opsmera
Sign inFree portfolio audit

Privacy Policy

Last updated June 2026

Opsmera (“Opsmera”, “we”, “us”) provides property operations and fire safety compliance software for Australian strata firms, building managers and bodies corporate. This policy explains how we handle personal information, and is intended to be consistent with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Two roles we play

For our own business contacts (people who sign up, request a demo, or subscribe), we are the data controller. For the data our customers load into the platform about their buildings, lot owners, tenants, committee members and contractors, we act as a data processor on the customer’s behalf and only handle that information to provide the service.

Information we collect

  • Account information: name, work email, phone, company, role.
  • Portfolio data customers add: buildings, plans, addresses, insurance, compliance records and documents.
  • Personal information about third parties that customers add: lot owner, tenant, committee and contractor names and contact details.
  • Communications content: emails, SMS and, where the call-handling feature is used, call recordings and transcripts.
  • Usage data: log-in events, actions taken, device and browser information, and audit-trail records.

How we use it

  • To provide, operate and improve the platform and its compliance, work order and communication features.
  • To send service communications, deadline reminders and (with consent) product updates.
  • To secure the service, detect misuse, and maintain an audit trail.
  • To meet legal and regulatory obligations.

We do not sell personal information, and we do not use customer data to train third-party AI models.

Disclosure and sub-processors

We share information only with service providers who help us run the platform, under contract and only as needed. Our current sub-processors include Supabase (database and authentication, hosted on AWS in Sydney), Vercel (application hosting), and, where enabled, email and messaging providers used to deliver notifications. A current sub-processor list is available on request.

Where data is stored

Customer data is stored in Australia (AWS Asia Pacific Sydney region). Some sub-processors may process limited operational data outside Australia; where they do, we take reasonable steps to ensure comparable protection.

Security

We use encryption in transit and at rest, role-based access controls that isolate each customer’s data, least-privilege access for our team, and audit logging. See our Security Overview for detail.

Call recording and consent

Where the call-handling feature records calls, recording is subject to the applicable Australian state surveillance and listening-devices laws. Customers using this feature are responsible for ensuring appropriate notice and consent is captured, and Opsmera provides consent-capture tooling to support this.

Retention

We keep personal information for as long as needed to provide the service and to meet legal obligations (for example, compliance records may need to be retained for seven years). On account closure, customer data is deleted or returned within a reasonable period, subject to legal retention requirements.

Your rights

You may request access to, or correction of, the personal information we hold about you. Where we act as processor for a customer, requests from individuals are directed to that customer. To exercise a right, or to make a privacy complaint, contact us at the address below. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).

Contact

Privacy enquiries: hello@opsmera.com.

This policy is general information, not legal advice, and may be updated as the service and applicable law evolve.