Privacy Policy

Welcome to propper! 

propper Pty Ltd and its related body corporates propper Real Estate Pty Ltd and propper Maintenance Pty Ltd are all part of the same propper group. In this policy, “propper”, “we”, “us” and “our” refers to each of propper Pty Ltd, propper Real Estate Pty Ltd and propper Maintenance Pty Ltd.

We understand that when you use our website, products or services, you are trusting us to handle your data respectfully and in compliance with the Privacy Act 1988 (Cth) (Privacy Act). We take your privacy seriously, and that’s why we want you to know exactly how your information will be shared amongst our different businesses and when we need to share it with a third party.  In order for you to make an informed decision about providing us with your personal information, you need access to relevant information.  This policy sets out how your personal information is collected and handled by the members of the propper group. 

We are subject to the Privacy Act, including the Australian Privacy Principles (APPs). The APPs set out the manner in which we may collect, store, use and disclose personal information and how a person, such as yourself, can access and/or correct records containing their personal information.

This policy sets out how we collect, use, disclose and manage personal information in connection with any use of our products and services, including your use of our website (hereafter referred to together as the “services“).  Any reference to “website” includes any websites operated by or on behalf of propper, including any microsites and mobile websites.  In using our website or any of the services, you agree to your personal information being handled as set out in this privacy policy. This extends to our creation and use of de-identified data.

Finally, our website uses cookies to enhance your experience and to help us with the delivery of the services. If you continue without changing your browser settings, we will assume that you are happy to receive these cookies. You can change your cookie settings at any time. More information about our use of cookies is provided below.

If you have any questions, we encourage you to contact us. We’re here to help. 

Changes to this privacy policy

We may update this privacy policy from time to time.  As a result, we encourage you to review our policy periodically for change. Updates are usually clarifications based on feedback from our customers, property management or property maintenance service developments, changes to our service or market expectations. 

Any material revisions of this policy that would result in a material detriment to you will be notified to you by a posting on the website, via e-mail or any other means available to us.

Please note that your continued use of the services, requesting our assistance or the provision of further personal information to us (directly or via an authorised person) after this privacy policy has been revised, constitutes your acceptance of the updated privacy policy. 

Types of personal information

Personal information is information about an identified individual, or an individual who is reasonably identifiable. This information does not need to be true or recorded in a material form in order to be defined as personal information.

Whether information is personal information is determined by giving due consideration to whether it is information about an identified individual or about an individual who is reasonably identifiable.  For example, sometimes you might provide us with information that has no connection to you as an individual or will not reveal or convey anything about you. This type of information is not personal information. 

Depending on which services you use, the types of information we collect and hold about you may include:

Basic informationYour name and date of birth is used to identify you. We use this information to identify you, as well as to protect against fraud and unlawful activity.
Contact informationThis includes your email and telephone number. We use this information to contact you. This is also used to liaise with you, and to protect against fraud and unlawful activity.
Property informationThis is information relevant to your property interests, including your property address or properties you own or have an interest in. It is primarily used for us to provide and personalise the services, but may also be used to identify you or to create relevant content, advertising and marketing.
Financial InformationWe require this information only in connection with property management and leasing decisions. e.g.  credit reports, bank account information, information about your income and expenses, assets and liabilities, credit and loan repayment history, past and present credit types, employment information, the details of court proceedings, insolvency and if applicable, default information. 
Sensitive informationWe will not collect, use or disclose sensitive information unless we have your express consent.Sensitive information is information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.If we receive unsolicited personal information (including sensitive information), we will determine the appropriateness of collecting such information. If it is appropriate, we will handle the information as outlined in this policy. If it is not appropriate, and the information is not contained in a Commonwealth record, we will destroy or de-identify it as soon as practicable, but only if it is lawful and reasonable to do so.
Government identifiersFor example, document numbers on passports, driver licences, and Medicare cards. We will collect, use and disclose this only if needed to verify your identity.
General informationWe will also collect general information that is not personal to you. This type of information generally relates to your behaviour on the site. It includes things like (but not limited to):the type of browser you are using;your operating system (e.g. Windows, Mac);the date and time of your visit to our website;the pages accessed and your top-level domain name (e.g. .com, .gov, .au); and how you came to our website.This information helps us trouble-shoot problems, analyse our operations, and help us to improve resources and improve the services. We may also use it for statistical purposes.  You can contact us at any time to ask what types of other general information we have collected and how we’re using it.We will only use this type of information to attempt to identify you in the unlikely event of an investigation by a law enforcement agency or other government agency.
Billing informationThis is only relevant to you if you are required to make payment for select services. For example, we will collect payment details for rental or maintenance payments.
Employment Record and Tax File InformationThis is only relevant to you if you apply to either work with us, request that we manage your property or provide to us in connection with a lease application.

