Who We AreMarket InsightsMessage Us

Doorsteps Group
Privacy Policy

No items found.

Welcome to Doorsteps!

We take your privacy seriously, and that’s why we want you to know exactly how your information will be shared amongst our different businesses and when we need to share it with a third party.


OpenAgent Pty Ltd ABN 93 161 595 679 (OpenAgent), OA Real Estate Pty Ltd ACN 164 368 843, Doorsteps Finance Pty Ltd ACN 648 541 879 (Doorsteps Finance) and Doorsteps Solutions Pty Ltd ABN 60 654 334 246 and Australian Credit Licence Number 537369 (Doorsteps Solutions), ) respects all customers, third parties, suppliers and visitors (you, your or yours) privacy and is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles and the Privacy (Credit Reporting) Code 2014 (Credit Reporting Code). The Privacy Act defines personal information as information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not (personal information).  In this policy, “Doorsteps”, “we”, “us” and “our” refers to each of OpenAgent Pty Ltd, OA Real Estate Pty Ltd, Doorsteps Finance Pty Ltd and Doorsteps Solutions Pty Ltd.

This Doorsteps Privacy Policy (Privacy Policy) applies to all personal information collected by us, or submitted to us, whether offline or online, including information collected in connection with the use of OpenAgent’s vendor research services, an application for credit or any other service we provide, or any personal information received by us from a credit reporting body from credit information held about you bearing on your credit worthiness (credit reporting information), or information about you such as your repayment history, the type and amount of credit provided to you, default and payment information, personal insolvency, court proceedings and any other publicly available information that relates to your credit worthiness (credit information) (collectively, credit information and credit reporting information, the credit-related information), or information submitted by you through our website, platforms and any mobile sites (Websites),  or through our official social media pages that we control (our Social Media Pages) as well as through HTML-formatted email messages that we send to you (collectively, including the Social Media Pages,  and Websites, the Sites).

This Privacy Policy describes how we deal with information we collect and demonstrates our commitment to the protection of your privacy. By making an application for credit or any other service we provide, visiting the Sites and otherwise providing personal information to us, you are accepting and consenting to the practices described in this Privacy Policy. If you do not agree with any of the terms of this Privacy Policy, please do not use the Sites or submit any personal information to us.

Kinds of Personal Information We Collect

We collect personal information from you for the purposes of dealing with you and in assisting us to arrange for the products and services you request to be provided to you. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. This may also entail collecting credit-related information where you decide to apply for credit.

The personal information we collect and hold may include, your contact details, such as your name, property address, telephone numbers and email address, your personal details, such as date of birth, your employment information, residential status and information about your financial position, including your income, expenses, savings and assets and any (other) credit arrangements, your reasons and objectives for applying for a product or service and where required other details such as the ages and number of your dependants, the length of time you have lived at your current address, information relevant to your property interests, including properties you have shown an interest in and other information we consider relevant to assessment of your application for credit or any other service we provide. We also hold all records of your communications and other interactions with us.

The credit-related information we collect about you and hold includes details of credit applied for and details of the type and amount of credit granted, the fact that credit provided to you has been repaid, whether or not you have made payments on time, default information, being payments overdue and for which collection action has started, information about your credit worthiness, details of any new arrangements made with you, court proceedings and person insolvency information, and if in you have committed a serious credit infringement.

If you would like to understand what information in particular we hold on you, please contact us on privacy@doorsteps.com.au.

Collecting your Personal Information

We collect personal information about you when it is reasonably necessary for one or more of our activities or functions. This personal information is collected in a number of ways, including through the Sites. This information may also be collected automatically sometimes. For example, through tracking technologies (including cookies). We may:

  • collect personal information from the Sites, such as when you visit, use or register on our Websites, or Social Media Pages;
  • collect personal information from you when you contact, do business or interact with us by phone or email;
  • receive your personal or credit-related information from other sources, such as public databases, acquired contact lists, real estate agents, professional and other credit bodies (for example under reciprocal arrangements), your employer, regulators and government and statutory bodies;
  • share your personal or credit-related information between related body corporates OpenAgent Pty Ltd, OA Real Estate Pty Ltd, Doorsteps Finance Pty Ltd and Doorsteps Solutions Pty Ltd  as consented to from time to time;
  • ask a credit reporting body for your credit report if you apply for credit;
  • via payment providers. For example, if you enter into a contract for our services where a fee is payable, we will need to collect and use your payment information, including your credit/debit card details in order to process payment. This type of personal information is usually processed and provided to us by and in accordance with the relevant payment provider’s terms; or
  • from digital tracking tools such as Google Analytics and Google Signals

