Privacy Policy

Effective Date: 01/04/2026
Last Updated: 03/04/2026
Website: Property Research Hub (PropertyResearchHub.com.au)

INTRODUCTION

Property Research Hub (“we,” “us,” “our,” “PRH”) is committed to protecting your privacy and handling your personal information responsibly and in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

This Privacy Policy explains how we collect, use, disclose, store, and protect personal information through our website, Property Research Hub (PropertyResearchHub.com.au).

Who This Policy Applies To

This Privacy Policy applies to:

All visitors to our website
Users who submit forms, inquiries, or suggestions
Subscribers to our email updates (if applicable)
Any person whose personal information we collect

Our Privacy Commitment

We are committed to:

Transparency about how we handle personal information
Collecting only necessary information
Protecting information from misuse, interference, loss, and unauthorised access
Giving you control over your information
Complying with Australian privacy laws

Small Business Exemption Status

Property Research Hub is a small business with an annual turnover under $3 million AUD. We are likely exempt from the Privacy Act 1988 under Section 6D. However, we voluntarily adopt the Australian Privacy Principles (APPs) as best practice to protect your privacy.

1. WHAT PERSONAL INFORMATION WE COLLECT

1.1 Types of Personal Information

We may collect the following categories of personal information:

A. Contact Information (When Voluntarily Provided):

Name (first name, last name)
Email address
Phone number (if provided in contact forms)
Mailing address (if relevant for partnership inquiries)

B. Message and Inquiry Content:

Content of contact form submissions
Resource suggestions and tool nominations
Partnership or business inquiries
Feedback and comments
Correspondence with us via email

C. Technical and Usage Information (Automatically Collected):

IP address and approximate geographic location (derived from IP)
Browser type and version
Device type (desktop, mobile, tablet)
Operating system
Pages visited and navigation path through the Site
Referring website (how you found us)
Date and time of visits
Duration of visit and session information
Clickstream data (links clicked, including external links)

D. Cookies and Tracking Data:

Cookie identifiers and preferences
Analytics data (via Google Analytics or similar)
Affiliate link tracking parameters (if affiliate links are used)
User preferences (if preference-saving features implemented)

1.2 Sensitive Information

We do NOT knowingly collect sensitive information as defined under the Privacy Act, including:

Racial or ethnic origin
Political opinions or associations
Religious beliefs or affiliations
Sexual orientation or practices
Criminal records
Health information
Biometric or genetic information

If sensitive information is inadvertently provided (e.g., in a contact form message), we will:

Delete it immediately, OR
Obtain your explicit consent to retain it if necessary for the inquiry

1.3 Children’s Privacy

Minimum Age Requirement:

Our Site is intended for users who are:

18 years of age or older, OR
13-17 years old with verifiable parental or guardian consent

No Collection from Children Under 13:

We do NOT knowingly collect personal information from children under 13 years of age.

If We Discover Child Data:

If we become aware that we have collected personal information from a child under 13 without verified parental consent:

We will delete the information as soon as practicable
We will not use or disclose the information
We will take reasonable steps to notify the child’s parent or guardian (if contact information available)

Parental Rights:

Parents or guardians may:

Request access to their child’s information
Request deletion of their child’s information
Contact us at [contact email] with concerns

2. HOW WE COLLECT PERSONAL INFORMATION

2.1 Direct Collection (You Provide to Us)

We collect personal information directly from you when you:

A. Submit contact forms:

General inquiries
Resource suggestions
Partnership proposals
Error or issue reports
Feedback submissions

B. Subscribe to communications:

Email newsletters (if offered)
Update notifications
Blog or article subscriptions

C. Email us directly:

General correspondence
Questions or support requests

D. Participate in surveys or polls (if offered in the future)

2.2 Automatic Collection (Technical Data)

We automatically collect certain information when you visit our Site through:

A. Web Server Logs:

Standard web server logs capture:

IP address
Request date and time
Pages accessed
HTTP status codes
User agent (browser information)
Referrer URL

Purpose: Security, troubleshooting, and basic usage statistics

B. Cookies and Similar Technologies:

We use cookies and similar technologies for:

Essential Cookies (Necessary):

Session management
Security features
Form submission functionality
CANNOT be disabled without breaking Site functionality

Analytics Cookies (Performance):

