Privacy policy
Short Waypoint Travel Pty Ltd (ABN example 12 345 678 901), trading as Short Waypoint (“we”, “us”, “our”), is committed to protecting your privacy. This Privacy Policy describes how we collect, hold, use and disclose personal information in connection with shortwaypoint.com, our newsletters, enquiry forms, on-site assistant chat, and related travel-inspiration services (together, the “Services”). It is intended for visitors and customers in Australia and should be read together with our Cookies policy and Terms of use.
This policy is not legal advice. If you need certainty about how the law applies to your situation, you should obtain independent professional advice. Where this policy uses defined terms from the Privacy Act 1988 (Cth) (such as “personal information” or “APPs”), those terms carry their statutory meaning.
Who we are and what we do
We publish curated weekend and micro-trip ideas for travel within Australia, illustrative pricing in Australian dollars, and tools to help you discover regions and themes. Some parts of the site are informational only; where we offer paid digital products, subscriptions or partner referrals, additional terms may apply at the point of purchase.
Our registered office is Level 4, 100 George Street, Sydney NSW 2000, Australia. For privacy-specific enquiries, contact hello@shortwaypoint.com and include enough detail for us to identify your request without sending unnecessary sensitive identifiers.
Kinds of personal information we collect
The personal information we collect depends on how you interact with the Services. It may include:
- Identity and contact details — for example your name, email address, phone number or city/state if you choose to provide them in a form, chat transcript, or account-related workflow.
- Account and preference data — saved favourites, newsletter topic preferences, or similar settings stored locally in your browser where we implement such features.
- Transaction and billing data — if you purchase a paid product, payment references, order identifiers, amounts, currency and limited billing contact details as required to fulfil the order and meet taxation and record-keeping obligations.
- Technical and usage data — IP address, approximate location derived from IP, browser type and version, device type, operating system, referring URLs, pages viewed, time on page, scroll depth proxies, and diagnostic events that help us detect abuse or improve performance.
- Communications content — messages you send through contact forms, email replies, or the on-site assistant, including metadata such as timestamps and message identifiers.
We aim to collect only what is reasonably necessary for the relevant purpose. Where the Privacy Act permits de-identified or aggregated information, we may use or disclose it in a form that does not reasonably identify you.
How we collect personal information
We collect personal information directly from you when you type it into a form, subscribe to updates, use interactive tools, or correspond with us. We also collect certain technical data automatically through server logs, cookies and similar technologies as described in our Cookies policy, and from analytics or security tools we may operate from time to time.
If we receive personal information about you from a third party (for example a travel partner referring an enquiry), we will handle it in accordance with this policy and applicable law, including APP 3 where relevant.
Why we collect, hold, use and disclose personal information
We handle personal information for purposes that are reasonably necessary for our functions and activities, which may include:
- providing, maintaining and improving the website, search, chat assistance and related content;
- processing enquiries, complaints and feedback, and communicating outcomes;
- sending marketing communications where you have opted in, or where otherwise permitted by law, including measuring engagement in aggregate;
- processing payments, refunds and chargebacks, and maintaining financial records;
- detecting, preventing and investigating fraud, security incidents, spam or misuse of the Services;
- complying with legal obligations, responding to lawful requests from public authorities, and establishing or defending legal claims;
- conducting internal analytics, product planning and quality assurance using de-identified or aggregated data where practicable.
Disclosure and overseas transfers
We may disclose personal information to service providers who assist us with hosting, email delivery, analytics, customer support tooling, payment processing, or security monitoring. Those providers are generally required to use information only for the purpose for which we disclose it and to implement appropriate safeguards.
Some of our service providers may store or process data outside Australia (for example in the United States or the European Union). Where we disclose personal information overseas, we take steps that are reasonable in the circumstances to ensure overseas recipients do not breach the APPs in relation to that information, in line with APP 8.
We do not sell your personal information in the conventional sense of exchanging a list of individuals for cash. If we ever introduce partner offers that involve paid list rental or similar practices, we will update this policy and obtain any consent required by law.
Storage and security
We hold personal information in electronic form on infrastructure operated by us or our suppliers. We implement administrative, technical and organisational measures appropriate to the nature of the information and the harm that might result from misuse, including access controls, encryption in transit where appropriate, monitoring, and staff confidentiality expectations.
No method of transmission or storage is completely secure. If we become aware of a data breach that is likely to result in serious harm and is notifiable under the Notifiable Data Breaches scheme, we will comply with our assessment and notification obligations under Part IIIC of the Privacy Act.
Retention
We retain personal information only for as long as necessary to fulfil the purposes described in this policy, including to satisfy legal, accounting or reporting requirements. Retention periods vary depending on the record type: for example transactional records may be kept longer than transient server logs. When retention ends, we take reasonable steps to destroy or de-identify information.
Your rights and choices
Subject to exceptions in the Privacy Act, you may request access to personal information we hold about you and request correction of inaccurate, out-of-date, incomplete, irrelevant or misleading information. You may also withdraw consent for optional communications (such as marketing emails) using the unsubscribe link in those messages, or by contacting us.
If you believe we have mishandled your personal information, please contact us first so we can try to resolve the issue. You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC). Further information is available at oaic.gov.au.
Children
Our Services are directed at adults planning travel. We do not knowingly collect personal information from children under 16 without parental or guardian consent. If you believe we have collected such information, contact us and we will take reasonable steps to delete it.
Automated processing
Features such as the on-site assistant or search ranking may use automated rules or third-party language models to surface suggestions. These outputs are assistive only and do not, by themselves, produce legal or financial effects concerning you. You should verify important details (availability, pricing, conditions) with primary sources before relying on them.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, technology, or our business. The “Last updated” date below indicates the latest version. Material changes may be highlighted on the website or communicated where we hold your contact details.
Last updated: April 2026.