RiTA Privacy Policy


Our organisation and obligations

Candotech Pty Ltd ACN 604 349 895  (“AIRE”) provides technology, data, artificial intelligence, automation solutions and advice to its global clients in the real estate industry. AIRE is incorporated in the State of Queensland, Australia and as such we are bound by the Privacy Act and Australian Privacy Principles (APPs). The APPs regulate the way we handle personal information. The Privacy Act does not apply to use of information that is not related to individuals such as information about corporations.

Our websites include “getaire.com.au” and “ritabyaire.com”

Protecting your privacy

Protecting your privacy and the confidentiality of your personal information is paramount in the development of our technology and the way we do business. For the purposes of this Privacy Policy the words “you or your” include visitors to the AIRE website. Specific information about RITA and the contractual obligations for data management can be found in the RITA terms and conditions, available at https://www.getaire.com.au/aire-terms-and-conditions/

As an organisation, AIRE handles personal information, including sensitive information, confidentially. We value the ongoing trust you have in us to protect your privacy.

Personal information is information or an opinion about you.

This Privacy Policy explains how AIRE will manage and protect your personal information, including information that AIRE collects during the course of providing a product or service to you and the information AIRE holds after your product or service is terminated (where we are required to hold this information or it is necessary for our business functions). This Privacy Policy also applies to information that AIRE collects from third parties.

This Privacy Policy contains information about how you can access the information AIRE holds about you, how you can ask AIRE to correct your information and how you can make a complaint if you have concerns about how AIRE has managed your information.

How to contact AIRE

If you have any questions or would like more information about this Privacy Policy you may contact us on 1300 734 318 during business hours or email your question or request to privacy@corelogic.com.au

Our privacy framework

AIRE is bound by the Privacy Act and the Australian Privacy Principles (APPs) set out in that Act. The APPs regulate the way that certain entities handle personal information.

The Privacy Act does not apply to the handling of information that does not relate to individuals, for instance, information about corporations.

The information that we store relating to corporate entities is covered in our contractual terms https://www.getaire.com.au/aire-terms-and-conditions/ and through the data breach provisions of The Notifiable Data Breaches Scheme, available here: https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme .

Collecting your personal information

AIRE collects your personal information so that we can perform our various business functions and activities. AIRE also collects your personal information if the law requires us to collect it.

To access our products or services or for employment, AIRE may collect and hold information from you or your associated corporation such as your name, address, telephone number, email address, credit card and bank account details, date of birth and place of work.

AIRE collects most personal information directly from you or the corporation you are associated with such as your past or current Employer or Franchisor. As examples, you or the organisation provide us with your information by various methods such as in person, fill in a form, deal with us over the telephone, send us a letter, email or text message, use our website or social media, give us your business card or contact details at conferences, Trade Exhibits, events or meetings or by various other methods of engagement. Other data about you may be collected from public information such as websites, social media, Australian Securities & Investments Commission (ASIC), Government Departments eg Fair Trading’s Licence Check web page.

If AIRE does not collect all or some of your personal information, we may not be able to assist or provide you with a product or service eg consulting services, provide support or a service under a Licence or Service Agreement, deliver training or industry products or employ you.

Collecting information from third parties

In addition to the information stated above which may reference a third party, AIRE may also collect information about you that is publicly available, such as information from telephone directories, print media, websites and your personal marketing material.

There may be occasions when AIRE collects personal information about you from other third parties. For example, AIRE may collect personal information from:

AIRE may also collect information about how you use our website and other websites to help us better tailor our services to you. For example, AIRE may do this when you click on a link from an AIRE website or visit a website which displays an AIRE advertisement. Usually, the information we collect in this way is general information only derived from cookies – such as the number of visitors to a site or statistics about how a site is browsed – and does not identify you. If AIRE does identify you with this information (for example, if you have been logged onto an online AIRE service), any use or disclosure of that information will be in accordance with this Privacy Policy.

Collecting sensitive information

Sensitive information is personal information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, genetic information or health information.

AIRE does not collect, use or disclose sensitive information about you unless you give the information to us and require us to know the information eg health details that we should be aware of during employment. Disclosure of such information is not disclosed without your consent.

Collecting information required by law

AIRE may collect information from you because we are required or authorised by an Australian law or court or tribunal order to collect that information.

We will tell you if collection is required or authorised by law and provide you with details of the law, court or tribunal order.

Using your personal information

We may use and disclose personal information we collect about you for several purposes including:

Additional limits on use of your Google user data

Notwithstanding anything else in this Privacy Policy, if you provide AIRE access to the following types of your Google data, AIRE’s use of that data will be subject to these additional restrictions:


AIRE may need to disclose your information to a third party as relevant to the particular service or product, function or activity that AIRE performs. Third parties may include but are not limited to: Independent Contractors or Licensees performing functions or services on behalf of AIRE, Financiers, Solicitors, Others as authorised by you eg to contact your employment references, your Superannuation Company, Work Cover, Insurer, other industry and related service providers, Guest Speaker or Trainer presenting at our events you attend, Valuer, Franchisor, Accountant, Receiver, Debt Collector, as required by a legal Order or by Law eg Australian Taxation Office.

