Privacy Policy
Effective date: 1 March 2026
1. Introduction
PropBoss is a trading name of Mates With Property Pty Ltd (ACN 678 025 155 | ABN 64 678 025 155) ("PropBoss", "we", "us", or "our"). We operate the PropBoss platform located at www.propboss.com.au (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Platform and related services.
We are committed to complying with the Australian Privacy Principles ("APPs") contained in the Privacy Act 1988 (Cth) and any applicable state or territory privacy legislation. By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy.
2. Information We Collect
We collect the following categories of personal information:
2.1 Account Information
- Full name
- Email address
- Phone number
- Residential or business address
- Australian Business Number (ABN), where applicable
2.2 Property Data
- Property addresses and identifying details
- Purchase prices, settlement dates, and loan details
- Ownership structures and legal entity information
- Tenant and lease information
- Insurance policy details
2.3 Financial Data
- Bank account connections via Open Banking (read-only access)
- Transaction records (income and expenses)
- Bills, invoices, and payment records
- Depreciation schedules and ATO category classifications
2.4 Documents
- Uploaded documents including invoices, statements, contracts, and receipts
- Documents received via email forwarding to the Platform
- Document metadata such as file names, sizes, and types
2.5 Usage Data
- Browser type, device information, and IP address
- Pages visited and features used within the Platform
- Timestamps and session duration
- Referral source and search terms
3. How We Use Your Information
We use your personal information for the following purposes:
- Providing the Platform: managing your account, properties, financial records, and generating reports.
- AI-Powered Processing: automated bill classification, document data extraction, property matching, and financial categorisation.
- Financial Reporting: generating income and expense summaries, depreciation schedules, and end-of-financial-year reports.
- Communication: sending transactional emails, account notifications, and Platform updates.
- Platform Improvement: analysing usage patterns to improve performance, reliability, and user experience.
- Legal Compliance: meeting our obligations under Australian tax law, the Privacy Act, and other applicable legislation.
4. AI and Data Processing
PropBoss uses artificial intelligence to enhance the Platform. AI is used for the following functions:
- Bill Classification: automatically categorising incoming bills and invoices by type, provider, and ATO category.
- Document Extraction: extracting structured data (amounts, dates, references) from uploaded or emailed documents.
- Property Matching: associating incoming bills and transactions with the correct property in your portfolio.
- Email Classification: determining the type and intent of emails forwarded to the Platform.
AI processing is performed by third-party providers, including Anthropic, under strict data processing agreements. Your data is processed solely to deliver the Platform's features and is not used to train AI models. All AI outputs are treated as suggestions and may be reviewed or corrected by you at any time.
5. Data Storage and Security
We take the security of your personal information seriously and implement the following measures:
- Data Residency: your data is stored on servers located in Australia, hosted by Supabase (Sydney region).
- Encryption: all data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
- Access Controls: row-level security (RLS) policies ensure that users can only access their own data. Administrative access is restricted and logged.
- Authentication: accounts are protected by secure password hashing and session-based authentication.
- Monitoring: we monitor for unauthorised access and security incidents on an ongoing basis.
While we implement industry-standard security measures, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security of your data.
6. Third-Party Services
We engage the following third-party service providers to operate the Platform. Each provider processes data only as necessary to deliver their respective services:
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Supabase | Database hosting and authentication | supabase.com/privacy |
| Stripe | Payment processing | stripe.com/au/privacy |
| Fiskil | Open Banking / bank feed connectivity | fiskil.com/privacy |
| SendGrid (Twilio) | Transactional email delivery and inbound email processing | twilio.com/legal/privacy |
| Anthropic | AI processing (bill classification, document extraction) | anthropic.com/privacy |
We require all third-party providers to handle your data in accordance with applicable privacy laws and our contractual obligations.
7. Your Rights
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights in relation to your personal information:
- Access: you may request a copy of the personal information we hold about you.
- Correction: you may request that we correct any inaccurate or incomplete personal information.
- Deletion: you may request that we delete your personal information, subject to our legal obligations to retain certain records (see Section 8).
- Data Portability: you may request an export of your data in a commonly used, machine-readable format.
- Complaint: if you believe we have breached the APPs, you may lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
To exercise any of these rights, please contact us at the address provided in Section 11. We will respond to your request within 30 days.
8. Data Retention
We retain your personal information in accordance with the following schedule:
- Financial Records: retained for a minimum of seven (7) years from the date of the relevant transaction, as required by the Australian Taxation Office (ATO) for tax record-keeping purposes.
- Account Data: retained for the duration of your active account. Upon account closure, non-financial personal information is deleted within ninety (90) days.
- Usage Data: aggregated and anonymised usage data may be retained indefinitely for analytics purposes and does not identify you personally.
- Documents: uploaded documents are retained for the duration of your active account and are subject to the same financial record retention requirements where applicable.
9. Cookies
The Platform uses a minimal number of cookies strictly necessary for its operation:
- Session Cookies: used to authenticate your session and maintain your login state. These are essential for the Platform to function and cannot be disabled.
- Analytics Cookies: used to collect anonymised usage data to help us understand how the Platform is used and to improve its performance. You may opt out of analytics cookies through your browser settings.
We do not use advertising cookies, tracking pixels, or third-party marketing cookies.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email at the address associated with your account and by posting a notice on the Platform. The updated policy will take effect on the date specified in the notice. Your continued use of the Platform after the effective date constitutes your acceptance of the revised Privacy Policy.
11. Contact
If you have any questions about this Privacy Policy, wish to exercise your rights, or need to make a complaint, please contact us:
PropBoss (a trading name of Mates With Property Pty Ltd)
ACN 678 025 155 | ABN 64 678 025 155
Privacy Officer
Email: [email protected]
Sydney, New South Wales, Australia
This Privacy Policy was last updated on 1 March 2026.