HP-logo

Privacy Policy

Introduction & Purpose

Handler Property Group (HPG) is bound by the Privacy Act 1988 (Cth), including the 2025 reforms (“Privacy Act Changes”), and the Australian Privacy Principles (APPs). This updated Privacy Policy incorporates strengthened obligations under APP 11 relating to data security and reflects our use of offshore third‑party service partners who may store or access personal information.

 

This Policy explains:

 

  • Why we collect personal information
  • What we collect
  • How we collect, use and disclose personal information
  • Cross-border disclosures (APP 8)
  • Security and integrity of personal information (APP 11)
  • Access and correction rights
  • How to make a complaint 

Scope

This Policy applies to all personal information collected or provided to us by clients, tenants, suppliers, contractors, employees, job applicants and any individual engaging with HPG. It applies to all HPG personnel, independent contractors, offshore partners and any third parties handling information on our behalf.

What is Personal Information?

Personal information is any information or opinion that identifies, or can reasonably identify, you.

Why We Collect Personal Information

We collect personal information to deliver our real estate, asset, and property management functions, including:

 

  • Service delivery, tenancy management and communications
  • Billing, payments, accounts administration
  • Recruitment and employment
  • Supplier onboarding and management
  • Safety, compliance and risk management
  • Marketing (with opt‑out capability)

 

We may also collect information as required or authorised by law.

Types of Information We Collect

The nature of information depends on your relationship with us. This may include:

 

  • Contact and identity information
  • Employment and qualification details (candidates/employees)
  • Business and financial information (suppliers/contractors)
  • Tenant, occupier and customer information

 

Sensitive information is collected only with consent and when reasonably necessary for our functions.

How We Collect Information

We collect information in lawful and fair ways including:

 

  • Forms, applications, transactions
  • Email, phone or in‑person communications
  • Business cards
  • Our website, technology systems and portals
  • External or publicly available sources

 

Unsolicited information is destroyed or de‑identified unless we are legally permitted to retain it.

Use of Personal Information

We use personal information for the purposes outlined above and as otherwise permitted under the Privacy Act. We will not use information for secondary purposes unless permitted or with your consent.

Direct Marketing

We may use your personal information for direct marketing, unless you opt out. Sensitive information will only be used for direct marketing with consent.

Offshore Disclosure and Third‑Party Access (APP 8)

HPG engages offshore third‑party partners for administrative, technology and data‑processing support. These partners may access or store personal information.

 

Before disclosing information overseas, we take reasonable steps to ensure the recipient:

 

  • Handles information in accordance with the APPs
  • Implements adequate security controls
  • Uses information only for authorised purposes

 

By providing personal information to us, you acknowledge that offshore disclosure may occur.

Security and Integrity of Personal Information (APP 11)

In accordance with APP 11 and the Privacy Act 2025 reforms, HPG maintains robust measures to protect personal information from:

 

  • Misuse, interference or loss
  • Unauthorised access, modification or disclosure

 

Security controls include:

 

  • Multi‑factor authentication and credential controls
  • Encryption of data at rest and in transit
  • Access restrictions based on least‑privilege principles
  • Secure disposal and de‑identification of data no longer required
  • Cyber security monitoring and incident response processes
  • Due diligence and contractual safeguards for all third‑party and offshore partners

 

If a data breach occurs that is likely to cause serious harm, we will comply with the Notifiable Data Breach (NDB) scheme, including notification to affected individuals and the Office of the Australian Information Commissioner (OAIC).

Access and Correction

You may request access to, or correction of, your personal information by contacting us. We will respond within a reasonable period and advise you if any lawful exemptions apply.

Complaints

If you believe we have breached the APPs, please contact our Privacy Officer. If you are not satisfied with our response, you may contact the OAIC.

 

Privacy Officer:

Email: admin@handler.com.au 

Post: Level 8, Transport House, 230 Brunswick Street, Fortitude Valley, QLD 4006

OAIC Contact:

GPO Box 5218, Sydney NSW 2001 

Phone: 1300 363 992 

Policy Updates

This policy may be updated periodically. The latest version will be published on our website.

HP-logo
CONNECT WITH US
Linkedin-in Envelope
BRISBANE OFFICE

Suite 8C, Level 8, Transport House
230 Brunswick Street,
Fortitude Valley QLD 4006

07 3257 2538

SYDNEY OFFICE

Suite 2, Level 4,
333 George Street,
Sydney NSW 2000

02 9127 7090