An Overview

OpenAgent understands that when you use our website, products or services, you are trusting us to handle your data respectfully and appropriately.  As a result, we’re transparent about our use of your personal information, as well as de-identified data.  In order for you to make an informed decision about providing us with your personal information, you need access to relevant information.  

This Privacy Policy sets out how we collect, use, disclose and manage personal information in connection with any use of our products and services, including our website (hereafter referred to together as "OpenAgent's Services"). We are subject to the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). The APPs set out the manner in which we may collect, store, use and disclose personal information and how a person, such as yourself, can access and/or correct records containing their personal information.

 In accessing our website, using any of OpenAgent's Services or otherwise providing us with your personal information (or authorising it to be provided to us by someone else), you agree to your personal information being handled as set out in this Privacy Policy. This extends to our creation and use of de-identified data.

If you have any questions, we encourage you to contact us on the details provided below. We’re here to help. 


Changes To This Privacy Policy

We may update this Privacy Policy from time to time.  As a result, we encourage you to review our policy periodically for changes and provide your feedback to us.  Don’t worry - these updates are usually clarifications based on feedback from customers or product and service developments.  Any material revisions of this policy that would result in a material detriment to you will be notified to you by a posting on website, via e-mail or any other means available to us.

Please note that your continued use of OpenAgent's Services, requesting our assistance or the provision of further personal information to us (directly or via an authorised person) after this Privacy Policy has been revised, constitutes your acceptance of the updated Privacy Policy. 


What Is Personal Information?

Personal information is information about an identified individual, or an individual who is reasonably identifiable. This information does not need to be true or recorded in a material form in order to be counted as personal information.

Whether information is personal information is determined by giving due consideration to whether it is information about an identified individual or about an individual who is reasonably identifiable.  For example, sometimes you might provide us with information that has no connection to you as an individual or will not reveal or convey anything about you. This type of information is not personal information. We also don't collect what is considered 'sensitive information' under the Privacy Act. Examples of sensitive information we do not collect are racial or ethnicity information, political opinions or associations and health information.

OpenAgent does collect different types of information that are explicitly recognised as constituting personal information under the Privacy Act. For example:

  • your name and contact details;
  • your residential or investment property address;
  • information about your real estate interests or private/family situation;
  • commentary and opinions, including your tastes and preferences;
  • images, including (without limitation) photos, 3D virtual tours or renderings, floor plans, illustrations or other material;
  • limited credit information (where relevant);
  • billing information (where relevant);
  • employee record and tax file number information (this is only relevant if you work for us).

We will also collect general information that is not personal to you. This type of information generally relates to your behaviour on the site. It includes things like (but not limited to):

  • the type of browser you are using;
  • your operating system (e.g. Windows, Mac);
  • the date and time of your visit to our website;
  • the pages accessed and your top-level domain name (e.g. .com, .gov, .au); and
  •  how you came to our website.

It also includes information that will help us trouble-shoot problems, analyse our resources and improve our OpenAgent Services. We may also use it for statistical purposes. We will only use this type of information to attempt to identify you in the unlikely event of an investigation by a law enforcement agency or other government agency. 


Do I Need To Provide You With My Personal Information?

There are many aspects of our website that can be viewed without providing personal information. However, for access to some of our products and services (for example, the Vendor Research Services and OpenEstimates), you are required to submit personally identifiable information. This may include - but is not limited to - your name, email, phone, address.  You may also need to provide us with personal information to log into an account. In limited circumstances, we may request information to confirm your identity and property ownership, or to determine your suitability for a particular product or service. 

If we have received personal information that we have not requested (unsolicited personal information), don’t worry. We will either delete or destroy it as soon as practicable (but only if it is lawful and reasonable to do so) or ensure that the information is de-identified. In certain circumstances we may be required or permitted by law, court or tribunal order to collect certain personal information about you.

By providing us with personal information, you  represent to us that this is your own information or information which you have been authorised to provide.  Where you provide us with your personal information but wish to limit the use and disclosure of the personal information, you should expressly state those limitations to us in writing.

