Privacy Policy

RP Data Pty Ltd trading as CoreLogic AU

At CoreLogic, we understand the importance you attach to your personal information. This Privacy Policy details how we handle personal information.

RP Data Pty Ltd trading as CoreLogic (ABN 67 087 759 171) and its related and associated bodies corporate (us, we, our, CoreLogic) maintain a policy of strict confidence concerning your (you, your) personal information (Privacy Policy). This Privacy Policy has been developed in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principals (APPs) made under that Act. The Privacy Policy applies to the collection, storage, use and disclosure of your personal information by us. By accessing the following websites and platforms (Sites), you accept the terms of this Privacy Policy:

• www.corelogic.com.au
• www.myrp.com.au
• www.cityscopeonline.com.au
• vx.valex.com.au
• evrui.corelogic.com.au
• vms.corelogic.com.au
• vis.corelogic.com.au

This Privacy Policy applies to information provided to us whether via these Sites or any other means and demonstrates our policies, procedures and practices for compliance with the APPs under the Privacy Act.

This Privacy Policy applies to CoreLogic and its subsidiaries and related bodies corporate, including RP Data Pty Ltd and Valuation Exchange Pty Ltd, through which we operate and market a number of separate businesses and products, including:

• Property Data and Analytics Services
• Platform and Risk Management Services
• Marketing Direct Product

This Privacy Policy applies in respect of information provided to us by persons under the age of 18 years however, those persons must obtain the consent of a parent or guardian prior to using the Site and the parent or guardian will be responsible for appropriately supervising the person’s use of the Site.

If you have any further questions or if you wish to receive more information on our information practices and Privacy Policy, please contact our Privacy Officer by email at privacy@corelogic.com.au

1. Types of personal information we collect

We predominantly collect information about real property. Whilst much of this information is not personal information, some of the information we collect, on its own or when match with other information, may be personal information about you.

The types of information we collect in respect of our Property Data and Analytics Services include:

• Name
• Date of birth
• Contact details
• Residential address
• Occupation details
• Property title, ownership and transfer details
• Property tenancy and registered lease details
• Bank account and credit card details for our customers, users and subscribers
• Information pertaining to products and services ordered from us and their use
• Officeholder, directorship and shareholder information
• Telephone directory information

The types of personal information we collect in respect of our Platform and Risk Management Services include:

• Name
• Date of birth
• Gender
• Address
• Phone numbers
• Drivers licence details
• Email address
• Employment and occupation details
• Income
• Financial history
• Property title, ownership, transfer and tenancy information
• Mortgage and loan application details & other financial information related to any loan application including Bank account information

The types of personal information we collect in respect of our Marketing Direct Product include:

• Name
• Address
• Email addresses
• Phone numbers

We also collect data about your property which is not personal information at the time we collect it, but may later become personal information if it is matched with other personal information we hold. For example:

• Property sales information – sales prices and addresses, on their own, do not amount to personal information as this data is not connected to an individual.
• Historical sales for your property – this is not information about you, but rather the price obtained by an unidentified previous owner of the property
• Addresses
• Property attribute information, such as number of bedrooms, bathrooms, garage or car spaces and land size etc.

2. How we collect personal information

We may collect personal information about you from a combination of sources including directly from you, from third parties or from publicly available sources.

If it is reasonable and practical to do so, we will collect personal information directly from you. This will include contact details and other information relevant to providing services to you. This may take place in a number of ways, such as:

• when you sign up for products or services, such as MYRP
• order a product or service from us
• subscribe to a newsletter
• complete a form on our website
• when you provide us with corrected or updated information about you or a property you own.

We may also collect personal information from third parties such as your representatives and/or publicly available sources of information.

