You have come through to this page from a website or app which is published by Domain Holdings Australia Limited (ABN 43 094 154 364) of Level 5, 100 Harris Street, Pyrmont NSW 2009 (Domain) or one of its subsidiaries.
- what is considered personal information;
- what personal information we collect and hold;
- how we collect, hold, use or disclose personal information;
- the purposes for which we collect personal information;
- what happens if we are not able to collect personal information;
- how to seek access to and correct your personal information;
- whether we disclose personal information outside Australia; and
- how to contact us.
We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act) (subject to exemptions that apply to us under that Act) and any other applicable data or information protection laws, including the EU General Data Protection Regulation (GDPR) and New Zealand's Privacy Act (the Privacy Act, GDPR, New Zealand's Privacy Act and any other applicable data or information protection laws are together the Privacy Laws). However, due to the nature of some of our business activities, from time to time, we will handle personal information relying on the media exemption in the Privacy Act where appropriate. Where we do so, we will ensure that we comply with the Australian Press Council Privacy Standards. We may also rely on related bodies corporate, employee records and other exemptions in the Privacy Act. If you require more information on the collection and use of personal information in the course of journalism, please visit the Australian Press Council Privacy Standards at www.presscouncil.org.au/privacy-principles.
Your privacy matters to us, so whether you are new to Domain Group or are a long time user, please take the time to get to know our practices.
What is personal information
What personal information do we collect and hold
We may collect the following types of personal information;
- business or residential address;
- email address;
- telephone number;
- age or birth date;
- profession, occupation or job title;
- financial and transaction information (including information about your assets, financial situation and claims history);
- information about your interactions with us;
- information about the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services or to respond to your enquiries;
- information relating to you that you provide to us directly through our network or indirectly through use of our network or online presence through our representatives or otherwise;
- information you provide to us through our service centre, customer surveys or visits by our representatives from time to time; and/or
- other personal information we may require from time to time to manage your business relationship with us.
Further information about how we collect and use usage data is set out in our Tracking and Targeting Policy.
How we collect personal information
We collect your personal information directly from you unless it is unreasonable or impractical to do so. We do this in ways including:
- when you engage with us to use or acquire our products and services;
- when you contact or request information from us including via our websites, apps, online forms and surveys and emails;
- through your conversations with our staff and our representatives;
- when you complete an application or make a listing enquiry; and/or
- when you write to us including via hard copy forms.
We may also collect personal information from third parties including:
- our service providers;
- third party companies such as credit reporting agencies, law enforcement agencies and other government entities;
- recruitment agencies;
- contractors and business partners; and/or
- through someone else who has provided us with your information (e.g. a real estate agent).
Why do we collect, hold, use and disclose personal information
We collect, hold, use and disclose your personal information for the following purposes:
- to provide products and services to you and deliver the best possible quality of customer experience;
- to provide you with news, information or advice about our existing and new products and services;
- to communicate with you, including but not limited to, by email, mail, SMS or telephone;
- to manage and enhance our products and services;
- to personalise and customise your experience;
- to provide you with access to protected areas of our websites;
- to conduct competitions or promotions on behalf Domain Group and selected third parties;
- to verify your identity;
- to provide as part of statistics, insights or business data to third parties or to use internally in our business;
- to conduct business processing functions for operation of our websites or our business;
- to manage our sales or other business relationships with you;
- for our administrative, promotional, planning, product/service development, quality control and research purposes, or those of our contractors, external service providers or business partners;
- to provide your updated personal information to us, our contractors, external service providers or business partners;
- to recover any amounts you may owe to us;
- to investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity; and/or
- as otherwise required or permitted by any Privacy Law (including the Privacy Act).
We may also use your personal information to send you marketing communications about our product and services and the products and services of our business partners that you may be interested in. We may do this through mail, phone, SMS, social media, email, app notifications and advertising through our apps, websites or third-party websites.
You can contact us at any time to opt-out from receiving direct marketing communications from us by contacting us directly, by following the unsubscribe instructions in the relevant communication or by updating your personal details on your account profile. We do not provide your personal information to other organisations for the purpose of direct marketing unless expressly authorised by you.
What happens if we can't collect your personal information
- we may not be able to provide you with the products or services you requested, either to the same standard, or at all (for example, if you do not register as a member of a website, you will not be able to access features or services that are reserved for members only);
- we may not be able to continue our sales or other business relationship with you;
- we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions; or
- we may be unable to tailor the content of our network to your preferences and your experience of our network may not be as enjoyable or useful.
How we disclose your personal information
We may disclose your personal information to a number of third parties in the course of operating our business and for one or more of the above purposes or related purposes. These parties include:
- our employees, related bodies corporate, business partnerships and joint venture entities;
- our external service providers including without limitation web hosting providers, advertisers, IT systems administrators, mailing houses, newsagents, couriers, payment processors, photographic analysers, data entry service providers, electronic network administrators, debt collectors, and professional advisers such as accountants, solicitors, business advisors and consultants;
- our existing or potential agents and/or business partners;
- insurers, reinsurers, intermediaries and claims assessors;
- our sponsors, or promoters of any competition that we conduct or promote via our services;
- specific third parties authorised by you to receive information held by us;
- the police, any relevant government authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary;
- as otherwise required or permitted by law (including the Privacy Act or other Privacy Laws).