If you are a real estate agency providing us with personal information as it relates to customers (including, without limitation buyers and vendors of real estate property), you must only provide such information in compliance with the Privacy Act. You must not provide us with personal information without the consent of the individual it relates to.

To be clear, you are not obligated to provide us with your information. You can use a pseudonym or not identify yourself. However, our ability to provide a personalised and relevant service to you is dependent on the accuracy of information given to us.  We may be limited in our ability to assist you (but we'll still try!). 


When Do You Collect Personal Information?

We collect information from you whenever you visit our website, register to use OpenAgent's Services, request further information about us or interact with related software (including mobile applications). We will collect this information automatically using tracking technologies, including cookies, and through web forms where you type in your information. We will also collect information when you:

  • submit documentation or information to us in connection with the Services;
  • contact and interact with us independently of our website, such as contacting us by email, phone or in person;
  • participate in activities or offers, including any of our online competitions or promotions;
  • access any of our services through a social network or third-party site;
  • submit information to us as part of an employment opportunity; 
  • visit or interact with our website and related software (including mobile applications and tablets);
  • provide (or permit us to create) photos, illustrations, text, video, still images, audio, interactive virtual tours and schematic floor plans or other material;  
  • consent to the sharing of your personal information with us including (without limiation) through a related body corporate, service provider or third-party (Stakeholder); and
  • where you provide us with feedback or make a complaint.

We don't collect information for the sake of it. All the information we gather has a specific purpose. Those purposes are identified below under "How Do You Use My Personal Information & De-identified Data?". For example, by completing a web-form, we are able to personalise a service to your stated needs, and then follow up to make sure you’re happy.  Any information that we receive from Stakeholders is used to provide a better or more relevant service or product to you

The information we collect also allows us to learn more about who is interested in OpenAgent's Services. By further understanding how you interact with content on our website, including tracking the content that you view most, we can improve the navigational experience on our website and commit to providing you with more information that we know you’re likely to be interested in. 

We believe in transparency so if you want further information on when we have collected your personal information and for what purpose, please don't hesitate to contact us.


Do You Receive Information About Me From Third-Parties?

From time to time, we will collect personal information about you from Stakeholders. The information we receive is still subject to underlying consent. This means that you must have consented to their sharing that information with us. This is usually disclosed in their privacy policy. We also require all Stakeholders to be compliant with the Privacy Act prior to any engagement in data sharing activities.  

We may receive information about you from:

  • OpenAgent Group companies (our related bodies corporate);
  • your representatives (including employers), upon authorisation from you;
  • public registers or other publicly available sources of information;
  • our contracted service providers (for example, website server hosts, IT and HR management and resourcing);
  • other Stakeholders who collaborate with us to provide products and services to you (for example, real estate agencies);
  • third-party websites, applications or platforms that interface with our own websites and applications (for example, customer relationship management providers);
  • social media platforms when you publicly comment, interact with us or send us a private message (for example, LinkedIn, Facebook and Instagram); and
  • digital tracking tools (for example, cookies).

You must not provide us with the personal information about another person unless you have first obtained that person’s prior consent to do so and you have told them their personal information will be handled in accordance with this Privacy Policy (including where they can find it). 


How Do You Use My Personal Information & De-identified Data?

The main ways we use your personal information and de-identified data are set out as follows:

Provide and personalise OpenAgent’s Services

·        to check your eligibility for OpenAgent's Services;

·        to provide and personalise products and services to you;

·        to establish, adminster and manage your account and/or profile, including verifications of profiles, monitoring and reporting as required under our terms or under any applicable laws;

·        to facilitate communications between you and us or a Stakeholder that you have requested contact with, including (without limitation) real estate agents, buyers or vendors of real estate property, credit providers or their intermediaries;

Improve and develop OpenAgent’s Services

·        to understand, diagnose, troubleshoot, and fix issues with OpenAgent's Services;

·        to evaluate and develop new content, features, technologies, and improvements to OpenAgent's Services, including the development, administration and enhancement of algorithms, functionality and performance;

