Privacy Policy
1. Who we are
“Alexod Services”, “we”, “us” and “our” means the legal entity Alexod Services (ABN 40 688 352 164; D-U-N-S 748 357 935), operating in Australia. We provide financial services software, commercial property portfolio management, and design, set-up, and configuration of residential home automation, including through websites and applications (our “Services”).
This policy explains how we handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). A reference to the APPs in this document is a reference to the version in force in Australia.
2. What this policy covers
It applies to personal information we collect in connection with our website, Alexod Services developed applications, client engagements, support, and when you sign in or connect third-party services we support.
Depending on the Service, sign-in may be provided by Clerk (email and account identity), “Sign in with Google”, or other social or federated options we offer. Some applications also let you connect third-party integrations so we can retrieve business, entity, or administration information you are authorised to access for the features you use.
When you use a third-party sign-in or integration, that provider processes information under its own terms and privacy policy. This policy explains what we collect, why we use it, and which processors handle it on our behalf once information reaches our systems or is retrieved at your direction.
3. Kinds of personal information we may collect
Depending on how you use our Services, this may include:
- Identity and contact details: name, business name, email address, phone number, and role, which may be supplied by you or received from a sign-in provider (for example, your email address and profile details from Clerk, or name and email from a Google sign-in, where you have agreed to share them with us).
- Account and sign-in data: a user ID assigned to your account, email address used to sign in, authentication tokens, session metadata, and logs related to sign-in and account security. This information is linked to your identity and is used for app functionality (for example, to create your account, keep you signed in, and associate your activity with the correct user). It may be collected through Clerk, Google, or other identity providers we support.
- Third-party integration business and entity data: where you connect a third-party integration or authorise our applications to access a third-party system on your behalf, we may retrieve and process information held in that system about businesses, entities, funds, accounts, administrators, and related administration records you are permitted to access. This may include business names, entity identifiers, and other professional or operational data needed for administration features. We use this data to provide the Service you request; we do not use it for unrelated advertising.
- Service and business data: information you or your organisation enter into or generate in our software (for example, data relevant to financial services, commercial property, home automation, or fund administration workflows), and communications with us.
- Technical and usage data: IP address, device and browser or app type, operating system, general location (for example, derived from IP), diagnostic logs, and usage analytics (such as page views, feature usage, and performance metrics), where we or our sub-processors collect these to operate, secure, and improve the Services.
Mobile apps: our iOS and other app store listings describe the categories of data collected (including email address and user ID linked to identity for app functionality). Those disclosures are intended to match this policy. We do collect personal information through our apps; we do not represent that no data is collected.
We do not use social sign-in to post to your social networks without a separate, explicit action from you.
4. How we collect information
We may collect information directly from you, from your organisation, from integrated systems you connect, or from third parties where you have instructed them to share it with us, or as permitted by law.
- Clerk sign-in: when you create an account or sign in through Clerk, we receive the account and identity information Clerk provides for authentication (such as your email address and user ID), consistent with Clerk’s sign-in flow and your choices in the app.
- Other sign-in providers: where you use Google or another federated option, we receive only what you authorise through that provider’s consent screens.
- Third-party integrations: when you connect an integration or use features that call a third-party system, we retrieve business, entity, and related administration data using credentials or authorisation you supply. The third-party provider processes that access under its own terms; we store and use only what is needed for the features you use.
- Analytics and hosting: our website and apps may automatically send technical and usage data to our hosting and analytics providers as you interact with the Service.
5. Why we use and disclose personal information
We use personal information to:
- Provide, host, support, and improve the Services;
- Authenticate users and maintain accounts, including via Clerk, Google, and other sign-in options we support;
- Retrieve and display business, entity, and related administration data from third-party integrations you authorise, and provide administration and reporting features in our applications;
- Measure usage and performance through analytics to understand how the Services are used and to fix errors;
- Manage commercial property, financial software, and home automation work you ask us to perform;
- Comply with law, and respond to lawful requests from government or regulators;
- Protect our rights, our users, and the security and integrity of our systems; and
- With your consent, send updates or marketing (you may opt out of marketing in line with the Spam Act 2003 (Cth) where that Act applies).