The type of personal information that we may collect and the purpose of our use, collection and disclosure will depend on the nature of your relationship with us. Further information is set out below under ‘How we use your information’.

Do I need to provide propper with my information?

You are not obligated to provide us with your information. You can use a pseudonym or not identify yourself where it is lawful and practicable to do so. However, our ability to provide a personalised and relevant service to you, as well as to determine eligibility is dependent on the accuracy of information given to us.  We may be limited in our ability to assist you (but we’ll still try!). 

There are many aspects of our website that can be viewed without providing personal information. However, to receive the benefit of our products and services, you are required to submit personally identifiable information. This may include – but is not limited to – your name, email, phone, address.  

You may also need to provide us with personal information to log into an account. In limited circumstances, we may request information to confirm your identity and property ownership, or to determine your eligibility  for a particular product or service. 

If we have received personal information that is immaterial to the provision of the services, we will either delete or destroy it as soon as practicable (but only if it is lawful and reasonable to do so), or ensure that the information is de-identified. In certain circumstances we may be required or permitted by law, court or tribunal order to collect certain personal information about you.

By providing us with personal information, you represent to us that this is your own information or information which you have been authorised to provide.  Where you provide us with your personal information but wish to limit the use and disclosure of the personal information, you should expressly state those limitations to us in writing.

If you are providing us with personal information on behalf of someone else, you represent to us that you have been authorised to provide that information by that person. We will need to confirm that person’s consent to this privacy policy prior to providing some of our services.  You must not provide us with the personal information about another person unless you have first obtained that person’s prior consent to do so and you have told them their personal information will be handled in accordance with this privacy policy (including where they can find it). 

How we collect personal information

We collect information from you whenever you interact with us or our website. This includes when you visit our website, register to use the services, request further information about us, communicate with us (including by phone or email), and interact with our third parties. This information may be collected automatically sometimes. For example, through tracking technologies (including cookies).  

More specifically, we collect information from:

YouFor example, when you provide information by phone, in webforms, submit documentation to us in connection with (without limitation) a tenancy application, lease agreement, managing agency agreement, or an application for employment opportunities, online competitions or promotions.
Your authorised representativesFor example, your property manager, legal adviser, financial adviser, executor, administrator, guardian, trustee, or attorney. This is only permitted where you have authorised the disclosure and it is unreasonable or impractical for us to also collect that information directly from someone else.
Third partiesFor example, our commercial partners or third party service providers. These parties will only share your personal information with us where you have given consent or the proper disclosure requirements have been satisfied.
Our related body corporatesOur related body corporates are propper Pty Ltd, propper Maintenance Pty Ltd, propper Real Estate Pty Ltd,  OpenAgent Pty Ltd, OA Real Estate Pty Ltd, Doorsteps Finance Pty Ltd and Doorsteps Solutions Pty Ltd . These entities may share information with one another from time to time.
Credit Reporting BodiesFor example, we receive credit reports from credit reporting bodies.
Payment providersIf you enter into a contract for our services where a fee is payable, we will need to collect and use your payment information, including your credit/debit card details in order to process payment. This type of personal information is usually processed and provided to us by and in accordance with the relevant payment provider’s terms.
Digital tracking toolsFor example, Google Analytics, Google Signals and Pardot.
Social mediaThis is information provided to us when you access our services through a social network platform such as Facebook.
Publicly available sourcesThis is information about you which is publicly available. For example, information which is available on public registers.