The majority of the information we collect about you or the properties you own will be from public records, which we licence from the relevant government departments and agencies. Third parties from whom we source publicly available information include:

• State Government departments
• Local councils
• ASIC
• White pages
• Real estate listing portals on which you or your agent have advertised your property for sale or lease
• Real estate agents

Third parties from whom we source other information include:

• Real estate listing portals on which you or your agent have advertised your property for sale or lease
• Related companies of RP Data Pty Ltd
• Real estate agents
• Tenancy and strata managers
• Financial institutions
• Mortgage brokers
• Property valuers
• Marketing database providers

We collect information on our own behalf and on behalf of others. Where we collect information on behalf of others, we require that they comply with the Privacy Act and APPs.

If someone other than you provides us with personal information about you that we did not ask for and we determine that we could have collected this information from you had we asked for it, we will notify you as soon as practicable. This notice will be given unless to do so would be in breach of an obligation of confidence. If we could not have collected this personal information, we will lawfully de identify or destroy that personal information.

We will not collect any sensitive information from you, revealing your: race, ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships or details of health or disability.

We will not collect personal information unless the information is reasonably necessary for or directly related to one, or more of our functions or activities. If we are unable to collect personal information we reasonably require, we may not be able to do business with you or the organisation with which you are connected.

3. Collection use and disclosure of personal information

All personal information that we or our related bodies corporate collect, is reasonably necessary for the purposes relating to providing our services to you.

We may use personal information about you for the primary purpose of providing our services, and for which you would reasonably expect us to use that information, including sending you information about new developments, products, services and special offers by post, telephone or any form of electronic communication. We may use any email address or other personal information you provide to us at any time for this purpose.

We may also use or disclose information about you where we have obtained your consent, where we have obtained the information from another party (eg the valuer generals department of your state government) for a specified purpose, or as required by relevant laws, statutes, regulations, codes and external payment systems.

We will not disclose information that personally identifies you to any third party other than as set out in this Privacy Policy. In order to deliver the services that we provide to you, we may disclose your personal information to other organisations, only in relation to providing our services to you. We take reasonable steps to ensure that these organisations are bound by privacy obligations in relation to the protection of your personal information.

We may provide certain information about you including your personal information to our related bodies corporate.

Property Data and Analytics Services

For our Property Data and Analytics Services, we collect your personal information for the purposes of:

• developing our products and services
• verifying your identity
• providing our products and services to you
• administering and managing products and services provided to you, including charging, billing, account management, and debt collection
• performing administrative and operational tasks (including risk management, systems development and testing, credit scoring and staff training, and market or customer satisfaction research)
• conducting research about our products and services
• auditing and monitoring the products and services we provide
• responding to any specific request you make of us
• generating records and reports based on your use of our products and services
• preventing or investigating any fraud or crime (or a suspected fraud or crime)
• providing you with news and information, as well as promote and market products, services and special offers made available by us, our related companies and third parties (unless you ask us not to and only where we have obtained your consent directly).

In order to achieve the above purposes, we may use or disclose your personal information to:

• your authorised representatives and agents
• our agents, contractors and third party service providers to enable them to provide administrative and other services for or to us
• our customers and subscribers as part of a Data, Research and Analytics Product or Service offered by us
• third parties to enable them to provide you with news and information and to promote and market products, services and special offers (unless you ask us not to)
• others where the disclosure is required by law, for example, to government agencies and regulatory bodies as part of our statutory obligations, or for law enforcement purposes
• an organisation that acquires all or part of our assets or businesses.

In addition to the above, when you sign up for a services (such as MY RP), we may obtain your consent to provide you with news and information, as well as promote and market products, services and special offers made available by us, our related companies and third parties (unless you ask us not to). We will only ever direct market to you where we have collected the information directly from you and obtained your consent to do so. We will never use information obtained from third party government sources to direct market to you.

Where we collect information from publicly available sources such as the valuer general office in each State and Territory, our use of this information must be in accordance with the rules set down by the relevant information provider. These rules are contained in the terms and conditions of your contract with us. The information provider’s rules may be amended from time to time and therefore so too will the terms of your contract.

We may also use or disclose information about you where we have obtained your consent, where we have obtained the information from another party (eg the valuer generals department of your state government) for a specified purpose, or as required by relevant laws, statutes, regulations, codes and external payment systems.