The provision of your personal information is voluntary. However, if you cannot, or will not, provide us with the personal or credit-related information we reasonably require, we may not be able to verify your identify, assess your application for a product or service, manage our relationship with you, contact you or otherwise interact with you, perform our statutory functions, or provide you with some or all of our credit products and other services.

Using Your Personal Information

We will not collect or use your personal information or credit-related information unless it is lawful for us to do so. We collect and use personal and credit-related information for the following purposes:

  • to provide and personalise the services, including by contacting you, verifying your identity, and to check your eligibility for our products and services;
  • to establish, administer and manage your account and/or profile, including verifications of profiles, monitoring and reporting as required under our terms or under any applicable laws;
  • to facilitate communications between you and us or selected business and commercial partners that you have requested contact with, including (without limitation) real estate agents, credit providers or their intermediaries.
  • considering any application made by you for products or services offered by us, including credit and other services;
  • to those involved in maintaining, reviewing and developing our business systems, procedures and infrastructure;
  • to exchange credit-related information with credit reporting bodies for the purpose of assessing and managing your application for products and services offered by us;
  • to our partners in financial transactions, including financial institutions, merchants and payment organisations;
  • to credit and fraud reporting agencies, debt collection agencies, and organisations involved in our normal business practices;
  • fulfilling orders or requests for information, products or services (with your consent, if required);
  • fulfilling our role as a credit provider, including maintaining customer records, providing information on our services, products and benefits;
  • for promotional and marketing purposes, including communicating information about our products and services (with your consent, if required);
  • for the purpose of a referral (with your consent, if required);
  • monitoring, moderating and improving our Sites;
  • managing complaints;
  • providing products and services, or information relating to such products and services (with your consent, if required);
  • to verify your identity with third party service providers against the information held on your credit file or to obtain your banking transaction history (if relevant). We may also engage with relevant registries using third party systems to match details contained in your Australian passport, driver licence, Medicare card, birth certificate and any other identification documents you provide us. We may also obtain the last 90 days of bank statements from your account for the purpose of assessing your loan application;
  • to generate and provide stories, commentary, profiles and descriptions (including without limitation, the sharing of feedback or reviews, photos or other personal information) accessible through the services, associated Sites and/or Social Media Pages;
  • to create, host, publish, post, share, store or upload photos illustrations, text, video, still images, audio, interactive virtual tours and other material;
  • to generate and report aggregate statistics to advertisers and our service providers and third-parties; to create or distribute advertising and marketing material that is relevant to you, including material relevant to or on behalf of selected business and commercial partners;
  • to initiate and develop new business opportunities for us and/or selected business and commercial partners;
  • to nurture and verify your data profile by combining your personal information with information we have collected from other sources in order to generate and report analytics, insights and research for us, and and for our selected business and commercial partners;
  • to understand, diagnose, troubleshoot, and fix issues with our services;
  • for quality assurance and training purposes;
  • to conduct business planning, reporting, and forecasting;
  • to administer and manage delivery of products and services, including matters relating to making payments;
  • to communicate with you in relation to the services, which includes notifying you of changes, surveys, and information about security updates;
  • to evaluate and develop new content, features, technologies, and improvements to the services, including the development, administration and enhancement of algorithms, functionality and performance;
  • to complete and provide internal and external reports and manage reporting and compliance related matters;
  • providing information to third parties as authorised or required by law or a court or tribunal; and
  • any other uses identified at the time of collecting your personal information.

Our Sites may also contain hyperlinks to websites operated by third parties. We are not responsible for the content of such websites, or the manner in which those websites handle any personal information you provide. In these cases, your personal information may be collected by that third party and not by us and will be subject to that third party's privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, that third party's use or disclosure of your personal information.

