Privacy Policy


 

1. Purpose of Policy 

This Privacy Policy applies to the collection, use, disclosure and handling of personal information by HomeAway Pty Ltd and its associated entities (collectively “HomeAway”, “we” or “us”). HomeAway is committed to protecting the privacy of individuals and is bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Commonwealth) (the “Act”). We will only collect, use or disclose personal information in accordance with the Act and this Privacy Policy.
 
HomeAway owns and operates the site www.homeaway.com.au (the “Site”), which is an online venue where travellers can view advertising of, and obtain information about, vacation properties offered for rent by others, including property owners, lessees and managers.  The terms “users” or “you” as used in this Privacy Policy, refer to both travellers, who use the Site to look for properties to rent, and members who subscribe to the Site and list their properties for rent.
 
By providing information to us when subscribing, sending enquiries or otherwise using the Site, you expressly agree to this Privacy Policy. 
 

2. What types of information do we collect?

Personal Information

The type of personal information that we collect and hold about you depends on the type of dealings that you have with us. 
  • For example, in order to process a request or enquiry from you, we may need to know all or some of the following: your full name, address, telephone number, e-mail address, your current location, and, in the case of a member's listing, a method of payment. 
  • We may also gather information from cookies or web beacons. You can find out more about how they operate in the relevant section of this policy below. 
  • We also collect IP addresses, mobile device identifier details, your location, navigation and click-stream data, the time of accessing the Site, homes you viewed, what you searched for, the duration of your visit, and other details of your activity on the Site. 
  • If you ask us to connect with other sites (for example if you ask us to connect with your Facebook account) we may get information that way too. 
  • Information that we collect from third parties, such as credit information which we use to prevent and detect fraud, information from your mobile provider if you are accessing the Site over a mobile device or information from a third party such as a social media or travel opinions site where you have asked us to share your data with them. 
 

Sensitive information

Sensitive information is personal information such as health information and information about racial or ethnic origin that is generally afforded a higher level of privacy protection.  We only collect sensitive information where it is reasonably necessary for our business functions and you have consented, or we are required to do so by law.
 

Information other than personal information ("non-personal information")

When you visit the Site, some of the information that is collected about your visit is not personal information, because it does not reveal your identity. We use this information to help us improve our services. We may aggregate this information for our own statistical purposes. Provided that it remains anonymous, we may disclose that aggregated information to third parties for marketing or other business related purposes.
 

Cookies

A "cookie" is a small file placed on your hard drive by certain of our web pages. We or third parties under contract with us may use cookies to help us analyze our web page flow, customize our services, content and advertising, measure promotional effectiveness and promote trust and safety. Cookies are commonly used at most major transactional websites in much the same way we use them here at our Site.
 
You may delete and block all cookies from this site, but parts of the site will not work. We want to be open about our cookie use. Even if you are only browsing the Site certain information (including computer and connection information, browser type and version, operating system and platform details and the time of accessing the Site) is automatically collected about you. This information will be collected every time you access the Site and it will be used for the purposes outlined in this Privacy Policy.
 
You can reduce the information cookies collect from your device. An easy way of doing this is often to change the settings in your browser. If you do that you should know that (a) your use of the Site may be adversely affected (and possibly entirely prevented), (b) your experience of this and other sites that use cookies to enhance or personalize your experience may be adversely affected, and (c) you may not be presented with advertising that reflects the way that you use our, and other, sites. You find out how to make these changes to your browser at this site: www.allaboutcookies.org/manage-cookies/. Unless you have adjusted your browser setting so that it will refuse cookies, our system will send cookies as soon as you visit our site. By using the site you consent to this, unless you change your browser settings.
 
We gather and share information concerning the usage of the Site by members and travellers with one or more third-party tracking companies for the purpose of reporting statistics. In this connection, some of the pages you visit on our Site use electronic images placed in the web page code, called pixel tags (also called a "clear GIFs" or "Web Beacons") that can serve many of the same purposes as cookies.
 
Web beacons may be used to track the traffic patterns of users from one page to another in order to maximize web traffic flow. Our third-party advertising service providers may also use Web Beacons to recognize you when you visit the Site and to help determine how you found the Site. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here: http://networkadvertising.org/consumer/opt_out.asp
 

3. How do we collect personal information?

Methods of collection

We will collect personal information by lawful and fair means as required by the Privacy Act. We will also collect personal information directly from you where this is reasonable and practicable.
 
We collect personal information in a number of ways, including:
  • Directly from you in person, by email, over the telephone, through written communications (such as letters and faxes) or by you completing forms or submitting information on the Site;
  • Through our Site, for example if you make an enquiry to a property owner, or if you purchase a subscription to list advertise your property; 
  • From third parties, including:
    • direct marketing database providers,  
    • our related companies, 
    • public sources, such as telephone directories, membership lists of business, professional and trade associations, ASIC searches;
  • From our own records of your use of our services.

