Privacy Policy

Our Approach

We work with you across your property journey — whether that’s investment, finance, or property management.

You may choose to engage with one of our businesses, or several. Our role is to support you in that process — clearly, respectfully, and without unnecessary complexity.

Your information is handled with that same intent.

Who We Are

This policy is issued by the imagina group of companies : DPN Pty Ltd ABN: 94 630 700 186, Australian Credit Licence 514759. DPN Finance Pty Ltd ABN: 60 622 952 416 is an authorised credit representative Number 504129. DPN Broking Pty Ltd ABN 68 633 955 567, Credit Representative number 545228; and Property Valet Pty Ltd ABN 84 618 428 738.

The imagina Group comprises three related businesses, each operating within a distinct part of the property journey:
‍
•       DPN — property investment strategy, research and access to house & land packages
•       Property Valet — property management
•       Obsidion — property finance and lending

Each business is a separate legal entity. They are related through common owners. Your relationship is with the business you engage — not automatically with all of them.

What We Collect

We only collect information that is reasonably necessary for the service you are engaging. Depending on the service, this may include:

•       Contact details — name, address, phone, email
•       Financial information — income, assets, liabilities, borrowing capacity — finance clients only
•       Property details — holdings, preferences, investment goals —investment and management clients
•       Identity documents — where required by law for credit or compliance purposes

Your consultant will explain exactly why each piece of information is needed. We will not ask for information that is not relevant to the service you have requested.

Anonymity and Pseudonymity

Where it is lawful and practicable, individuals may choose not to identify themselves, or to use a pseudonym, when making enquiries with us. Please advise your consultant at the outset if you wish to proceed on this basis. Note that most of our services require identity verification by law (for example, credit applications and investment services); anonymity may not be available in those contexts.

Unsolicited Personal Information

If we receive personal information about you that we did not request (for example, information provided unsolicited by a third party), we will assess whether it could lawfully have been collected in the ordinary course of our services. If not, we will destroy or de-identify it as soon as practicable and will not use or disclose it, unless required by law.

How We Use Your Information

Your information is used to deliver the service you have engaged us for. This may include:
‍
•       Providing and managing the service
•       Assessing your suitability for finance or investment opportunities (where relevant)
•       Processing applications with lenders and property suppliers
•       Communicating with you throughout your engagement
•       Complying with legal and regulatory obligations
•       Improving how we deliver our services

We do not use your information for purposes unrelated to your engagement without your knowledge or agreement.

Sharing Within the Group

Your default position is simple: your information is held by the business you are working with.

When we may share across the imagina Group

We may share relevant information with another business in our group only where:
‍
•       It is directly necessary to deliver the service you have requested from us
•       You have asked to be supported in another area of your property journey
•       You have expressly agreed for us to do so

We do not share your information across our group simply because our businesses are related. Sharing is limited to what is relevant and reasonably necessary for the specific purpose.

When we will not share

If you are engaging with one business only, your information will stay with that business. We will not assume that because you are a finance client, for example, you wish to be contacted about investment or property management services. Any introduction to another part of our group requires your clear awareness and, where applicable, your agreement.

Your Existing Professional Relationships

You may already work with advisers, brokers, accountants, orother property professionals outside our group. We respect those relationships entirely.

Where appropriate, we will work alongside your existing advisers— not around them. We will not use your information to pursue services that duplicate or undermine those relationships, and we will not contact third parties on your behalf without your knowledge.

Note to partners reading this policy: Our role is to support our mutual clients in the specific areas they have engaged us for. We work collaboratively, not competitively.

Disclosure to Third Parties

Outside the imagina Group, your personal information may be disclosed to:

•       Our approved panel of lenders — for the purpose of processing loan applications — finance clients only. Lenders are prohibited from using your personal information for any purpose other than the specific reason it was provided
•       Property suppliers — where necessary to progress a property transaction
•       Concierge AI Technologies, Inc. — our website AI Concierge provider — receives and stores communications made via the website AI assistant (see Cross-Border Disclosure below)
•       Regulatory bodies — where required by law

We do not sell your personal information.

Cross-Border Disclosure

Concierge AI Technologies, Inc. is based in the United States of America. Your communications via our website AI assistant are stored on US-based servers. Before disclosing personal information to Concierge AI, DPN takes reasonable contractual steps to ensure Concierge AI handles yourinformation consistently with the Australian Privacy Principles. By using the website AI assistant, you acknowledge that your information will be transferred to and stored in the USA, where privacy laws may differ from Australian law. Contact our Compliance Officer for further information about the protections we have put in place for this transfer.