Google Analytics (or similar) to measure:
- Page views and visitor numbers
- Traffic sources and referrals
- User behavior and navigation paths
- Popular content and features
- Geographic distribution of visitors
- Device and browser usage

Affiliate and Tracking Cookies (Marketing – If Applicable):

Tracking affiliate link clicks
Attributing referrals to affiliate programs
Measuring conversion rates for linked tools

Preference Cookies (Functional – If Applicable):

Remembering user preferences
Saving cookie consent choices
Storing display settings

C. Pixel Tags and Web Beacons:

We may use pixel tags (small invisible images) in:

Email newsletters to track open rates (if newsletters offered)
Certain pages to measure engagement

2.3 Third-Party Sources

We generally do NOT collect personal information from third-party sources, except:

A. Publicly Available Sources:

If you reference publicly available business information in partnership inquiries, we may verify via:
- Business registries (ABN/ACN lookups)
- Professional profiles (LinkedIn, company websites)
- Public directories

B. Third-Party Analytics Providers:

Analytics providers (Google Analytics) may provide aggregated demographic data (age ranges, interests) based on their own data collection (not linked to identifiable individuals in our systems)

3. WHY WE COLLECT AND USE PERSONAL INFORMATION

3.1 Primary Purposes

We collect and use personal information for the following purposes:

A. Responding to Inquiries:

Answer questions about the Site or tools
Provide information you requested
Address feedback or complaints
Respond to resource suggestions

Legal Basis: Consent (by submitting a form) / Legitimate interests (operating a helpful service)

B. Managing Partnership Opportunities:

Evaluate partnership proposals
Communicate with potential partners
Negotiate and execute partnership agreements (if applicable)
Manage ongoing partnerships

Legal Basis: Consent / Legitimate interests (business development)

C. Directory Improvement:

Assess quality and usefulness of suggested tools
Identify gaps in directory coverage
Prioritize additions or updates
Improve categorization and descriptions

Legal Basis: Legitimate interests (improving service quality)

D. Site Operation and Improvement:

Monitor Site performance and uptime
Identify and fix technical issues
Understand user behavior and preferences
Improve navigation and user experience
Test new features or designs
Optimize content based on usage patterns

Legal Basis: Legitimate interests (operating and improving the Site)

E. Security and Fraud Prevention:

Detect and prevent security threats
Identify abusive or automated usage (bots, scrapers)
Investigate potential violations of Terms of Use
Protect against hacking, DDoS attacks, or malicious activity
Maintain Site integrity and availability

Legal Basis: Legitimate interests (security) / Legal obligation (preventing crime)

F. Analytics and Statistics:

Measure visitor numbers and traffic sources
Analyse content popularity and engagement
Understand geographic distribution of users
Assess the effectiveness of outreach or marketing
Track trends over time

Legal Basis: Legitimate interests (understanding our audience)

G. Affiliate Program Management (If Applicable):

Track affiliate link clicks and conversions
Attribute referrals to appropriate affiliate programs
Calculate and receive affiliate commissions
Comply with affiliate program terms

Legal Basis: Legitimate interests (revenue generation) / Contract (with affiliate programs)

H. Legal Compliance and Protection:

Comply with legal obligations (court orders, subpoenas, regulatory requests)
Establish, exercise, or defend legal claims
Protect our rights, property, or safety
Protect users’ rights or safety
Enforce Terms of Use or other agreements

Legal Basis: Legal obligation / Legitimate interests (legal protection)

3.2 Secondary Uses

We may use personal information for additional purposes with your explicit consent, such as:

Marketing communications (if you opt-in)
Surveys or research studies (voluntary participation)
Beta testing new features (if you volunteer)

You may withdraw consent at any time by contacting us.

3.3 Automated Decision-Making

We do NOT use personal information for automated decision-making or profiling that produces legal effects or similarly significant effects on you.

Limited Automation:

Spam filtering on form submissions (to block malicious submissions)
Basic analytics and segmentation (for understanding usage trends)

These do not produce significant effects on individuals.

4. AFFILIATE LINKS AND THIRD-PARTY TRACKING

4.1 Affiliate Relationships

What Are Affiliate Links?

Some links on our Site may be affiliate links. When you click an affiliate link and take action (sign up, purchase, subscribe), we may receive a commission or referral fee from the third party.

