Privacy Policy

Introduction

This privacy policy applies to Property Exchange Australia Limited (ACN 140 677 792) (“PEXA”), and to its ultimate holding company, and any Australian subsidiaries of that ultimate holding company (“PEXA Group”, “we” or “us”). PEXA operates an online property exchange platform that allows Subscribers, including lawyers, conveyancers, financial institutions, to lodge documents with Land Registries and complete financial settlements electronically.

Protecting your privacy is important to us. This policy explains how we manage personal information within our organisation in accordance with Australian privacy law. Subscribers accessing the PEXA Platform from the European Economic Area may have additional rights under the General Data Protection Regulation (‘GDPR’).

What types of personal information do we collect?

Information about Subscribers

Where your organisation is a Subscriber to the PEXA network (e.g. a law firm, conveyancing firm or financial institution) and you are using our electronic lodgement network (“ELN”) and financial settlement system (ELNO System services) as a representative of your organisation, we may collect and hold the following kinds of personal information about you:

  • contact information, such as your postal address, email address and telephone number;
  • the name of your organisation and your position;
  • details about your professional certificates, qualifications, licences or memberships;
  • verification of identity (“VOI”) information, such as your name, date of birth, passport and driver’s licence number, birth certificate, marriage certificate or Medicare number; and
  • banking details provided by your organisation to facilitate the direct debiting of PEXA fees.

Information about buyers and sellers

Where you are a buyer or seller whose representative is using our ELNO System services in relation to your property transaction, we may collect and hold the following kinds of information about you:

  • identifying information, such as your name, residential or postal address, email address and date of birth;
  • information about a relevant property or properties the subject of a transaction(s), including, or a property in our database which is associated with you:
  • land title details;
  • address;
  • details about your lender (if any);
  • purchase/sale price;
  • financial information, such as bank account or other payment details.

Information about people who use our website or mobile application, subscribe to our newsletter, or attend our events

Where you use our website or mobile applications, we may also collect and hold the following kinds of information:

  • your name and email address;
  • usernames and passwords that you create;
  • details of any PEXA products or services that we provide to you;
  • information about how you use the products and services we provide;
  • records of our communications with you, including any messages you send us; and
  • information related to products and services you access through our mobile applications, including PEXA Key.

Where you attend our events, we may collect and hold personal information about you such as your name and contact information (if you provide this information to us) and the events you attend.

Information about others

We also collect information about people who are our contractors, suppliers and business partners, or who are employed by our contractors, suppliers and business partners. We collect information needed to conduct business with that individual or party.

What if we don’t collect this information?

Without the information listed above, we may not be able to provide our ELNO System services, or other products or services (or all of the features and functionality offered by our products or services), respond to queries or requests that you submit to us, or invite you to events.

How do we collect personal information?

We collect personal information about you in the following ways:

  • When you give it to us. We collect information when you provide us with information. For example, this might happen when you’re setting up an account with us via our website or mobile applications, or where we ask you to provide certain personal information
  • When you or your representatives use our ELNO System services. For example, when you or your representative use our ELNO System services, we collect information about the property or properties you are buying or selling and financial information related to the properties. Further information on how we collect personal information as part of our ELNO System services is provided below.
  • When you subscribe to our property insight products or services. For example, if you subscribe to our report subscription service, we collect your email address and details of subscription.
  • When you visit our offices. For example, we may require visitors to sign in before entering our office. We may on occasion and subject to consent, photograph or video people in our offices for marketing and promotional purposes.
  • From third parties. In some cases, we may collect personal information from a third party, such as through your representatives, contractors who provide services to us, or third parties who refer you to us because they think you may be interested in our products or services. We may also collect deidentified raw data about a property from suppliers of information products and services (such as the Government or companies that consolidate data from multiple public sources). If we have previously collected personal information from you through our ELN services, we may be able to match this deidentified property data with properties associated with you. In some cases, we may collect personal information about you from third parties (such as land titles offices, government departments and providers of lenders mortgage insurance) so that we can verify or supplement data that we hold and to provide reports, products and services to Subscribers and others.
  • When you use our ELNO System services, or someone uses those services on your behalf. We may collect information from the following third party sources:
    • the land registry in the State or Territory in which the relevant property is located;
    • the revenue office in the State or Territory in which the relevant property is located;
    • service providers to government authorities (such as land registry operators);
    • a financial institution which is an incoming or outgoing mortgagee;
    • your representative (for example, a lawyer, conveyancing professional or real estate agent);
    • the representatives of other parties involved in the transaction;
    • other ELN operators;
    • your organisation, where your organisation is a Subscriber and you are an authorised signatory or the Subscriber Manager for your organisation.

