Privacy Policy

About Us

CairnsTours operates the website cairns-tour.com.au and related booking services. We are a locally owned and operated tour booking business based in Cairns, Queensland, Australia, and have been connecting travellers with Tropical North Queensland experiences since 2003.

Personal Information We Collect

We collect personal information reasonably necessary to provide our tour booking services. The types of personal information we may collect include:

Identity & Contact Information

• Full name, date of birth, gender
• Email address, phone number, postal address
• Passport or travel document details (where required for tour permits)
• Emergency contact name and phone number

Booking & Payment Information

• Tour preferences, special requests and dietary requirements
• Payment card details (processed securely by our payment gateway — we do not store full card numbers)
• Booking history and correspondence with our team
• Travel insurance details where provided

Health & Accessibility Information

• Mobility requirements, disability or accessibility needs
• Medical conditions relevant to tour participation (e.g. cardiovascular conditions, pregnancy, recent surgery)
• Medication requirements where relevant to tour safety

Technical & Usage Information

• IP address, browser type and device information
• Pages visited on cairns-tour.com.au, search terms used
• Cookie and session data (see Section 8)
• Location data if enabled on your device

How We Collect Personal Information

We collect personal information in the following ways:

• Directly from you — when you make a booking online or in our walk-in store at Cairns Square; when you contact us by phone or email; when you complete a health declaration form; or when you subscribe to our newsletter.
• From third-party booking platforms — including Viator, GetYourGuide, Expedia or travel agents who pass bookings to us for fulfilment.
• From tour operators and partners — when your booking involves a third-party operator, relevant information may be shared between us to deliver your tour.
• Automatically through our website — via cookies, analytics tools and server logs when you visit cairns-tour.com.au.
• Through your use of our services — including photographs or video taken during tours where you have consented to photography.

Where practicable, we collect personal information directly from you. If we collect it from a third party, we will take reasonable steps to notify you.

Why We Collect and Use Personal Information

We collect and use your personal information for the following primary purposes:

• Processing and managing tour bookings and payments
• Sending booking confirmations, e-vouchers, itineraries and pre-tour instructions
• Arranging hotel pick-up transfers and communicating pickup times
• Assessing and accommodating accessibility, health and dietary requirements
• Conducting health and safety assessments prior to high-activity tours (e.g. dive courses)
• Contacting your emergency contact in the event of an incident
• Responding to enquiries, complaints and feedback
• Improving our services, website and tour curation
• Complying with our legal obligations under Queensland and Australian law
• Complying with Great Barrier Reef Marine Park Authority permit requirements

We may also use your information for secondary purposes you would reasonably expect, including direct marketing where you have consented or where the law permits (see Section 7).

Disclosure to Third Parties

We do not sell your personal information to any third party. We may disclose your personal information to the following where necessary to deliver our services:

Tour Operators and Activity Partners

Where your booking involves a third-party operator — such as a reef vessel, the Kuranda Scenic Railway, an island resort, a skydiving operator, or a dive school — we share relevant booking details (name, contact, dietary needs, health requirements) with that operator to enable delivery of your tour.

Payment Processors

Payment card transactions are processed by a PCI-DSS compliant payment gateway. We do not store full card numbers on our systems.

Technology and Booking Platform Providers

We use booking management software, email delivery services and website analytics tools. These providers process personal information on our behalf under appropriate data processing agreements.

Regulatory and Government Bodies

We may disclose information to the Great Barrier Reef Marine Park Authority, Queensland National Parks, or other regulatory bodies as required by law or permit conditions.

Emergency Services

In the event of a medical emergency or safety incident, we may disclose relevant personal information to Queensland Police, Queensland Ambulance Service, or other emergency responders.

Legal Requirements

We may disclose personal information where required by law, court order, or in connection with legal proceedings.

Overseas Disclosure

Some third-party service providers — including cloud hosting, email delivery and booking platform providers — may store or process data on servers located outside Australia, including in the United States, European Union or United Kingdom.

Before disclosing personal information to overseas recipients, we take reasonable steps to ensure that those recipients handle it consistently with the Australian Privacy Principles, including through contractual data processing agreements.

By providing us with your personal information and using our services, you acknowledge that your information may be transferred to and processed in countries outside Australia.

