpose, in accordance with any express consent you grant us or as otherwise lawfully required (e.g. where your Personal Information is requested by a law enforcement agency).
6. WHO DO WE DISCLOSE YOUR PERSONAL INFORMATION TO?
The Cronulla Sharks may provide your Personal Information to third parties as part of our functions and activities including (without limitation):
(a) Delivery, courier and postal organizations: we may disclose your Personal Information to delivery, courier and postal organizations in order to deliver merchandise you order or the memberships you purchase;
(c) Law enforcement and emergency services agencies: we may disclose your Personal Information where required or authorised to do so by law, including in emergency situations and to assist law enforcement agencies with active investigations. We will always ensure that those to whom we disclose your Personal Information have the legal right to receive it.
7. DATA QUALITY AND SECURITY
We understand you have entrusted us with the protection of your Personal Information. As such, we will take reasonable steps, with the assistance of the NRL, to protect your Personal Information from misuse, loss, unauthorized access, modification or disclosure. This includes engaging reputable third-party service providers and ensuring that we engage (where possible and practical to do so) in best practice security systems and procedures.
8. ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
You can access or correct your Personal Information through:
(a) your NRL Account profile (using your login credentials);
(b) communications preferences via links in emails and other communications we send to you from time to time; or
(c) contacting our Privacy Officer at the 'Inquiries Procedure' (see clause 11).
You will be responsible for ensuring your Personal Information remains accurate, complete and up to date. Please ensure that any written request for access or correction addressed to our Privacy Officer provides adequate detail that identifies what Personal Information you want access to or corrected. Where your request will incur costs, we may charge you a fee to cover those costs (for instance, reasonable staff costs in searching for, locating and retrieving the requested Personal Information). We will inform you of any such charges prior to your request being actioned.
In certain circumstances, we may refuse to provide you access to your Personal Information. Where we refuse you access, we will provide you with a written explanation as to the reasons for the rejection (for instance, we may refuse to disclose Personal Information to you where such access would have an unreasonable impact on the privacy of other individuals).
9. TRANSBORDER DATA FLOWS
9.1 Subject to clauses 9.2 and 9.3, the Cronulla Sharks will not transfer your Personal Information to an overseas recipient unless it has first taken steps reasonable in the circumstances to ensure that the Personal Information that it transfers will not be held, used or disclosed by the recipient of the information inconsistently with, or otherwise in breach of, applicable privacy laws (including the Privacy Act and GDPR). For example, the Cronulla Sharks may adopt appropriate contractual clauses with overseas recipients that ensure their compliance with applicable privacy laws (including the Privacy Act and GDPR.
9.2 We may disclose your Personal Information to overseas recipients for things such as processing membership and hosting services, most likely in China, the United States and New Zealand, although countries where such recipients are located may vary.
9.3 The Cronulla Sharks may transfer Personal Information about you to someone who is in a foreign country if:
(a) The Cronulla Sharks reasonably believes that the recipient is subject to a law or binding scheme that has the effect of protecting the information in a way that is, overall, substantially similar to applicable privacy laws (including the Privacy Act and GDPR) and there are mechanisms available to you to enforce that protection or scheme; and
(b) You expressly consent to the transfer after the the Cronulla Sharks has informed you that the applicable privacy laws (including the Privacy Act and GDPR) will no longer apply if you provide your express consent.
10. NOTIFIABLE DATA BREACHES SCHEME
In the event of any loss, or unauthorised access or disclosure of your Personal Information that is likely to result in serious harm to you, the Cronulla Sharks with the assistance of the NRL, will investigate and notify you and where applicable the relevant supervisory authority (e.g. the Australian Information Commissioner) within 72 hours of becoming aware of the loss, or unauthorised access or disclosure, in accordance with applicable privacy laws (including the Privacy Act and GDPR).
11. INQUIRIES PROCEDURE
The Cronulla Sharks Privacy Officer
461 Captain Cook Dr, Woolooware, NSW 2230
At all times, privacy complaints and inquiries will be treated seriously, dealt with promptly and confidentially, and will not affect your existing obligations or commercial arrangements with the Cronulla Shark