In some cases, we may be required by law to collect certain types of personal information about you. These laws include the Electronic Conveyancing National Law (ECNL) and associated Model Operating Requirements (MOR) prescribed by the Australian Registrars National E-Conveyancing Council (ARNECC).

If you provide us with personal information about someone else, you must only do so if that person consents to you doing so and to us collecting, holding, using and disclosing their personal information in accordance with our Privacy Policy.

Why do we collect and use personal information?

We use personal information that we collect about you for the following purposes:

  • to operate the ELN in our capacity as an electronic lodgement network operator (“ELNO”) under the ECNL;
  • to perform Conveyancing Transactions (as described in detail in our Service Charter, available here) and related services, including:
    • to send you notifications, status updates and reports regarding your Conveyancing Transaction, including title activity checks;
    • to verify information about a Conveyancing Transaction;
    • to conduct and provide information about settlements associated with a Conveyancing Transaction;
    • to deal with unapplied or misapplied funds;
    • to provide support services in relation to our ELNO System;
    • to send you surveys and questionnaires about your experience using our ELNO System services or related products;
    • to assist payees to receipt and reconcile payments received from settlement funds; and
    • to notify Government authorities of change of ownership details relating to a property;
  • to verify your identity when you are dealing with us and to comply with VOI requirements under the MOR;
  • to provide reports to and /or communicate with stakeholders, including financial institutions, providers of lenders mortgage insurance, information brokers, legal practitioners, conveyancing firms, state revenue offices and land registries;
  • to assess, maintain, upgrade and improve our products and services;
  • where we have collected property data from a third party, to verify and supplement data we have collected through use of our ELNO System service;
  • to create new or enhanced products or services, and to notify you about those products or services;
  • to carry out planning and forecasting activities, market analysis and research, and other internal business processes;
  • to invite you to events;
  • to consider you for employment or as part of your employment at a PEXA Group company:
  • to answer your queries and requests;
  • to comply with our legal and regulatory obligations; and
  • to manage and resolve any legal or commercial complaints or issues.

We may from time to time use your personal information to send you marketing materials about products or services that we think you may be interested in (including in some cases products and services that are provided by a third party). You can opt-out of receiving marketing communications from us by contacting us at compliance@pexa.com.au or following the “unsubscribe” link in the communication.

We may also use and disclose your information for other purposes if you ask or tell us to do so.

If we collect personal information about an individual from a Registrar, we undertake to handle that information in accordance with State or Territory privacy legislation applicable to the Registrar. We also commit to complying with privacy obligations imposed upon us by the MOR or the ECNL.

If we collect personal information about an individual from a third party, such as a bank, we endeavour to handle that information in a manner which is consistent with the third party’s own privacy policy and which is consistent with the third party’s own obligations under the Privacy Act. We will work with the third party organisation in order to address any security or related privacy issues which may arise in relation to personal information which they have provided to us. Ultimately, however, it remains the third party’s responsibility to ensure that it is complying with the Privacy Act and its own privacy policies when dealing with us.

Who do we disclose personal information to?

We may share personal information about you with:

  • other participants involved in your Conveyancing Transaction, including financial institutions, the buyer or seller of the relevant property, and their representatives;
  • your representative (e.g. lawyer or conveyancer);
  • the land registries and revenue offices;
  • service providers to government authorities (such as land registry operators);
  • service providers of Subscribers (upon request of the Subscriber)
  • other ELNOs;
  • our staff who need the information to discharge their duties;
  • other members of the PEXA Group;
  • our business partners, agents and service providers, including information brokers, VOI contractors, payment system operators and information technology service provides;
  • prospective purchasers of all or part of our business or shares in our company or a related entity;
  • professional advisers who we engage to provide advice on our business;
  • government authorities who ask us to disclose that information, or to other people as required by law (including to identify potentially fraudulent property transactions or other unlawful activity).

Although we store all personal information on computer infrastructure located within Australia, your personal information (including Land Information, as defined in the MOR) may be available for access by participants in other countries (for example, to financial institutions with overseas processing arrangements). It is not practicable for us to specify in advance all of the countries from which your personal information may be accessed, but these countries may include India and the Philippines.

De-identified information

We may de-identify information about you so that you can no longer be identified through that information. We may then use and disclose that de-identified information in the course of our business, including to create, use and commericalise property-related products and services.

We may also aggregate information in such a way that you can no longer be identified through that information. We may then use such aggregated information in the course of our business, including to create, use and commericalise property-related products and services.

Products or services we provide using de-identified and/or aggregated information will not use or disclose your personal information.