If you choose not to provide certain personal information, we may not be able to provide you with the services at the service levels expected of us. From time to time, you may provide personal information about other individuals to us. 

We don’t collect information for the sake of it. All the information we gather has a specific purpose. Those purposes are identified below under “How we use your information”.  For example, by completing a web-form, we are able to respond to your rental application and advise you if there are any additional services that may assist you during a relocation.  Any information that we receive is used to provide a better or more relevant service or product to you

We believe in transparency so if you want further information on when we have collected your personal information and for what purpose, please don’t hesitate to contact us. 

How we use your information

The main ways we use your personal information and, in some circumstances de-identified data, are set out as follows:

Provide and personalise the servicesto contact verify your check your eligibility for the assist you in gaining approval for, or provision of, services related to property management,  leasing a rental property, or related service. This includes gaining an understanding of your property interests and financial process and respond to a property maintenance establish, administer and manage your account and/or profile, including verifications of profiles, monitoring and reporting as required under our terms or under any applicable facilitate communications between you and us or selected business and commercial partners that you have requested contact with, including (without limitation) credit providers or their intermediaries.
Improve and develop the servicesto understand, diagnose, troubleshoot, and fix issues with the evaluate and develop new content, features, technologies, and improvements to the services, including the development, administration and enhancement of algorithms, functionality and performance.
Creation of Content, Advertising and Marketingto generate and provide stories, commentary, profiles and descriptions (including without limitation, the sharing of feedback or reviews, photos or other personal information) accessible through the services, associated websites and/or social media create, host, publish, post, share, store or upload photos, illustrations, text, video, still images, audio, interactive virtual tours and other generate and report aggregate statistics to advertisers and our service providers and third-parties; to create or distribute advertising and marketing material that is relevant to you, including material relevant to or on behalf of selected business and commercial initiate and develop new business opportunities for us and/or selected business and commercial nurture and verify your data profile by combining your personal information with information we have collected from other sources in order to generate and report analytics, insights and research for us, and and for our selected business and commercial partners.
Business Operationsfor quality assurance and training conduct business planning, reporting, and administer and manage delivery of products and services, including matters relating to making communicate with you in relation to the services, which includes notifying you of changes, surveys, and information about security updates.
Legal Obligations and Complianceto satisfy legal obligations which may arise from agreements or contracts entered into, including (without limitation) the sharing of your personal data and the management and marketing of real estate interests. to conduct appropriate checks for credit-worthiness and for complete and provide internal and external reports and manage reporting and compliance related comply with law enforcement requests including (without limitation), taking appropriate action with respect to reports of intellectual property infringement and inappropriate manage our risks, including by identifying and/or investigating illegal activity or unlicensed the establishment, exercise or defence of legal claims, whether administrative, an in-court proceeding or in out-of-court procedure.any other uses identified at the time of collecting your personal information.

When We Disclose Your Personal Information

In order to deliver the products or services you require, we may disclose your personal information to other organisations, including our related bodies corporate. Your personal information and de-identified data may be disclosed to any other business or organisation in order to facilitate the purpose for which the information was collected. Specific examples of who we might disclose information to include:

