QLD
NSW QLD
Call +61 7 5655 5003 Let's Connect

Privacy Policy

Effective date: 05/05/2026

  1. Overview and Purpose
    This Privacy Policy explains how Rose & Jones Property Pty Ltd and Rose and Jones (QLD) Pty Ltd (together referred to as we, us or our) manage personal and sensitive information in a responsible, transparent and lawful manner.
    We are committed to complying with the Privacy Act 1988 (Cth), including the 13 Australian Privacy Principles (APPs), as well as other applicable privacy and regulatory obligations relevant to the real estate industry.
    This policy outlines how we collect, use, disclose, store and protect personal information, and how individuals may access, correct or make a complaint about the handling of their information. It is intended to foster trust, transparency and confidence in the way we conduct our business.

  2. When This Policy Applies
    This Privacy Policy applies to all personal and sensitive information we collect and hold in connection with our real estate services and business operations, including information relating to:
    • clients, customers, buyers, sellers, landlords, tenants and applicants
    • staff, contractors, consultants and prospective employees
    • suppliers, referrers and other business contacts
    It applies across all forms of information handling, including digital, physical and verbal communications, and covers information collected via our websites, systems, forms, correspondence, inspections, offices and interactions with our personnel.

  3. Applicable Legislation
    This policy is designed to comply with, and operate alongside, the following legislation (as amended from time to time):
    • Privacy Act 1988 (Cth)
    • Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth)
    • Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth)
    • Privacy and Personal Information Protection Act 1998 (NSW)
    • Other applicable Commonwealth and State laws relevant to real estate practice, employment, record‑keeping and regulatory compliance.

  4. Kinds of Personal Information We Collect
    Depending on the nature of your interaction with us, we may collect personal information including, but not limited to:
    • contact details (name, address, phone number, email)
    • identification information (such as driver licence or passport details, or electronic verification outcomes)
    • occupation and employment details
    • next of kin or emergency contact details
    • financial information required for transactions (bank details, proof of funds, income information)
    • rental and employment references
    • property‑related information (details of properties owned, rented, inspected or sought)
    • household details relevant to tenancy or applications
    • communications with us (emails, messages, calls where notified)
    • website and device information (IP address, cookies, analytics data).
    We will only collect sensitive information (such as credit‑worthiness or other sensitive details) where it is reasonably necessary for our functions or activities, permitted by law, and where required, with your consent.

  5. Purpose of Collection and Use of Personal Information
    We collect personal information for the primary purpose of providing professional real estate services, including acting as an agent for the buying, selling, leasing and management of property, and for the operation of our business.
    We may also use personal information for secondary purposes that are closely related to the primary purpose, and which you would reasonably expect, including:
    • communicating with you about properties, transactions, inspections and services
    • responding to enquiries, feedback and complaints
    • reporting to vendors, landlords or property owners
    • marketing our services and providing market information (you may opt out at any time)
    • verifying identity and reducing fraud
    • meeting legal and regulatory obligations, including AML/CTF obligations applicable from 1 July 2026
    • internal administration, billing, record‑keeping, audits, training and quality assurance.
    You are not required to provide personal information; however, if you choose not to do so, we may be unable to provide certain services, information, or allow access to inspections or transactions. Where reasonable and lawful, we will provide you with the option of interacting with us anonymously.

  6. How We Collect Personal Information
    Where possible, we collect personal information directly from you, including through:
    • websites and online enquiry forms
    • application forms and agreements
    • email, telephone and written correspondence
    • inspection and open home sign‑in systems
    • in‑office interactions.
    We may also collect personal information from third parties where necessary, such as:
    • referees you nominate
    • landlords, vendors or transaction counterparties
    • identity verification providers
    • tenancy databases or credit reporting bodies (where permitted)
    • government registers (where authorised)
    • service providers such as IT, CRM, analytics or document management platforms.

  7. Disclosure of Personal Information
    We may disclose personal information to third parties for purposes related to our services or as required by law, including:
    • related entities and authorised staff or contractors
    • vendors, purchasers, landlords, tenants and other transaction counterparties
    • professional advisers (lawyers, accountants, insurers)
    • banks and payment processors
    • IT and business service providers (including CRM, cloud hosting, analytics and marketing platforms)
    • regulators, law enforcement or government agencies (including AUSTRAC) where required or authorised by law.
    We do not sell personal information.

  8. Overseas Disclosure
    Some of our service providers store or process information outside Australia, including cloud‑based software providers. At present, this may include storage or processing in the United States and New Zealand.
    Where personal information is disclosed or stored overseas, we take reasonable steps to ensure that overseas recipients handle the information in a manner consistent with the Australian Privacy Principles. This includes contractual and security safeguards designed to protect personal information.

  9. Automated Decision‑Making
    We do not use automated decision‑making systems, artificial intelligence or computer programs that make decisions solely by automated means using your personal information in a way that would significantly affect your rights or interests.

  10. Website Analytics and Cookies
    We may use website analytics tools to understand how visitors use our website, improve our services, and deliver relevant information or advertising. These tools may include third‑party providers such as Google Analytics.
    Analytics tools may use cookies or similar technologies to collect information such as pages viewed, time spent on the site, device type and IP address. When combined with other data, this information may constitute personal information.
    You can manage or disable cookies through your browser settings. Where applicable, opt‑out options may also be available through the relevant analytics provider.

  11. Data Security and Retention
    We take reasonable technical and organisational steps to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure.
    Information may be stored electronically, in hard‑copy files, and on business devices such as computers or mobile phones. Access to personal information is restricted to authorised personnel who require it to perform their duties.
    We retain personal information only for as long as necessary to fulfil the purposes for which it was collected and to meet legal obligations. In most cases, records are retained for a minimum of seven (7) years. When information is no longer required, we take reasonable steps to destroy or permanently de‑identify it.

  12. Data Breaches
    If we become aware of a data breach, we will respond in accordance with our Data Breach Response Plan. This includes assessing the breach and notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

  13. Access, Accuracy and Correction
    We take reasonable steps to ensure that personal information we hold is accurate, up‑to‑date, complete and relevant.
    You may request access to personal information we hold about you, or request correction of information that is inaccurate, incomplete or out of date. We may require identification before releasing information to protect privacy.
    We do not charge a fee for access requests, but may charge a reasonable administrative fee for providing copies.

  14. Complaints and Enquiries
    If you have a concern or complaint about how we handle personal information, please contact our Privacy Officer using the details below. We will acknowledge and investigate your complaint within a reasonable timeframe.
    If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).

  15. Contact Details
    Privacy Officer: Cloe Reid
    Title: Operations Manager & Compliance Officer
    Email: home@roseandjones.com.au
    Phone: +61 2 9327 6944
    Postal Address: PO Box 1077, Double Bay NSW 1360
    Website: www.roseandjones.com.au

    Office of the Australian Information Commissioner:
    Phone: 1300 363 992
    Website: www.oaic.gov.au

  16. Updates to This Policy
    We may update this Privacy Policy from time to time. The current version will be published on our website, and any significant changes may be notified to you directly or via our website. Your continued interaction with us after an updated policy is published constitutes acceptance of the revised policy.