Our property insight products and services do not disclose any personal information about you.

Cookies

We use cookies to monitor and observe your use of our websites, compile aggregate data about that use, and provide you with a more effective service (which may include customising parts of our websites based on your preferences and past activities on those websites). Most internet browsers have a facility that will allow you to disable cookies altogether – please refer to your browser’s help menu to find out how to do this. While you will still be able to browse our websites with cookies disabled on your internet browser, some website functionality may not be available or may not function correctly.

How do we store and secure your personal information?

Any computer infrastructure forming part of our ELNO System and in which personal information is stored, is located within Australia.

We store personal information for as long as it is needed for the purpose for which it was collected or as required by law. We generally store the personal information that we collect in electronic databases, some of which may be held on our behalf by third party data storage providers. Sometimes we also keep hard copy records of this personal information in physical storage facilities. We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time to address new and emerging security threats.

We also take steps to monitor access to and modification of your information by our staff, and ensure that our staff are aware of and properly trained in their obligations for managing your privacy.

It is possible that we, or our subcontractors, will use cloud technology in connection with the storage of other personal information, and it is possible that this may result in off-shore storage. It is not practicable for us to specify in advance which country will have jurisdiction over such off-shore activities. However, all of our subcontractors are required to comply with the Privacy Act in relation to the transfer or storage of personal information overseas.

How can you access and correct your information?

We take reasonable steps to ensure that any of your personal information which we hold is accurate, complete and up-to-date. These steps include promptly updating personal information when we are advised that the information has changed, checking our contact lists for accuracy, and providing individuals with a simple means to update their personal information.

If you want to access any of the personal information that we hold about you or to correct some aspect of it (e.g. because you think it is incomplete or incorrect), please contact us at registration@pexa.com.au. To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity. There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in actually providing you with access. We will inform you of this before proceeding. There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy of others or result in a breach of confidentiality. In these cases we will let you know why we cannot comply with your request.

If you consider that the information which we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information if you so request. We may be unable to correct information about you if doing so would be contrary to law or impact the integrity of a transaction.

Complaints

We try to meet the highest standards in order to protect your privacy. However, if you are concerned about the way in which we are managing your personal information and think we may have breached the Australian Privacy Principles, or any other relevant obligation, please contact our Privacy Officer at:

Email: compliance@pexa.com.au
Address: Tower 4, Level 16, 727 Collins Street, Docklands VIC 3008

Complaints must be lodged in writing. We will deal with the matter within a reasonable time and will keep you informed of the progress of our investigation.

If you make a complaint, we will respond within 2 working days to let you know who is responsible for managing your complaint. We will try to resolve your complaint within 10 working days. When this is not possible, we will contact you within that time to let you know how long we will take to resolve your complaint. We will investigate your complaint and where necessary, consult with other PEXA participants about your complaint. We will make a decision about your complaint and write to you to explain our decision.

If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved satisfactorily, you can contact us to discuss your concerns. You are also entitled to make a complaint to the Office of the Australian Information Commissioner (OAIC). Contact details can be found at the OAIC’s website: www.oaic.gov.au.

Changes to this policy

We may make changes to this policy from time to time, to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. The latest version of this policy will always be available on our website.

Contact details

If you need to contact us or want any further information from us on privacy matters, please contact our Privacy Officer at:

Email: compliance@pexa.com.au
Address: Tower 4, Level 16, 727 Collins Street, Docklands VIC 3008
Phone: +61 3 7002 4500

Annexure – Personal information collected via application

When you apply to work with us, we may collect certain information from:

  • you;
  • recruitment consultants;
  • your previous employers;
  • your referees; and
  • other sources of relevant information, such as educational institutions, professional and trade associations, referees and publicly available sources.

The information we collect will assist us to decide whether to make an offer to you to work with us.

In addition to your name and contact information (including address, email address and phone number), the information we collect may include information about your:

  • work history;
  • education and other qualifications;
  • character; and
  • eligibility to work.

As necessary and where appropriate, we may require you to undergo certain medical checks. We may carry out screening checks (such as background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks).

In addition to the information above, when you work with us we may collect information about your:

  • employee benefits;
  • banking details, superannuation and tax;
  • emergency contacts;
  • training, employment performance, conduct, and use of our IT and communications resources; and
  • leave.

We collect this information to train and manage our employees and meet our legal obligations.

Some of the personal information we collect may be considered sensitive information under certain privacy laws. For example, we may collect:

  • health information (such as in connection with sick leave or medical checks on job applicants and employees);
  • criminal information (such as police checks on job applicants and employees);
  • biometric information for the purpose of identity verification (such as your photograph to allow access to our premises).