  • landlords or tenants (including prospective tenants);
  • our related bodies corporate and our professional advisers;
  • anybody who has been validly authorised to represent you;
  • your employer, referees or identity verification services;
  • credit reporting bodies;
  • fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct;
  • credit providers, including Australian Banks, non-bank lenders and providers of credit, financial or insurance services;
  • selected business and commercial partners, including real estate agents and maintenance service providers who work with us to provide the services, or any entity that has an interest in our business;
  • mortgage brokers or providers of investment, financial or credit services
  • government and regulatory authorities and other organisations under which we are governed (such as ASIC and AUSTRAC) and other bodies as required or authorised by law (such as the ATO and in accordance with the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth));
  • any regulator, industry body, tribunal, court or otherwise in connection with any complaint, dispute or litigation.
  • social media companies, including Facebook;
  • if you conduct any transaction that requires a payment by you (or us), some of your details may be provided to a third-party payment processor to allow the transaction to be completed;
  • Insurance providers for the purpose of risk assessment and administering any claims; 
  • a service provider to allow data analytics to be performed;
  • our investors and their advisers; and
  • anyone else, subject to you having provided us with consent or where we are otherwise permitted to disclose the information under applicable law.

Remember, if you do provide us with your personal information and you wish to limit the use and disclosure of personal information, you should expressly state those limitations to us in writing.

propper takes reasonable steps to ensure that we have your consent to those disclosures, or have notified you of the disclosure before it takes place. Disclosure of your personal information will only occur when it is necessary to deliver the product, service or analysis or purpose relevant to the disclosure. Any organisations who have received your personal information will be subject to equivalent privacy obligations at law or by contract, in relation to the protection of your personal information. 

We may also share with or permit the use of de-identified data or content by others, including selected business and commercial partners, for the purposes of posting or contributing material, as well as performing data analytics which serve a commercial purpose. This extends to research for and execution of marketing initiatives around product offerings. If you do not wish for this to occur, you must state those limitations to us in writing via the following methods: 

Post: Level 2/118 Devonshire St, Surry Hills NSW 2010

Telephone: 1300 622 751


From time to time, parties may reside outside Australia. For example, we may use teams or service providers who reside in the European Union, United States of America, Indonesia, New Zealand and the Philippines to assist us in providing our services to you. These teams and service providers store data or operate outside Australia.

Our outsourcing contracts usually will include an obligation for compliance with Australian privacy law and this privacy policy.  We ensure appropriate privacy, data handling and security arrangements are in place to protect your information.

Direct marketing

From time to time we may use the personal information we collect from you to identify products and services that we believe may be of interest to you. We may then contact you to let you know about these products and services and how they may benefit you. These products and services may be offered by us or a third party.  For example, you may receive direct marketing from our related body corporate(s), business partners, subsidiaries and affiliates that might better serve your objectives, financial situation or real estate needs.  You can ask us not to do this at any time, and we will always give you a choice to opt out of receiving such information in future.

In some cases, we will use or disclose your personal information to such persons or entities for the purpose of participation or eligibility in competitions or promotions and other opportunities in which you may be interested. This includes ‘cross-selling’,  where we suggest a related or complementary product or service to you, and provide a referral or submission of personal information to a third party, subject to your interest and consent.

Direct marketing from us generally takes the form of an electronic marketing email. Electronic marketing occurs where we use your personal information to send you marketing information by email, SMS, MMS or other electronic means. From time to time, we may also  contact you by phone or direct mail for direct marketing.  We may do so with your express or implied consent. 

You may give us your express consent by, for example, ticking a box on an electronic or submitting a form where we seek your permission to send you electronic or other marketing information. Consent may also be implied from our existing business relationship or where you have a reasonable expectation of receiving an electronic marketing communication. We do not sell or allow your personal information to be used by third-parties for their own marketing purposes, unless you ask us to do this or give us your consent to do so.

Every marketing email sent or made by us will include a means by which you can unsubscribe (or opt out) of receiving further marketing information. Additionally, you may instruct us at any time to remove any previous consent you provided to receive communications from us. General requests should be directed to us via the channels provided below:

Post: Level 2/118 Devonshire St, Surry Hills NSW 2010

Telephone: 1300 622 751

E-mail: support@propper.