Opting out of Marketing

In addition to the specific circumstances above, we will only use your personal information with your consent (if required under applicable data protection laws) when we process your personal information in order to send you carefully selected marketing materials about our products and services (or those of our third party partners) by email, text or push notification, depending on your account or operating system settings. You have the right to opt out of receiving direct marketing at any time. If at any time you wish to stop receiving direct marketing messages from us you can let us know by contacting us. In your request, please indicate that you wish to stop receiving marketing communications from us.

Disclosing Personal Information

We may disclose your personal and credit-related information to any of our related and associated companies, affiliates and subsidiaries, including those established in the future, for example, guarantors and security providers, credit bureaus, credit reporting bodies, other credit providers, brokers, agents, financial advisors and people who act on your behalf, organisations involved in our funding arrangements, other banks and financial institutions, auditors, organisations that help identify illegal activities and prevent fraud, any data processors processing your information on our behalf, where applicable, third parties who provide related services or products in connection with our business such as real estate agents, our vendors, business partners, and any party assisting us in carrying out the purposes described above.

We may also disclose your personal and credit-related information to parties which participate in joint marketing schemes with us, any agent, contractor or service provider who provides verification of identity, administrative, order processing, payment clearing, credit reference, debt collecting or other services necessary to the operation of our business, any person to whom we are, in our belief in good faith, under an obligation to make disclosure as required by any applicable law, government agencies, statutory authorities and industry regulators, our auditors, consultants, accountants, lawyers or other financial or professional advisers and our sub-contractors or third party service or product providers as may be determined to be necessary or appropriate.

Notifiable Matters

Where you have made an application for consumer credit, we are required under the Credit Reporting Code to ensure that you are aware of certain matters, such as how we exchange your credit-related information with credit reporting bodies. We use the credit-related information that we exchange with a credit reporting body to confirm your identity, assess your credit worthiness, assess and manage your application for products and services.Details of these matters can be viewed on our Websites and are also set out in the ‘privacy consent and electronic authorisation’ we will ask you to agree to at the time you apply for consumer credit. You may request to have these notifiable matters (and this Privacy Policy) provided to you in an alternative form, such as a hard copy.

Correcting Your Information

Individuals may request access to their personal and credit-related information unless we are permitted by law to withhold that information. Individuals may also request the correction of any personal information which is inaccurate by contacting our Privacy Officer at privacy@doorsteps.com.au. To the extent permitted by law, there are some exceptions where this access may be denied. If we deny you access to the personal or credit-related information we hold about you, or if we refuse to correct your personal or credit-related information, an explanation will be provided to you. To request access and seek the correction of personal information held by us, please email, call or write to us. We will endeavour to respond to any access or correction request within 7 working days of receipt.

Privacy Complaints

If you would like any further information about our handling of personal information, or to make a complaint about our handling of your personal information, or you believe there has been a breach by us of the Privacy Act or the credit reporting provisions of the Credit Reporting Code, please lodge a complaint addressed to our Privacy Officer at privacy@openagent.com.au. Once we receive your complaint, we will respond to you within 7 working days. We will provide you with a decision on your complaint within 30 days. If you are unsatisfied with the outcome of your complaint, you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution, you may wish to take your complaint to the Australian Financial Complaints Authority, which can be contacted by phone on 1800 931 678, by email at info@afca.org.au, or in writing to GPO Box 3, Melbourne VIC 3001. Please email privacy@openagent.com.au if you need to obtain our AFCA membership details or if you need further assistance in this regard. Or, you can contact the Office of the Australian Information Commissioner (OAIC). The OIAC can be contacted by phone: 1300 363 992. Website: www.oaic.gov.au

Notifiable Data Breach Scheme

The Notifiable Data Breaches (NDB) scheme applies to eligible data breaches that occur on or after 22 February 2018. It mandates a reporting and notification process for Doorsteps.The OAIC administers the NDB scheme.

If there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that Doorsteps holds;

  • this is likely to result in serious harm to one or more individuals; and
  • we have not been able to prevent the likely risk or serious harm with remedial action,
  • then we are required to notify the OAIC about the incident.

The NDB scheme ensures that as an organisation, we are accountable for your privacy protection. The notification process is important for building a relationship of trust and transparency. In addition, by keeping you notified, you’re better able to take steps to mitigate harm, such as changing passwords or being alert to phishing emails or scams. In the interim, Doorsteps would also be taking steps to remediate the breach and will keep you advised on our progress, including the security measures being undertaken. 

