Knight Frank's External Privacy Policy
1. Application of Policy
Knight Frank is committed to protecting the privacy of personal information in accordance with its obligations under the Privacy Act 1988 (Cth) (the Privacy Act) and, in particular, the Australian Privacy Principles (APPs).
In addition to the Privacy Act, individuals located in the European Union (EU) may also have rights under the General Data Protection Regulation (GDPR). Appendix 1 outlines the details of the additional rights of individuals located in the EU as well as information on how Knight Frank responds to these additional rights.
This policy applies to personal information collected by Knight Frank Australia Pty Ltd and its related bodies corporate in Australia (referred to in this policy as Knight Frank). In this policy, the Group means members of the Knight Frank Group globally.
Under the Privacy Act, personal information is broadly defined. In simple terms it means any information about an individual (i.e. a natural person) who can be identified from the information, whether the information is true or not and whether recorded in a material form or not.
2. Handling of Personal Information
Knight Frank is committed to observing its obligations under the Privacy Act, APPs and GDPR.
2.1 What personal information do we collect?
Knight Frank collects personal information that is reasonably necessary to provide its services and to manage its relationships with clients, other parties and to pursue the legitimate interests of its business.
The types of personal information collected will depend on the services being provided and the circumstances of collection. For example, for property transactions, we may collect personal information from the parties involved (including vendors, purchasers, landlords, tenants etc.) such as name, contact information (i.e. e‑mail address, home and office address, telephone and fax numbers), date of birth, gender, marital status, tax file number, driver’s licence number and expiry date, details of employment and/or occupation, and financial information (including bank account information, information about your assets, occupation and income, account balances and payment history). We also collect credit information, including from credit checks, to assess credit worthiness.
Knight Frank also collects personal information from members of the Group and other parties of the following kinds:
- personal information of current, former and prospective corporate and consumer clients and suppliers, and individual contacts at current, former and prospective corporate and consumer clients and suppliers, including name, contact information, marketing communications subscribed to, wealth category, property requirements, property details (e.g. market value), strategy (e.g. opinions and decisions regarding exploitation of property assets), profile information, notes of previous meetings and viewings;
- in connection with the administration of supplier service matters, including communication with suppliers, evaluation of, and payment for, services, administration of internal systems, and, compliance with company policies and legal requirements, personal information including contact information, notes of previous meetings and telephone calls.
Knight Frank will sometimes need to collect personal information about individuals who are representatives of the organisations receiving Knight Frank’s services (such as business contact details). Knight Frank also collects personal information from job applicants seeking employment with Knight Frank.
If it is necessary to collect sensitive information from an individual, their consent will be obtained.
If you do not provide personal information when requested by Knight Frank, Knight Frank may be unable to provide you with its services.
2.2 How is personal information collected and held?
Knight Frank will collect personal information directly from the individual to whom it relates whenever practicable. This may be done verbally (e.g. in person or over the telephone), in writing (e.g. by letter, fax, email, application or other form) or through contact via our websites.
In circumstances where it is not practicable to collect the information directly from the individual, Knight Frank may collect the information via third parties. This may occur, for example:
(a) from the individual’s employer;
(b) from credit reference agencies or other credit reporting bodies and financial institutions or other credit providers;
(c) Knight Frank’s own records about you, from which Knight Frank may internally generate its own scores, assessments or deductions, particularly in relation to credit worthiness;
(d) from other agents and valuers who work with us;
(e) from property owners for whom we market properties or provide other services;
(f) from referees;
(g) from our contractors;
(h) from market research companies contracted by us to obtain information in relation to our services or from which we purchase mailing lists;
(i) from recruitment agencies;
(j) from publicly available information and databases; or
(k) from other members of the Group.
From time to time, Knight Frank may include links on its website to the websites of other organisations. Knight Frank is not responsible for the content or privacy practices of those other websites or organisations.
Personal information received by Knight Frank is held securely, either in electronic files on Knight Frank’s computer systems or in physical files held on Knight Frank’s premises.
Cookies (small files placed on a user’s computer when you access a website) are used on our website. Most web browsers allow you to control whether to accept Cookies. You can accept or decline cookies through your browser settings. Unless you use your browser settings to elect not to accept Cookies on your browser, the Knight Frank website will automatically place a Cookie on your computer to enable you to make full use of our website’s functionality. If you decline cookies you may not be able to access all the features of our website and online services.
2.3 How do we use personal information?
Knight Frank generally holds and uses personal information for the following purposes:
(a) to provide our services to clients;
(b) to manage third party relationships including with contractors and consultants;
(c) for security purposes (e.g. details collected at open inspections);
(d) to conduct marketing activities, including keeping individuals informed about our services and properties we are dealing with and direct marketing via social media;
(e) for the purposes of review and analysis of clients’ property requirements; communicating with clients regarding properties, opportunities and Knight Frank services they may find of value, communicating with clients to set up property viewings and meetings, providing ongoing advice to clients, including buying, selling, letting, management, development, investment and professional consultancy;
(f) for the purposes of the administration of supplier service matters, including communication with suppliers; evaluation of, and payment for, services; administration of internal systems, and compliance with company policies and legal requirements;
(g) to lawfully obtain credit information and to assess credit worthiness.