We will collect information using cookies when you use our website, including any mobile or tablet applications. These cookies will tell us about your visit to our website and help us to remember you, allowing us to create a customised experience for your next visit.  For example, marketing cookies help us to determine which of the services may be of interest and value to you and then tell you about them. We also use cookies for other purposes. For example, to better understand behaviours and habits, as well as diagnosing problems and making improvements to our products and services. We may also use cookie information to display targeted advertisements or content on our network and on this website and also on third party networks and websites, including Google and Facebook. 

We use Google Analytics and Google Signals.

Google Analytics uses cookies to analyse your use of our website. The information generated by the cookie is usually sent to and stored overseas by Google. The types of information generated by the cookie include your location, search history and data from sites that partner with Google. We use the information provided through Google Analytics to understand and evaluate your use of our website, compile reports about activity and provide other services relevant to optimising your use of the website.

We also use Google Signals. This allows us to assign and track the customer journey of an individual website visitor to different end devices. For example, we can see when a user clicks on a propper ad on one device and then registers for our services on another device. However, we can only see this if the user has logged in to a Google service when visiting a website and has activated the option “personalised advertising” in their Google account settings at the same time. If you do not want “Google Signals” to be used, you can disable the “Ads Personalisation” option in your Google Account preferences. No personal data or user profiles are accessible to us; this means you remain anonymous to us.

For more information, please see Google’s Privacy Policy which is available here.

De-identified Data

From time to time, we may collect, use and disclose de-identified data. De-identified data is data which has had all personally identifiable information removed or anonymised.  This means that you can no longer be identified, nor can any other individual in that data-set. When we no longer need your personal information for any of the purposes set out in this Privacy Policy, or as otherwise required by law, we will take reasonable steps to destroy it or to de-identify it.  We will use de-identified data for research and commercial purposes, such as creating reports and insights. 

For example, we will use and share historical and current de-identified user and transactional data to develop marketing initiatives and product offerings. Those understandings, whether developed internally or in connection with an external partner may also be provided to our selected business and commercial partners from time to time.  If you have any concerns or questions about our approach to, or use of, de-identified data, please let us know. 

Government Identifiers

This refers to the use and disclosure of government related identifiers. For example, your tax file number and country of tax residency, medicare card, Australian passport, driver licence or pension card details , citizenship and birth certificate, death and marriage certificates etc.

We do not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an Australian law, regulation or court/tribunal order. Before using or disclosing a government related identifier of an individual, we ensure that such use or disclosure is:

  • reasonably necessary for us to verify your identity for the purposes of the our activities or functions; 
  • reasonably necessary for us to fulfil its obligations to a government agency or a State or Territory authority; 
  • required or authorised by or under an Australian law, regulation or a court/tribunal order; 
  • within a permitted general situation (other than the situations referred to in Items 3, 4 or 5 of the table in subsection 16A(1)) of the Privacy Act exists in relation to the use or disclosure of the identifier; or
  • reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

Online Applications

From time to time, you may send an application to us via an online form. We may use that information to correspond with you directly and to determine the suitability of any products and services.  If you start but do not submit an online application, we may contact you using any of the contact details you have supplied to offer help completing it.

Our reliance on accurate, complete and up to date information

We take reasonable steps to ensure that the personal information we hold about you is accurate, complete and up-to-date. However, we also rely on you to advise us of any changes to your personal information by maintaining and updating your profile. Please contact us using the contact details below as soon as possible if there are any changes to your personal information or if you believe the personal information we hold about you is not accurate, complete or up-to-date so that we can update your file accordingly.

Accessing Your Personal Information

To access the personal information we hold about you, please contact us. From time to time, we may need to consult with other entities before proceeding with your request. As such, we will respond to your request within 30 days, unless otherwise notified to you. We will give access in the manner you have requested  and at no-cost, if it is reasonable to do so. If any fees do apply, we will notify you in writing and shall await your payment before proceeding.

We may deny you access to your personal information in certain circumstances, for example, if required or authorised by or under an Australian law or a court/tribunal order, or it would be likely to prejudice enforcement related activities by an enforcement body. If we do not give you access, we will provide you with the reasons for the refusal (except where it would be unreasonable to do so) and information on how you can complain about the refusal, in writing.