Please contact us on the details provided if you have any questions about this.

By Post: PO Box 419, Alexandria NSW 1435

By Email: privacy@doorsteps.com.au


We will collect information using cookies when you use our Sites, including any mobile or tablet applications. These cookies will tell us about your visit to our Sites and help us to remember you, allowing us to create a customised experience for your next visit. For example, marketing cookies help us to determine which of the services may be of interest and value to you and then tell you about them. We also use cookies for other purposes. For example, to better understand behaviours and habits, as well as diagnosing problems and making improvements to our products and services. We may also use cookie information to display targeted advertisements or content on our network and on our Sites and also on third party networks and websites, including Google and Facebook.

Doorsteps uses Google Analytics and Google Signals.

Google Analytics uses cookies to analyse your use of our Sites. The information generated by the cookie is usually sent to and stored overseas by Google. The types of information generated by the cookie include your location, search history and data from sites that partner with Google. We use the information provided through Google Analytics to understand and evaluate your use of our website, compile reports about activity and provide other services relevant to optimising your use of the Sites.

We also use Google Signals. This allows us to assign and track the customer journey of an individual website visitor to different end devices. For example, we can see when a user clicks on an Doorsteps advertisement on one device and then registers for our services on another device. However, we can only see this if the user has logged in to a Google service when visiting a website and has activated the option “personalised advertising” in their Google account settings at the same time. If you do not want “Google Signals” to be used, you can disable the “Ads Personalisation” option in your Google Account preferences. No personal data or user profiles are accessible to us; this means you remain anonymous to us.

For more information, please see Google’s Privacy Policy which is available here.

De-identified Data

From time to time, we may collect, use and disclose de-identified data. De-identified data is data which has had all personally identifiable information removed or anonymised.  This means that you can no longer be identified, nor can any other individual in that data-set. When we no longer need your personal information for any of the purposes set out in this Privacy Policy, or as otherwise required by law, we will take reasonable steps to destroy it or to de-identify it.  We will use de-identified data for research and commercial purposes, such as creating reports and insights.

For example, we will use and share historical and current de-identified user and transactional data to develop marketing initiatives and product offerings. Those understandings, whether developed internally or in connection with an external partner may also be provided to our selected business and commercial partners from time to time.  If you have any concerns or questions about our approach to, or use of, de-identified data, please let us know.

Government Identifiers

This refers to the use and disclosure of government related identifiers. For example, your tax file number and country of tax residency, medicare card, Australian passport, driver licence or pension card details , citizenship and birth certificate, death and marriage certificates etc.

We do not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an Australian law, regulation or court/tribunal order. Before using or disclosing a government related identifier of an individual, we ensure that such use or disclosure is:

  • reasonably necessary for us to verify your identity for the purposes of the our activities or functions;
  • reasonably necessary for us to fulfil its obligations to a government agency or a State or Territory authority;
  • required or authorised by or under an Australian law, regulation or a court/tribunal order;
  • within a permitted general situation (other than the situations referred to in Items 3, 4 or 5 of the table in subsection 16A(1)) of the Privacy Act exists in relation to the use or disclosure of the identifier; or
  • reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

Online Applications

From time to time, you may send an application to us via an online form. We may use that information to correspond with you directly and to determine the suitability of any products and services.  If you start but do not submit an online application, we may contact you using any of the contact details you have supplied to offer help completing it.

Automated Decision-Making

We may in some cases use automated decision-making. We will only do so if it is authorised by law, if you have provided an explicit consent, or if it is necessary for the performance of a contract. For example, we may use an automated credit approval process. You may request that we use a manual decision-making process instead. You can also express an opinion on or contest any decision which was based solely on automated processing or profiling. If we are using automated decision-making, we will let you know about the logic used, our legal basis, and the significance and envisaged consequences.

Variations to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time by publishing an updated version of this Privacy Policy on our Sites and taking any further action as required by law, after which, your continued use of the Sites or your provision of any further personal information will indicate your acknowledgement to the modified terms of this Privacy Policy. This Privacy Policy was last updated on 26 July 2022.