How Affiliate Tracking Works:

Affiliate links may:

Add tracking parameters to URLs (e.g., ?ref=propertyresearchhub)
Set cookies on your device to track your session
Use third-party tracking pixels or scripts to record conversions

Third-Party Involvement:

When you click an affiliate link:

You leave our Site and enter the third party’s website
The third party (and/or affiliate network) may collect information about you via cookies and tracking
Their privacy policy and tracking practices apply

What Information Is Shared:

Through affiliate programs, third parties may receive:

That you clicked from our Site (referrer information)
Timestamp of click
Anonymous identifiers (cookie IDs, device IDs)
Whether you completed an action (sign-up, purchase)

We do NOT share with affiliate programs:

Your name, email, or contact details (unless you provide them directly to the third party)
Personal information collected by us through forms

Your Privacy:

Affiliate tracking typically:

Does NOT increase your cost (commissions are paid by merchants, not you)
Uses cookies that can be managed through your browser
Is subject to the third party’s privacy policy (not ours)

Transparency:

We aim to:

Disclose affiliate relationships where practicable
Label affiliate links (though not always on every individual link)
Not allow affiliate relationships to compromise editorial independence

4.2 Third-Party Analytics and Tracking

We use third-party analytics services, primarily:

Google Analytics:

What It Tracks: Page views, sessions, user behaviour, traffic sources, demographics (aggregated), device/browser information
How It Works: JavaScript tracking code and cookies
Data Retention: We have configured Google Analytics to retain data for [26 months / 14 months / 38 months – specify]
IP Anonymisation: We have enabled IP anonymisation (last octet of IP addresses masked)
Privacy Policy: https://policies.google.com/privacy
Opt-Out: Google Analytics Opt-Out Browser Add-On: https://tools.google.com/dlpage/gaoptout

Data Sharing with Analytics Providers:

Analytics providers receive:

Technical and usage data (IP addresses, page views, clicks)
Cookie and device identifiers
NOT: Personal information we collect through forms (names, emails) unless explicitly integrated

Your Control:

You can opt-out of analytics tracking by:

Installing browser extensions (e.g., Google Analytics Opt-Out)
Blocking cookies via browser settings
Using privacy-focused browsers or “Do Not Track” settings (though not all services honour DNT)

4.3 No Sale of Personal Information

We do NOT sell your personal information to third parties.

5. DISCLOSURE OF PERSONAL INFORMATION

5.1 Third Parties We May Disclose To

We may disclose personal information to the following categories of third parties:

A. Service Providers and Contractors:

Website Hosting and Infrastructure:

Hosting providers (servers storing our website and databases)
Content delivery networks (CDN) for performance
Cloud storage providers (backups, file storage)

Examples: Hostinger and other reputable providers

Communication and Email Services:

Email service providers (for sending and receiving emails)
Contact form processors
Newsletter platforms (if newsletters offered)

Examples: WPForms and other reputable providers

Analytics and Performance:

Web analytics providers (Google Analytics, etc.)
Performance monitoring tools
Error tracking and logging services

Payment Processors (If Applicable in Future):

Payment gateways and processors (if paid features introduced)
Billing and invoicing services

B. Professional Advisers:

We may disclose personal information to professional advisers where necessary:

Lawyers (for legal advice, compliance, disputes)
Accountants (for financial reporting, tax compliance)
Consultants (for business strategy, technical expertise)
Auditors (for compliance audits, financial audits)

Confidentiality: Professional advisers are subject to confidentiality obligations.

C. Law Enforcement and Regulatory Authorities:

We may disclose personal information when legally required to:

Police or law enforcement: In response to warrants, subpoenas, or lawful requests
Courts: In response to court orders or legal proceedings
Regulatory agencies: OAIC, ACCC, ASIC, or other regulators
Government agencies: Tax authorities, immigration, national security agencies (when legally compelled)

Voluntary Cooperation:

We may also disclose to authorities voluntarily when we have a good faith belief that disclosure is necessary to:

Prevent crime or protect public safety
Investigate fraud, hacking, or security incidents
Comply with legal obligations

D. Business Transfers:

In the event of a business transaction involving Property Research Hub:

Merger or acquisition
Sale of business or assets
Reorganization or restructuring
Bankruptcy or insolvency

Personal information may be disclosed to:

Prospective buyers or acquirers
Their professional advisers
Other parties involved in the transaction

Protection: Acquirers would be required to handle personal information in accordance with this Privacy Policy (or provide notice of changes).