Creation of Content, Advertising and Marketing

·        to generate and provide stories, commentary, and property profiles or descriptions (including without limitation, the sharing of feedback or reviews, photos or other personal information) accessible through OpenAgent Services, associated websites and/or social media channels;

·        to create, host, publish, post, share, store or upload photos illustrations, text, video, still images, audio, interactive virtual tours and schematic floor plans or other material of a real estate property on our platform and with our Stakeholders;

·        to generate and report aggregate statistics to advertisers and our service providers and third-parties;

·        to create or distribute advertising and marketing material that is relevant to you, including material relevant to or on behalf of our Stakeholders;

·        to initiate and develop new business opportunities for us and our Stakeholders;

·        to nurture and verify your data profile by combining your personal information with information we have collected from other sources in order to generate and report analytics, insights and research (including without limitation, your propensity to buy or sell property) to and for our Stakeholders;

Business Operations

·        for quality assurance and training purposes;

·        to conduct business planning, reporting, and forecasting;

·        to communicate with you in relation to OpenAgent's Services, which includes notifying you of changes, surveys, and information about security updates;

Legal Obligations and Compliance

·        to satisfy legal obligations which may arise from agreements or contracts entered into, including (without limitation) the management and marketing of real estate interests;

·        to comply with law enforcement requests including (without limitation), taking appropriate action with respect to reports of intellectual property infringement and inappropriate content;

·        in the establishment, exercise or defence of legal claims, whether administrative, an in-court proceeding or in out-of-court procedure; and

·        any other uses identified at the time of collecting your personal information.


If you are a Stakeholder collaborating with us in connection with OpeAgent's Services then we may also use personal information:

  • to process any payments and for invoicing generally; and
  • for disclosure to debt collection agencies to recover any amounts you owe to us.

As a reminder, your use of OpenAgent's Services is conditional on us using and disclosing your personal information in any manner that could reasonably be contemplated by this Privacy Policy and the terms and conditions of OpenAgent's Services generally. Where relevant, you consent to our using your personal information for the purpose of our functions and/or activities outlined above, and in accordance with this policy generally. 

If we want to use your personal information for any other purpose that is not outlined in this Privacy Policy, we will provide you with information on the new purpose and seek your additional consent. We will also update this Privacy Policy. 


When Might We Disclose Your Personal Information?

Don’t worry – you won't hear from anyone unless you ask us to put them in contact with you and/or provide us with consent to do so. 

Your personal information and de-identified data may be disclosed, if appropriate, to the OpenAgent Group and any other business or organisation in order to facilitate the purpose for which the information was collected. Those purposes are identified above under "How Do You Use My Personal Information & De-identified Data?". As a result, we may disclose your personal information to organisations outside OpenAgent who assist us in delivering or supporting OpenAgent's Services to you. For example, if you tell us you want to hear from a recommended agent, we will provide your personal information to them. We may also share your personal information with a service provider or third-party,  including details relevant to whether and to what extent you have engaged with us, in order to further facilitate business operations and to advertise, facilitate, maintain or deliver more relevant products and services to you.  Sometimes, we will also need to share your personal information with a service provider or third-party only to the extent required for the performance, operation and use of that service or to allow data analytics to be performed.

Those entities will be permitted to obtain only the personal information necessary to deliver the product, service or analysis. OpenAgent takes reasonable steps to ensure that these organisations and individuals are bound by equivalent confidentiality and privacy obligations in relation to the protection of your personal information. If you would like to know who has been given access to your personal information, just ask!  Remember, if you do provide us with your personal information and you wish to limit the use and disclosure of personal information, you should expressly state those limitations to us in writing (see below).

