Privacy Policy

We are committed to respecting and protecting the privacy of our guests.




ABN 84 615 560 453


  1. Commitment to Protecting Privacy

CDM Australasia Limited (“Café del Mar”, “we”, “us”) operate CDMS Investments Pty Ltd (Café del Mar Sydney) and is committed to protecting the privacy of visitors to its websites and mailing list subscribers. We have developed this Privacy Policy in line with the Australian Privacy Policy Principles in the Privacy Act 1988. This Privacy Policy applies to the collection, storage, use and dissemination by us of your personal information.

  1. About the Privacy Policy

This Privacy Policy applies to all services offered by us. This Privacy Policy describes:

(a) how we collect and handle personal information;

(b) who we exchange personal information with;

(c) if we send information overseas and to which countries;

(d) how individuals can access and correct their information; and

(e) how complaints about privacy breaches are handled.


  1. Collecting Personal Information

We will collect information that personally identifies you only when you voluntarily provide it to us or one of our related entities. This information may include your:

(a) name;

(b) birth date;

(c) home address;

(d) other address;

(e) telephone number;

(f) facsimile number;

(g) email address;

(h) venue visit/ reservation date;

(i) credit/debit card number and expiry date; and/or

(j) purchase/booking history.


We collect personal information through various methods, including, but not limited to:

(a) bookings;

(b) enquiries;

(c) marketing database sign ups via:


(2) Our nominated email service provider My Guest List; and/or

(3) Various competitions and prize draws run by third parties.

Our web site is hosted on an internet server which may automatically record details about any computer used to access our website. This may include the IP address, domain name, browser type, the date and the time of access and details of the information downloaded. These details are not capable of identifying you and are used solely for statistical analysis and research on usage patterns to improve this website.

We use a third party booking services provider called Dimmi to take reservations and bookings. Details of Dimmi’s Privacy Policy can be found here:


  1. Purpose of Collection of Personal Information

We collect Personal Information primarily for a variety of marketing related activities as permitted under the Privacy Act 1988. These marketing activities include, but are not limited to, provision of services, market research, advertising, email marketing and marketing strategy.

Personal Information used for marketing related activities helps us identify current market trends and profile ‘typical’ customers to enable us to create the best possible Hospitality experience for our customers.

You will occasionally receive promotional emails from us about our Café del Mar venues, and we hope you will find these updates interesting and informative. If at any time you would like to unsubscribe from receiving our mailings or those of third parties or do not want us to share your personal information with other parties, please email us or follow the steps to unsubscribe. You will find the steps to unsubscribe at the bottom of every email you receive from us.

We use information provided by you for the purposes of providing products and services to you, to provide you with information about those products and services, to assist you with enquiries or purchases, to enhance your experience at our attractions, or to provide you with better customer service.

Personal Information collected by us will never be made available to the general public. You don’t need to identify yourself when you deal with us, however in some circumstances we may only deal with individuals who have identified themselves to us. You are not obligated to provide your personal information to us however failure to do so may result in Merlin being unable to provide certain services to you.

You may also receive communications from us in regards to variations to terms and conditions of products you have purchased from us. Such non-marketing related communications are intended to provide you with accurate and up-to-date information regarding the benefits and/or entitlements of the products you hold.  Unsubscribing from receiving communications from us may mean we will not be able to provide you with these updates.


Use of your information:

From 25th May 2018, under applicable Data Protection Law we may only process your information if we have a “legal basis” (i.e. a legally permitted reason) for doing so. For the purposes of this privacy policy our legal basis for processing your information is based on the provision of your consent.

We use the information that we collect from you to provide our services to you. In addition to this we may use the information for one or more of the following purposes:

  1. To provide information to you that you request from us relating to our products, services, promotions, offers and competitions.
  2. To inform you of any changes to our Website, services or goods and products.
    We never give your details to third parties to use your data to enable them to provide you with information regarding unrelated goods or services.
  3. Disclosure of Personal Information

We will never sell or licence out Personal Information to third parties. We do disclose Personal Information to third parties for the following purposes:

(a) email marketing

(b) digital marketing;

(c) market research; and

(d) secure storage of Personal Information.

