Our organisation and obligations
Candotech Pty Ltd ACN 604 349 895 (“AIRE”) provides technology, data, artificial intelligence, automation solutions and advice to its global clients in the real estate industry. AIRE is incorporated in the State of Queensland, Australia and as such we are bound by the Privacy Act and Australian Privacy Principles (APPs). The APPs regulate the way we handle personal information. The Privacy Act does not apply to use of information that is not related to individuals such as information about corporations.
Our websites include “getaire.com.au” and “ritabyaire.com”
Protecting your privacy
As an organisation, AIRE handles personal information, including sensitive information, confidentially. We value the ongoing trust you have in us to protect your privacy.
Personal information is information or an opinion about you.
How to contact AIRE
Our privacy framework
AIRE is bound by the Privacy Act and the Australian Privacy Principles (APPs) set out in that Act. The APPs regulate the way that certain entities handle personal information.
The Privacy Act does not apply to the handling of information that does not relate to individuals, for instance, information about corporations.
The information that we store relating to corporate entities is covered in our contractual terms https://www.getaire.com.au/aire-terms-and-conditions/ and through the data breach provisions of The Notifiable Data Breaches Scheme, available here: https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme.
Collecting your personal information
AIRE collects your personal information so that we can perform our various business functions and activities. AIRE also collects your personal information if the law requires us to collect it.
To access our products or services or for employment, AIRE may collect and hold information from you or your associated corporation such as your name, address, telephone number, email address, credit card and bank account details, date of birth and place of work.
AIRE collects most personal information directly from you or the corporation you are associated with such as your past or current Employer or Franchisor. As examples, you or the organisation provide us with your information by various methods such as in person, fill in a form, deal with us over the telephone, send us a letter, email or text message, use our website or social media, give us your business card or contact details at conferences, Trade Exhibits, events or meetings or by various other methods of engagement. Other data about you may be collected from public information such as websites, social media, Australian Securities & Investments Commission (ASIC), Government Departments eg Fair Trading’s Licence Check web page.
If AIRE does not collect all or some of your personal information, we may not be able to assist or provide you with a product or service eg consulting services, provide support or a service under a Licence or Service Agreement, deliver training or industry products or employ you.
Collecting information from third parties
In addition to the information stated above which may reference a third party, AIRE may also collect information about you that is publicly available, such as information from telephone directories, print media, websites and your personal marketing material.
There may be occasions when AIRE collects personal information about you from other third parties. For example, AIRE may collect personal information from:
- organisations that AIRE has an arrangement with to jointly offer products and/or has an alliance with to share information for marketing purposes to provide you with products or services and/or to promote a product or service
- other related entities so we can better manage your relationship with us
- marketing companies if we acquire contact information to tell people about AIRE products and services that may interest them; and
- other parties who may have introduced you to AIRE
Collecting sensitive information
Sensitive information is personal information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, genetic information or health information.
AIRE does not collect, use or disclose sensitive information about you unless you give the information to us and require us to know the information eg health details that we should be aware of during employment. Disclosure of such information is not disclosed without your consent.
Collecting information required by law
AIRE may collect information from you because we are required or authorised by an Australian law or court or tribunal order to collect that information.
We will tell you if collection is required or authorised by law and provide you with details of the law, court or tribunal order.
Using your personal information
We may use and disclose personal information we collect about you for several purposes including:
- to consider your request for a product or service
- to enable us to provide a product or service requested
- to tell you about other products and services that may interest you
- to identify you
- for employment processes
- direct marketing
- to assist in arrangements with other organisations in relation to promotion or provision of a product or service
- to manage systems and perform other administrative and operational tasks, including risk management, system development and testing, staff training, collecting debts and market or customer satisfaction research related to our functions and activities
- to consider any concerns or complaints you raise against AIRE and/or to manage any legal action between you and AIRE
- to prevent or investigate any actual or suspected fraud, unlawful activity or misconduct; and
- as required by relevant laws, regulations and codes of practice
Additional limits on use of your Google user data
- AIRE will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read,and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- AIRE will not use this Gmail data for serving advertisements.
