Privacy Policy (‘Website’ in this Privacy Policy) is a website of Winten Property Group (‘We’, ‘our’ and ‘us’ in this Privacy Policy). By using any website or any application (including any mobile or tablet phone application) or device functionality which refers to this privacy policy, you agree to our Internet Privacy Policy which is set out below. This Privacy Policy also applies to the 1 Denison Street mobile phone app provided by us, and to applications hosted by third parties for us. We recognise that your privacy is very important to you and that you have a right to control your personal information. We know that providing personal information is an act of trust and we take that seriously.

Why we collect personal information

The purposes for which we use personal information depends on the dealings you may have with us, and these purposes may differ for tenants, visitors, customers, service providers and job applicants.

1. Tenants and prospective tenants

We collect personal information from individual tenants and guarantors, and representatives of corporate tenants, during negotiations for, and during the terms of, leases for properties we own or operate.

We use personal information for purposes including evaluating whether to grant leases and/ or enter into agreements with prospective tenants, documenting these leases and/or agreements, performing our obligations under leases and/or agreements with tenants, managing relationships with tenants and monitoring properties.

We also collect personal information from staff and visitors of tenants in connection with the control of access to buildings we own or operate by us, described in more detail below.

2. Customers and membership programs

If you are a customer of ours (including a buyer of an apartment or other property from us), we may use your personal information to provide, administer, improve and personalise our services, process payments, identify you, to communicate with you in relation to our services and to respond to your enquiries.

We collect personal information from customers and representatives of corporate customers, during negotiations for, and during the terms of, contracts with our customers.

We may conduct membership programs for use of facilities owned or operated by us, such as concierge services, wellness facilities or end of trip facilities. If you join any of our membership programs, we may use your personal information to provide you with rewards, discounts and access to unique member services though the program. We may also use your personal information to analyse usage of the program, improve our membership content and product offers, and conduct advertising and promotions.

If you give us credit card details we may use those details to process transactions agreed with you and we may store those details for use in subsequent transactions agreed with you without the credit card details needing to be re-entered.

We collect and store transaction information for transactions undertaken with us, including any purchases using our website or any application we support.  The history of such purchases is maintained by us to facilitate a possible future refund, as well as complying to necessary regulations like applicable anti money laundering and anti-terrorism laws.

3. Service providers

If you, or a company you work for, supplies goods or services to us, we may collect your personal information in connection with the provision of these goods or services. We may use your personal information for purposes associated with managing the supply of these goods and services.

4. Job applicants

We collect personal information of job applicants for the purpose of assessing and (if successful) engaging applicants.

We may store information provided by job applicants who were unsuccessful for the purposes of future recruitment. If you do not agree with this information being retained by us, please contact our Privacy Officer (details below).


We use personal information collected through camera surveillance systems (commonly referred to as CCTV) for the purpose of maintaining the safety and security of property and individuals working at or visiting properties we own or operate. CCTV recordings in car parks we own or operate may also collect licence plate details.

6. Visitors and building access control

We operate access control systems for buildings we own or operate to provide security for our own staff and premises, and security for our tenants and our tenants’ staff, visitors and contractors. Those access control systems include devices that govern the access to buildings, including card access controllers operated by:

  • Gallagher
  • Kastle
  • HID
  • Proxy

In the future we may implement access control systems via a mobile phone application instead of card access controllers.  This privacy policy will apply to any replacement access control system.

We collect and store personal information (including location information and CCTV images) of each person who is granted security access to any building we own, including for the purposes of providing or preventing access to any parts of our buildings and the times and locations where the building is accessed or an attempt is made to access the building by any person.

7. COVID and other public health requirements

We collect the name, email, and phone number of visitors meeting with our staff on our premises or visiting buildings we own or operate for the purposes of COVID contact tracing or any other public health purpose as required by the relevant state legislation. We may disclose this information on request to officials entitled to access that information under the relevant state legislation.

We will retain this data for 56 days and thereafter delete it on a monthly basis.

8. Other

We may use your personal information to send you direct marketing communications and information about our services, mostly by email. You may easily request not to receive direct marketing communications by following the “unsubscribe” instructions on the communication, or by contacting our Privacy Officer (details below).

