Australia Privacy Statement

Last updated: 7 March 2014

Intr​oduction

CBRE Pty Limited ACN 057 373 574 and its related companies (collectively referred to as “CBRE”, “us” or “we”) respect the privacy and security of your Personal Information, as defined below, and comply with the requirements of the Australian Privacy Principles (“APP”) under the Privacy Act 1988 (Cth) (“the Act”).

This Privacy Policy explains in general terms how CBRE handles your Personal Information. However, it does not apply to CBRE’s employee records to the extent they are handled by any of our companies that is or was the employer of that employee in relation to the employee's current or former employment. Such employee records are generally exempt from the Act and will be dealt with as permitted by law. 

You may be able to deal with us without identifying yourself (i.e. anonymously or by using a pseudonym) in certain circumstances. If you wish to do so, please contact us to find out if this is practicable in your circumstances. However, if you do not provide us with the Personal Information we have requested, we may not be able to complete or fulfill the purpose for which we collect the information, including providing our services. 

By visiting our websites, using any of our services or otherwise providing us with your Personal Information (or authorising it to be provided to us by someone else), you agree to your Personal Information being collected and handled as set out in this Privacy Policy. 

What Persona​l Information do we collect and hold?

Under the Act Personal Information is defined as information or an opinion about an identified individual, or an individual that is reasonably identifiable, in whatever form and regardless of whether it is true or not (‘Personal Information’). The Act also defines a subset of Personal Information as sensitive information (for example health records, racial or ethnic origin, religious beliefs, criminal records). 

The types of Personal Information we collect and hold will depend on the circumstances of collection and on the type of service we are providing. For example, when we are engaged to sell a property, we may collect and hold Personal Information from both the seller and potential buyers such as name, address, email address, telephone numbers, employment details and details about their business.

We may also collect and hold certain sensitive information that is reasonably necessary for the provision of our services, including health and criminal records. If you provide us with any sensitive information, you consent to us collecting that information and handling it in accordance with this Privacy Policy

How we collect Pers​onal Information

We may collect Personal Information about you directly when you deal with us over the telephone, send us correspondence (whether by letter, fax or email), have contact with us in person, visit our websites or complete hard copy or online forms.  

There are also circumstances where we may collect Personal Information about you from someone else. For example, from:

market research companies contracted by us to obtain information so that we may improve and market our services;

your employer;

other agents and valuers who may be involved in the services we provide;

property developers who contract us to market properties;

publicly available information and databases;

any of the companies within the CBRE group (both local and overseas); and

anyone you have authorised to deal with us on your behalf.

We also automatically collect certain information when you visit our websites or our subscribers receive promotional emails from us via cookies and other tracking technology (such as web beacons), some of which may be capable of personally identifying you. Such information includes the type of browser and operating system you are using, your IP address and how you use our websites.  

Depending on the type of service you or our customers have requested, we may also seek to collect information about someone else from you (for example, contact details of your solicitor, emergency contact person or tenant). However, you must not provide us with Personal Information about another person unless you have clear consent from that person to do so, told them that their Personal Information will be handled in accordance with this Privacy Policy and directed them to where they can find it. 

Regardless of how it is collected, we handle Personal Information in accordance with this Privacy Policy. 

Why we collect, hol​d and use Personal Information

We generally collect, hold and use your Personal Information for the purposes for which it is provided to us (which will usually be obvious at the time of collection), related purposes or as permitted or required by law. Such purposes may include:

acting as agent for vendors or purchasers in relation to the sale of a property;

acting as agent for owners or tenants in relation to the leasing and or valuation of a property;

project management services;

structured advisory services;

town planning services;

capital allowances services and other consulting services in relation to the property market;

administration of our business, such as collection of overdue commissions or outstanding fees; 

responding to client enquiries and communicating with you from time to time  to maintain contact and keep you updated on the services you have requested; 

forecasting future needs of our services and general quality assurance and training purposes; 

engaging in legal proceedings and/or enforcing judgments and/or orders; 

complying with the applicable legal or regulatory requirements and/or orders of competent authorities;

providing you with promotional and marketing information, including market research reports, newsletters, event invitations and/or property market information relating to our products and services which we think may be of interest to you; and

any other purpose identified at the time of collecting your Personal Information.

We generally use information automatically collected by cookies and other tracking technology to identify you as a valid user, ensure that no one else can sign on simultaneously with your account from another computer and help us serve you better based on your registration preferences. We may also use cookies to help us facilitate any promotions or surveys that we provide. Third parties whose products or services are accessible on our websites may also use cookies, and we advise you to check their privacy policies for information about their cookies and other privacy practices.