2.4 Disclosure of personal information to third parties
Knight Frank may disclose personal information to third parties – for example, to our contractors, customers/clients, franchisees, potential vendors, purchasers, landlords or tenants, media organisations, other agents and their customers/clients, owners’ corporations/bodies corporate, and to parties engaged to evaluate a property – for the purpose for which the information was collected or related purposes (such as to complete a transaction or provide a requested service).
Personal information may also be disclosed to advisers (including but not limited to solicitors), financial institutions and other credit providers, credit reporting bodies, government and statutory bodies, and to third party contractors engaged by Knight Frank (e.g. valuers, debt collection services, printing and mailing services, payroll and accounting services, auditors, information technology, marketing service providers).
Knight Frank may disclose personal information to other members of the Group (both within and outside Australia) where necessary for our purposes.
Overseas disclosure
Personal information may be disclosed to overseas recipients, including but not limited to members of the Group. Overseas recipients are likely to be located in the United Kingdom, New Zealand and Singapore.
Where we disclose personal information to another party, we will require the third party to use the personal information only for the specific purposes for which we supply the information.
2.5 Direct marketing, including via social media
Knight Frank may use and disclose your personal information in order to inform you of products and services that may be of interest to you, including via social media platforms. In the event you do not wish to receive such communications, you can opt-out by contacting Knight Frank’s Privacy Officer via the contact details set out at section 2.7 and 2.9 below or through any opt-out mechanism contained in a marketing communication to you.
2.6 Safeguarding your personal information
Knight Frank has technological and operational processes and procedures in place to protect personal information from misuse, interference and loss, unauthorised access, modification and disclosure.
Notwithstanding Knight Frank’s commitment to safeguarding your personal information, if an ‘eligible data breach’ occurs (within the meaning of the Privacy Act), we will notify you and the Office of the Australian Information Commissioner (OAIC) that this has occurred. An ‘eligible data breach’ broadly refers to the situation where there has been an unauthorised access to, or unauthorised disclosure of, your personal information held by Knight Frank in circumstances where a reasonable person would conclude that the access or disclosure would likely result in serious harm to you.
2.7 How to request access or correct personal information
Under the Privacy Act, you have the right to seek access to and correction of personal information we hold about you, subject to some exceptions.
To request access or to correct your personal information, or to obtain more information about Knight Frank’s privacy policy, you can contact Knight Frank’s Privacy Officer:
By telephone: 03 9604 4700
By letter to: The Privacy Officer, Knight Frank, Level 29, 120 Collins Street, Melbourne 3000
By email: privacy@au.knightfrank.com
Knight Frank will endeavour to respond to requests for access to or correction of personal information within a reasonable period of time.
Where we refuse access, we will where possible provide you with a written notice setting out our reasons for the refusal and the avenues for complaint about the refusal.
We may charge a fee for providing access to personal information. No fee is charged for the making of a request for access or correction.
2.8 How to opt out
If you do not wish to receive any further information from Knight Frank, including direct marketing materials as referred to above at section 2.5, you can contact the person named on the last communication you received from Knight Frank. Alternatively, if receiving emails from Knight Frank, you will have the option to unsubscribe from our mailing list by following the directions on our emails or you can opt-out by contacting Knight Frank directly via the contact details set out below.
2.9 How to get more information or make a complaint
Please direct any questions about this policy or complaints about a breach of privacy by Knight Frank to Knight Frank’s Privacy Officer who can be contacted:
By telephone: 03 9604 4700
By letter to: The Privacy Officer, Knight Frank, Level 29, 120 Collins Street, Melbourne 3000
By email: privacy@au.knightfrank.com
Any complaint should be made in writing. At all times, privacy complaints:
- will be treated seriously;
- will be dealt with promptly;
- will be dealt with in a confidential manner; and
- will not affect your existing obligations or affect the commercial arrangements between you and Knight Frank.
Knight Frank’s Privacy Officer will investigate your complaint. You will be informed of the outcome of your complaint following completion of those inquiries. In the event that you are dissatisfied with the outcome of your complaint, or an extension to the time in which Knight Frank will resolve it, you may refer the complaint to the OAIC.
3 Updates to our Privacy Policy
We will publish changes to this Privacy Policy and indicate the effective date when this Privacy Policy is updated. If we make any material changes to this Privacy Policy, we will notify you by sending an e-mail to the e-mail address you most recently provided us or by posting notice of the changes on this site.
