Responsible Disclosure Policy

The Star Entertainment Group Limited is committed to implementing appropriate security measures to protect its systems and data.

We encourage you to inform us about any security vulnerability you identify that affects us, subject to the rules below.

The Star acknowledges the important role that responsible security researchers play in identifying vulnerabilities so that affected organisations can address them.

The following rules apply to your disclosure of a security vulnerability to us.

Entities covered by this Policy

  1. This Policy applies to The Star Entertainment Group Limited ABN 85 149 629 023 and its subsidiaries including, for example, The Star Pty Limited ABN 25 060 510 410 and The Star Entertainment QLD Limited ABN 78 010 741 045 (collectively The Star or us).

Security vulnerabilities within scope of this Policy

  1. A security vulnerability that could allow an attacker to compromise the availability, integrity or confidentiality of one of The Star’s systems, products or services is within the scope of this Policy.
  2. You may report to us under this Policy security issues of which you become aware, relating to gambling technology that we use in our casinos.  However you are not authorised to actively look for such issues.
  3. You are authorised to look for, and report to us, in accordance with this Policy any security vulnerabilities that affect any other technology systems operated by The Star or operated for The Star by a third party.
  4. You are not authorised by this Policy to look for security vulnerabilities that affect The Star or any third party, except as stated above.

Exclusions from scope of this Policy

  1. You are not authorised under this Policy to look for issues relating to or arising from:
    1. physical security arrangements at any premises;
    2. social engineering activities (for example, phishing); or
    3. denial of service or other volume-based attacks.
  2. You are not authorised under this Policy to:
    1. do anything that may degrade the performance of any of our systems;
    2. send electronic messages to any person without their consent;
    3. access data relating to any person other than yourself;
    4. amend, delete or extract any data from any system;
    5. post any virus or malware on any system or otherwise use, handle or deploy any virus or malware;
    6. impersonate any other person;
    7. interrupt any of our services;
    8. use automated vulnerability scanners to check systems; or
    9. breach any law.
  3. The following people are excluded from the scope of this Policy:
    1. employees and officers of The Star; and
    2. technology or security contractors engaged by The Star, their employees and any other individuals they directly or indirectly engage for work relating to The Star.

How to report a vulnerability to us

  1. You can report a security vulnerability to us by completing the form below.
  2. In your submission, please provide:
    1. A short description of the vulnerability.
    2. Details of the systems that are affected by the vulnerability.
    3. Details of the security impact of the vulnerability.  How could an attacker exploit it?
    4. Instructions on how we can reproduce or verify the vulnerability.
    5. Any suggestions you have about how to fix the vulnerability.
    6. Any other relevant information.
  3. If you identify a security vulnerability you must not exploit it, including for any person’s gain or for the detriment of The Star or any other person.  Instead you should describe in your submission the “proof of concept” as to how the vulnerability could be exploited by an attacker.
  4. We will aim to acknowledge your report promptly.  If we consider the vulnerability material enough to make changes to our systems or practices, we will aim to let you know when we have done so.
  5. We encourage you to provide us with your full name and contact details.  Unless otherwise required by law or by a regulator we will keep this information confidential.

Confidentiality

  1. You must not disclose a security vulnerability you report to us to any other person, except to the extent:
    1. you are required by law to do so;
    2. the vulnerability comes into the public domain other than due to your breach of this obligation; or
    3. we provide our prior written consent.

Recognition

  1. If you are the first to inform us about a security vulnerability we don’t already know about, we may decide to offer you recognition.
  2. Recognition may take any form we consider appropriate, for example naming you in our “Hall of Fame” on our website, providing you with a gift or providing you with a cash payment.  We may require you to enter a brief agreement with us as a condition of receiving recognition.
  3. When deciding whether to offer you recognition we will consider:
    1. the potential impact of the security vulnerability on our business;
    2. the quality of your report; and
    3. whether we consider the vulnerability material enough to make changes to our systems or practices.

Queries

  1. If you have any queries about this Policy or how it applies, please complete the form below.  If in doubt, please ask us to avoid any unintentional breach of this Policy.

Changes to this Policy

  1. We may amend this Policy from time to time.  We may also decide to revoke this Policy.
  2. This version of this Policy is dated May 2021.

