Privacy Policy

CAPITAL BUYERS AGENCY

Privacy Policy

Effective Date: 1 June 2026  |  Capital Buyers Agency Pty Ltd  |  ABN 21 643 427 874

Who we are

Capital Buyers Agency Pty Ltd (ABN 21 643 427 874) is a boutique buyer's agency based in Canberra, ACT. We work exclusively for property buyers across the ACT and surrounding region.

We are committed to handling your personal information with care, transparency, and respect. This Privacy Policy explains what information we collect, how we use it, and your rights in relation to it.

This policy applies to all clients, prospective clients, website visitors, and newsletter subscribers. It covers our website at https://www.capitalbuyersagency.com.au and the services we provide.

Capital Buyers Agency is a reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). As a result, we have legal obligations to collect and verify client identity information, and to comply with the Australian Privacy Principles in respect of how we handle that information.

For privacy-related questions, contact us via the contact form on our website.

 

What information we collect

Information you give us directly

When you engage our services, enquire via our website, or communicate with us, we may collect:

•       Your name, address, email address, and phone number

•       Financial information relevant to your property search, including pre-approval details, borrowing capacity, and purchasing budget

•       Identity documents collected as part of our AML/CTF obligations, including drivers licence, passport, or other government-issued identification

•       Beneficial ownership information, including details about any trust, company, or other structure through which you are purchasing

•       Information about your property requirements, lifestyle preferences, and family circumstances shared during the search process

•       Records of our meetings, including notes and summaries, where you have consented to the meeting being recorded

 

Information collected automatically

When you visit our website, we automatically collect certain technical data including your IP address, browser type, and pages visited. This is used to improve the performance of our website and is not linked to your personal identity.

 

AML/CTF obligations and identity verification

As a reporting entity under the AML/CTF Act, we are required by law to verify the identity of our clients before providing certain designated services, including representing buyers in property transactions and at auction.

This means we will ask you to provide identity documents, and we may be required to:

•       Verify your identity against government-issued documents before acting on your behalf

•       Identify the beneficial owner of any trust, company, or other structure used for the purchase

•       Assess the source of funds for the transaction

•       Screen your details against sanctions lists and politically exposed persons (PEP) registers

•       Report certain transactions or suspicious activity to AUSTRAC, Australia's financial intelligence agency, where we are legally required to do so

 

These obligations exist under the AML/CTF Act and are not optional. We cannot act on your behalf in a property transaction without completing the required identity verification steps.

Our AML/CTF compliance program is managed in partnership with a specialist AML/CTF compliance provider. Identity verification and customer due diligence procedures are carried out in accordance with our AML/CTF program, which is available on request.

 

How we use your information

We use your information to:

•       Provide buyer's agency services under your engagement agreement

•       Communicate with you about your property search, inspections, and negotiations

•       Meet our legal obligations as a licensed real estate agency and as a reporting entity under the AML/CTF Act

•       Conduct customer due diligence and identity verification as required by AUSTRAC

•       Report to AUSTRAC where required by law

•       Send you our newsletter and property-related updates, where you have subscribed

•       Improve our website and services

 

We will not use your information for purposes beyond those listed above without your consent.

 

Third-party service providers

To deliver our services and run our business, we use reputable third-party service providers including platforms for website hosting and email marketing, client relationship management, accounting and payment processing, meeting notes and summaries, and AML/CTF compliance and identity verification.

Some of these providers may store or process data on servers located outside Australia, including in the United States. Where this is the case, we take reasonable steps to confirm they maintain privacy protections consistent with the Australian Privacy Principles.

We also use AI tools to assist with internal tasks such as research, drafting, and analysis. We do not submit identifiable client information to third-party AI platforms for training purposes.

We do not sell or rent your personal information to any third party.

 

How long we keep your information

Different retention periods apply depending on the type of information and the legal obligation it was collected under.

 

General client records — we retain client records, including search notes, property reports, and correspondence, for 12 months following the completion of a purchase.

AML/CTF records — identity documents and customer due diligence records collected under our AML/CTF obligations must be retained for a minimum of seven years from the date we last provided you with a designated service. This is a legal requirement under the AML/CTF Act and overrides the general 12-month retention period for this category of information.

Newsletter subscribers — contact details are retained for as long as the subscription is active. You can unsubscribe at any time.

 

Where we are required by law to retain records beyond these periods, we will do so and delete records once that obligation has passed.

 

Who we share your information with

We do not sell or rent your personal information to third parties.

We may share your information in the following circumstances:

•       With our AML/CTF compliance provider, for the purpose of identity verification and customer due diligence

•       With AUSTRAC, where we are legally required to report under the AML/CTF Act

•       With third-party service providers engaged to help us deliver our services, to the extent necessary for those purposes

•       With your conveyancer, mortgage broker, or other advisers you have introduced to us as part of your purchase

•       With real estate agents or vendors, only to the extent required in the course of your property search and negotiation

•       As required by law, including to comply with legal proceedings or regulatory obligations

 

Data security

We take reasonable steps to protect your personal information from unauthorised access, loss, or misuse. These steps include:

•       Password-protected access to all platforms holding client data

•       Limiting access to personal information to team members who require it

•       Using reputable third-party platforms with their own security certifications

•       Reviewing and removing access promptly when team members leave the business

•       Handling identity documents in accordance with our AML/CTF program

 

No data transmission over the internet is completely secure. While we do our best to protect your information, we cannot guarantee absolute security.

 

Your rights

You have the right to:

•       Access the personal information we hold about you

•       Ask us to correct inaccurate information

•       Ask us to delete your information, subject to any legal retention obligations including the seven-year AML/CTF retention requirement

•       Withdraw consent to marketing at any time by unsubscribing or contacting us directly

 

To exercise any of these rights, contact us via the contact form on our website. We will respond within 30 days.

 

Data breaches

In the event of a data breach involving your personal information, we will assess the breach promptly and, where required under the Notifiable Data Breaches scheme, notify the Office of the Australian Information Commissioner and affected individuals.

We maintain an internal data breach response plan to make sure any breach is handled quickly and appropriately.

 

Complaints

If you have a concern about how we have handled your personal information, please contact us via our website in the first instance. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au.

 

Governing law

This Privacy Policy is governed by the laws of Australia, including the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth). Where applicable, we also comply with the EU General Data Protection Regulation (GDPR).

 

Updates to this policy

We may update this Privacy Policy from time to time. The effective date at the top of this page will always reflect the most current version. We encourage you to review this policy periodically.