For further information concerning what personal information we hold about you, how you can access it and our use of personal information generally, please email our Privacy Officer on privacy@au.knightfrank.com.
Appendix 1 - Additional rights for individuals located in the European Union
Under the GDPR individuals located in the EU have extra rights which apply to their personal information. Personal information under the GDPR is often referred to as personal data and is defined as information relating to an identified or identifiable natural person (individual). This Appendix sets out the additional rights we give to individuals located in the EU including how we process personal information lawfully, transparently and fairly. Please read the Privacy Policy above and this Appendix carefully and contact us at privacy@au.knightfrank.com if you have any questions.
1 The personal information this Appendix applies to
The personal information which this Appendix applies to and which we collect is as set out in the Privacy Policy above at section 2.1.
Similar to collecting sensitive information under the APPs as set out in the Privacy Policy above at section 2.1, we will only collect special categories of data where it is necessary and where we have obtained your consent. Special categories of data under the GDPR means personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, and genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
2 How we use the personal information
Knight Frank will only process your information where we have a lawful basis on which to do so.
To provide you with some guidance on the lawful bases used, Knight Frank will process your personal information in pursuance of our legitimate interest if we receive any requests related to, for example, a product or service, a call-back, or specific marketing materials; we will use your personal information to fulfil your request. Where we need to manage your account and protect you against and identify possible fraudulent transactions, we will do so in accordance with our legal obligation placed on us under law. Where we need to perform an identity or credit check as part of performing a contract with you or preparing to enter into a contract (such as accessing your application) we will process this information on the basis of performing the contract and only for the purpose of fulfilling the performance of the contract. We will seek consent from you if we need to process your information for other purposes. To ensure meaningful consent is obtained from you, Knight Frank will provide you with reasonable notice ensuring that your consent is provided on an informed basis.
3 Personal Information Retention Period
We will retain personal information while you are actively using our services and for any other period necessary to fulfil the purposes outlined in the Privacy Policy and this Appendix, unless a longer retention period is required or permitted by law.
4 Data Transfers
We are established in Australia but the Group has offices located around the world. We may transfer the personal information we collect about you to other offices within the Group in countries other than the country in which the information was originally collected. Alternatively, we may also use third parties in other countries to process personal information for us.
The countries we transfer personal information to may not have the same privacy and data protection laws as the country in which you initially provided the information. When we transfer your personal information to recipients in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this Privacy Policy.
We have implemented agreements, procedures and controls to help ensure that personal information is protected no matter what country it is stored in or transferred to. For further information, please contact the Knight Frank Privacy Officer at privacy@au.knightfrank.com.
5 You and your information
To the extent provided for by applicable law, you have certain rights in respect of the management of the personal information we hold about you.
5.1 Access
You have a right to access your information by contacting our Privacy Officer at privacy@au.knightfrank.com. Knight Frank does not charge for this service and we will respond to reasonable requests in an appropriate timeframe.
5.2 Personal information deletion
You can unsubscribe and ask us to delete your personal information by contacting our Privacy Officer at privacy@au.knightfrank.com.
5.3 Other rights
To the extent provided by applicable law, you have the right to request rectification of your personal information; to obtain restriction of the processing of personal information; to object to the processing of personal information (including direct marketing) and to data portability. To exercise any of these rights, please contact us as described below.
5.4 Consent
Where you have provided consent for our processing of your personal information, you may withdraw that consent at any time by contacting us as described below. We will cease processing your personal information as soon as reasonably practicable following our receipt of your withdrawal.
5.5 Complaints
If you consider that we have processed personal information in violation of applicable law, please contact us as described below. If you consider that we have processed personal information in violation of applicable law and failed to remedy such violation to your reasonable satisfaction, you have the right to lodge a complaint with a supervisory authority (e.g. the Information Commissioner in the UK). Each supervisory authority’s website should direct you on how to submit a compliant.
6 Children’s privacy
Our website is not directed to children under sixteen. We will obtain consent of a parent or guardian before we collect any personal information of children under sixteen.
7 Safeguarding your personal information
Knight Frank safeguards your information as set out in the Privacy Policy above at section 2.6.
Notwithstanding Knight Frank’s commitment to safeguarding your personal information, if a data breach occurs which we must notify you and the relevant supervisory authority of (within the meaning of the GDPR), we will do so accordingly and without delay. A data breach under the GDPR broadly refers to the situation where there has been an unauthorised access to, or unauthorised disclosure of, your personal information held by Knight Frank and this data breach must be notified unless it is unlikely to result in a risk to the rights and freedoms of natural persons.
8 How to get more information or make a complaint
Please direct any questions about this policy or complaints about this Privacy Policy and the GDPR to Knight Frank’s Privacy Officer who can be contacted:
By telephone: 03 9604 4700
By letter to: The Privacy Officer, Knight Frank, Level 29, 120 Collins Street, Melbourne 3000
By email: privacy@au.knightfrank.com