Disclosure of Personal Information 

We may disclose your Personal Information to third parties as may be necessary for any of the purposes stated in the above section. Such third parties generally include:

our third party providers, contractors, consultants, agents and/or representatives (such as law firms, banks, financial institutions, insurers, IT providers, mortgage referral services providers and/or wealth management services providers) who provide services to us or on our behalf, including to:

   o conduct valuations; 

   o assist with obtaining payment from creditors;

   o operate data centres;

   o conduct market research;

   o provide advice;

potential buyers, tenants, conjunctional real estate agents and brokers for the purpose for which the information was collected or for related purposes (for example to complete a transaction on your behalf or provide you with a service that you requested); 

anyone you have authorised to deal with us on your behalf; 

any of the companies within the CBRE group and their related companies; 

government authorities, regulatory bodies, law enforcement agencies, courts, tribunals and/or parties to the legal proceedings where you have consented to this or we are required or authorised to do so by law; 

debt collection agencies; and/or

any other third parties identified at the time of collection of your Personal Information. 

Disclosure of P​ersonal Information overseas 

Some of the third parties listed above to whom we may disclose your Personal Information are located overseas. For example:

companies within the CBRE group that are located in the countries listed on our website at www.cbre.com/EN/services/Pages/Overview.aspx;

our information technology and business process service providers that are located in countries including (but not limited to) the United States, United Kingdom, Spain, the Netherlands, India and Hong Kong; and

our overseas clients that are located in the same countries as the companies within the CBRE group.

Our contracts with these parties generally include an obligation for them to comply with Australian privacy law and this Privacy Policy. 

However you acknowledge that, by agreeing to the disclosure of your Personal Information to these entities outside of Australia, we will no longer be required to take reasonable steps to ensure the overseas recipient's compliance with the Australian privacy law in relation to your Personal Information and we will not be liable to you for any breach of the Australian privacy law by these overseas recipients. On this basis, you consent to such disclosure. 

Access, update and correction of Personal Information

We take reasonable steps to ensure that the Personal Information we hold about you is accurate, complete and up-to-date. However, we also rely on you to advise us of any changes to your Personal Information. If you are able to access your Personal Information by logging on to an account you have with us, it is your responsibility to ensure your information is accurate, complete, relevant and up-to-date. 

On request we will provide you with access to the Personal Information we hold about you, including for the purpose of correcting or updating that information, unless otherwise required or permitted by law. 

There is no charge for making the request or giving the access to your Personal Information. We will deal with your request within a reasonable period after the request is made.

If we refuse to provide you with access we will provide you with a written notice that, at a minimum, outlines reasons for the refusal and the complaints mechanisms available to you. 

If you wish to access the Personal Information we hold about you or to update or correct it, you can either do so by logging on to your account (if you have one) or contact us using the contact details provided below. We will require you to verify your identity and specify what information you require.

Security of Pers​onal Information

We take reasonable steps to protect any Personal Information that we hold from misuse, interference and loss and from unauthorised access, alteration and disclosure. For example, we implement IT security procedures including password protection, firewalls and site monitoring and we store your Personal Information on a secure server. 

However, data protection measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your Personal Information. You must take care to protect your Personal Information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.

Direct m​arketing 

When you register as a member on our websites, you will be given a choice as to whether you want to receive e-mail messages from us, including newsletters, announcements and e-mail communications about our latest news, products or services. To the extent the relevant local law requires us to seek your consent, we will only send such messages to you if you opt-in. 

If you do not wish to receive direct marketing calls or materials, you may use the unsubscribe facility in the marketing communication or contact our Chief Privacy Officer using the channels prescribed below. Further, as a registered member with us, you can modify your choice at any time by accessing your registered account with us. We will stop using your Personal Information for direct marketing if you so request. 

Privacy on o​ur websites

Our websites may contain links to the websites of other entities. If you click on such links, you will be transferred to the websites of these entities. We have no control over, and are not responsible for, the privacy practices of these entities. You should read the privacy policy of these entities to find out how they handle your Personal Information when you visit their websites. 

What if you h​ave a complaint?

If you wish to make a complaint about a breach of this Privacy Policy or the Australian Privacy Principles of the Act you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence. 

Our Chief Privacy Officer will investigate the issue and determine the steps that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. 

If you are not satisfied with our determination, you can contact us to discuss your concerns or contact the Australian Privacy Commissioner via www.oaic.gov.au. 

Privacy​ & Site changes

CBRE may update this Privacy Policy from time to time so please review it periodically for changes. If the changes are significant or substantive, they will either be advised to you in writing or posted on our websites at www.cbre.com.au.

Your continued use of our websites or services, requesting our assistance or the provision of further Personal Information to us (directly or via an authorised person) after this Privacy Policy has been revised, indicates your acceptance of the revised Privacy Policy.

Our contact details

If you have a query relating to this Privacy Policy or wish to make a complaint, please contact us using the following contact details: 

CBRE Pty Limited
Chief Privacy Officer
Level 21
363 George St
Sydney NSW 2000
privacy@cbre.com.au​

More information

For more information about the Privacy Act in Australia and protecting your privacy, visit the www.privacy.gov.au​ (external link) website.