Your Privacy Matters

Privacy Policy

How we collect, use, and protect your personal information

Last updated: 22 January 2026 | Effective: 22 January 2026

Quick Navigation

1. Introduction2. Information We Collect3. How We Use Your Information4. Legal Basis for Processing5. Data Sharing & Third Parties6. Data Security7. Data Retention8. Your Rights9. Cookies & Tracking10. International Data Transfers11. Children's Privacy12. Changes to This Policy13. Contact Us

1. Introduction

Greenside Group Pty Ltd (ABN 90 687 061 632) ("Arqelo", "we", "us", or "our") operates the Arqelo property intelligence platform accessible at arqelo.com and associated applications (the "Platform").

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We are committed to protecting your privacy and handling your personal information in an open and transparent manner.

By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Platform.

Important: Arqelo provides property data and analytics for informational purposes only. We do not provide financial, investment, legal, or tax advice. Always consult qualified professionals before making property investment decisions.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

  • Create an account: Name, email address, password, phone number (optional)
  • Complete your profile: Profile picture, investment preferences, financial goals
  • Use our Buyer's Brief: Investment criteria, budget ranges, location preferences, property type preferences, lifestyle requirements
  • Use Life Compass: Financial goals, investment timeline, risk tolerance
  • Add properties to Portfolio Tracker: Property addresses, purchase prices, loan details, rental income, ownership structure
  • Use Property Scanner: Property addresses or URLs you submit for analysis
  • Subscribe to our services: Payment information (processed securely by Stripe)
  • Contact us: Name, email, phone number, message content
  • Participate in surveys or promotions: Responses and feedback

2.2 Information Collected Automatically

When you access our Platform, we automatically collect:

  • Device information: IP address, browser type and version, operating system, device type, screen resolution
  • Usage data: Pages visited, features used, time spent on pages, click patterns, search queries
  • Location data: General geographic location derived from IP address (we do not collect precise GPS location)
  • Referral data: How you arrived at our Platform (e.g., search engine, referral link)
  • Session data: Login times, session duration, interaction patterns

2.3 Information from Third-Party Sources

We may receive information from third-party sources to enhance our services:

  • Property data providers: Domain Group API (property listings, rental estimates, sales history)
  • Government data sources: Australian Bureau of Statistics (demographic data), state planning portals (infrastructure data), property price registers (historical sales)
  • Mapping services: Google Maps API (location services, suburb boundaries)
  • Authentication providers: Google or social login providers (if you choose to sign in using these services)
  • Payment processor: Stripe (transaction confirmation, not full card details)

2.4 Sensitive Information

We do not intentionally collect sensitive information as defined under the Privacy Act (such as health information, racial or ethnic origin, political opinions, religious beliefs, or sexual orientation). If you inadvertently provide such information, we will treat it with the highest level of protection.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing Our Services

  • Creating and managing your account
  • Generating personalised suburb recommendations based on your Buyer's Brief
  • Analysing properties through our Property Scanner
  • Tracking and analysing your property portfolio
  • Providing investment forecasting and wealth projections
  • Unlocking achievements and badges based on your activity
  • Processing subscription payments

3.2 Improving Our Platform

  • Analysing usage patterns to improve user experience
  • Developing new features and services
  • Conducting research and analytics
  • Testing and troubleshooting
  • Refining our suburb matching algorithms and scoring methodologies

3.3 Communications

  • Sending service-related notifications (e.g., account updates, security alerts)
  • Responding to your enquiries and support requests
  • Sending marketing communications (with your consent, which you can withdraw at any time)
  • Notifying you of badge achievements and milestones

3.4 Legal and Security Purposes

  • Complying with legal obligations
  • Enforcing our Terms of Service
  • Protecting against fraud, abuse, and security threats
  • Protecting our rights and the rights of our users

5. Data Sharing & Third Parties

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We engage trusted third-party service providers to help us operate our Platform:

  • Vercel: Website hosting and deployment (United States)
  • Supabase: Database hosting and authentication (Australia/United States)
  • Stripe: Payment processing (United States) - Stripe is PCI-DSS compliant
  • Domain Group: Property data API (Australia)
  • Google: Maps API, Analytics (United States)
  • Email service providers: Transactional and marketing emails

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court order, government agency request).

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your personal information.

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

We Never Share: Your proprietary portfolio data, investment strategies, or financial information with other users or for marketing purposes without your explicit consent.

6. Data Security

We implement robust security measures to protect your personal information:

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.3
  • Secure storage: Data at rest is encrypted using AES-256 encryption
  • Access controls: Strict role-based access controls limit who can access your data
  • Authentication: Secure password hashing and optional multi-factor authentication
  • Monitoring: We actively monitor for security threats and vulnerabilities
  • Infrastructure: Our hosting providers (Vercel, Supabase) maintain SOC 2 Type II compliance
  • Payment security: We never store your full credit card details; payments are processed by PCI-DSS compliant Stripe

While we implement safeguards designed to protect your information, no security system is impenetrable. We cannot guarantee the security of our systems or your information. In the event of a data breach, we will notify affected users and relevant authorities as required by the Notifiable Data Breaches scheme under the Privacy Act.

7. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations (e.g., tax records for 7 years)
  • Resolve disputes and enforce our agreements

Specific retention periods:

  • Active account data: Retained while your account is active
  • Closed account data: Deleted within 90 days of account closure, except where legally required
  • Transaction records: Retained for 7 years for tax and legal compliance
  • Analytics data: Aggregated and anonymised after 24 months
  • Support communications: Retained for 3 years

You may request deletion of your data at any time, subject to legal retention requirements.

8. Your Rights

Under Australian Privacy Principles and applicable law, you have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Objection: Object to processing of your information for direct marketing
  • Data portability: Request your data in a structured, machine-readable format
  • Withdraw consent: Withdraw consent at any time where we rely on consent for processing
  • Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise these rights, contact us at privacy@arqelo.com. We will respond to your request within 30 days.

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992

9. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Types of Cookies We Use

  • Essential cookies: Required for the Platform to function (e.g., authentication, security)
  • Functional cookies: Remember your preferences and settings
  • Analytics cookies: Help us understand how you use our Platform
  • Marketing cookies: Used to deliver relevant advertisements (only with your consent)

Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Platform. Most browsers allow you to:

  • View what cookies are stored and delete them individually
  • Block third-party cookies
  • Block cookies from specific sites
  • Block all cookies
  • Delete all cookies when you close your browser

10. International Data Transfers

While Arqelo is an Australian company serving Australian users, some of our service providers are located overseas (primarily the United States). When we transfer your data internationally, we ensure appropriate safeguards are in place:

  • Contractual obligations requiring the recipient to protect personal information
  • Ensuring recipients are subject to laws or binding schemes that provide comparable privacy protections
  • Obtaining your consent where appropriate

Our primary service providers (Vercel, Supabase, Stripe) maintain robust security certifications including SOC 2 Type II compliance and are contractually bound to protect your data.

11. Children's Privacy

Our Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@arqelo.com and we will take steps to delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last updated" date at the top of this policy
  • We will notify you via email or prominent notice on our Platform
  • For significant changes, we may require you to re-acknowledge the policy

We encourage you to review this policy periodically. Your continued use of our Platform after any changes indicates your acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Greenside Group Pty Ltd

Trading as Arqelo
ABN: 90 687 061 632

Privacy Officer
Email: privacy@arqelo.com
General Enquiries: hello@arqelo.com

Queensland, Australia

We aim to respond to all enquiries within 5 business days. For formal privacy complaints or access requests, we will respond within 30 days as required by the Australian Privacy Principles.