Direct Marketing

With your consent, or where the law permits, we may use your contact details to send you information about our tours, special offers, travel tips and Cairns travel news. We may contact you by email or SMS.

You may opt out at any time by:

• Clicking "Unsubscribe" in any marketing email
• Replying "STOP" to any marketing SMS
• Emailing hello@cairns-tours.com.au
• Calling (07) 4082 7470
• Visiting us in store at Shop 7, Cairns Square

Opting out of marketing will not affect transactional communications about your bookings.

Cookies & Website Analytics

Our website uses cookies to improve functionality, remember preferences and analyse site usage. The main cookie types we use:

• Essential cookies — required for the website and booking system to function. Cannot be disabled.
• Analytics cookies — we use Google Analytics to understand how visitors use cairns-tour.com.au. Data is aggregated and anonymised. You may opt out via the Google Analytics Opt-out Browser Add-on.
• Marketing cookies — used to deliver relevant advertising via Google Ads and Meta. You can manage these through your browser settings or the relevant platform privacy controls.

Most browsers accept cookies by default. You can configure your browser to refuse cookies, though this may affect booking system functionality.

Storage & Security

We take reasonable steps to protect your personal information from misuse, loss, and unauthorised access. Our security measures include:

• HTTPS encryption across our website and booking system
• PCI-DSS compliant payment processing (no card numbers stored by us)
• Access controls limiting staff access to personal information on a need-to-know basis
• Regular security assessments of our digital infrastructure
• Staff training on privacy obligations and data handling

In the event of a data breach likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme under the Privacy Act.

We retain your personal information only as long as necessary, or as required by law. Booking records are generally retained for seven years to comply with Australian taxation and consumer law requirements.

Access & Correction

Under the Australian Privacy Principles, you have the right to request access to the personal information we hold about you, and to request correction of any information that is inaccurate, out-of-date, incomplete or misleading.

To make a request, please contact us in writing at hello@cairns-tours.com.au. We will respond within 30 days. In some circumstances we may decline access (for example, where required by law), in which case we will provide written reasons.

We will not charge a fee for making an access request, though we may charge a reasonable fee if the request requires significant resources to fulfil.

Privacy Complaints

If you believe we have interfered with your privacy or failed to comply with the Australian Privacy Principles, please contact us first so we can attempt to resolve your concern.

We will acknowledge your complaint within 5 business days and aim to respond substantively within 30 days. If you remain unsatisfied, you may lodge a complaint with the OAIC:

The 13 Australian Privacy Principles

Our privacy practices are governed by the 13 Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth). A summary of how we apply each:

• 1
  Open and Transparent Management

  We maintain this Privacy Policy and make it freely available on our website.
• 2
  Anonymity and Pseudonymity

  Where lawful and practicable, you may interact anonymously. However, we require your real identity to process tour bookings.
• 3
  Collection of Solicited Information

  We only collect personal information reasonably necessary for our functions as a tour booking business.
• 4
  Dealing with Unsolicited Information

  If we receive personal information we did not request and could not lawfully collect, we destroy or de-identify it.
• 5
  Notification of Collection

  We notify you at the point of collection why we are collecting your information and how it will be used.
• 6
  Use or Disclosure

  We only use or disclose personal information for the primary purpose of collection, or with your consent, or as permitted by law.
• 7
  Direct Marketing

  We only use personal information for direct marketing where you have consented or the law permits, and we always provide an opt-out.
• 8
  Cross-Border Disclosure

  Before disclosing information overseas, we take reasonable steps to ensure equivalent privacy protections apply.
• 9
  Government-Related Identifiers

  We do not use government identifiers (e.g. tax file numbers) as identifiers in our systems.
• 10
  Quality

  We take reasonable steps to ensure personal information is accurate and complete at the time of collection and use.
• 11
  Security

  We take reasonable steps to protect personal information from misuse, loss, and unauthorised access.
• 12
  Access

  You have the right to access personal information we hold about you, and we will facilitate this on request.
• 13
  Correction

  We will correct personal information that is inaccurate, out-of-date or incomplete on request.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or technology. Updated versions will be posted on this page with a revised "Last updated" date. Your continued use of our website or services following any changes constitutes your acceptance of the updated policy. Where material changes are made, we will notify active customers by email where practicable.

Contact Us About Privacy

For any questions, concerns or requests relating to your personal information or this Privacy Policy: