Otterix — Privacy Policy
Entity: Rent Shell Pty Ltd, trading as "Otterix" — ABN 14 690 073 691 ("Otterix", "we", "us", "our") Effective date: 10 June 2026 Last updated: 10 June 2026 Version: 4.3
1. Overview
Otterix is an email-automation assistant for Australian property managers and real-estate agents. When you connect your own Gmail or Microsoft Outlook mailbox, Otterix reads property-management–related email and drafts replies for you. Otterix never sends email on its own — every reply is reviewed and sent by you.
This policy explains what personal information we collect, how we use it, how we handle Google and Microsoft account data, who we share it with, how we protect it, and your rights.
2. Information we collect
2.1 Information you provide directly
- Name, business address, email address, phone number, professional details
- Account, billing and transaction details
- Service and marketing preferences, feedback and survey responses
2.2 Information generated when you use Otterix
- AI-generated email drafts and your edited final versions (full text retained for a limited period — see section 8)
- The size and type of edits you make to drafts (used to personalise future drafts for you only)
- Workflow records: job stage transitions, whether a step was automated or done by you, whether you accepted or changed an AI suggestion
- Your writing-style preferences, inferred from how you edit drafts (used only for your account)
- Feature usage, page activity, click and correction logs
- Supplier response/completion records you enter, and quote amounts (de-identified before any market analysis — only the first 3 digits of postcode and the month are kept)
2.3 Information accessed through your connected mailbox When you authorise Otterix to connect Gmail or Outlook, we access only what is needed to provide the service. See section 5 for the exact scopes, why each is needed, and our Google/Microsoft Limited Use commitments.
2.4 Third-party information you process through Otterix While you use Otterix to manage properties, the system processes limited information about property owners, tenants and suppliers (e.g. contact details, a maintenance request, a tradesperson's response time). This is linked to your account and used only to run your workflow — never sold, never used for any third-party purpose. Where a supplier is a sole trader, those records may be personal information. Your disclosure obligations to these people are covered in section 11.
2.5 Digital and technical information IP address and approximate location derived from it, browsing/usage patterns on our website, and cookie preferences (see section 12).
2.6 Sensitive information Because Otterix integrates with your mailbox, we may incidentally have access to information in those systems. We do not seek out sensitive information and do not use mailbox content for any purpose other than the property-management features described here.
3. How we use your information
| Purpose | What this means |
|---|---|
| Provide the service | Read property-management email, classify it, draft replies, and send the replies you approve |
| Personalise drafts | Learn your writing style from your edits so future drafts match it — for your account only, not shared with other users |
| Improve quality | Internal analysis of classification/draft accuracy and errors. Results are used to improve the product; we do not show your data to other users |
| Market benchmarks | Fully de-identified, aggregated quote data (postcode prefix + month only) so you can see regional price references |
| Supplier insight | Help you evaluate suppliers using the records you entered, within your account only |
| Run the business | Billing, support, identity verification, legal and regulatory compliance |
| Communications | Service updates and, where permitted, marketing you can opt out of at any time |
4. What we will NOT do
- We do not sell your personal information or mailbox data to anyone
- We do not use your Gmail or Outlook content to train or improve generalised / non-personalised AI or machine-learning models
- We do not use Gmail or Outlook data for advertising, and do not transfer it for advertising purposes
- We do not permanently store your inbox email
- We do not permanently delete email from your Gmail or Outlook mailbox (when you click "delete" inside Otterix, the message is moved to your mailbox's Trash / Deleted Items folder and remains recoverable from there)
- We do not disclose your system activity to your owners or tenants
- We do not read personal email unrelated to property management
- We do not expand how we use your data without telling you first
5. Google and Microsoft account data — Limited Use disclosure
This section is the core of our Google API and Microsoft compliance. It governs over any more general statement elsewhere in this policy.
5.1 Google (Gmail) access
When you connect a Google account, Otterix requests the following access:
| Scope requested | Why Otterix needs it |
|---|---|
https://www.googleapis.com/auth/gmail.modify | Read incoming property-management email so Otterix can classify it and generate draft replies; mark messages as read; apply Otterix workflow labels; move messages between folders to reflect the current workflow stage. This scope does not allow permanent deletion of email. |
https://www.googleapis.com/auth/gmail.send | Send the reply on behalf of the user only after the user has reviewed and approved the draft, so the reply leaves from the user's own Gmail address and appears correctly in the user's Sent folder and existing email threads. |
Otterix never permanently deletes Gmail messages. When you click "delete" inside Otterix, the message is moved to your Gmail Trash folder (where Gmail retains it for ~30 days and you can restore it). Otterix's application code does not call any Gmail endpoint that permanently and irreversibly deletes a message. The scope gmail.modify chosen above does not technically permit permanent deletion in any case.
How we handle Google user data:
- Access: only after you explicitly authorise it through Google's consent screen.
- Use: only to provide and improve the user-facing email-automation features described in this policy.
- Storage: inbox email content is processed transiently and is not permanently stored (held no longer than 24 hours for processing). Generated drafts and your edited versions are retained for a limited period (section 8) and then deleted.
- Sharing / processing by AI providers: to draft replies, relevant message content is sent to the AI providers listed in section 6 solely to generate your draft. Before content leaves Otterix, personal identifiers are removed (section 6.2). These providers operate under contractual terms that do not permit them to use your content to train their models.
- Human access: no Otterix staff read your Google data except (a) with your explicit consent for a specific issue, (b) where necessary for security, abuse prevention or to meet a legal obligation, or (c) in aggregated/de-identified form for internal operations.
- No advertising, no sale, no model training: Google user data is never sold, never transferred or used for advertising, and never used to train or improve generalised/non-personalised AI/ML models.
Otterix's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Revoke access: Google Account → Security → Third-party access → Otterix → Remove access. You can also disconnect inside Otterix.
5.2 Microsoft (Outlook) access
When you connect a Microsoft account, Otterix requests: Mail.Read, Mail.ReadWrite, Mail.Send, User.Read, and offline_access — to read property-management email, prepare drafts, mark messages as read, apply workflow categories, send the reply you approve, identify your account, and keep the connection alive without repeated sign-in. The same handling, AI-processing, no-advertising, no-sale and no-model-training commitments in section 5.1 apply equally to Microsoft account data. Enterprise users may need IT-administrator approval.
Otterix never permanently deletes email from your Outlook mailbox. When you click "delete" inside Otterix, the message is moved to your Outlook Deleted Items folder, where you can restore it. Although the Mail.ReadWrite permission technically allows hard deletion, Otterix's application code does not call any Microsoft Graph endpoint that permanently and irreversibly removes a message. This restriction is enforced at the code level.
If you wish to permanently delete an email, please do so directly in the Outlook native client (web, desktop or mobile app). Otterix does not provide a permanent-delete function.
Revoke access: Microsoft account → Apps and services → Otterix → Revoke permissions, or disconnect inside Otterix.
6. AI processing and cross-border data transfer
Otterix uses third-party AI services to classify email and generate drafts. Some content is processed on servers outside Australia.
6.1 Overseas service providers
| Provider | Country | Data processed | Safeguard |
|---|---|---|---|
| Anthropic (Claude) | USA | Email content for the most complex drafting tasks | Governed by provider data processing agreement / contractual terms, including commitments that content is not used to train their models |
| OpenAI | USA | AI inference for email processing tasks | Governed by provider data processing agreement / contractual terms, including commitments that content is not used to train their models |
| OpenRouter | USA | AI model routing (no personal information stored) | Governed by provider data processing agreement / contractual terms |
| Encore.dev | Australia — Sydney (GCP australia-southeast1 / AWS ap-southeast-2) | Application hosting | Governed by provider data processing agreement / contractual terms |
| PostHog | Australia (au.posthog.com) | Anonymous product analytics | Governed by provider data processing agreement / contractual terms |
6.2 De-identification before AI processing Before any content is sent to an AI provider, Otterix automatically removes names, street/unit numbers, phone numbers, email addresses and financial identifiers, replacing them with placeholders. These are restored into your final draft only after processing. Business-relevant details (quote amounts, dates, suburb, job type) are kept so drafts are accurate.
6.3 APP 8 (cross-border disclosure) We take reasonable steps to ensure these overseas recipients handle your information consistently with the Australian Privacy Principles, including sending only what is necessary and requiring contractual protections. To request details of these arrangements, contact us (section 13).