We may also share with or permit the use of de-identified data or content by others, including our Stakeholders, for the purposes of posting or contributing material about real estate properties, as well as performing data analytics which serve a commercial purpose. This extends to research for and execution of marketing initiatives around OpenAgent and non-OpenAgent product offerings. For clarity, content refers to 3D virtual tours, floorplans, photographs, video,  or other images in any form or by any means (including, without limitation, electronic mechanical, micro-copying, photocopying, recording or otherwise) that are created, generated, used, copied reproduced, stored or transmitted in connection with your use of any of our services. If you do not wish for this to occur, you must state those limitations to us in writing via the following methods

  • By post: PO Box 419, Alexandria NSW 1435; or
  • By email:

If you conduct any transaction that requires a payment by you (or us), some of your details may be provided to a third-party payment processor to allow the transaction to be completed. We may also share your personal data when we in good faith believe it is necessary for us to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena. We may  disclose your personal information to any applicable or relevant regulator or third-party for the purpose of legislative or contractual compliance and/or reporting (for example, superannuation, payroll or debt collection).

From time to time, these parties may reside outside Australia. For example, our customer service teams who reside in New Zealand and the Philippines to assist us in providing OpenAgent's Services to you.  Our contracts usually include an obligation for compliance with Australian privacy law and this Privacy Policy.  However, you acknowledge that, by agreeing to the disclosure of your personal information to these entities outside of Australia, we will no longer be required to take reasonable steps to ensure the recipient’s compliance with the Australian privacy law in relation to your personal information and we will not be liable to you for any breach of the Australian privacy law by these overseas recipients. On this basis, you consent to such disclosure. 


Does OpenAgent Use My Personal Information for Direct Marketing?

From time to time we may use the personal information we collect from you to identify products and services that we believe may be of interest to you. We may then contact you to let you know about these products and services and how they may benefit you. We will generally only do this with your prior consent (where practical) and we will always give you a choice to opt out of receiving such information in future.

Direct Marketing from OpenAgent generally takes the form of an electronic marketing email. Electronic marketing occurs where we use your personal information to send you marketing information by email, SMS, MMS or other electronic means. We may do so with your express or implied consent. You may give us your express consent by, for example, ticking a box on an electronic or submitting a form where we seek your permission to send you electronic or other marketing information. Consent may also be implied from our existing business relationship or where you have a reasonable expectation of receiving an electronic marketing communication. We do not sell or allow your personal information to be used by third-parties for their own marketing purposes, unless you ask us to do this or give us your consent to do this as stated above under "How Do You Use My Personal Information?" .

Every directly addressed marketing contact sent or made by OpenAgent will include a means by which you can unsubscribe (or opt out) of receiving further marketing information. Additionally, you may instruct us at any time to remove any previous consent you provided to receive marketing communications from us. General requests should be directed to us via the channels provided under "Contact Us" below. 


Can I Access My Personal Information?

Generally, you may review, edit, correct or delete any personal information you submit to us at any time. Access to your personal information may be denied on certain grounds including if it is unlawful, or if it may have an unreasonable impact upon the privacy of other individuals, or your request is frivolous or vexatious. If we deny you access, we will provide our reason for doing so at the time of your request.

If you wish to access the personal information we hold about you or request a correction of it, please Contact Us" on the details provided below and we will respond to your request.  We will try to make this process as simple as possible and we do not charge you for such requests. 


How Can I Correct or Update My Information?

We take reasonable steps to ensure that the personal information we hold about you is accurate, complete and up to date. However, we also rely on you to advise us of any changes to your personal information by maintaining and updating your profile. Please “Contact Us” on the details provided below as soon as possible if there are any changes to your personal information or if you believe the personal information, we hold about you is not accurate, complete or up-to-date and we will update your records accordingly. 


Dealing With Us Anonymously or by Pseudonym

As previously mentioned, for us to successfully do business with you it will not (in most circumstances) be practical for us to deal with you without you providing relevant personal information to us. However, where it is lawful and practicable to do so, you may deal with us anonymously or by using a pseudonym. 


