Privacy at Letaro

This privacy section applies to AI Cloud Solutions t/as Letaro and describes the handling of personal information in connection with the Letaro website, platform, portals, billing, support, marketing, communications, and related services.

It is structured with the Australian Privacy Principles and the Privacy Act 1988 (Cth) in mind. Where the Privacy Act applies to Letaro or a customer, the applicable legal obligations will prevail over any inconsistent statement in this website summary.

Letaro may handle personal information about agency staff, principals, agents, property managers, accountants, administrators, auditors, owners, landlords, tenants, renters, buyers, sellers, suppliers, contractors, guarantors, emergency contacts, support contacts, and billing contacts.

The information may include names, email addresses, phone numbers, job titles, licence or registration details, agency role, workspace activity, portal activity, property details connected to individuals, leases, communications, documents, task history, support correspondence, billing contact details, audit events, and technical logs.

Information may be collected directly from the agency, its users, portal users, contact forms, demo forms, signup forms, support requests, uploaded files, platform usage, connected services, payment workflows, and communications sent through Letaro.

An agency may upload personal information about other people. The agency is responsible for ensuring it has given any required privacy notices and has a lawful basis to upload and process that information in Letaro.

Letaro may use and disclose personal information to provide the platform, operate selected modules, authenticate users, manage role-based access, support tenant and owner portals, process billing, send email and SMS communications, troubleshoot issues, respond to support requests, maintain security, improve reliability, and comply with legal obligations.

Letaro may also use business contact details to communicate about onboarding, product updates, support, invoices, security notices, service changes, demos, and relevant product information. Marketing communications should include or support an appropriate opt-out mechanism where required.

Letaro is designed so each agency workspace is tenant-scoped. Staff, portal users, support users, automation jobs, reports, exports, and integrations should only access data they are authorised to access.

Production access by Letaro personnel should be limited to authorised operational need, customer-approved support, security investigation, legal requirement, billing administration, incident response, or other legitimate business purposes.

Card details are handled by Stripe or another nominated payment processor and should not be stored by Letaro systems. Letaro may store billing contacts, subscription identifiers, checkout status, invoice references, plan details, module selections, payment status, and payment event metadata needed to administer the subscription.

Payment processors may handle personal information under their own terms and privacy arrangements. Customers should review those arrangements before completing payment.

Email and SMS features may process message recipients, sender details, templates, message content, delivery status, timestamps, unsubscribe events, link tracking, bounce information, and support data needed to send and manage communications.

The agency is responsible for ensuring messages are lawful, accurate, not misleading, appropriately consented, and compliant with spam, privacy, consumer, tenancy, property, and professional obligations.

If AI features are enabled, prompts, documents, summaries, messages, extracted text, workflow context, and user instructions may be processed to provide the requested AI function. AI processing should be limited to product purposes and subject to configured provider controls.

Customers should avoid submitting unnecessary sensitive information to AI features. Users must review AI outputs before relying on them, sending them, filing them, or using them for professional or statutory purposes.

Letaro may disclose personal information to service providers that help deliver the platform, including providers for hosting, databases, backups, monitoring, security, analytics, payment processing, email, SMS, AI processing, support, customer communications, and integrations.

Letaro should take reasonable steps to use service providers for defined service purposes and to maintain appropriate confidentiality, security, and data handling controls.

Some service providers may store, process, support, or access information from outside Australia. The countries involved may change as providers, regions, and customer configurations change.

Where cross-border disclosure is likely or required, Letaro should assess provider arrangements and take reasonable steps required by applicable privacy laws, customer agreements, and operational security requirements.

Letaro should use reasonable technical and organisational measures designed to protect personal information from misuse, interference, loss, unauthorised access, unauthorised modification, and unauthorised disclosure. These measures may include authentication controls, role permissions, tenant isolation, encryption in transit, secure configuration, audit logs, backup controls, and monitoring.

The agency is responsible for keeping its own user list, passwords, devices, role permissions, uploaded data, recipient lists, and portal invitations accurate and current.

Personal information may be retained while needed to provide Letaro, meet customer instructions, support legal or statutory recordkeeping, maintain audit trails, resolve disputes, comply with law, administer billing, investigate security issues, or preserve backups.

Deletion or de-identification may be subject to statutory trust accounting recordkeeping, lease or property records, accounting retention, backup cycles, dispute holds, security logs, and other lawful retention requirements. Export support may be available as part of offboarding or an agreed services scope.

A person may request access to or correction of their personal information by contacting info@letaro.com.au. The request should identify the relevant agency workspace, the person affected, the requested information, and enough detail to verify and assess the request.

If a person believes their privacy has been mishandled, they can contact Letaro at info@letaro.com.au. Letaro will assess the complaint and respond within a reasonable time. Some requests may need to be handled through the customer agency because the agency controls the underlying workspace data.

Letaro can also be contacted by phone on 0447 063 204.

Letaro may update this privacy section as products, modules, providers, laws, customer arrangements, and information handling practices change. Updated public privacy content should be made available on the website or through another reasonable channel.