MaintnSign in

Legal

Privacy Policy

This policy explains how we handle your personal information. It is written to align with the Australian Privacy Principles (APP 1–13) under the Privacy Act 1988 (Cth).

Last updated: 14 June 2026

Draft for review. This Privacy Policy is a working template based on the Australian Privacy Principles. It is being finalised with Australian legal counsel before general availability. If you are evaluating Maintn and have questions, contact us at privacy@maintn.com.au.

1. Who we are

Maintn is operated by Maintn Pty Ltd (ABN to be added) (“Maintn”, “we”, “us”, “our”), an Australian company. Maintn provides software for property maintenance operators — voice answering, job and quote workflow, and back-office administration.

We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles. This policy applies to all personal information we collect through the Maintn platform, our website, and our integrations.

2. What information we collect

Depending on how you use Maintn, we may collect:

  • Account information — name, email address, phone number, business name, ABN, role, and login credentials.
  • Operator-uploaded job data — details of maintenance jobs, properties, agencies, owners and tenants entered by operators, including addresses, contact details and job notes.
  • Photo attachments — job and condition photos, which may carry embedded metadata (EXIF), including GPS coordinates and capture time.
  • Voice recordings and transcripts — inbound and outbound calls handled by our voice assistant (provided via Vapi), where lawful and disclosed (see our Collection Notice and call-recording disclosure).
  • Payment information — billing details processed by our payment provider (Stripe). We do not store full card numbers on our systems.
  • Usage analytics — log data such as IP address, device and browser information, pages viewed, and feature interactions, used to operate and improve the service.

3. How we collect it

We collect personal information:

  • directly from you at signup and as you use the product;
  • from operators who enter data about their agencies, properties, owners and tenants;
  • automatically through your use of the platform (usage and device data); and
  • through integrations you connect, such as PropertyMe and other property-management systems.

Where we collect personal information about a third party (for example, a tenant whose details an operator enters), we rely on the operator having the authority and notice to provide it. Operators are responsible for ensuring they have a lawful basis to share that information with us.

4. Why we collect it

We use personal information to:

  • deliver the service — answer calls, book jobs, send quotes and invoices;
  • process billing and payments;
  • provide support and respond to enquiries;
  • maintain security, prevent fraud and meet our legal obligations; and
  • improve the product, including diagnosing faults and developing features. Where we use data to improve our AI features, we do so in line with our agreements with our subprocessors and applicable law.

5. Who we share it with

We share personal information with third-party service providers (subprocessors) who help us run the platform. The current list, including what each one processes and where, is on our Subprocessors page.

In a multi-tenant context, an operator’s authorised team members and, where relevant, the agencies they work with may access job-related information through the platform. We do not sell personal information to third parties. We may disclose information where required by law or to protect our legal rights.

6. Cross-border data transfers

Some of our subprocessors are located outside Australia, which means your personal information may be stored or processed overseas. Known overseas locations include:

  • United States — Vercel (hosting), Vapi (voice AI), Twilio (SMS), Postmark (email), Cloudflare (DNS/CDN), Anthropic (AI assistant);
  • Singapore — Supabase (corporate entity); our database is hosted in the AU region (ap-southeast-2, Sydney).

We take reasonable steps to ensure overseas recipients handle your information consistently with the Australian Privacy Principles. See our Subprocessors page for details.

7. Data retention

We retain personal information only as long as needed for the purposes above, or as required by law. Our default retention periods are:

  • Tax and financial records — at least 5 years, as required under Australian tax law.
  • Tenancy-related records — between 2 and 7 years after the end of the tenancy, depending on the record type and applicable state requirements.
  • Job records and photos — retained for the operating life of the operator account as part of the maintenance history, unless deletion is requested and no legal retention obligation applies.
  • Other personal information — when the primary purpose for which it was collected has ended and no legal obligation requires us to keep it, we delete or de-identify it.

8. How we protect it

We use a range of technical and organisational measures, including:

  • encryption of data in transit (TLS) and at rest;
  • row-level security (RLS) to enforce tenant isolation at the database layer;
  • role-based access controls and least-privilege access for our team; and
  • audit logging and ongoing monitoring.

No system is perfectly secure, but we work to protect your information and to respond quickly if something goes wrong.

9. Your rights — access and correction

You may request access to the personal information we hold about you, and ask us to correct it if it is inaccurate, out of date or incomplete. You may also request deletion, subject to any legal retention obligations.

To make a data subject access request (DSAR) or a correction or deletion request, contact us at privacy@maintn.com.au. We will respond within a reasonable time and may need to verify your identity first. If an operator entered your information, we may direct your request to that operator as the responsible party.

10. How to lodge a complaint

If you believe we have mishandled your personal information, please contact us first at privacy@maintn.com.au so we can try to resolve it.

If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. Notifiable Data Breaches

We comply with the Notifiable Data Breaches (NDB) scheme. If we become aware of an eligible data breach that is likely to result in serious harm, we will notify affected individuals and the OAIC as soon as practicable — and within 72 hours of becoming aware of the breach where reasonably possible.

12. Cookies and tracking

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the product is used. Essential cookies are required for the service to function. You can control non-essential cookies through your browser settings; disabling some cookies may affect functionality.

13. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you through the product.

14. Contact us

For any privacy question or request, contact our Privacy Officer at privacy@maintn.com.au.