Accessing and correcting your personal information
You may request access to any personal information we hold about you by contacting us using the contact information provided below. We will not charge for simply making a request and will not charge for making any corrections to your personal information. However, depending on the nature and scope of the personal information you have requested, we may charge you a reasonable fee to provide access to this information.
If you make an access request, we will ask you to verify your identity. There may be instances where, for legal reasons, we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.
Members of our websites will generally be able to access and update their membership details online. We request that you keep your information as current as possible so that we may continue to improve our service to you.
How you can complain about a breach of privacy
We have a process for investigating and dealing with privacy breaches. Once the Privacy Officer receives a complaint, the Privacy Officer will commence an investigation with the relevant business unit from which the alleged breach stemmed. The investigator will endeavour to determine the nature of the breach and how it occurred. We may contact you during the process to seek further clarification if necessary. If a breach is found, the Privacy Officer will work with senior management so that the process can be rectified to prevent any further breaches from taking place. We will also contact you to inform you of the outcome of the investigation. We will endeavour to resolve all investigations within a reasonable time.
We will treat your requests or complaints confidentially. Our representatives may contact you after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
Please contact our Privacy Officer at:
Privacy Officer Domain Holdings Australia Limited Level 5, 100 Harris Street Pyrmont NSW 2009
Disclosure of personal information outside Australia
We may disclose your personal information to entities located overseas for some or all of the purposes listed above. This may include disclosure to the following entities:
- our related bodies corporate, partnerships and joint venture entities;
- our data hosting and Cloud-based IT service providers; and
- other external service providers including those located in the U.K, U.S, Philippines and India.
If the European General Data Protection Regulation (GDPR) applies in respect of any of the personal information we collect, then the following sections apply to that personal information. For the purposes of GDPR (as applicable), we are the 'controller'.
In some instances, we may combine other information with personal information. If other information is combined with personal information or is used to build a profile of an individual (in a way which could be reasonably used to identify that individual), the combined information will be treated by us as personal information for as long as it remains combined.
If you are a resident in the EEA, you have the following rights in relation to your personal information (where applicable):
- (a) Access. As provided by applicable data protection law, you have the right to obtain from us confirmation as to whether or not personal information concerning you is being processed, and, where that is the case, to request access to the personal information. This access information includes – inter alia – the purposes of the processing, the categories of personal information concerned, and the recipients or categories of recipients to whom the personal information have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access. You may have the right to obtain a copy of the personal information undergoing processing free of charge. For further copies requested by you, we may charge a reasonable fee based on administrative costs.
- (b) Rectification. As provided by applicable data protection law, you have the right to have incomplete or inaccurate personal information that we process about you rectified.
- (c) Deletion. As provided by applicable data protection law, you have the right to request that we delete personal information that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims or if other statutory restrictions apply.
- (d) Restriction. Depending on the circumstances and as provided by applicable data protection law, you have the right to restrict our processing of your personal information where you believe such data to be inaccurate; our processing is unlawful; or that we no longer need to process such data for a particular purpose or where other legal grounds to request restriction apply unless we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it or because other statutory restrictions apply.
- (e) Portability. Depending on the circumstances and as provided by applicable data protection law, you have the right to obtain personal information we hold about you, in a structured, electronic format, and to transmit such data to you or another data controller, where this is (i) personal information which you have provided to us, and (ii) if we are processing that data on the basis of your consent or to perform a contract with you.
- (f) Objection. Under certain circumstances, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal information by us and we are required to no longer process your personal information. Such right to object especially applies if we collect and process your personal information for profiling purposes in order to better understand your interests in our products and services or for certain types of direct marketing. If you have a right to object and if you exercise this right, your personal data will no longer be processed for such purposes by us. You may exercise this right by contacting the Privacy Officer. Such a right to object may, in particular, not exist if the processing of your personal information is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
- (g) Withdrawing Consent. If you have consented to our processing of your personal information, you have the right to withdraw your consent at any time, free of charge. Such a withdrawal will not affect the lawfulness of the processing prior to your withdrawal of consent. You should note that the withdrawal of consent may not affect our right to use some or all of your personal information in circumstances where your consent was not required to use such data. For example, if we need your personal information to manage a contractual relationship with you or we have legitimate interest in using your data to run our website or operate our business.
You can make a request to exercise any of these rights in relation to your personal information by sending the request to the Privacy Officer at the contact details provided above.
You may use our website without providing any personal information about you. In this case, we will collect metadata that results from your usage of our website including: browser type and version, operating system and interface, website from which you are visiting us (referrer URL), webpage(s) you are visiting on our website, date and time of accessing our website, and internet protocol address. The metadata will be primarily used to improve the quality and services of our website and services by analysing the usage behaviour of our users in anonymised form and to prevent fraud, misuse of our IT systems, as well as to ensure physical, IT and network security. We may also use metadata for other purposes, including online advertising. See our Tracking and Targeting Policy for further details.
If you have a complaint and you are based in, or the issue you would like to complain about took place in the EEA, please click here for a list of local data protection authorities in EEA countries.
Your personal information will only be retained for as long as it is reasonably necessary to fulfil the purposes for which it was collected or as required for a legal, accounting or reporting purpose.
We will take all reasonable steps to protect the personal information that we hold from misuse, loss or unauthorised access, including by means of firewalls, password access, secure servers and encryption of credit card transactions.
If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
If we become aware of a notifiable privacy breach, we will notify you if and to the extent required by the applicable Privacy Law.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.