Real estate agencies handle highly sensitive personal information every day. Vendors, buyers, landlords and tenants trust you to manage their data responsibly.
Aro Software recognises that trust extends to us as your CRM and website provider. This document outlines our clear position on data ownership, storage, usage and security so you can confidently meet your obligations under the Privacy Act 1988 and the Australian Privacy Principles.
All customer data always remains the property of the agency.
This includes:
Vendor personal information
Buyer personal information
Landlord and tenant information
Contact records
Property data
Marketing data
Any information imported into the system
Under our Terms and Conditions:
We do not own your data
We do not acquire rights to your data
We do not claim intellectual property over your client information
We hold and process data solely to deliver the services you engage us to provide
Your client data remains your asset at all times.
Aro Software will never deliberately reveal, sell or make your data available to any third party.
Specifically:
We do not sell personal information
We do not monetise database information
We do not share data for marketing purposes
We do not provide access to external parties
We do not aggregate or commercialise client records
Data will only be disclosed:
If required by law
If compelled by a valid court order or lawful authority
Outside of those circumstances, your data is treated as strictly confidential.
We only use customer data to:
Provide CRM functionality
Deliver website and hosting services
Facilitate approved integrations selected by the agency
Perform backup and disaster recovery
Deliver technical support
We do not use agency client data for any independent business purpose.
All Aro Software products are built on Amazon Web Services infrastructure.
We follow the AWS Well Architected Framework, built around:
Operational excellence
Security
Reliability
Performance efficiency
Cost optimisation
AWS infrastructure is used by global enterprise organisations including Adobe, Sony, McDonald’s and Spotify.
Data is hosted within AWS environments located in:
Sydney
Singapore
This ensures regional redundancy and availability.
We take reasonable and industry standard steps to protect personal information from:
Unauthorised access
Misuse
Loss
Modification
Disclosure
Security controls include:
All Aro applications use SSL encryption to protect data in transit.
Customer data is backed up daily for disaster recovery purposes.
Where payment processing is involved, we comply with the Payment Card Industry Data Security Standard.
System access is controlled and monitored.
We actively monitor abuse rates, spam compliance and unauthorised activity.
Aro Software is committed to compliance with:
The Privacy Act 1988
The Australian Privacy Principles
We:
Collect only information required to fulfil our contractual obligations
Store and protect personal information securely
Use personal information solely for the purpose of delivering agreed services
Apply our privacy protections equally to imported customer data
Agencies remain the data controller. Aro Software acts as a service provider and data processor in accordance with your instructions.
We archive data on a regular basis for disaster recovery.
In the event of:
Equipment failure
Data corruption
We restore from the last known good archive.
These backups are strictly for operational resilience and not for secondary use.
Under our Terms and Conditions:
Customer data will never be deliberately revealed or sold
All customer and client data remains the property of the agency
Data must be treated with confidentiality
Disclosure only occurs if legally required
This commitment forms part of our binding contractual agreement with every client.
While Aro provides secure infrastructure and compliant systems, agencies are responsible for:
Obtaining valid consent from contacts
Complying with the Spam Act 2003
Following applicable real estate regulations
Managing internal user access
Maintaining their own privacy policy
Our Acceptable Use Policy reinforces compliance obligations relating to email marketing, opt in requirements and lawful data use.
To be clear:
Your data is yours
We do not sell data
We do not share data
We do not monetise data
We store data securely
We use data only to deliver contracted services
We comply with Australian privacy legislation
If you require further clarification for compliance audits or privacy workshops, we are happy to provide additional documentation or written confirmation.
Your clients trust you. You can trust that their data is treated with the same level of seriousness by Aro Software.