Back to Home
Back to Home

GDPR Policy

Last updated: 1 January 2024

1. Introduction

De Luna Resort & Casino is committed to protecting the personal data of all users, including those in the European Economic Area (EEA) and United Kingdom. This GDPR Policy explains how we comply with the General Data Protection Regulation (EU) 2016/679.

Even though we are based in Australia, we recognise and respect the data rights of all visitors to our website, regardless of location.

2. Data Controller

Data Controller: De Luna Resort & Casino

Website: delunacheckin.com

Address: 90 Dalkeith Road, Perth WA 6009, Australia

Contact Email: support@delunacheckin.com

As the data controller, we decide how and why your personal data is processed. We are responsible for keeping your data safe and using it only for the purposes stated in this policy.

3. Legal Basis for Processing

Under GDPR, we must have a valid legal reason to process your data. We rely on:

  • Consent - When you submit a form or accept cookies, you give us clear consent to process your data for the stated purpose.
  • Legitimate Interest - We may process data to improve our website and services, as long as your rights are not overridden.
  • Legal Obligation - We may need to process data to meet legal requirements under Australian or international law.
  • Contract - If you make a booking, we process data needed to fulfill that agreement.

4. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15)

You can request a copy of all personal data we hold about you. We will provide this within 30 days of your request, free of charge. The data will be in a clear, readable format.

Right to Correction (Article 16)

If any data we hold about you is wrong or incomplete, you can ask us to correct it. We will update your data promptly and let you know when it is done.

Right to Deletion (Article 17)

Also known as the "right to be forgotten." You can ask us to delete your personal data when it is no longer needed, when you withdraw consent, or when there is no legal reason to keep it. We will delete your data within 30 days unless a legal obligation requires us to keep it.

Right to Restriction (Article 18)

You can ask us to limit how we process your data. This means we will store your data but not use it further. This applies when you contest the accuracy of data, when processing is unlawful, or when you need the data for a legal claim.

Right to Data Portability (Article 20)

You can ask to receive your data in a structured, commonly used, machine-readable format (such as CSV or JSON). You can also ask us to transfer your data directly to another service provider where technically possible.

Right to Object (Article 21)

You can object to how we process your data at any time. This includes objecting to processing based on legitimate interest or for direct marketing. When you object, we will stop processing unless we have strong legal grounds to continue.

5. How to Exercise Your Rights

To use any of these rights, contact us at:

Email: support@delunacheckin.com

Subject line: GDPR Request - [Your Right]

Response time: Within 30 days

We may need to verify your identity before processing your request. This is to protect your data from unauthorised access. We will never charge a fee for standard requests.

6. Consent

6.1 How We Obtain Consent

We obtain your consent through:

  • Cookie consent banner - Shown on your first visit, allowing you to choose which cookies to accept
  • Form consent checkbox - Required before you can submit any form on our site
  • Push notification prompt - Your browser will ask for permission before we can send notifications

6.2 How to Withdraw Consent

You can withdraw consent at any time:

  • Cookies: Clear your browser cookies and revisit our site to see the cookie banner again. Choose "Decline" or "Essential Only" to withdraw cookie consent.
  • Push notifications: Go to your browser settings and block notifications from delunacheckin.com. The exact steps depend on your browser.
  • Email communications: Send an email to support@delunacheckin.com and ask to be removed from our contact list.
  • All data: Send a GDPR deletion request to the email above.

Withdrawing consent does not affect the lawfulness of processing done before withdrawal.

7. Cookie Management

Our website uses cookies as described in our Privacy Policy. You can manage cookies in several ways:

  1. Cookie banner: Use our cookie banner on your first visit to set your preferences.
  2. Browser settings: Most browsers let you block, delete, or manage cookies. Check your browser's help section for instructions.
  3. Clear cookies: Delete all cookies from delunacheckin.com in your browser settings. When you return, you will see the cookie banner again.

Note: Blocking essential cookies may prevent parts of our site from working properly.

8. Data Processing Activities

We process personal data for these specific activities:

  • Enquiry handling: When you send us a message through our contact form
  • Notification delivery: When you opt in to receive push notifications via OneSignal
  • Website analytics: To understand how visitors use our site (anonymised data)
  • Cookie preferences: To remember your cookie choices

9. Data Transfers

As we are based in Australia, data may be transferred outside the EEA. When this happens, we ensure protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Choosing service providers with adequate data protection measures
  • Limiting data transfers to what is strictly necessary

10. Data Breach Notification

In the event of a data breach that is likely to put your rights at risk, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected individuals without undue delay
  • Document the breach and the steps we take to fix it

11. Children

Our website and services are not directed at anyone under 18. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Complaints

If you believe your GDPR rights have been breached, you have the right to lodge a complaint with a supervisory authority. For EEA residents, this is typically the data protection authority in your country. For Australian residents, contact the Office of the Australian Information Commissioner.

We encourage you to contact us first so we can try to resolve the issue directly.

13. Updates to This Policy

We review this GDPR Policy regularly. Any changes will be posted on this page with an updated date. Material changes will be communicated through our website.

14. Contact

De Luna Resort & Casino

Data Controller: delunacheckin.com

90 Dalkeith Road, Perth WA 6009, Australia

Email: support@delunacheckin.com

For all GDPR-related requests, please use the subject line: "GDPR Request"