Privacy Policy

1. Introduction

This Policy outlines how we deal with "personal information", which is information about an individual whose identity is apparent, or can reasonably be ascertained, from that information (Personal Information).

InfoPower (Australia) Pty Ltd (ACN 142 432 942) (we, us or our) has adopted this Privacy Policy, in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (APPs).

We collect Personal Information in conjunction with our search engine for mortgage documents called “Brokerpedia” (Services). The Services help users search for financial product documentation.

2. How we collect Personal Information

We collect Personal Information in four main ways:

(a) collecting specific information relevant to providing the Services (Active Collection);

(b) collection via automated electronic means in accordance with standard business practice on the internet (Automated Collection);

(c) collecting Personal Information from persons other than the individual to which it relates (Third Party Collection); and

(d) generalised passive collection occurring through the use of the Services (Passive Collection).

We engage in Active Collection when an individual or organisation:

(a) (Registrations) registers for an Account; or

(b) (Contact) contacts us via any medium, including telephone, fax or email.

We and some of the third party services providers we use engage in Automated Collection as follows:

(a) (Logs) when you visit our website or use the Services, our server (and Google) may log details about your visit such as your IP address, the time and duration of visit, the link from which you visited, and information about your browser and operating system; and

(b) (Cookies) we will likely place a cookie on your device when you visit our website.

We engage in Third Party Collection when:

(a) (Referrals) a third party refers us business;

(b) (Research) we conduct research on potential clients, and the individuals associated with those potential clients; and

(c) (Aggregators) users access the Service via a broker aggregator platform, so that information is passed through the aggregator.

We engage in Passive Collection whenever users include any personal information in any content entered through their searches using the Services.

3. The kinds of Personal Information we collect

Through the processes above, we collect and hold the following categories of Personal Information about individuals:

(a) (Identity Information) name;

(b) (Contact Information) email address, telephone number, business and postal addresses;

(c) (Behaviour Information) habits, movements, trends, decisions, webpage views, online activity, finances, purchases;

(d) (Internet Data) Internet Protocol or "IP address", referring web site addresses, browser type, operating system, device ID; location; last activity date; IP domain name, access times and other data typically collected by analytics services like Google Analytics; and

(e) (Business Information) business or project information about users or mortgage aggregators with which they are associated.

4. How we hold Personal Information

We hold and store Personal Information using:

(a) (Server) our server and third party data storage services, which are businesses that professionally manage information technology infrastructure;

(b) (Software Services) third party application providers, where we use an application to support our provision of the Service and store data in association with that application on infrastructure provided by those third party application providers;

(c) (Business Devices) devices operated by employees of our business; and

(d) (Paper Files) printed paper and archival storage services.

We may combine or link Personal Information about you that we collect on one occasion with Personal Information about you that we collect on other occasions.

5. How we secure Personal Information

We and our employees, contractors and other authorised representatives take reasonable precautions to protect Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

We secure Personal Information that we collect by:

(a) (Credentials) using authentication credentials for each portion of the data storage infrastructure that we control in accordance with best practice;

(b) (Passwords) using specialized software to generate passwords that are less vulnerable to “brute force” attacks/ allowing users to generate protect content through passwords;

(c) (Encryption) using specialized encryption algorithms and software to protect passwords and forcing one-way encryption to prevent reverse-engineering of these the passwords that we generate;

(d) (Session Expiry) forcing time-out of authentication sessions and requiring re-authentication to minimise risk associated with idle connections;

(e) (Firewalls) using both server and network firewalls to control access points in and out of the data storage infrastructure;

(f) (Network Traffic Encryption) using Secure Sockets Layer (SSL) technology to secure transmissions both to and from the data storage infrastructure; and

(g) (Reputable Vendors) ensuring that the third party providers holding data and information on our behalf are reputable vendors taking reasonable steps to secure the information.

By using any part of the Services, individuals acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed when Individuals provide information, including Personal Information, to us via the Services at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.

6. The purposes for which we collect, hold and use Personal Information

We collect, hold and use Personal Information for the purpose of providing the Services to individuals, since the Services often involve dealing in Personal Information.

For Passively Collected Personal Information, the collection, holding and use of information happens simply by virtue of users conducting searches with the Service. It is part of the Service to allow users to enter information through the Service.

For Actively Collected and Automatically Collected Personal Information, our handling of Personal Information includes holding and using the Personal Information so that we can:

(a) (Identify)identify individuals for the purpose of providing the Services;

(b) (Functionality) provide functionality within the Services;

(c) (Communicate) communicate with individuals for the purpose of providing the Services, including notifications, support; communications about our goods and services; marketing and promotions; and competitions, surveys and questionnaires;

(d) (Transact) transact with individuals for the purpose of providing the Services; and

(e) (Business Development and UX) assess the progress and success of our Services, develop business opportunities and enhance user experience of our Services; and

(f) (Secure access) Providing secured access to users using an account and allowing users to retrieve their password if they forget it.