E. Third Parties With Your Consent:

We may disclose personal information to other third parties when:

You have explicitly consented to the disclosure
You have requested or authorised the disclosure
It is necessary to fulfill a service you requested

5.2 Circumstances of Disclosure

We disclose personal information only when:

A. Necessary for the purposes described in Section 3

B. Required or authorised by law

C. You have consented to the disclosure

D. Necessary to protect rights, safety, or property (ours or others’)

E. Reasonably necessary for professional services (advisers) or business operations (service providers)

5.3 What We Do NOT Disclose

We do NOT:

Sell personal information to data brokers, marketers, or advertisers
Share personal information with third-party tool operators (unless you provide it to them directly)
Rent or lease contact lists
Disclose personal information for purposes unrelated to those described in this Policy without consent

6. OVERSEAS DISCLOSURE

6.1 Cross-Border Data Transfers

Some personal information may be disclosed to, or stored or processed in, countries outside Australia.

This occurs because:

Our service providers operate in multiple countries
Cloud infrastructure is distributed globally
Analytics and hosting services use overseas data centres

6.2 Likely Countries

Personal information may be transferred to or stored in:

United States:

Google Analytics (Google LLC)
Email service providers (if US-based)
Cloud hosting providers (AWS, etc.)
Many SaaS platforms are US-based

European Union:

Some hosting or CDN providers operate EU data centres
Some analytics platforms use EU servers

Other Countries:

Service providers may use data centres in Indonesia, Singapore, Japan, or other countries for regional performance

Note: Specific countries depend on service providers used and their infrastructure configurations.

6.3 Safeguards for Overseas Disclosure

When disclosing personal information overseas, we take reasonable steps to ensure overseas recipients:

A. Handle personal information consistently with the APPs, through:

Contractual clauses requiring APP-compliant handling
Service agreements with data protection provisions
Standard contractual clauses (SCCs) or equivalent mechanisms
Selecting providers with strong privacy practices and certifications

B. Are subject to privacy laws or binding schemes providing similar protections:

GDPR (for EU-based providers)
Privacy Shield or successor frameworks (US)
APEC Cross-Border Privacy Rules (CBPR) system

C. Implement technical and organisational safeguards:

Encryption in transit and at rest
Access controls and authentication
Regular security audits
Data breach notification procedures

6.4 Your Consent

By using our Site, you consent to the disclosure of personal information to overseas recipients as described in this Policy.

Understanding:

You acknowledge and agree that:

Overseas recipients may not be subject to Australian privacy laws
If APP 8.1 applies and we take reasonable steps to ensure compliance, we are not accountable under the Privacy Act for breaches by the overseas recipient
However, we remain committed to protecting your information and selecting reputable providers

Withdrawal:

If you do NOT consent to overseas disclosure, you should:

Not use our Site, or
Contact us to discuss alternative arrangements (though this may limit our ability to provide services)

7. DATA SECURITY AND RETENTION

7.1 Security Measures

We take data security seriously and implement reasonable technical and organisational measures to protect personal information from:

Misuse, interference, and loss
Unauthorised access, modification, or disclosure

Technical Safeguards:

A. Encryption:

SSL/TLS encryption for data in transit (HTTPS)
Encryption of data at rest where feasible (database encryption, encrypted backups)

B. Access Controls:

Password protection and authentication
Role-based access controls (limiting who can access what)
Multi-factor authentication for critical systems

C. Network Security:

Firewalls and intrusion detection/prevention
Regular security updates and patching
DDoS protection and rate limiting

D. Monitoring and Logging:

Security event logging and monitoring
Anomaly detection and alerts
Regular review of access logs

Organisational Safeguards:

E. Limited Access:

Personal information accessible only to authorised personnel who need it for legitimate purposes
Confidentiality obligations for employees and contractors

F. Vendor Management:

Due diligence on service providers’ security practices
Contractual security requirements
Regular review of vendor compliance

G. Policies and Procedures:

Internal privacy and security policies
Incident response procedures
Data breach response plans

7.2 Limitations of Security

Important Understanding:

While we implement reasonable security measures, no method of transmission or storage is 100% secure.