7. Disclosure to third parties
Beyond the AI providers in section 6, we may disclose personal information to: IT, hosting, storage, payment and analytics service providers; professional advisers (legal, accounting, insurance); business partners and contractors; and courts, regulators or law enforcement where required or permitted by law. If we are involved in a merger, acquisition or asset sale, information may be disclosed to advisers and any purchaser. We do not sell personal information.
8. Data retention
| Data | Retention |
|---|---|
| Inbox email content (transient processing) | No more than 24 hours |
| AI draft full text + your edited versions | 90 days, then full text deleted (limited metadata kept) |
| Job records and activity logs | For the life of the account |
| Personal writing-style profile | For the life of the account |
| De-identified market/aggregate data | Indefinitely (no personal information) |
| System logs | 90-day rolling |
When data is no longer needed it is securely deleted or de-identified.
9. Offboarding — what happens when you leave
On termination you may ask us to export your data (jobs, supplier records, usage records) and to delete the personal information under your account. Default handling:
| Data | Treatment | Timeframe |
|---|---|---|
| Job records | Kept for export, then deleted | 30 days after termination |
| AI drafts / edits (full text) | Deleted immediately | Immediate |
| Personal writing-style profile | Deleted | 30 days |
| Supplier history (your account) | Deleted | 30 days |
| De-identified market data | Retained (no personal information) | Indefinite |
| System logs | Deleted | 90 days |
Export requests: contact us before termination; we provide the export within 7 business days and confirm deletion in writing.
10. Automated decision-making (APP transparency)
| Automated step | Inputs | Effect on you | Human control |
|---|---|---|---|
| Email classification (maintenance / general / urgent) | Email content, sender | Determines job routing | You can re-classify at any time |
| Next-step suggestion | Job status, history | Suggests an action | You can ignore it |
| Stage auto-advance | Received email | Job status change | You can manually revert |
| Draft personalisation | Your past edits | Tone/style of drafts | You can turn it off in Settings |
To request the basis of a specific automated decision, contact us (section 13). Every automated step has a human-override option, and no email is ever sent without your approval.
11. Your responsibilities as our customer
Otterix is a tool for your property-management business. You are responsible for ensuring that, before you use Otterix to process information about owners, tenants and suppliers, you have made any disclosures and obtained any consents required from them (for example, in your own service agreement or privacy policy, including that you use an AI-assisted tool). Where a supplier is a sole trader, you are responsible for ensuring they understand how their information is used. Otterix is not liable for your failure to meet these disclosure obligations.
12. Cookies and analytics
We use cookies and similar technologies for essential site functions, security, preferences and analytics, and we use Google Analytics to understand website usage. We also use the Meta Pixel and similar advertising technologies to measure and improve our own website marketing. These website-marketing tools operate on our public website and are separate from your connected mailbox: we never use your Gmail or Outlook mailbox data, or the content we process to draft your replies, for advertising or ad targeting. You can control cookies through your browser settings and our cookie preferences. Blocking all cookies may affect site functionality.
13. Your rights and how to contact us
Under the Privacy Act 1988 (Cth) and the APPs you may request access to, or correction of, your personal information, object to certain uses, opt out of marketing, and complain about our handling of your information.
Privacy Officer: The Privacy Officer, Otterix Email: admin@otterix.net Post: PO Box 539, Gordon NSW 2072, Australia Response time: within a reasonable time, and within 30 days for formal requests.
If you are not satisfied with our response you may contact the Office of the Australian Information Commissioner (OAIC) — phone 1300 363 992, website www.oaic.gov.au.
14. Security
We protect your information with encryption in transit and at rest, least-privilege access controls, staff training, monitoring and regular security review. Stored mailbox access tokens are encrypted.
Data breach response: if a data breach occurs that may expose personal information, we will assess within 30 days whether it is an Eligible Data Breach under the Notifiable Data Breaches scheme and, if so, notify the OAIC and affected individuals as required by law.
15. Changes to this policy
We may update this policy. For material changes we will give 30 days' notice by email and an in-product notice. Continued use after the effective date means you accept the updated policy.