Platform and Risk Management Services

For Platform and Risk Management Services, we collect your personal information for the primary purposes of assisting mortgage originators (including their brokers) to:

• source valuations and other property reports from third party services providers such as valuers, and building and pest inspection report providers;
• assess risk associated with loan origination.

We may use your personal information to perform risk analytics and provide a report back to the mortgage originator.

The personal information provided to us by mortgage originators will only be disclosed to the third party service providers for the purpose of enabling them to provide the services requested. Similarly, any report provided to us by the third party service providers will only be disclosed to the mortgage originators who requested the service.

The personal information collected for the purposes of providing Platform and Risk Management Services is not used or disclosed for any other purpose.

Marketing Direct

We collect your personal information from third party marketing database providers for the purposes of providing the Marketing Direct product to our subscribers. The Marketing Direct database is not incorporated or validated against any other personal information we collect for other purposes.

We obtain contractual warranties from the database providers that the personal information they collect complies with the Privacy Act and the APPs.

Your personal information may be disclosed to our subscribers for the purposes of direct marketing their products and services to you. Our terms and conditions with our subscribers require that they comply with the Privacy Act and APPs in all direct marketing communications with you.

If you wish to be removed from our Marketing Direct database, please contact our Privacy Officer by email at: privacy@corelogic.com.au

4. Direct marketing

We may use personal information we have collected about you for the primary purpose of providing you with our services, and for other purposes for which you would reasonably expect us to use that information. This includes sending you information about new developments, products, services and special offers by post, telephone or any form of electronic communication. You authorise us to use any email address or other contact information you provide to us at any time for this purpose.

You can, at any time, opt out of receiving marketing material by contacting us (see Contact Us below). You agree and acknowledge that even if you opt out of receiving marketing material, we will still send you essential information that we are legally required to send you relating to the services we provide. Once you opt out of receiving marketing material from us, you agree and acknowledge that this removal from our distribution lists may take several business days after the date of you request to be removed.

Where we collect information from publicly available sources such as the valuer general office in each State and Territory, we do not use this information (or allow or customers and subscriber to use this information) for direct marketing purposes.

When we provide personal information to our customers and subscribers as part of a Property Data and Analytics Service offered by us, we require them:

• to not use personal information for direct marketing
• to comply with all third party use restrictions (which are set out in the terms and conditions of your contract with us where the personal information is collected by a third party and provided to us
• to comply with the Privacy Act and APPs.

5. Third Parties and your information

We will only collect, store, use or disclose personal information as set out in this Privacy Policy unless we are required by law to use that information to protect our rights or property (or those of any third party), or to avoid injury to any person.

Although the Site may link directly to websites operated by third parties (Linked Sites), you acknowledge that Linked Sites are not operated by us. We encourage you to always read the applicable privacy Policy of any Linked Site on entering the Linked Site. We are not responsible for the content or practices of the Linked Sites nor their privacy policies regarding the collection, storage, use and disclosure of your personal information.

6. Disclosure of Information Overseas

We retain your personal information in Australia. However, people located overseas may be able to access your personal information in order to provide data entry and development services to us in the provision of our Products and Services. In the vast majority of these cases access is strictly limited, and under the supervision and control of our Australian based product team. Such access will only be under secure protocols (see below for further information on Storage and Security). Our overseas services providers are located in:

• India
• Philippines
• USA
• New Zealand

Some of our products and services accessible via our web services portals may be accessed by customers located overseas.

Whenever your personal information is disclosed to, or accessed by, a person located overseas, this will only occur where:

1. we consider the recipient to be bound to legislation similar to the APPs and we have a contractual mechanism with them to enforce your rights; or
2. we have an enforceable contractual arrangement with the overseas recipient that requires the recipient to handle your personal information in accordance with the APPs.

By providing us with your personal information you consent to disclosure as set out in this Privacy Policy.