- AIRE will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the AIRE’s internal operations and even then only when the data have been aggregated and anonymized.
AIRE may need to disclose your information to a third party as relevant to the particular service or product, function or activity that AIRE performs. Third parties may include but are not limited to: Independent Contractors or Licensees performing functions or services on behalf of AIRE, Financiers, Solicitors, Others as authorised by you eg to contact your employment references, your Superannuation Company, Work Cover, Insurer, other industry and related service providers, Guest Speaker or Trainer presenting at our events you attend, Valuer, Franchisor, Accountant, Receiver, Debt Collector, as required by a legal Order or by Law eg Australian Taxation Office.
We need your consent before we can use or disclose your information in our marketing. Likewise, we need your consent if we need to use your information for a purpose that is not related to the purpose for which we collected your information in the first place as detailed in this Notification. Depending on the circumstances, this consent may be express (for example, you expressly agree to the specific use of your information by ticking a box) or implied by some action you take or do not take (for example, your agreement is implied by the fact that you have agreed to our product terms and conditions which contains information about the use of disclosure).
Disclosing your personal information overseas
AIRE may need to disclose your information to organisations located overseas. These overseas organisations perform a range of technology functions to provide a database storage service on behalf of AIRE. These entities are located in the following countries:
When we disclose your information overseas we are required to take measures to ensure your information is treated in accordance with the standards that apply in Australia.
Your consent is important
AIRE may require your consent to use and/or disclose your information in particular ways.
For instance, we need your consent before we can use it in our marketing or case studies where your business or you as an individual are identified.
Likewise, we need your consent if we need to use your information for a purpose that is not related to the purpose for which we collected your information in the first place.
Depending on the circumstances, this consent may be express (for example, you expressly agree to the specific use of your information by ticking a box) or implied by some action you take or do not take (for example, your agreement is implied by the fact that you have agreed to your product terms and conditions which contains information about the use or disclosure).
Marketing and privacy
As part of AIRE service to you, AIRE may use personal information we have collected about you to identify a product or service that may benefit you. AIRE may contact you from time to time to let you know about new or existing products or services. AIRE may also disclose your personal information to its related entities or business partners to enable them or AIRE to tell you about a product or service.
You can contact us at any time if you do not want to receive direct marketing information from AIRE.
Managing your personal information
AIRE protects your information
AIRE protects your personal information from misuse and loss. We also protect it from unauthorised access, modification and disclosure by ensuring that your personal information can only be accessed by people properly authorised to have access.
AIRE may store your personal information in hardcopy documents or electronically. AIRE maintains physical security, such as locks and security systems, over our paper and electronic data stores and premises.
AIRE also maintains computer and network security. For example, AIRE uses firewalls (security measures for the internet) and other security measures such as Member Logins and passwords to control access to computer systems. AIRE continually maintains and monitors its online security systems to ensure that AIRE online services are secure and that your personal information is appropriately protected when you use these services.
An example of this is the use of our passwordless system for accessing your data via the RITA platform. RITA uses your unique email as a secure method of delivering session tokens for RITA access.
Protecting your privacy
You can help us to protect your privacy by observing our security requirements and contacting us immediately if your contact details change.
AIRE require you to keep any allocated product passwords and access codes confidential and secure at all times. This means that you should not disclose your passwords or access codes to any other person. You should contact AIRE immediately if you believe that your passwords or access codes may have been disclosed to another person or if you would like to change your password.
How do I access my personal information?
Subject to some exceptions, you can find out what personal information AIRE holds about you.
You should contact AIRE in writing if you wish to find out about the personal information AIRE holds about you.
AIRE will need to verify your identity before giving you access.
AIRE will normally be able to deal with your request immediately. If the request is complex, we can usually deal with such a request within 14 business days.