Post: Level 2/118 Devonshire St, Surry Hills NSW 2010

Telephone: 1300 622 751


Updating Your Personal Information

To update your personal information, please contact us on the details provided as soon as possible if there are any changes to your personal information or if you believe the personal information we hold about you is not accurate, complete or up-to-date and we will update your records accordingly.

If appropriate, we will correct the personal information at the time of the request. In some circumstances, we will need to conduct an investigation, after which we will notify you of the decision to update or change your personal information within 30 days of the initial request. This timeframe is a result of the need to consult with other entities from time to time as part of our investigation. If we refuse to correct personal information, we will provide you with our reasons for not correcting the information. If we refuse your request to correct your personal information, at your request, we will include a note to your personal information which states you disagree with its accuracy or completeness.

Automated Decision-Making

We may in some cases use automated decision-making. We will only do so if it is authorised by law, if you have provided an explicit consent, or if it is necessary for the performance of a contract. For example, we may use an automated credit approval process. You may request that we use a manual decision-making process instead. You can also express an opinion on or contest any decision which was based solely on automated processing or profiling. If we are using automated decision-making, we will let you know about the logic used,  our legal basis, and the significance and envisaged consequences.

Storage and Security 

We will store your personal information for as long as needed to provide you with the services and to operate our business. We store this information for at least seven years, and in different ways, including in paper and electronic form. At any time, you can request to access your personal information held on our website (subject to service outages) to keep it updated.  We will also delete specific personal information upon request, unless deleting that information prevents us from carrying out necessary business functions, such as billing, meeting our obligations at law and conducting required audits. If we are unable to delete your data, subject to satisfying our obligations at law, we will transform it so that it can no longer be used to identify you.

We have a variety of appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. It includes physical and electronic measures. Although we aim to create a safe, secure environment, we cannot guarantee that unauthorised parties will not gain access but will notify you regarding eligible data breaches if they are likely to or do impact you. More information on this is provided under “Notifiable Data Breach Scheme”.

Third-Party Links & Websites

Our website may contain links to the websites of other entities. If you click on such links, you will be transferred to the website of these entities. Those third parties may collect information about you (including, without limitation, cookie and web beacon information, information about your preferences or other information you have provided about yourself), and we may also collect or have access to that information as part of our arrangements with those third parties. We have no control over, and are not responsible for, the privacy practices of these entities. 

You should read the privacy policy of those entities to find out how they handle your personal information when you visit their websites. We are also not responsible for the way these entities collect, use, disclose or handle personal information you provide to them through our website. 

From time to time, we may also advertise on third-party websites. In connection with this, our advertising service provider may use cookies and, in some cases, web beacons, to collect information such as the server your computer is logged onto, your browser type, the date and time of your visit, as well as information relevant to the performance of their marketing efforts. Other information that may be collected is how you utilise our website and the manner as well as content relevant to your engagement with our products and services.

Notifiable Data Breach Scheme

The Notifiable Data Breaches (NDB) scheme applies to eligible data breaches that occur on or after 22 February 2018. It mandates a reporting and notification process for us. The Office of the Australian Information Commissioner (OAIC) administers the NDB Scheme.


  1. there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that propper holds;
  2. this is likely to result in serious harm to one or more individuals; and
  3. we have not been able to prevent the likely risk or serious harm with remedial action,

    –  then we are required to notify the OAIC about the incident.

The NDB scheme ensures that as an organisation, we are accountable for your privacy protection. The notification process is important for building a relationship of trust and transparency. In addition, by keeping you notified, you’re better able to take steps to mitigate harm, such as changing passwords or being alert to phishing emails or scams. In the interim, propper would also be taking steps to remediate the breach and will keep you advised on our progress, including the security measures being undertaken.  

Please contact us on the details provided if you have any questions about this. 