 

4. Why do we collect, hold, use and disclose your personal information?

General

The main purposes for which we collect, hold, use and disclose personal information are:
  • To identify you and verify your identity;
  • To communicate with you about our services;
  • To contact you from time to time with critical user or service updates;
  • To assist people you have done business with. For example if you are an owner and a traveller who has booked or enquired with you needs your details we may pass them on; if you are a traveller and an owner you have booked with needs to contact you we may give them your details;
  • To customize, measure and improve our services, content and advertising;
  • To compare information for accuracy, and verify it with third parties;
  • To prevent activity we determine to be potentially illegal, unlawful or harmful and to enforce our Privacy Policy and/or our Terms or any other purpose referenced herein or therein. We collate statistics about site traffic, sales and other commercial information which we pass onto third parties to assist us in improving the services we provide to you. We also use demographic information to tailor the Site and we share that information with third parties so that they can build up a better picture of our customer base and general consumer trends; and
  • for any other purposes that you have consented to.

Direct marketing

Where we have your express or implied consent, or where we are otherwise permitted by law, we may contact you with information about our products and the services on the Site, or those of our HomeAway group and/or our affiliates.  You can opt out of receiving these communications at any time, by either contacting Customer Support, or by using the unsubscribe facility that we include in our commercial electronic messages (i.e., email) to opt out of receiving those messages.
 
 

5. To whom do we disclose your personal information?

We may disclose your personal data to enforce our policies, or where we are permitted to do so by applicable law, such as in response to a valid, legally-compliant request by a law enforcement or governmental authority, or in connection with actual or proposed litigation, or to protect our property, people and other rights or interests.
 
We may also share your personal data with:
  • One of our partners if you've requested their services or if you’ve requested to be provided with information by them;
  • Another member if you have done business with them;
  • Companies in the HomeAway group and/or affiliates; 
  • Other companies we work with to feature all or part of our member’s property listings or otherwise provide promotional or other services related to our or HomeAway group’s business. This might include featuring your listings and photographs on other websites; 
  • Any third party you have asked us to share your personal data with – such as Facebook if you have asked us to connect with your Facebook account; or
  • Our contracted services providers, including:
    • Information technology service providers (including cloud services providers);
    • Marketing, communications and research agencies;
    • Mailing houses, postal, freight and courier service providers;
    • Printers and distributors of direct  marketing materials;
    • External business advisers (such as recruitment advisers, auditors and lawyers).
If you choose to send an enquiry to a member on a Site, your personal information, including your email address and any other information you supply (unless the Site specifies otherwise), will be visible to the relevant member so that they can reply directly to you. Enquiries sent using the HomeAway system are also available for review to a limited number of customer service employees, who may be asked by a member or others for their past enquiry information. 
 
In the case of these contracted service providers, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.
 
We may de-identify and aggregate the personal information of you and others for our own statistical purposes. Provided that it remains permanently de-identified, we may disclose that aggregated information to third parties or publish it for marketing or research purposes.
 
If you post comments or otherwise communicate publicly with other users via our Site, any information about yourself that you include in the communication may be stored on the Site and accessed by other users. For this reason, we encourage you to use discretion when deciding whether to post any information that can be used to identify you.
 
In the unlikely event that we or HomeAway or any part of the HomeAway group is sold, or some of its assets transferred to a third party, your personal information, as a valuable asset, may also be transferred. Potential purchasers and their advisors may have access to data as part of the sale process. However, use of your personal information will remain subject to this Privacy Policy. Similarly, your personal information may be passed on to a successor in interest in the unlikely event of a liquidation, bankruptcy or administration. Our customer database could be sold separately from the rest of the business, in whole or in a number of parts. It could be that the purchaser’s business is different from ours too.
 

6. Cross border disclosure of personal information

Transfer

HomeAway is part of the HomeAway, Inc. group which operates in a number of international jurisdictions, including the US and the United Kingdom.  
 
As a result, your personal data may be transferred, stored and processed in the United States, United Kingdom, or any other country in which we or our affiliates, subsidiaries, partners or agents maintain facilities.   These data processors, acting under our instructions (or those of one of our partners) may be engaged in, among other things, the fulfillment of your information requests and the provision of support tools and services on the Site.  They may also be helping us maintain the integrity and security of the Site, including emails and messaging platforms on the Site. 
 
By submitting your personal information to HomeAway, you expressly agree and consent to the disclosure, transfer, storing or processing of your personal information outside of Australia. In providing this consent, you understand and acknowledge that countries outside Australia do not always have the same privacy protection obligations as Australia in relation to personal information. However, we will take steps to ensure that your information is used by third parties securely and in accordance with the terms of this Privacy Policy.
 
