OurProperty

Privacy Policy

1. Introduction

OurProperty.com.au Pty Ltd, and its subsidiary’s OurProperty Payments Pty Ltd, Jentla Pty Ltd and OurTradie Pty Ltd (collectively referred to as “OurProperty.com.au,” “we,” “our,” or “us”) is committed to ensuring the protection of your personal data.  This Privacy Notice outlines how we collect, process, and protect personal data.

In this Privacy Notice (“Notice”), the term “Personal Data” refers to any data relating to an identified or identifiable natural person (a “Data Subject”). Processing includes any action performed on the data, such as collection, storage, or dissemination.

Our goal is to always process your Personal Data lawfully, fairly, and transparently. This Notice explains what data we collect, how we use it, and the rights you have over your personal data.  In order to comply with the most stringent set of requirements globally, our privacy policy and practices are GDPR compliant, therefore this policy also explains your rights and how you can exercise them under the General Data Protection Regulation (GDPR).

2. Scope

This Notice applies to:

  • Our suppliers, customers, business partners and their representatives;
  • Users of OurProperty.com.au websites, web applications, mobile applications, and desktop applications (collectively referred to as “Products and/or Services”);
  • OurProperty.com.au shareholders and their representatives.

Note: The notice also covers our policy in relation to our customers’ data (the data controllers), over which we hold no ownership of the data.  This Notice does not cover the processing of OurProperty.com.au Pty Ltd’s employees, contractors, or job applicant data. Please refer to our separate Privacy Notice for those individuals.

3. What is Personal Data?

Personal Data refers to any information relating to an identified or identifiable natural person. Identifiable information includes, but is not limited to, names, identification numbers, location data, and factors specific to an individual’s physical, physiological, genetic, mental, economic, cultural, or social identity.

4. How We Collect Personal Data

We collect Personal Data through direct interactions with you and through the use of our Products and/or Services. In some cases, we may receive your Personal Data from third-party service providers (e.g., credit reporting agencies).

Our Products and/or Services may also use cookies to manage website functionality and to collect usage data. You may choose to disable cookies, although doing so may limit the functionality of certain features.

5. Types of Personal Data We Collect

Depending on your interaction with us, we may process the following types of Personal Data:

  • Identification Data: Name, gender, job title, photograph, date of birth, bank account details.
  • Contact Details: Home and business address, email address, phone number.
  • Sales-Related Information: Business name, industry, size, and financial billing information.
  • Usage Information: Server logs, login data, IP address, device type, and usage patterns.
  • Other Information: Communications with us, feedback, access to premises, and use of assets.
  • Shareholder Information: Contact details, share quantities, share numbers, and details of nominated proxies.

We do not collect or process Special Category or Criminal Offence Data unless necessary and with your explicit consent. If we must process such data, we will inform you of the specific processing steps and security measures in place.

If a person (data subject) requests the deletion of their personal data that is captured by your customer, you, as a software provider and data processor, should generally refer the request to your customer (the data controller). Here’s why:

6. Data Controller vs. Data Processor

  • Customers of OurProperty.com.au Pty Ltd (property management agencies) in the case of data privacy are classified as the data controller, meaning they have the authority and responsibility for determining why and how personal data is processed whilst using our system.  Data controllers are responsible for the collection and use of data relating to their landlords, tenants, employees, contractors, trades people and others as required in relation to the running of their business.
  • OurProperty.com.au is the data processor, acting on instructions from the controller (the property management agencies). As a processor, we don’t have the direct authority to make decisions about data deletion unless explicitly instructed by the controller and assume no ownership or control over the data.

7. Handling Data Subject Requests

Under GDPR, data subjects can exercise their rights (such as the right to deletion, or the “right to be forgotten”) by submitting requests to the data controller. As the processor, we:

  • Notify the data subject that their request has been received, if received directly by us, and refer them to our Customer (the data controller).
  • Assist the agency (controller) in fulfilling the deletion request if instructed to do so by the controller. This may include deleting the data from our systems, provided the customer confirms that the deletion is required under GDPR.