All third parties holding Personal Information comply with our Privacy Policy and we take full responsibility for all Personal Information held in accordance with current privacy legislation.

We reserve the right to disclose your personal information if we are required or authorised to do so by an Australian law or court or tribunal order.

Submission of personal information to us will be construed by us as consent to the full details set out in this policy, by, or on behalf of (through an authorised representative of the individual), the person whose personal information is being supplied.

Furthermore, by submitting personal information to us individuals or their authorised representatives agree that they are of legal age and/or status to receive any marketing and promotional communications from us that they provide express or implied consent for. We cannot be held liable for communications received due to personal information that has been supplied to us without the necessary authority of the individual in question, or where the individual does not meet the legal age and/or status requirements to receive such communications.


  1. Sending Personal Information Overseas

We use a third party email service provider called My Guest List to send emails to our marketing databases.

MyGuestlist discloses personal information to recipients located overseas. For instance, they store all of the personal information they hold on our servers, which are hosted in Canada, and all data that is backed up to mitigate risks associated with hardware failure is stored on AWS servers located in the USA. My Guest List take reasonable steps to ensure that the personal information stored offshore is handled in accordance with strict privacy safeguards. Details of My Guest List’s Privacy Policy can be found here: 


  1. Right to Access and Correct Your Personal Information

We take all reasonable steps to ensure your personal information is accurate, up-to-date and complete. under the Data Protection Act, Individuals have the right to review, amend or delete their own personal information that may be recorded on our databases.

We are entitled to charge a nominal fee to process such requests (currently no fee) and request that you provide proof of your identity in the form of two items of approved photographic identification (eg a passport and drivers’ licence). We will use reasonable efforts to supply, correct or delete personal information about you on our files.

Approved amendments will be made within 30 days after the date of receiving your request. If we are unable to approve your request we will provide you with a written response outlining the reasons why your request was not approved. Please address any requests (including requests to cancel registration or membership) or questions about this Privacy Policy to:

In relation to a request to delete information all reasonable steps will be taken to delete that information, except where it is required for legal reasons. Deletion of information may result in Café del Mar being unable to provide you with certain services.

  1. Security

We are committed to keeping all personal information secure and have taken reasonable steps to prevent unauthorised access, modification or disclosure. We have implemented technology and security features to make our systems as secure as possible and to safeguard your personal information.

Please contact us immediately should you become aware or have reason to believe that there has been any unauthorised use of your personal information in connection with us.


  1. Use of Tracking Technologies

We may use “cookies” which are a feature placed on your hard drive to recognise and identify your computer. Cookies are used for identification purposes and allow certain functions on the website to work as intended. The cookies we pass to you are anonymous and do not hold information on you or reveal your personal identity. The cookies track your use of the website to learn about your preferences so that we may improve our website.

Please note that if you prefer not to receive cookies you can configure your Internet browser to reject them or to notify you if they are being used. This may limit the functionality of our website and we take no responsibility for your configuration of your Internet browser.


  1. Problems, Queries or Complaints

For further information regarding this Privacy Policy, to request a paper copy of this Privacy Policy or to make a complaint about the steps taken by us to protect your personal information or privacy, please contact us by emailing  or telephoning +61 (0)2 9267 6700.

We will investigate any complaints received in writing and do our best to resolve them as soon as possible. We endeavour to respond to your complaint within 14 days after the date of receiving the complaint.

If you are not satisfied with our response to your complaint, you can refer your complaint to the Office of the Australia Information Commissioner. You can contact the Office of the Australia Information Commissioner by telephoning 1300 363 992 or online at

We reserve the right to review, amend, update and change this Privacy Policy from time to time to reflect our obligations under the Privacy Act 1988 or current legislation and regulations.