We cannot guarantee absolute security against:

Sophisticated hacking or cyber attacks
Unauthorised access by determined adversaries
Data breaches at third-party service providers
Human error or insider threats
Vulnerabilities in software or systems

Your Responsibility:

You are responsible for:

Protecting your own devices and internet connection
Using strong passwords if accounts are created
Not sharing login credentials (if applicable)
Reporting suspicious activity or security concerns

7.3 Data Retention

How Long We Keep Personal Information:

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Specific Retention Periods:

Data Type	Retention Period
Contact form submissions	2 years from date of submission
Email correspondence	2 years from last communication
Newsletter subscriptions	Until unsubscribe + 30 days
Analytics data	50 months (Google Analytics setting)
Web server logs	90 days (for security and troubleshooting)
Partnership communications	7 years (business records retention)
Legal/compliance records	7 years or as required by law

After Retention Period:

When personal information is no longer needed:

It is securely deleted or destroyed, OR
De-identified (rendered no longer personal information)

Deletion Methods:

Permanent deletion from active databases
Secure deletion from backups (within a reasonable timeframe)
Physical destruction of hard copies (shredding)

Exceptions:

We may retain information beyond standard periods when:

Required by law (e.g., legal holds, regulatory requirements)
Necessary for legal proceedings or investigations
Needed to establish, exercise, or defend legal claims
Retention is in your legitimate interests (with your consent)

7.4 Data Breach Notification

Notifiable Data Breaches (NDB) Scheme Compliance:

Under Part IIIC of the Privacy Act 1988, we are required to notify the Office of the Australian Information Commissioner (OAIC) and affected individuals of eligible data breaches.

What Is an Eligible Data Breach?

An eligible data breach occurs when:

A. There is unauthorised access to or unauthorised disclosure of personal information, OR loss of personal information we hold

B. This is likely to result in serious harm to any individuals whose information is involved

C. We have not been able to prevent the likely risk of serious harm with remedial action

Assessment Process:

If we suspect a data breach may have occurred:

Immediate investigation (within 30 days) to determine:
- Whether an eligible data breach occurred
- What personal information was involved
- How many individuals affected
- Likelihood and severity of harm
Remedial action to prevent or mitigate harm:
- Securing systems
- Changing passwords
- Blocking unauthorized access
- Recovering lost data (if possible)
Reassessment of whether remedial action prevents serious harm

Notification Obligations:

If an eligible data breach occurred:

A. Notify OAIC as soon as practicable (via OAIC data breach notification form)

B. Notify affected individuals as soon as practicable by:

Direct communication (email, letter, phone) where contact details available
Public statement if direct notification is not practicable

Content of Notification:

Notifications to affected individuals will include:

Description of the breach (what happened)
Kind(s) of personal information involved
Recommendations for steps individuals should take to mitigate harm
Contact information for further inquiries

Our Commitment:

We are committed to:

Promptly investigating suspected breaches
Taking all reasonable steps to contain and remediate breaches
Transparent communication with affected individuals
Continuous improvement of security practices

Your Rights After a Breach:

If you are affected by a data breach, you may:

Request further information from us
Complain to the OAIC
Seek legal advice about potential remedies
Take protective actions (e.g., changing passwords, monitoring accounts)

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 What Are Cookies?

Cookies are small text files stored on your device (computer, phone, tablet) by websites you visit. They contain information that can be read by the website on subsequent visits.

Types of Cookies:

Session cookies: Temporary cookies deleted when you close your browser
Persistent cookies: Remain on your device for a set period or until manually deleted
First-party cookies: Set by our Site
Third-party cookies: Set by other domains (e.g., Google Analytics, affiliate networks)

8.2 Cookies We Use

Cookie Type	Purpose	Duration	Can Be Disabled?
Essential/Functional	Enable core Site features (navigation, form submissions, security)	Session or persistent	No (Site won’t function properly)
Analytics (Google Analytics)	Measure traffic, understand user behaviour, improve Site	Persistent (up to 2 years)	Yes (opt-out available)
Preference	Remember your settings (e.g., cookie consent choice)	Persistent (varies)	Yes (but settings won’t be saved)
Affiliate Tracking	Track clicks on affiliate links for commission attribution	Persistent (varies by program)	Yes (but may affect link functionality)

8.3 How We Use Cookies

Essential Cookies (Always Active):

Session management and authentication
Security features (CSRF protection, etc.)
Form functionality (remembering form inputs)
Load balancing and performance