8. Our Responsibilities as a Processor

While the controller is responsible for responding to and approving data deletion requests, we are obligated to help them fulfil these requests. Our Data Processing Policy (DPP) includes the methods about how we will assist the controller in handling requests from data subjects.

9. Steps We Take when requests are received in relation to information held by the data controller

  • Forward the request to the appropriate contact at the controller’s organisation, explaining that the request must be handled by them as the controller.
  • Document the request to ensure compliance with our record-keeping obligations under GDPR.
  • Act if our customer instructs us to delete the data or respond to the request in line with the applicable rules.

Where applicable, we refer requests to our customers, the data controllers, as they are responsible for determining whether the request is valid and assist them in executing the request once they give us instructions.

6. How We Process Your Personal Data – Lawful Basis and Purpose

We only process Personal Data where there is a legal basis to do so, such as:

  • Legitimate Interests: For the smooth operation and management of our business.
  • Contractual Obligations: To fulfil our contracts with you.
  • Legal Requirements: Where processing is required to comply with the law.

Examples of data processing purposes include:

  • Managing customer relationships;
  • Conducting business transactions;
  • Delivering Products and/or Services;
  • Marketing and public relations;
  • Managing safety and security risks.

In some cases, we may ask for your consent to process your Personal Data for secondary purposes, such as marketing communications.

7. Necessity of Data Processing

The processing of your Personal Data is necessary for the performance of our contractual obligations and to comply with legal requirements. If you do not provide certain Personal Data, we may be unable to fulfil our obligations.

8. Consent

We do not rely on consent as the primary basis for processing Personal Data unless specifically mentioned in this Notice.

9. Automated Decision-Making

We may use automated decision-making in limited circumstances where:

  • You have been notified and given the opportunity to request reconsideration;
  • It is necessary to fulfil our contract with you;
  • You have given explicit consent.

10. Data Sharing

We may share your Personal Data with:

  • Our related bodies corporate for administrative or operational purposes;
  • External service providers that assist us in managing our business;
  • Government authorities or third parties when legally required to do so.

11. International Data Transfers

When transferring Personal Data to another country, we ensure that appropriate legal safeguards are in place. We comply with international data transfer requirements, including those set out by the GDPR and UK GDPR.

12. Data Security

We implement technical and organisational security measures to protect your Personal Data from unauthorised access, loss, destruction, or disclosure. In the event of a data breach, we will notify the relevant authorities as required by law.

13. Data Retention

We retain Personal Data only for as long as necessary to fulfil the purposes outlined in this Notice, unless the law requires a longer retention period.

14. Third-Party Links and Forums

Our Products and/or Services may contain links to third-party websites. We are not responsible for their privacy practices, and we encourage you to review their privacy policies before providing any personal data.

15. Your Rights

You have the right to:

  • Access your Personal Data;
  • Request corrections to your Personal Data;
  • Request the erasure of your Personal Data;
  • Object to the processing of your Personal Data;
  • Restrict processing or request data portability.

16. EU GDPR/UK GDPR Specific Provisions

If you are located in the EU or UK, you have additional rights under GDPR, including the right to withdraw consent, object to data processing, and transfer your Personal Data to a third party.

17. Contact Us

If you have any questions or concerns about this Notice or our use of your Personal Data, please contact us:

Data Protection Officer
Email: support@OurProperty.com.au
Post: Attention: Data Protection Officer
OurProperty.com.au Pty Ltd
30/50 Sanders St
Upper Mount Gravatt QLD 4122
Australia

If you are unsatisfied with our response, you may contact the relevant regulatory authority in your jurisdiction.

18. Changes to this Notice

We may update this Notice from time to time to reflect changes in the law or our privacy practices. The latest version will always be available on our website.