Use of Artificial Intelligence

We may use AI tools within our business operations to improve efficiency, accuracy, and service quality — including in customer communications. Any data processed through these systems is handled in accordance with this Privacy Policy and applicable data protection laws.

When you communicate with our website’s AI Concierge, our service provider Concierge AI Technologies, Inc. receives and stores those communications on our behalf.

Automated Decision-Making

From 10 December 2026, we are required by law to disclose in this policy when personal information is used in automated decision-making that has a legal or significant effect on individuals. In our business this may include: (a) systems used to pre-assess loan eligibility or borrowing capacity; (b) tools that match clients to finance or investment opportunities; and (c) any third-party software applying rules-based logic to personal information. We will update this section before December 2026 with specific details of all such systems. In the meantime, all significant decisions are reviewed by a qualified consultant before being acted upon.

Data Quality and Security

Keeping your information accurate

We take reasonable steps to ensure your information is accurate, up to date, and complete. If your details change, please contact your consultant directly so we can update our records. We retain your personal information for as long as is necessary to deliver the services you have engaged us for and to meet our legal and regulatory obligations. For finance and credit clients this is generally a minimum of 7 years. When information is no longer required, we destroy or de-identify it securely.

How we protect your information

We take the security of your information seriously. Our protections include:

• Secure electronic systems with password-controlled access
• Access limited to staff directly involved in your engagement
• Staff training on privacy obligations and the APPs
• De-identification and secure destruction when information is no longer required

Technical and Organisational Measures (APP 11 — 2024 Amendment)

As required by the Privacy and Other Legislation Amendment Act 2024 (Cth), our obligation to protect personal information expressly includes both technical measures (such as encryption, secure access controls, and system monitoring) and organisational measures (such as staff training, internal privacy governance policies, incident response procedures, and regular privacy risk assessments). These measures are reviewed and updated on an ongoing basis.

Access and Correction

You have the right to request access to the personal information we hold about you, and to request corrections where that information is inaccurate, incomplete, or out of date.

To make a request, contact our Compliance Officer using the details below.

Response Timeframe

We aim to respond to all access and correction requests within 30 days of receipt. If a request is complex, we will notify you of the reason for any delay and an expected response date. We may decline access in limited circumstances permitted by the APPs (for example, where providing access would be unlawful or would unreasonably affect another person’s privacy). If we decline, we will provide written reasons and advise you of how to complain about that decision.

Communications from Us

From time to time, we may contact you about services within our group that are relevant to your circumstances. We only do this where you have consented, and all marketing communications comply with the Spam Act 2003 (Cth). You can opt out at any time by contacting us or using the unsubscribe link in any communication we send. We will honour all opt-out requests promptly and will not contact you again for marketing purposes.

Cookies and Website Tracking

We use cookies and similar tracking technologies on our website to understand how visitors use our site and to improve your experience. This may include analytics tools such as Google Analytics. You can control cookie preferences through your browser settings. By continuing to use our website, you consent to our use of cookies.

Notifiable Data Breaches

We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). If we become aware of an eligible data breach — that is, unauthorised access to, disclosure of, or loss of your personal information that is likely to result in serious harm to you — we will:

• Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable; and
• Notify you directly, providing a description of the breach, the type of information involved, and steps we recommend you take to protect yourself.

Where direct notification to all affected individuals is not reasonably practicable, we will publish a notice on our website. Please contact our Compliance Officer if you have any concerns about the security of your personal information.

Notifiable Data Breaches Questions, Concerns and Complaints

We are committed to resolving any privacy concern promptly and fairly. If you have a question about how your information is handled, or you wish to make a complaint, please contact our Compliance Officer in the first instance.

Imagina Compliance Officer
PO Box 188, Cronulla NSW 2230
Tel: (02) 9525 2033 · Fax: (02) 9523 5618
Email: [email protected]

If your concern is not resolved through our internal process,you may escalate to the relevant external body at no charge. Please allow ourinternal process to be completed first.

Australian Financial Complaints Authority (AFCA)
GPO Box 3, Melbourne VIC 3001
Phone: 1800 931 678 · Email: [email protected] · Website: afca.org.au

Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992 · Website: oaic.gov.au

YourAcknowledgement

When you engage with any business in our group, you acknowledge that your personal information will be collected, used, and handled as described in this policy.

Where your information may be shared with another business in our group beyond the service you have initially engaged, we will notify you of this at the relevant time and, where the APPs require, seek your agreement before doing so.