We tend not to use information collected via automated means in order to identify specific individuals. Rather, it is generally used for data analysis. For example, we may use cookies and log information to ascertain the number of unique visitors to our website, whether or not those visitors are repeat visitors, and the source of the visits.

7. How and when we share or disclose Personal Information

(a) Lending institutions may store Personal Information and other information provided about users.

(b) Collection and use of such Personal Information by lending institutions may be subject to the relevant lending institutions’ privacy policies, and to get more information on the lending institutions that Brokerpedia deals with, and their privacy policies, the user should contact Brokerpedia.

(c) Consent to direct marketing by lending institutions.

Our Service may share Personal Information about users of the Service with lending institutions and broker aggregators. The objective is to create opportunities for lenders to meet the needs of users and their clients. The service facilitates this objective by providing lenders with:

(a) relevant information, derived from user searches and usage of the Services, about users’ needs; and

(b) the means to contact such users with relevant offers.

Such information will be shared in the following circumstances:

(a) (Product Match) the search terms relate to specific products offered by a lender;

(b) (Category Match) the search terms relate to a category of product offered by a lender; or

(c) (Support Match) the user’s use of the Service indicates difficulty with a lender’s documentation or information related to it.

When users enter searches into the Services using a broker aggregator’s platform, such information may be processed through the aggregator’s platform and stored in connection with that platform.

When we use the services of companies that we work with to provide our Services, this may involve providing some degree of access to Personal Information. These third party service providers include:

(a) (Hosting) Cloud and web hosting service providers;

(b) (SAAS) providers of software as a service;

(c) (Support) providers of IT support services, web and software development; and

(d) (Online payment) providers of online payment systems.

We will only share Personal Information with these third parties to the extent reasonably necessary to perform their functions, in order to make our Services more effective and affordable. This means it is unlikely we would share specific content created by you or linked to you in any way that would be personally identifiable in the circumstances.

By using any part of the Services, individuals acknowledge that we are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose or transfer Personal Information to in accordance with this Privacy Policy or any applicable laws). The collection and use of Personal Information by such third parties may be subject to separate privacy and security policies. For more information on the third party service providers we use, and their privacy policies, please contact us using the details listed below.

For information on disclosures to overseas recipients, see below.

8. Contacting us to access, change or delete Personal Information

You may edit your account information through the Services.

However, you can also contact us using the following details to:

(a) request access to the Personal Information that we hold about you;

(b) correct Personal Information that we hold about you; and

(c) ask us to delete your account permanently including content on it.

Position Title:

Andrew Chinn


02 9770 3588



Postal Address:

Suite 603 / 491 Kent Street, Sydney

We reserve the right to refuse access or correction where there are reasonable grounds for doing so, for example if:

(a) the request is frivolous;

(b) providing access would be unlawful or would compromise the privacy of another person; or

(c) the requested correction would result in information being misleading or inaccurate.

9. How an individual may complain about an APP breach, and how it will be handled

(a) If you have a complaint relating to an alleged breach of the APPs, you should contact us using the details listed in the previous section of this Privacy Policy.

(b) When you notify us of a complaint about our handling of your Personal Information, we will deal with the complaint by responding to it in writing within a reasonable period (usually 10 business days from the day we receive your email).

(c) We will endeavour to work with you to resolve the complaint entirely within 30 days, although that period may be longer if it is reasonable to take longer given the nature of your complaint.

(d) If you are unsatisfied with our response, you may make refer the complaint to the Office of the Australian Information Commissioner (http://www.oaic.gov.au/).

10. Disclosure of Personal Information to overseas recipients

(a) Our use of third party service providers may result in the storage or processing of your Personal Information overseas in Hong Kong, Vietnam, New Zealand, USA and Canada. You may not have the same rights in relation to the handling of your Personal Information by overseas recipients as you would under Australian privacy law.

(b) By providing us with Personal Information, you consent to the access or transfer of your Personal Information to recipients outside Australia.

(c) If you consent to such access or transfer, we will not be accountable for overseas recipients’ handling of your Personal Information. In any event, we take reasonable steps to ensure that the Personal Information that has been access or transferred will not be held, used or disclosed by the recipient of the information inconsistently with the APPs.

11. Amendment

We may amend the Privacy Policy at our sole discretion. If you continue to use the Services after receiving notice from us of such an amendment to the Privacy Policy, you agree to be bound by the Privacy Policy as amended.

This Privacy Policy was last updated on 1 April 2015.

COPYRIGHT contents