Responsible Disclosure Form

2016 SHARE SALE FACILITIES

The Star Entertainment Group announced on 5 April 2016 share sale facilities that provided eligible small shareholders the opportunity to sell their shares without incurring any brokerage or handling costs.

Participation in the separate share sale facilities were open to eligible shareholders whose registered address was in Australia or New Zealand as at 7.00pm (Sydney time) on 29 March 2016 (Record Date) and who were:

  1. registered holders of less than a marketable parcel of shares (i.e. less than $500 worth of shares on the Record Date) (Small Holding Sale Facility); or
  2. registered holders of 5,000 or less shares (but held at least $500 worth of shares) on the Record Date (Voluntary Share Sale Facility).

On 5 April 2016, eligible shareholders were sent a letter together with a Share Retention Form (for the Small Holding Sale Facility) or a Sale Instruction Form (for the Voluntary Share Sale Facility), and Terms and Conditions for the relevant share sale facility.

Both share sale facilities closed at 5:00pm (Sydney time) on 17 May 2016 (Closing Date).

All participants who had their SGR shares sold under either the Small Holding Sale Facility or the Voluntary Share Sale Facility received the same average price of $5.51 per share, which was calculated by dividing the total proceeds from the sale of all SGR shares sold under the facilities by the total number of SGR shares sold under the facilities.

Payment of the sale proceeds were made to participating shareholders on 27 May 2016 in accordance with their payment instructions as recorded on the share register.

Small Holding Sale Facility

The Small Holding Sale Facility was conducted in accordance with The Star Entertainment Group’s Constitution and the Australian Securities Exchange Listing Rules that enables all listed companies to sell shareholdings valued at less than $500 (Unmarketable Parcel).

Based on a share price of $5.68, being the closing price of The Star Entertainment Group (SGR) shares on the Australian Securities Exchange on the Record Date, an Unmarketable Parcel was any holding of 88 shares or less.

Eligible shareholders who wished to retain their Unmarketable Parcel were required to return a Share Retention Form to the share registry by the Closing Date.

Small Holding Facility Key Dates:

  • 29 March 2016 (7pm) – Record Date
  • 5 April 2016 – Facility Opened
  • 17 May 2016 (5pm) – Facility Closed
  • 27 May 2016 – Payment of sale proceeds and mailing of payment advices

Voluntary Share Sale Facility

The Voluntary Share Sale Facility was conducted in accordance with Class Order CO 08/10 issued by the Australian Securities and Investment Commission.

Eligible shareholders who wished to sell their shares under the Voluntary Share Sale Facility were required to return a Sale Instruction Form by the Closing Date.

Voluntary Holding Facility Key Dates:

  • 29 March 2016 (7pm) – Record Date
  • 5 April 2016 – Facility Opened
  • 17 May 2016 (5pm) – Facility Closed
  • 27 May 2016 – Payment of sale proceeds and mailing of payment advices

For full details of the Small Holding Sale Facility and the Voluntary Share Sale Facility, please see the ASX Announcement dated 5 April 2016 in the News section of our website.

POST DEMERGER TAX INFORMATION

The demerger of The Star Entertainment Group (formerly known as Echo Entertainment Group Limited) from Tabcorp Holdings Limited (Tabcorp) was implemented on 15 June 2011 by way of Scheme of Arrangement pursuant to the Tabcorp Scheme Booklet dated 15 April 2011 (Demerger).

As part of the Demerger, Tabcorp sought a ruling from the Australian Taxation Office on the taxation implications for shareholders. On 29 June 2011, the Australian Taxation Office issued Class Ruling CR 2011/66, in accordance with the application made by Tabcorp. A copy of the Class Ruling CR 2011/66 can be viewed here.

A Tax Calculator is provided below to assist shareholders in calculating the Australian capital gains tax cost base allocation for Tabcorp shares and The Star Entertainment Group shares. The Tax Calculator is a general guide only and does not constitute tax advice. Shareholders should seek advice from an appropriate professional adviser on the tax implications of the Demerger based on their own individual circumstances.

Click here to download the Tax Calculator
Click here to access information on the Australian Taxation Office website