7. Your consent

By your use of the Site you consent to the collection, storage, use and disclosure of your personal information in accordance with this Privacy Policy and as otherwise permitted under the Privacy Act.

Where you provide information directly to us, you consent to use and disclosure of that information in accordance with this Privacy Policy.

8. Cookies

When you visit the Site the server may attach a "cookie" to your computer's memory. A "cookie" assists us to store information on how visitors to the Site use it and the pages that may be of most interest. This information may be used to provide users of your computer with information that we think may interest the users of your computer.

Cookies also allow us to provide you with more personalised service. We use cookies to:

• determine whether you have previously accessed our websites
• identify the pages you have accessed, your IP address and the date time and duration of your visit
• aid in the security of your use of our CoreLogic websites
• aid in the log-in process
• facilitate administration of CoreLogic websites
• generate statistics about the use of our websites to continually improve our websites and customer service, and data products and identify product trends.

However, this information is not linked to any personal information you may provide to the Site and cannot be used to identify you.

If you choose, you should be able to configure your computer so that it disables cookies or does not accept them. If you set your browser to reject cookies you may not be able to make full use of our Sites.

9. Storage and security

We will use all reasonable endeavours to keep your personal information in a secure environment, however, this security cannot be guaranteed. Your use of our Sites and the electronic storage of your personal information is secured by practices and procedures which we consider are consistent with Australian industry standards. All orders placed online using a credit card are covered by SSL security technology to protect customer details. These security measures are designed to ensure your personal information is not subject to unauthorised access, loss or misuse. If you reasonably believe that there has been unauthorised use or disclosure of your personal information, please contact us (see Contact Us below).

If we no longer need your personal information, unless we are required under Australian law or a court or tribunal order to retain it, we will take reasonable steps to destroy or de-identify your personal information, in accordance with our document and information retention policy.

10. Variation and consent to variation

We may vary the terms of this Privacy Policy at any time. You should check this Privacy Policy regularly so that you are aware of any variations made to this Privacy Policy. You will be deemed to have consented to such variations by your continued use of the Site following such changes being made.

11. Accuracy of your information

We take all reasonable steps to ensure that your personal information held by us is accurate, up-to-date, complete, relevant and not misleading. If you believe that any of your personal information is not accurate, up-to-date, complete, relevant and not misleading, please contact us (see Contact Us below) and we will take all reasonable steps to correct it within a reasonable time.

12. Access to information we hold about you

You may request to access the personal information we hold about you. We will endeavour to respond to any such request within a reasonable period of time and, where reasonable and practicable, give access to the information in the manner you request. This will be subject to any exemptions allowed under the Privacy Act. You may request this information by writing to the Privacy Officer (see Contact Us below).

We may charge a reasonable fee for providing that information.

13. Complaints or Disputes

If you have a complaint about our treatment of your personal information, please contact our Privacy Officer (see Contact Us below). Our Privacy Officer will consider and if, in our reasonable opinion, necessary, investigate your complaint and endeavour to respond to you within a reasonable period of time.

If we do not adequately answer your concerns, you have the right to make a complaint to the Office of the Australian Information Commissioner.

14. Contact Us

If you have any questions relating to this Privacy Policy or your personal information, please contact our Privacy Officer:

By email: privacy@corelogic.com.au

or by mail:

CoreLogic
Locked Bag 5
Eagle Farm QLD 4009
Australia

Ph: 1300 734 318

When contacting us or using our products and services, you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if it is impracticable for us to communicate with you that way. We are required or authorised under Australian law (or a court or tribunal order) to only deal with individuals who have identified themselves.

15. General

This Privacy Policy is effective as at 17 November 2014.

CoreLogic may vary this Privacy Policy from time to time. CoreLogic will notify you of these changes by publishing them on our websites. The current version of this Privacy Policy is located at: http://www.corelogic.com.au/about-us/privacy-policy.html

CoreLogic® is a registered trademark of CoreLogic Solutions, LLC and used under licence by RP Data Pty Ltd.