Privacy Policy


Last Updated: January 2024

This is the Australian Privacy Policy of StayCo and its affiliates and subsidiaries (details of which are listed here) (collectively, “we”, “us”, “StayCo”). StayCo respects your privacy and is committed to protecting your personal information. We comply with the Privacy Act 1988 (Cth) in Australia and the Australian Privacy Principles (“APP”), which regulate how we may collect, use, disclose, store and protect your information. This policy is intended to keep you informed and help you to understand your rights (and our obligations) under the applicable Privacy Act.

By using any of our products or services and/or by agreeing to this statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this policy.


Personal information in Australia is information or an opinion about you, whether true or not, which identifies you or from which your identity can be reasonably obtained. It does not include data where all identifying details have been removed.


StayCo collects and processes your personal information through your use of our website and other services provided by StayCo (“Services”), including any data you may provide when you use our:

  • Online services, such as websites owned or controlled by StayCo, web and mobile applications, social media pages, email messages; or
  • Offline interactions, when you visit or stay as a guest at one of our properties, reach out to our call centre, or through other offline interactions.

We use different methods to collect data from and about you including through this website:

Direct interactions: You may give us your personal information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide online when you book accommodation, sign up for a newsletter, or participate in a survey, contest or promotional offer. We collect personal information offline when you visit our properties, or use services such as cafes.

Automated technologies or interactions: As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. The information we may collect by automated means includes, but is not limited to:

  • Information about the devices our visitors use to access our sites (such as the IP address and the device, browser and operating system type),
  • Pages and URLs that refer visitors to our sites, also pages and URLs that visitors exit to once they leave our sites,
  • Dates and times of visits to our sites,
  • Information on actions taken on our sites (such as page views, site navigation patterns or application activity),
  • A general geographic location (such as country and city) from which a visitor accesses our sites,
  • Search terms that visitors use to reach our sites.

Security systems: When you visit our managed properties, information may be collected about you through such properties’ closed-circuit television systems and other security systems.

Third parties or publicly available sources: We will receive personal information about you from various third parties and public sources including business partners, hotels managed by us, travel agents and aggregators.


We may collect, use, store and transfer different kinds of personal information about you which we have arranged according to the different purposes as follows:

  • Contact information (such as name, email address, mailing address and phone number);
  • Payment information (including payment card numbers, billing address and bank account information);
  • Demographic data (such as age, gender, country and preferred language);
  • Information related to your reservation, stay or visit to a property (including the property where you have stayed or outlet you have visited, date of arrival and departure, and goods and services purchased);
  • Information necessary to fulfil your special requests and/or specific accommodations;
  • Employment information (such as company name, job title and work contact information) to respond to requests for proposals or honour contractual arrangements;
  • Loyalty program member information, online account details, profile or password details, and any frequent flyer or travel partner program affiliation;
  • Copies of your correspondence if you contact us;
  • Your interests and preferences;
  • Feedback and survey responses;
  • Information collected through the use of closed-circuit television systems and other security systems;
  • Information related to your use and interaction with our website and network; and
  • Information as requested by government authorities to fulfil our legal obligations.

We do not collect the following special categories personal information about you: your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.


We use personal information to provide you with Services, to develop new products and services, and to protect StayCo and our guests as detailed below.

We will use this information for the following purposes:

  • Performing our customer service obligations, such as the creation and management of reservations and your stay in our properties, payment, catering to your requests, monitoring use of services (telephone, bar, pay TV, etc.), in response to a contractual relationship between you and us, such as a hotel booking or service request;
  • Improvement of our services, such as assessment of our services in hotels, cafes and other outlets, improvement in the operation of our business as part of the contracted relationship between you and us;
  • Personalisation of our services and communications, for example to personalise content and tailor our digital customer experience and offerings, understand customers’ requirements to develop targeted marketing programs, newsletters and promotions. We will always seek and record your permission to opt in and participate in any of our marketing campaigns. Use of your information for marketing is presented in more detail under the Marketing section below.

Compliance with legal obligations in accordance with applicable laws, such as local privacy laws, GDPR, prevention of fraud or money laundering, police investigations, as required by a court or other laws to be disclosed and tourism regulations; and safety and security to maintain the safety, health and wellbeing of customers, and protecting StayCo’s assets, assets owned by third parties in buildings StayCo occupies and manages, and employees.

Additionally, we may also handle your personal information for the following purposes, particularly if you interact with our website:

Booking process: To manage booking requests made by users, including any modifications and cancellations, as well as confirmation communications of these transactions. To register and manage your online check-in. To manage payment or prepayment, if it is required. To review your guest profile in order to unify guests’ profiles and personalise services provided. If user consent is given for direct marketing communications – sending you personalised promotional offers and event details, subscribing and unsubscribing you when you request it. The lawful grounds for these processes are the performance of the contract, our legitimate interest and user consent.

Check-in online: To manage your check-in online and personalise your services if you request it. To manage any other services required by the user. The lawful grounds for these processes are the performance of the contract and user consent.

Best-rate guarantee: To manage claims or requests made by the user including contacting you to resolve the claim or request. To verify the information provided by the user. The lawful grounds for these processes are user consent and legitimate interest.

Newsletter: Direct marketing communications – after you subscribe as a StayCo VIP or book with our hotels, we will send you promotional offers and event details, unsubscribing you, when you request it. The lawful grounds for these processes are user consent.