De-identified Data

From time to time, we may collect, use and disclose de-identified data. De-identified data is data which has had all personally identifiable information removed or anonymised.  This means that you can no longer be identified, nor can any other individual in that data-set. When we no longer need your personal information for any of the purposes set out in this Privacy Policy, or as otherwise required by law, we will take reasonable steps to destroy it or to de-identify it.  We will use de-identified data for research and commercial purposes, such as creating reports and insights. For example, we will use and share historical and current de-identified user and transactional data to develop marketing initiatives and product offerings. Those understandings, whether developed internally or in connection with an external partner may also be provided to our Stakeholders from time to time.  If you have any concerns or questions about our approach to, or use of, de-identified data, please let us know


Automated Decision Making

From time to time, we may use automated decision making to help identify and prevent spam or other prohibited behaviours, including abusive or fraudulent activity, taking place via OpenAgent's Services.  If you are unable to access your account at any time, please Contact Us”.  


Links to Third-Party Websites

Our website may contain links to the websites of other entities. If you click on such links, you will be transferred to the website of these entities. OpenAgent has no control over, and is not responsible for, the privacy practices of these entities. You should read the privacy policy of those entities to find out how they handle your personal information when you visit their websites. We are not responsible for the way these entities collect, use, disclose or handle personal information you provide to them through our website. 


Storage and Security

OpenAgent will store your personal information for as long as needed to provide you with OpenAgent's Services and to operate our business. At any time, you can request to access your personal information held on our website (subject to service outages) to keep it updated.  We will also delete specific personal information upon request, unless deleting that information prevents us from carrying out necessary business functions, such as billing and conducting required audits. If we are unable to delete your data, we will transform it so that it can no longer be used to identify you.

OpenAgent has a variety of appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. It includes physical and electronic measures. Although we aim to create a safe, secure environment, we cannot guarantee that unauthorised parties will not gain access but will notify you regarding eligible data breaches if they are likely to or do impact you. 

If you have a specific concern or request about your data, please Contact Us”. 


Notifiable Data Breach Scheme

The Notifiable Data Breaches (NDB) scheme applies to eligible data breaches that occur on or after 22 February 2018. It mandates a reporting and notification process for OpenAgent. The Office of the Australian Information Commissioner (OAIC) administers the NDB Scheme.

In simple terms, if:

  1.  there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that OpenAgent holds; and
  2.  this is likely to result in serious harm to one or more individuals; and
  3. we have not been able to prevent the likely risk of serious harm with remedial action,

then OpenAgent is required to notify the OAIC and impacted individuals about the incident.

There is a broad scope of activities that would be considered unauthorised access, unauthorised disclosure or loss of personal information. Some examples include:

  • a third-party hacking our systems or databases;
  • a person browsing customer records without any legitimate or authorised purpose;
  • a laptop containing personal information is stolen or lost;
  • a person sends an email containing personal information to the contact.

The NDB scheme ensures that as an organisation, we are accountable for your privacy protection. The notification process is important for building a relationship of trust and transparency. In addition, by keeping you notified, you’re better able to take steps to mitigate harm, such as changing passwords or being alert to phishing emails or scams. In the interim, OpenAgent would also be taking steps to remediate the breach and will keep you advised on our progress, including the security measures being undertaken.  

Please Contact Us” on the details provided below if you have any questions about this. 


General Data Protection Regulation

As of 25 May 2018, the European Union’s General Data Protection Regulation (GDPR) serves to regulate data protection and privacy for individuals in the European Union (EU), including the processing of personal information.   Our collection, use, disclosure and processing of your personal information is regulated by the GDPR if we offer OpenAgent's Services to you while you are in the EU, or if we monitor your behaviour while you are located or residing in the EU (Data Subject).

The GDPR provides Data Subjects with certain rights. These include the right of access; the right to be informed; the right to object; the right to withdraw consent; the right to rectification; the right to erasure; the right to data portability; the right to restrict processing (in particular circumstances); and the right to object to automated decision making in limited circumstances. If you need further information on these rights, please “Contact Us” on the details provided below.

As a Data Subject, you can request and obtain: 

  • copies of your data and how OpenAgent is using it; 
  • details of how long the data will be stored; and
  • information about whom the data may be disclosed to. 