AIRE will usually provide access to your information at our office to protect the confidentiality and security of your information. However, you may elect to receive your information by registered mail or courier, where practicable. Fees for these services are charged to you at the cost of your selected service.
In certain circumstances, AIRE may not be able to tell you what personal information is held about you. In these circumstances, AIRE will write to you to explain why we can not provide you with the information and attempt to find alternative means to enable you to access your information.
How do I request correction of my information?
If you believe that the personal information AIRE holds is inaccurate, incomplete or out-of-date, you should contact AIRE in writing and provide the correct details.
Email : firstname.lastname@example.org
Mail : 3/34 Florence Street, Teneriffe QLD 4005
AIRE will promptly update any personal information that is inaccurate, incomplete or out of date.
If AIRE do not agree that your information is inaccurate, incomplete or out of date, AIRE will write to you and tell you the reason(s) why AIRE does not agree with you. AIRE will also tell you what you can do if you are not satisfied with our response.
Resolving your concerns
You are entitled to complain if you believe that your privacy has been compromised or that AIRE has breached the Privacy Act, or the Australian Privacy Principles.
If you have a privacy complaint, you can contact the AIRE Privacy Officer. Formal complaints are to be in writing. The Privacy Officer’s contact details are:
Mail: 3/34 Florence Street, Teneriffe QLD 4005
If your complaint is not satisfactorily resolved, you may also contact a Director of AIRE at the above addresses, who will review the determination of the Privacy Officer.
Making a complaint
If you believe that AIRE have interfered with your privacy in the handling of your personal information, you may lodge a complaint in writing to any of the addresses in the preceding paragraph. AIRE will respond to your complaint within seven business days to inform you of the identity of our staff member who will manage your complaint. AIRE will try to resolve your complaint within 14 business days of its receipt, however when this is not possible, AIRE will contact you within such time period to provide an alternative estimate of time.
AIRE will investigate your complaint and will make a decision about your complaint and write to you to advise of our decision.
If you are unhappy with the resolution of your complaint or with the way that AIRE has handled your complaint, you may be able to refer the matter to the Office of the Australian Information Commissioner the contact details for which are as follows:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Telephone: 1300 363 992
Meaning of Words
Australian Privacy Principles means the Australian Privacy Principles contained in Schedule 1 to the Privacy Act l988(Cth) (or an applicable privacy code approved by the Federal Privacy Commissioner pursuant to that Act).
Personal information means any information or an opinion about You from which Your identity is apparent or can reasonably be ascertained.
AIRE’s DATA GUARANTEE
This data guarantee relates to the trade data belonging to you that is managed by RITA in order to deliver her service.
WE DON’T MIX YOUR DATA WITH COMPETITORS
All of your data is clearly stored as belonging to you. All of our algorithms use your data: and your data alone.
WE DON’T STORE YOUR LOGIN CREDENTIALS
Your CRM login is entered directly to connect Rita. to it, and this is done before she completes the first analysis. She doesn’t store the credentials you provide for her to access the CRM, so she can’t share them with anyone or any other application – ever.
NO-ONE CAN EXPORT YOUR DATA IN BULK
Our solution only displays details about contacts in very limited number. For example, in our daily campaigns of one suggestion to your agents, there will only be a limited number of contact details sent. You can’t export entire data sets from anywhere in our solution.
WE DON’T USE PASSWORDS
In order to access the Rita. interface we use an enhanced security feature known as passwordless login. Users enter their email address and we send a single-use access link that expires after a limited amount of time. The rise of password theft (commonly called ‘Phishing’) means that passwords are generally the weakest point in your data’s security.
WE WILL NEVER SELL YOUR DATA
We have nothing to gain by breaching our customer’s trust in this area. In fact, we have everything to lose. Generally speaking, strict privacy regulations would prevent us from doing this anyway, but even so, we recognise that this goes away from our core goal. We want to help you to build real value in your data. And we believe that value is yours, and yours alone, to capitalise on.