Analytics Cookies (With Consent or Opt-Out Available):

Counting visitors and page views
Understanding navigation patterns
Measuring content engagement
Identifying popular features
Demographic insights (aggregated, anonymised)

Affiliate Cookies (With Consent or Opt-Out Available):

Tracking clicks on affiliate links
Attributing conversions to referrals
Managing affiliate commission calculations

8.4 Third-Party Cookies

Third parties may set cookies when you use our Site:

A. Google Analytics:

Cookies: _ga, _gid, _gat
Purpose: Analytics and measurement
Duration: Up to 2 years
Privacy Policy: https://policies.google.com/privacy
Opt-Out: https://tools.google.com/dlpage/gaoptout

B. Affiliate Networks (If Applicable):

Various tracking cookies set by affiliate programs
Purpose: Track referrals and conversions
Duration: Varies (typically 30-90 days)
Privacy Policies: See respective affiliate programs

C. Third-Party Resources (When You Click External Links):

Third-party tools we link to may set their own cookies
Governed by their privacy policies, not ours

8.5 Managing Cookies

Browser Settings:

You can control cookies through your browser settings:

Block all cookies (may break Site functionality)
Block third-party cookies only (analytics and affiliate cookies)
Clear cookies regularly or upon browser exit
View and delete individual cookies

Browser-Specific Instructions:

Chrome: Settings > Privacy and Security > Cookies
Firefox: Settings > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Cookies and Website Data
Edge: Settings > Privacy > Cookies

Opt-Out Tools:

Google Analytics Opt-Out: https://tools.google.com/dlpage/gaoptout
Network Advertising Initiative (NAI): http://optout.networkadvertising.org
Your Online Choices (EU): http://www.youronlinechoices.com

Cookie Consent Management (If Implemented):

If we implement a cookie consent banner, you can:

Accept all cookies
Reject non-essential cookies
Customise cookie preferences
Change preferences at any time via the footer link

8.6 Do Not Track (DNT)

Current Status:

We do NOT currently respond to “Do Not Track” (DNT) browser signals, as there is no industry-wide standard for how to respond.

Future Implementation:

If a DNT standard is established and adopted, we will update our practices and this Policy accordingly.

9. YOUR PRIVACY RIGHTS

9.1 Access to Personal Information

Right to Access:

You have the right to request access to personal information we hold about you.

How to Request:

Your name and contact details
Description of the information you’re seeking
Verification of your identity (we may request ID to prevent unauthorized access)

Response Time:

We will respond within 30 days (or notify you if we need an extension).

What We Provide:

We will provide:

Confirmation of what personal information we hold about you
Copies of the personal information (in a commonly used format)
Explanation of how we use and disclose the information
Details of third parties to whom information has been disclosed

Exceptions:

We may refuse or limit access if:

Providing access would pose a serious threat to life, health, or safety
Access would have an unreasonable impact on others’ privacy
The request is frivolous or vexatious
Information relates to legal proceedings or enforcement activities
Access would be unlawful or prejudice law enforcement
Denying access is required or authorised by law

If We Refuse:

We will:

Provide written reasons for refusal
Explain the mechanisms for complaint
Consider whether providing partial access is appropriate

Fees:

We do NOT charge for:

Making an access request
Providing access in most cases

We MAY charge reasonable costs for:

Extensive or complex requests requiring significant time/resources
Providing information in specific formats
Retrieving information from archives

You will be notified of fees before they are incurred.

9.2 Correction of Personal Information

Right to Correction:

You have the right to request correction of personal information we hold about you if it is:

Inaccurate
Out-of-date
Incomplete
Irrelevant
Misleading

How to Request:

Details of the information you believe is incorrect
What you believe the correct information should be
Supporting evidence (if applicable)

Our Response:

We will:

Respond within 30 days
Correct the information if we agree it’s inaccurate
Notify third parties to whom we disclosed the incorrect information (if practicable and appropriate)

If We Refuse:

If we refuse to correct information:

We will provide written reasons
You may request we associate a statement with the information noting that you believe it is inaccurate
We will take reasonable steps to associate your statement with the information

Proactive Correction:

If we discover personal information is inaccurate, we will take reasonable steps to correct it ourselves.

9.3 Erasure/Deletion (Limited Right)

Australian Law:

Unlike GDPR, Australian privacy law does NOT provide an express “right to be forgotten” or right to erasure.