You can also “Contact Us” at any time to learn about the security measures taken by OpenAgent to safeguard your data on the details provided below. 

For clarity, OpenAgent will only collect and store your data if you have provided express consent and if the provision of your personal data is necessary for the performance of an agreement between yourself and OpenAgent, including fulfilment of pre-contractual obligations.

We will collect information using cookies when you use the OpenAgent website, including any mobile or tablet applications. These cookies will tell us about your visit to our website and help us to remember you, allowing us to create a customised experience for your next visit.  For example, marketing cookies help us to determine which of OpenAgent's Services may be of interest and value to you and then tell you about them.

OpenAgent may also collect your data to comply with legal obligations, and if the processing of your data is related to a matter in the public interest or in the exercise of official authority vested in OpenAgent. Don’t worry, if we are obliged to retain your personal data for a longer period due to the performance of a legal obligation or upon order of an authority, we will comply with our obligations and inform you as such.

Please note, you have the right to object at any time to the processing of your personal data. If processing occurs for legitimate business interests, you will need to provide us with grounds justifying your objection. If we are processing your personal data for direct marketing relating to OpenAgent, you can object without any justification. We want to know about your objections as soon as possible, so please don’t hesitate to contact us and let us know.

Under the GDPR, you can also request information about whether we are transferring any of your personal data to another country; or an international organization governed by public international law or set up by two or more countries. You can also elect to have your personal data transmitted to another controller if your personal data is being processed by automated means and if the processing is based on your contracted consent.

For clarity, we will only send your personal information outside of the European Economic Area (EEA) where you instruct us to do so or to comply with the law or to work with other companies within the OpenAgent Group, partners and third-parties who help us deliver OpenAgent's Services. If we disclose and store your personal information outside the EEA, we will only do so if it is protected to an equivalent or higher standard than GDPR. For example, we will require the recipient of your personal information to:

Finally, your personal data will only be processed and stored for as long as required by the purpose for which it has been collected for. Following withdrawal of consent, or where there is no legitimate need for your personal data, we will delete it. 


Personal Information about Employees or Job Applicants

OpenAgent will collect personal information from you if you apply for a job with and/or become employed by us. In these circumstances:

  • you authorise us to collect any personal information (whether written or verbal) from any referee or previous employer specified in your application for employment or curriculum vitae for evaluation of your application for employment and to hold such information on your personal file for future evaluation of your employment by us; and
  • you acknowledge that we collect your personal information for the purpose of evaluating your application for employment and, should you accept employment with us, the assessment of your continued employment by us and the administration by us of your remuneration and any PAYG obligations;
  • you acknowledge that a failure by you to provide the requested personal information will have a detrimental effect on our ability to give your application proper consideration. You can request to access and/or correct your personal information at any time.

We care about your rights and want you to feel confident in how we store and use your personal information. If you believe that we have breached your privacy rights in any way, or you would like to discuss this Privacy Policy, please Contact Us on the details provided below. All such enquiries will be prioritised, and any complaints are taken seriously.  If you're dissatisfied with how your enquiry or complaint was dealt with, please tell us.  Contact details for the OAIC are also provided below.

Please contact us immediately  if you become aware of or have reason to suspect any breach of security, including unauthorised use of your account or handling of your personal information.


Contact Us

By Post: PO Box 419, Alexandria NSW 1435
By Telephone: 13 24 34
By Email:

Using the details above, please feel free to contact us if you have any general questions about this Privacy Policy. For example, you can:

  • request further information about the way we collect, handle, manage and secure your personal information;
  • request access to or update your personal information held by us;
  • limit our use and disclosure of your personal information;
  • inform us about any suspected or known unauthorised use of your account by anyone else;
  • unsubscribe from any OpenAgent mailing list or flag with us concerns about any communications that you may have received or are concerned about; 
  • ask us any other questions or raise a complaint.

We’re always happy to hear from you.  


Need More Information on Privacy?

For more general information regarding privacy in Australia, visit the website of the Office of the Australian Information Commissioner ( You can also call or email them :

Phone: 1300 363 992