Back to Home

Privacy Policy

Last updated: 1 March 2026

StrataHub Pty Ltd (ABN 00 000 000 000) ("StrataHub", "we", "us", or "our") is committed to protecting the privacy of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our strata management platform at stratahub.au (the "Platform").

We comply with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable state and territory privacy legislation.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, phone number, password, and role within your organisation.
  • Organisation Information: Organisation name, ABN, address, strata plan numbers, and billing details.
  • Property Information: Building addresses, unit numbers, floor plans, amenity details, and building contacts.
  • Resident Information: Names, contact details, and unit assignments for owners and tenants.
  • Communication Content: Notices, messages, documents, and correspondence sent through the Platform.
  • Payment Information: Billing address and subscription details. Payment card details are processed securely by Stripe and are never stored on our servers.
  • Support Requests: Information provided when you contact us for support, including ticket content and attachments.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, actions taken, and time spent on the Platform.
  • Device Information: Browser type, operating system, device type, and screen resolution.
  • Log Data: IP address, access times, referring URLs, and error logs.
  • Cookies: See our Cookie Policy for details.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Platform and its features.
  • Process your subscription and manage billing at $2 per unit per month.
  • Send transactional emails (account verification, password resets, booking confirmations, notice notifications).
  • Facilitate communication between strata managers, owners, and residents.
  • Manage amenity bookings, document storage, and notice distribution.
  • Provide customer support and respond to inquiries.
  • Analyse usage patterns to improve our services.
  • Detect, prevent, and address security issues and fraudulent activity.
  • Comply with legal obligations and enforce our Terms of Service.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Within Your Organisation: Information is shared with authorised users within your strata organisation as necessary for platform functionality (e.g., building managers can see resident contact details for their assigned buildings).
  • Service Providers: We use trusted third-party providers for hosting (cloud infrastructure), email delivery (SMTP), payment processing (Stripe), and analytics. These providers are contractually bound to protect your data.
  • Legal Requirements: We may disclose information where required by law, regulation, legal process, or government request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • With Your Consent: We may share information with your explicit consent for purposes not covered by this policy.

4. Data Security

We implement industry-standard security measures to protect your information:

  • All data transmitted between your browser and our servers is encrypted using TLS/SSL.
  • Passwords are hashed using bcrypt with 12 salt rounds and are never stored in plaintext.
  • Access to personal data is restricted to authorised personnel on a need-to-know basis.
  • We use role-based access controls with 96 granular permissions across the Platform.
  • Account lockout mechanisms protect against brute-force attacks.
  • Two-factor authentication (2FA) is available for administrator accounts.
  • Regular security audits and vulnerability assessments are conducted.
  • Payment information is processed by Stripe, which is PCI DSS Level 1 certified.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

  • Account Data: Retained while your account is active and for 30 days after deletion request.
  • Organisation Data: Retained while the organisation's subscription is active and for 90 days after cancellation.
  • Transaction Records: Retained for 7 years as required by Australian tax law.
  • Audit Logs: Retained for 2 years for compliance and security purposes.
  • Support Tickets: Retained for 3 years after resolution.

6. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access: Request access to the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Complaint: Lodge a complaint with us or the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached.
  • Data Export: Request a copy of your data in a portable format.

To exercise any of these rights, contact us at privacy@stratahub.au.

7. International Data Transfers

Your data is primarily stored on servers located in Australia. Where data is transferred to service providers outside Australia (e.g., for email delivery or payment processing), we ensure appropriate safeguards are in place in accordance with APP 8 of the Australian Privacy Principles.

8. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of the Platform after changes are posted constitutes your acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

You may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by phone at 1300 363 992.