However:

You may request deletion of your personal information, and we will consider such requests on a case-by-case basis.

We may delete your information if:

It is no longer needed for the purposes for which it was collected
You withdraw consent (where consent was the legal basis)
The information was collected unlawfully
Deletion is required to comply with a legal obligation

We may refuse deletion if:

We have a legal obligation to retain the information (e.g., business records, tax records)
The information is necessary for establishment, exercise, or defence of legal claims
Retention is required or authorised by law
Deletion would seriously interfere with our operations or legitimate interests

Alternative:

If we cannot delete personal information, we may de-identify it (rendering it no longer personal information).

9.4 Marketing Communications Opt-Out

If you receive marketing communications from us (newsletters, updates):

Right to Opt-Out:

You may opt-out at any time by:

Clicking “unsubscribe” link in emails
Replying to emails requesting removal
Contacting us at [contact email]

Processing Time:

We will process opt-out requests within 5 business days.

Effect:

After opt-out:

You will NOT receive further marketing emails
You MAY still receive:
- Transactional emails (responses to inquiries, service-related messages)
- Legal or administrative notices

Spam Act Compliance:

We comply with the Spam Act 2003 (Cth), including:

Only sending commercial emails with consent (express or inferred)
Providing functional unsubscribe mechanisms in all commercial emails
Honouring unsubscribe requests within 5 business days
Including our contact details in commercial emails

9.5 Objection to Processing

You may object to certain uses or disclosures of your personal information.

How to Object:

What use or disclosure you object to
Your reasons for objection

Our Assessment:

We will consider your objection and may:

Cease the use or disclosure if we agree
Modify our practices to address your concerns
Explain why we cannot accommodate your objection (e.g., legal requirements, legitimate interests)

9.6 Data Portability (Limited Right)

Australian law does NOT currently require data portability.

However:

Upon request, we may provide your personal information in a structured, commonly used format (e.g., CSV, PDF) to facilitate transfer to another provider.

Limitations:

We are not obligated to do so
May not apply to all types of information
Technical feasibility may limit portability

10. THIRD-PARTY WEBSITES AND SERVICES

10.1 External Links

Our Site contains links to Third-Party Resources (property research tools, websites, and services).

Important Understanding:

Once you click a link and leave our Site:

You are subject to the third party’s privacy policy, not ours
We have NO control over third-party privacy practices
We are NOT responsible for third-party collection, use, or disclosure of your personal information

10.2 Third-Party Privacy Practices

Third-Party Resources may:

Collect personal information directly from you (when you register, use tools, make purchases)
Use cookies and tracking technologies
Share information with their own third parties
Have different privacy standards than ours
Be located in different countries with different privacy laws

Your Responsibility:

Before providing personal information to any Third-Party Resource:

Read their privacy policy carefully
Understand what information they collect and how they use it
Verify their security practices
Check their data retention and deletion policies
Review their cookie and tracking practices

10.3 No Endorsement of Third-Party Privacy Practices

Linking to a Third-Party Resource does NOT constitute:

Endorsement of their privacy practices
Warranty of their data security
Representation about their compliance with privacy laws
Guarantee of their privacy policy accuracy or completeness

We make no representations about the adequacy, accuracy, or compliance of third-party privacy practices.

10.4 Third-Party Data Collection We Don’t Control

We do NOT control:

What information third parties collect from you
How third parties use or disclose information
Third-party security measures
Third-party data retention periods
Third-party cross-border data transfers
Third-party responses to privacy complaints

Examples of Third-Party Collection:

When you use linked tools, third parties may collect:

Account registration information
Property search queries and parameters
Payment information (for paid tools)
Uploaded documents or files
Usage data and analytics
Location data (if tools use geolocation)

11. CHILDREN’S PRIVACY (ADDITIONAL DETAILS)

[Repeated from Section 1.3 with additional protections]

11.1 Age Restrictions

Minimum Age: Users must be 18 years or older, OR 13-17 with parental consent.

Under 13: We do NOT knowingly collect information from children under 13.

11.2 Parental Consent

For users aged 13-17:

If you are under 18, you represent that:

Your parent or legal guardian has consented to your use of the Site
Your parent or guardian has reviewed and agreed to this Privacy Policy
You have permission to provide any personal information submitted

Parental Rights:

Parents or guardians of users under 18 may:

Request access to their child’s information
Request correction or deletion of their child’s information
Withdraw consent for information collection
Opt their child out of communications

Verification:

We may request verification of parental consent or identity before providing access or making changes.