We will not sell your personal information. We do not use your personal information to train third-party general-purpose AIs in a way that identifies you, except where we tell you otherwise and you agree.
6. Third parties (Clerk, integrations, hosting, analytics)
We use the following categories of service providers and integrations. They may process personal information on our behalf or at your direction when you use the relevant feature:
- Clerk (authentication and identity): provides sign-in, account management, and user identity services for some of our apps. Clerk may collect and process your email address, user ID, and related account data to authenticate you. Clerk’s practices are described in Clerk’s Privacy Policy. Information Clerk shares with us is used to create and maintain your account and provide app functionality.
- Third-party integrations (business and entity data): when you connect an integration or use integration-backed features, we access business, entity, and related administration information from the relevant third-party platform using your authorisation. The third-party provider’s collection and use of information is governed by its own terms and privacy documents. We process integration data only to deliver the Service you request.
- Vercel (website hosting and web analytics): hosts our public website and may process technical and usage data (including page views) through Vercel Web Analytics. See Vercel’s Privacy Policy.
- Fly.io (application hosting): hosts some of our application infrastructure and may process technical data (such as IP addresses and request logs) needed to run and secure those services. See Fly.io’s Privacy Policy.
- Google and other sign-in providers: where you use Google to sign in, Google’s collection and use of information is governed by Google’s Privacy Policy and, where applicable, Google’s Terms of Service. Other identity providers we add will have their own terms and privacy documents.
We may also use other service providers (for example, email, support tooling, or additional analytics) who handle personal information on our behalf. We take steps that are reasonable in the circumstances to ensure they meet privacy obligations that align with the APPs where they are processing personal information for us.
7. Overseas disclosure
Some of our sub-processors or systems may be located, or may store or process data, outside Australia. Where we disclose personal information to an overseas recipient, we will take steps required by the APPs (for example, by reasonable contractual safeguards) unless an exception in the Privacy Act applies. If you use third-party sign-in, your information may be processed in multiple countries under that provider’s infrastructure, as described in their policy.
8. Security and retention
We use reasonable physical, technical, and organisational measures to protect personal information. No method of transmission or storage is completely secure. We retain personal information only for as long as we need it for the purposes in this policy, to meet our legal and professional obligations, and to resolve disputes, unless a longer period is required or permitted by law.
9. Notifiable data breaches
We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act, including where we become aware of a likely serious harm eligible breach involving personal information we hold, subject to the requirements of the Act.
10. Your rights (access, correction, deletion, complaints)
You may request access to personal information we hold about you, and request correction. To make a request, email support@alexod.com, or use the contact method in the relevant app or in your agreement with us if that applies to your relationship with us.
You may also request deletion of your account and associated personal information. Where an application offers an in-app account deletion option, you can use it to delete your account and the personal information linked to it directly; otherwise, email support@alexod.com and we will action your request, subject to any information we are required or permitted to retain by law.
If you believe we have breached the APPs, you may complain to us first. We will respond within a reasonable period, usually 30 days. If you are not satisfied, you may refer the matter to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992.
11. Children
Our Services are intended for businesses and adult users. We do not knowingly collect personal information from children under 16. If you believe we have, contact us at support@alexod.com and we will take steps to delete it.
12. Changes
We may update this policy from time to time. The “Last updated” date will change, and for material changes we may provide a notice through our website or the relevant app.
13. Contact
Legal entity: Alexod Services (ABN 40 688 352 164; D-U-N-S 748 357 935). For privacy and general support: support@alexod.com. You may also use a business or contract contact published in the relevant app if that applies to your relationship with us.
14. Terms of Service
Your use of our Services is also subject to our Terms of Service, including the sections on sign-in and third-party services.