Photography Consent: When entering a StayCo Hotel, you acknowledge StayCo may use and repurpose promotional, marketing photos and videos taken during your stay for the use on the Hotels Social Media and marketing campaigns – only for the positive promotion of the Hotel and StayCo. In person permission will always be sourced as well where possible, and digital images are able to be removed, after sharing, if you request so.

Management of general and hotel enquiries: To manage communications, provide information and respond to general requests from users through the channels available for this purpose on the website or other Contact Us functions. To manage booking or services requests related to reservations at the hotels. To receive feedback about products and services provided. The lawful grounds for these processes are user consent, the performance of the contract and legitimate interest.

Membership programs: To administer and operate voluntary membership programs. The data may be processed for the purposes of recording stay and transactional data, earning, and redeeming rewards, points or credit in connection with the program. Direct marketing communications – sending you promotional offers and event details, subscribing, and unsubscribing you, when you request it. The lawful grounds for these processes are the performance of the contract and user consent.

User-generated content (UGC) on social media platforms: To display UGC on our websites for promotional purposes. The lawful grounds for these processes are user consent.

Social platforms log-in: If you register or sign in with your Facebook, Apple ID, Google or other third-party accounts to our sites, you give such third-party service providers permission to share your personal information from those accounts (such as your registration and profile information). This information varies and is controlled by third-party service providers or as authorised by you via your privacy settings.


Our goal is to provide you with the highest level of hospitality and Services, and to do so, we share personal information with the following parties:

StayCo Properties: We disclose personal information to other companies within the StayCo group for the purposes described in this privacy policy, such as providing and personalising Services, communicating with you, facilitating loyalty programs, and our business purposes. StayCo is the party responsible for the management of the jointly controlled personal information. We share your personal information used for making a reservation with the operator of the applicable property to fulfil and complete your reservation.

Strategic business partners: We disclose personal information and other data to business partners who provide goods, services and offers that enhance your experience at our properties. By sharing data, we are able to make personalised services and unique travel experiences available to you. For example, this sharing enables cafes, concierge, and other outlets at our properties to provide you with services.

Service providers: We disclose personal information to third-party service providers for the purposes described in this privacy policy. Examples of service providers include companies that provide website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery and marketing.

Public administrations and police bodies: We disclose personal information to public administrations and police under requirement, in order to comply with obligations under the regulations, and to cooperate with these entities in the performance of their duties and as a result of a request of any court.

We require all third parties to respect the security of your personal information and to process it in accordance with the law and our policies. We do not allow our third-party service providers to use your personal information for their own purposes, and only permit them to process your personal information for specified purposes and in accordance with our instructions (unless you separately consent to that use).


StayCo stores information in both physical and electronic form including using third party IT providers. We maintain appropriate physical, procedural, and technical security for our offices and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of personal information.

We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.


From time to time, we may send you direct marketing communications regarding our products and services. If you have opted in to receive marketing communications, we may contact you by electronic messages (e.g. email), online (e.g. through our website), by mail and by other means if you or your organisation. You have the right to withdraw consent to marketing communications at any time by contacting us using the details at the bottom of this privacy policy or by using the opt out mechanism included in our marketing messages.

Please note that opting out of marketing communications will not opt you out of receiving important business communications, such as communications about your stay.


You may contact us using the contact details below to request access to, or a correction of, the personal information that we hold about you. We will deal with your request within a reasonable time. On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the applicable Privacy Act that we rely on to refuse access. We will also provide you with avenues to complain about our refusal to provide you with access to the information.


Subject to certain limitations and restrictions (e.g. depending on circumstances such as where you reside) you may have the right to exercise additional rights in relation to your personal information. These may include the right to:

  • request erasure of your personal information;
  • object to processing of your personal information;
  • request restriction of processing of your personal information;
  • transfer your personal information (i.e. the right to data portability);
  • not be subject to automatic decision making;
  • withdraw consent; and
  • request correction of your personal information.

Your rights concerning your data may vary depending on the applicable data protection or privacy law applying to your personal information. Some of the above rights may not apply to you if they are not required by the relevant data protection or privacy law. If you wish to exercise these rights or obtain details of any of the rights set out above, you may do so at any time by contacting us using the contact details at the end of this privacy policy. We may require further information in order to assess whether the right is applicable to you.


Please contact StayCo using the details below if you have any questions, concerns or complaints regarding this privacy policy or our handling of your personal information.

Email: or
Post: PO Box 8227, Gold Coast MC, QLD 9726

StayCo takes all complaints seriously and will respond to your complaint within a reasonable period.

Should you believe that we have not fulfilled our obligations under the relevant Privacy Act, have not complied with the terms of this policy, or would like to appeal a decision made by us relating to your personal information, you can make a complaint in writing to our Privacy Officer using the details set out in this Privacy Policy. We will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.

In the event that you are dissatisfied with a response you have received, and if the relevant Privacy Act is applicable, you have the option of referring your complaint to the Office of the Australian Information Commissioner (OAIC) for Australian related matters. The OAIC contact information may be found below:

OAIC – listed on their website:

At the date of this policy, the OIAC’s details are:

Office of the Australian Information Commissioner
Post: GPO Box 5218, Sydney NSW 2001
Telephone: 1300 363 992


We reserve the right to change the terms of this privacy policy from time to time, without notice to you. An up-to-date copy of this privacy policy is available on our website.