If you do not agree to the transfer of your personal information outside Australia, please contact us via the details set out in Section 10. 
 
 

HomeAway Group and Safe Harbor 

You can find details of the HomeAway group and the companies in it in its initial, annual and quarterly filings made with the United States Securities and Exchange Commission on Forms S-1, 10-K and 10-Q, which can be accessed here: http://investors.homeaway.com/sec.cfm
 
HomeAway, Inc. complies with the US Department of Commerce’s Safe Harbor scheme, and has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about this scheme and see the information we have filed with the Department of Commerce here: http://export.gov/safeharbor/
 

7. Data quality and security

We hold personal information in a number of ways, including in electronic databases, email contact lists, and in paper files held in secure premises. We take reasonable steps to:
  • Make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
  • Protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure;
  • Destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted under the Act.
 

Security

We implement a range of physical and electronic security measures to protect the personal information that we hold, including:

  • mandatory password protection on all computers (users are required to change their passwords at regular intervals);
  • hardware encryption on desktops, laptops and portable storage devices;
  • secure hard copy document, electronic storage media and hardware disposal procedures;
  • key card-restricted access to all offices;
  • firewall and antivirus/malware software; and
  • training and workplace policies. 
 

Website security

While HomeAway strives to protect the personal information and privacy of users of the Site, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by telephone or post.
 
While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. We have security measures in place to protect our user database and access to this database is restricted internally. However, it remains each user's responsibility:
  • To protect against unauthorized access to your use of the Site;
  • To ensure no-one else uses the Site while the user's machine is "logged on" to the Site (including by logging on to your machine through a mobile, Wi-Fi or share access connection you are using);
  • To log off or exit from Site when not using it; and
  • Where relevant, to keep your password or other access information secret. Your password and log in details are personal to you and should not be given to anyone else or used to provide shared access for example over a network; and
  • To maintain good internet security. For example if your email account or Facebook account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. You should keep all of your account details secure. If you think that any of your accounts has been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected.

If you have asked us to share data with third party sites, however (such as Facebook) their servers may not be secure. Credit card information is generally stored by our credit card processing partners and we ask them to keep that data secure. We also use third parties to help us optimize our website flow, content and advertising (see below).

Note that, despite the measures taken by us and the third parties we engage, the internet is not secure, and others may nevertheless unlawfully intercept or access private transmissions or data. As such, except to the extent liability cannot be excluded due to the operation of statute, HomeAway excludes all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security. 
 

Phishing or False emails

If you receive an unsolicited email that appears to be from us or one of our members that requests personal information (such as your credit card, login, or password), or that asks you to verify or confirm your account or other personal information by clicking on a link, that email was likely to have been sent by someone trying to unlawfully obtain your information, sometimes referred to as a "phisher" or "spoofer." We do not ask for this type of information in an email. Do not provide the information or click on the link. Please contact us at Customer Support.
 

Third party websites

Links to third party websites that are not operated or controlled by HomeAway are provided for your convenience. HomeAway is not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.
 

8. Access and correction of your personal information

You have a right to request access to or correction of your personal information held by us. If you wish to access, correct or update any personal information we may hold about you, please contact us as set out below. However, we may charge for providing access to this information and we may refuse access where the Act allows us to do so.
 
If you have an online account via the Site, you can access and change some of your personal information by logging in to your account and following the instructions on the Site.
 
If you do not have an account, you can request access to the personal information that we hold about you and request corrections by contacting our Privacy Officer (see section 10 below).
 

9. Complaints process

If you have any questions or concerns about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Privacy Policy or the Act, please contact us as set out below.  The Privacy Officer will investigate the complaint and determine whether a breach has occurred and what action, if any, to take.  When contacting us, please provide as much detail as possible in relation to the query, issue or complaint.
 
We will take any privacy complaint seriously.  We will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 30 days.  We request that you cooperate with us during this process and provide us with relevant information we may require.
 
We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also make a formal complaint with the Office of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia): 
 
Director of Compliance
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
www.oaic.gov.au
 

10. Contact Us

Please contact our Privacy Officer if you have any queries about the personal information that we hold about you or the way we handle that personal information: 
 
HomeAway Privacy Officer
Level 5, 468 St Kilda Road, 
Melbourne
Victoria 3004
privacy@homeaway.com.au
 

11. Changes to this Policy

We may amend this Privacy Policy from time to time to reflect regulatory requirements; advances in technology, Site updates and changes in our information collection and disclosure practices. 
 
Any new policy will automatically be effective when it is published on the Site and a copy may be obtained from our Privacy Officer. You should therefore return here regularly to view our most up to date Privacy Policy. You should also print a copy for your records.