Post: Level 2/118 Devonshire St, Surry Hills NSW 2010

Telephone: 1300 622 751


General Data Protection Regulation – Data Subject Rights

Our collection, use, disclosure and processing of your personal information will also be regulated by the GDPR if we offer our services to you while you are in the EU, or if we monitor your behaviour while you are located or residing in the EU (Data Subject).

The GDPR provides Data Subjects with certain rights to

  • information about the processing of your personal data;
  • obtain access to the personal data held about you. Note: if there is a legal or practical reason that prevents us from providing you with access to your personal information, which is relevant to you, we will discuss the reason why we are unable to provide you access to your personal information.
  • ask for incorrect, inaccurate or incomplete personal data to be corrected;
  • request that personal data be erased when it’s no longer needed or if processing it is unlawful;
  • object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
  • request the restriction of the processing of your personal data in specific cases;
  • receive your personal data in a machine-readable format and send it to another controller (e.g. data portability)
  • request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. 
  • express your point of view and to contest the decision of automated decisions.

These rights apply across the EU, regardless of where the data is processed and where we are established. These rights also apply when you buy goods and services from non-EU companies operating in the EU.

If you need further information on these rights, please contact us on the details provided. 

If you are a Data Subject and would like to exercise your rights, you can contact us on the details set out in this policy. We will respond to your requests without undue delay and at the latest within one (1) month. If we are unable to meet this timeframe, we will provide you in writing the reasons why. In order to exercise these rights, you may be asked to provide information to confirm your identity.

If you are a Data Subject, we are allowed to use your personal information in the following circumstances:

  1. to fulfil a contract we have with you (which includes acting on instructions you give us before entering into a contract)
  2. to comply with a European Union Member State law;
  3. when you provide your consent; and/or
  4. when it is in our legitimate interest (please see “How We Use Your Information” for more details). For example, when processing your personal information is necessary and we cannot achieve the same outcome in another way and we have undertaken a balancing exercise and our interests are not outweighed by your interests, rights and freedoms. 

If we intend to use your personal information for any other purpose, prior to doing so, we will provide you with information on the new purpose and update this policy. If you do not allow us to collect all of the relevant personal information which we consider necessary to fulfil a contract with you, to comply with law or on the basis of a legitimate interest – then, we may not be able to deliver all of our products or services to you.

Electronic Communications

By providing your email address to us, you consent to receiving notices and other documents from us by email to that registered email address. By giving this consent you also confirm that:

  1. We may no longer send you paper copies of notices and other documents. You represent to us that you have the materials and facilities to print and save any notice or other documents sent to you by email;
  2. You are responsible for checking your email address’ inbox;
  3. An email sent by us will be deemed to have been received once it enters your computer system; 
  4. If you wish to withdraw your consent, you must notify us in writing.

Upon registration, you will also be subscribed to receive marketing communications from us via email. Such communications may include updates, opportunities, promotions, and reminders. They may also include marketing information about us and/or our selected business and commercial partners.  If you wish to unsubscribe from our marketing communications, you may do so by sending an email to or via the unsubscribe link provided.

Complaints and further enquiries

You can lodge complaints or make further enquiries by contacting us at:

  • Level 2/118 Devonshire St, Surry Hills NSW 2010
  • Telephone: 1300 622 751
  • E-mail:

We encourage you to speak to us about your complaint directly. Please provide as much information as possible, with any supporting documentation if relevant. This will help us to resolve your complaint as quickly as possible. You may also lodge a complaint by speaking to any representative of our business.

You should explain the details of your complaint as clearly as you can.  You may do this verbally or in writing.

Office of the Australian Information Commissioner

If you are unsatisfied with our response to your complaint, you may complain to the Office of the Australian Information Commissioner (OAIC). Before you may make a complaint to the OAIC, the OAIC requires any complaint must first be made to us, and allows 30 days for us to deal with your complaint.

Address:  Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001

Phone: 1300 363 992