Dexus is committed to protecting and maintaining your privacy. We comply with the privacy laws in Australia and New Zealand. 

1. Scope

This Privacy Policy applies to Dexus Funds Management Limited and its related entities and trusts operating in Australia and New Zealand, which are subject to the Privacy Act 1988 (Cth) or the Privacy Act 2020 (NZ) (together, “Dexus” “we”, “our”, and “us”).

This Privacy Policy explains how Dexus handles the personal information we collect in the course of operating our business.

2. The kinds of personal information we collect and hold 

The kinds of personal information we collect and hold about you will depend on our dealings with you. In general terms, the kinds of personal information we collect may include: 

• Identity and contact details (e.g. name, date of birth, address, email phone)
• Financial and tax information (e.g. income, asset and liability information, bank account information, tax file number)
• Images and recordings (e.g. CCTV footage, event photographs and videos, call recordings)
• Government identity documents (e.g. driver’s licence, passport)
• Employment related information (e.g. CVs, background checks, referee details) 
• Professional advisor details (e.g. financial, accounting or legal advisors)
• Location, system and device data (e.g. when you connect to our Wi-Fi, device ID, device type, geo-location information and, when you interact with our website and mobile applications, the date and time you visited our website, the pages you viewed, general location information, information about the type of device you used and your IP address)

In some situations we may also collect sensitive information (e.g. information about your health and racial or ethnic origin). We will only collect sensitive information with your consent or where we are otherwise allowed by law.

6. How we store and hold your personal information

We hold personal information either in electronic form (where it is stored on secure servers) or hard copy form. Some personal information we collect may be held on our behalf by third parties (such as our external registry service provider).

7. Security

We implement a range of measures (including physical security measures, technical measures and contractual measures) to help us protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.

8. Who we may disclose your personal information to

Depending on how you engage with us, we may disclose your information (for the purposes for which we collect and process your personal information as set out in the policy) as follows:

• where you have consented to the disclosure
• other entities within the Dexus Group
• our tenants (e.g. where CCTV is required for purposes associated with ensuring the security of our customers and properties and investigating unlawful conduct)
• to banks, insurers, financial institutions and payment processing providers
• to third party service providers who assist us in the operation of the business and/or the provision of our services
• to our contractors, subcontractors, consultants and professional advisers (including legal and accounting firms, auditors, and other advisors)
• parties authorised by you such as a licenced financial advisor or dealer group 
• to government agencies and law enforcement agencies as required by law
• to parties involved in a real asset or corporate transaction, including any proposed or actual sale of all or part of a member of the Dexus group and the purchase of an interest in another business (including advisers and parties providing transitional or separation related services) 

9. Overseas disclosures

Depending on the type of service or product we provide to you, your personal information may be disclosed to our related body corporates, contractors and service providers located overseas, such as the United States, Europe and the Asia Pacific region (including, for our Australian entities, to New Zealand).

10. Data breach notification 

Dexus has a Personal Data Breach Response Plan in place to manage actual or suspected data breaches. Where we assess a data breach as being notifiable under the Privacy Act 1988 (Cth) or the Privacy Act 2020 (NZ) (as applicable) we will notify the relevant Privacy Commissioner and affected individuals.

11. Cookies and other similar technologies

Our websites may use cookies (and other similar technologies such as pixels) to enhance your browsing experience, personalise content and analyse site traffic. You can manage and control cookies via the preference centre on our websites or through your browser settings. Disabling cookies may affect the performance of our websites.

12. Social media

We access aggregated, non-personalised statistics on our coverage on social media platforms. 

If you provide personal information via our social media pages (e.g. LinkedIn, Facebook, Instagram, TikTok or YouTube), please review the platform’s privacy terms to understand how your personal information will be collected, stored and processed. Any personal information provided to us by those social media platforms will be stored and processed in accordance with this Policy.

13. Access to and correction of your personal information 

You have the right to access and request correction of personal information that we hold about you.

We will provide access or make requested changes to your personal information unless there is a valid reason that applies to refuse the request, where allowed under the Australia and New Zealand Privacy Acts or other relevant law. Dexus may charge a reasonable fee for providing your personal information. We will let you know in advance of charging the fee to confirm you still wish to proceed with your request.

We will seek to respond to your requests within a reasonable timeframe (normally 30 days). If we refuse your request, we will provide you with written reasons for that refusal.

If you wish to obtain access or to request changes to your personal information, contact our Privacy Officer (details below). We may need to verify your identity before processing your request.

14. Complaints and questions 

If you have a question or concern about how we handle your personal information, you can contact our Privacy Officer, as follows: 

• Email: privacy@dexus.com
• Phone: +612 9017 1100
• Mail: Privacy Officer, Dexus, PO Box R1822, Royal Exchange NSW 1225

If you wish to make a complaint about how we have handled your personal information, please provide a written complaint to our Privacy Officer. We will acknowledge receipt of your complaint within a reasonable time (normally 48 hours) and we will investigate and endeavour to respond within 30 days.  If you are not satisfied with the decision, you can contact us to discuss your concerns. 

If the complaint remains unresolved, you have the option of notifying the Office of the Australian Information Commissioner or the Office of the Privacy Commissioner New Zealand (as applicable).

Office of the Australian Information Commissioner

• Email: enquiries@oaic.gov.au
• Online: https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us
• Phone: 1300 363 992
• Mail: Office of the Australian Information Commissioner, GPO Box 5288, Sydney NSW 2001

Office of the Privacy Commissioner New Zealand

• Email: enquiries@privacy.org.nz
• Online: https://www.privacy.org.nz/your-rights/making-a-complaint-to-the-privacy-commissioner/
• Phone: 0800 803 909
• Mail: Office of the Privacy Commissioner, PO Box 10 094, Wellington 6140

15. Our policy

This policy was last updated on 5 December 2025. We will review and update this policy from time to time.

Changes to the policy will be displayed as an updated version of this policy on our website at https://www.dexus.com/privacy-policy.  If you would like a copy of this policy in a different form, please contact us and we will try to meet your request.