11.3 Child Safety Commitment

We are committed to protecting children online and:

Do NOT knowingly collect sensitive information from minors
Do NOT market directly to children
Do NOT share children’s information with third parties (except as required by law or with parental consent)

12. CHANGES TO THIS PRIVACY POLICY

12.1 Right to Modify

We reserve the right to modify, amend, or update this Privacy Policy at any time, at our sole discretion.

Changes may be made for various reasons:

Legal or regulatory changes
Changes to our practices or operations
New features or services
Technological advancements
Feedback or complaints
Best practice updates

12.2 Notification of Changes

How We Notify You:

A. Posting updated Policy on this page

B. Updating “Last Updated” date at the top of the Policy

C. Prominent notice on the Site homepage (for material changes)

D. Email notification to users who provided email addresses (for significant changes) – optional

Advance Notice:

We aim to provide reasonable advance notice of material changes (e.g., 30 days), but this is not guaranteed or required.

12.3 Acceptance of Changes

By continuing to use the Site after changes become effective, you accept the updated Privacy Policy.

Your Options:

If you do NOT agree to changes:

Cease using the Site
Contact us to delete your information (subject to retention obligations)
Withdraw consent for specific uses (where consent is the legal basis)

12.4 Version History

We maintain version history of significant Privacy Policy changes, available upon request at info@propertyresearchhub.com.au.

13. COMPLAINTS AND DISPUTE RESOLUTION

13.1 How to Make a Privacy Complaint

If you believe we have:

Breached the Australian Privacy Principles
Mishandled your personal information
Violated this Privacy Policy
Interfered with your privacy rights

Please contact us:

Email: info@propertyresearchhub.com.au
Subject Line: “Privacy Complaint”

What to Include:

Your name and contact details
Description of the privacy concern or breach
Relevant dates and details
What action you would like us to take
Any supporting documentation

13.2 Our Investigation Process

Upon receiving a complaint:

Acknowledgment within 5 business days
Investigation (typically within 30 days):
- Review the complaint and gather relevant facts
- Assess whether a breach occurred
- Identify root causes
- Determine appropriate remedial actions
Response to you including:
- Outcome of investigation (substantiated or not)
- Explanation of our findings
- Remedial actions we will take (if applicable)
- Your options if you’re not satisfied

Complex Complaints:

For complex complaints requiring extended investigation:

We will notify you of the delay
Provide an estimated resolution timeframe
Update you on progress

13.3 If You’re Not Satisfied

Office of the Australian Information Commissioner (OAIC):

If you’re not satisfied with our response, you may lodge a complaint with the OAIC:

Website: https://www.oaic.gov.au/privacy/privacy-complaints
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Postal: GPO Box 5218, Sydney NSW 2001

OAIC Process:

The OAIC may:

Investigate your complaint
Attempt conciliation between parties
Make determinations about breaches
Impose penalties or orders for remedial action

Time Limits:

You should complain to the OAIC within 12 months of the act or practice complained about (extensions possible in some circumstances).

13.4 Other Remedies

You may also:

Seek legal advice about potential legal claims
Pursue court remedies (though OAIC complaint is typically required first)
Report to other regulators if applicable (ACCC for consumer protection issues, etc.)

14. CONTACT INFORMATION

Privacy Officer / Contact Person: Site Administrator

Email: info@propertyresearchhub.com.au

Postal Address: PO BOX 469, North Lakes QLD 4509

Website: https://propertyresearchhub.com.au

Response Time:

We aim to respond to privacy inquiries, access requests, and complaints within:

5 business days: Acknowledgment
30 days: Substantive response

For complex matters, we may require additional time and will notify you of any delays.

ACKNOWLEDGMENT AND CONSENT

By using our Site, you acknowledge that:

✓ You have read and understood this Privacy Policy
✓ You consent to the collection, use, and disclosure of personal information as described
✓ You consent to overseas disclosure to countries listed in Section 6
✓ You understand our cookie and tracking practices
✓ You understand third-party privacy implications
✓ You accept the terms of this Privacy Policy

If you do NOT agree, please do not use our Site or provide personal information.