Collecting information:

Only information you provide us with directly will be collected, such as through subscribing to our email notification, or identifying yourself when requesting information to be sent to you or services be provided to you or by you accessing or attempting to access buildings through our access control systems.  We also collect personal information through of CCTV system. The only personal information we collect is what you tell us about yourself or which can be ascertained from your interaction with us, such as your location information. For example, when you fill out a more information form, we collect the details you enter to enable us to post information to you.

In some cases it is necessary to collect, monitor and store location data about you for us to provide services to you. For instance we will collect data identifying your location when you access or attempt to a building we own or operate using our access control system. Location data is stored and retained and is used in connection with the services we provide, including:

  • to identify the location at which you access or attempt to access a building; or
  • to identify your location when requesting a service from us or where a service is to be provided to you.

Disclosure of personal information:

We may disclose your personal information to our contractors and third-party service providers who assist us in the operation of our business and/or the provision of our services, including providers who host our applications. We may disclose your personal information where it is reasonably ascertainable that you have given consent to that disclosure in the context where we have received your personal information, for example, to financial institutions for payment processing or to service providers of services ordered by you through our applications.

Images of individuals collected by CCTV, and details of how you have accessed or attempted to access buildings we own or operate may be provided by us to tenants, law enforcement bodies and insurers for purposes associated with ensuring the security of properties we own or operate and investigating unlawful conduct.

This privacy policy outlines circumstances where we will use or disclose any specific information about you. We will not use or disclose any specific information in any other way about you without your consent, unless required by law. We recognise the trust you place in us when you give us personal information.

Information Emails:

From time to time we will send you relevant information emails regarding products and services which you have previously registered your interest in. If you are receiving promotional information from us and do not wish to receive this information any longer, you may unsubscribe using our email notification form.

How we hold your personal information:

We may hold your personal information in either electronic or hard copy (paper) form. We retain your personal information in our computer systems and databases, and in our physical files.


We will endeavour to take all reasonable steps to keep any information secure which we hold about you, and to keep this information accurate and up-to-date. In addition, our employees are obliged to respect the confidentiality of any personal information held by us.

Data analytics:

We may use the personal information collected from you to carry out data analysis, including to improve our services.  That data analysis is carried out by third parties and we provide your personal data to those third parties for that purpose.  Our 1 Denison Street app uses Firebase analytics. Firebase will use the personal information we provide to them in accordance with its privacy policy.  The Firebase privacy policy can be viewed at

Accessing information and control of your information:

Your trust in us is very important to us. If at any time you want to know exactly what personal information we are holding at any particular time, please contact us.

You are in control of your data collected and stored by us.  You are entitled to have access to delete your account and personal data at any time, whether through the relevant application or by requesting our Privacy Officer (details below) take those steps for you. You can also request an amendment of your personal information if you believe that it contains inaccurate information.

We will allow access or make requested changes to your personal information unless there is a reason under the Privacy Act or other relevant law to refuse you access or refuse to make the requested changes.

Complaints and questions:

If you have questions about how we handle your personal information, or if you have a complaint about our information handling practices, you can contact the Privacy Officer (details below).

In particular, if you wish to make a complaint about how we handle your personal information, you should provide a written complaint to our Privacy Officer.

We will acknowledge receipt of your complaint within 48 hours and will investigate and respond within 10 days of receiving a complaint from you. If you are not satisfied with the decision, you can contact us to discuss your concerns. If the complaint remains unresolved, you have the option of notifying the Office of the Australian Information Commission (OAIC). Contact details can be found at the OAIC’s website:

Contacting us:

You can contact us via the contact details shown on our website at

Our Privacy Officer can be contacted at the phone numbers shown in the contact details on our website or by email to

Further information:

If you would like to obtain further information about privacy issues in Australia, please visit the Australian Federal Privacy Commissioner’s website.

This is our current Privacy Statement. We may at any time vary the Privacy Statement by publishing the varied Privacy Statement on the website.

©2021 Copyright The Winten Property Group