We need your consent before we can use or disclose your information in our marketing. Likewise, we need your consent if we need to use your information for a purpose that is not related to the purpose for which we collected your information in the first place as detailed in this Notification. Depending on the circumstances, this consent may be express (for example, you expressly agree to the specific use of your information by ticking a box) or implied by some action you take or do not take (for example, your agreement is implied by the fact that you have agreed to our product terms and conditions which contains information about the use of disclosure).

Disclosing your personal information overseas

AIRE may need to disclose your information to organisations located overseas. These overseas organisations perform a range of technology functions to provide a database storage service on behalf of AIRE. These entities are located in the following countries:
When we disclose your information overseas we are required to take measures to ensure your information is treated in accordance with the standards that apply in Australia.

Your consent is important

AIRE may require your consent to use and/or disclose your information in particular ways.

For instance, we need your consent before we can use it in our marketing or case studies where your business or you as an individual are identified.

Likewise, we need your consent if we need to use your information for a purpose that is not related to the purpose for which we collected your information in the first place.

Depending on the circumstances, this consent may be express (for example, you expressly agree to the specific use of your information by ticking a box) or implied by some action you take or do not take (for example, your agreement is implied by the fact that you have agreed to your product terms and conditions which contains information about the use or disclosure).

Marketing and privacy

As part of AIRE service to you, AIRE may use personal information we have collected about you to identify a product or service that may benefit you. AIRE may contact you from time to time to let you know about new or existing products or services. AIRE may also disclose your personal information to its related entities or business partners to enable them or AIRE to tell you about a product or service.

You can contact us at any time if you do not want to receive direct marketing information from AIRE.

Managing your personal information

AIRE protects your information

AIRE protects your personal information from misuse and loss. We also protect it from unauthorised access, modification and disclosure by ensuring that your personal information can only be accessed by people properly authorised to have access.

AIRE may store your personal information in hardcopy documents or electronically. AIRE maintains physical security, such as locks and security systems, over our paper and electronic data stores and premises.

AIRE also maintains computer and network security. For example, AIRE uses firewalls (security measures for the internet) and other security measures such as Member Logins and passwords to control access to computer systems. AIRE continually maintains and monitors its online security systems to ensure that AIRE online services are secure and that your personal information is appropriately protected when you use these services.

An example of this is the use of our passwordless system for accessing your data via the RITA platform. RITA uses your unique email as a secure method of delivering session tokens for RITA access.

Protecting your privacy

You can help us to protect your privacy by observing our security requirements and contacting us immediately if your contact details change.

AIRE require you to keep any allocated product passwords and access codes confidential and secure at all times. This means that you should not disclose your passwords or access codes to any other person. You should contact AIRE immediately if you believe that your passwords or access codes may have been disclosed to another person or if you would like to change your password.

How do I access my personal information?

Subject to some exceptions, you can find out what personal information AIRE holds about you.

You should contact AIRE in writing if you wish to find out about the personal information AIRE holds about you.

AIRE will need to verify your identity before giving you access.

AIRE will normally be able to deal with your request immediately. If the request is complex, we can usually deal with such a request within 14 business days.

AIRE will usually provide access to your information at our office to protect the confidentiality and security of your information. However, you may elect to receive your information by registered mail or courier, where practicable. Fees for these services are charged to you at the cost of your selected service.

In certain circumstances, AIRE may not be able to tell you what personal information is held about you. In these circumstances, AIRE will write to you to explain why we can not provide you with the information and attempt to find alternative means to enable you to access your information.

How do I request correction of my information?

If you believe that the personal information AIRE holds is inaccurate, incomplete or out-of-date, you should contact AIRE in writing and provide the correct details.

Contact Details:
Email : privacy@corelogic.com.au

Mail :
CoreLogic Asia Pacific
Level 6a, 388 George Street
Sydney NSW 2000

AIRE will promptly update any personal information that is inaccurate, incomplete or out of date.

If AIRE do not agree that your information is inaccurate, incomplete or out of date, AIRE will write to you and tell you the reason(s) why AIRE does not agree with you. AIRE will also tell you what you can do if you are not satisfied with our response.

Resolving your concerns

You are entitled to complain if you believe that your privacy has been compromised or that AIRE has breached the Privacy Act, or the Australian Privacy Principles.

If you have a privacy complaint, you can contact the AIRE Privacy Officer. Formal complaints are to be in writing. The Privacy Officer’s contact details are:

CoreLogic Asia Pacific
Level 6a, 388 George Street
Sydney NSW 2000

E-mail: privacy@corelogic.com.au

If your complaint is not satisfactorily resolved, you may also contact a Director of AIRE at the above addresses, who will review the determination of the Privacy Officer.

Making a complaint

If you believe that AIRE have interfered with your privacy in the handling of your personal information, you may lodge a complaint in writing to any of the addresses in the preceding paragraph. AIRE will respond to your complaint within seven business days to inform you of the identity of our staff member who will manage your complaint. AIRE will try to resolve your complaint within 14 business days of its receipt, however when this is not possible, AIRE will contact you within such time period to provide an alternative estimate of time.

AIRE will investigate your complaint and will make a decision about your complaint and write to you to advise of our decision.

If you are unhappy with the resolution of your complaint or with the way that AIRE has handled your complaint, you may be able to refer the matter to the Office of the Australian Information Commissioner the contact details for which are as follows:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001

Telephone: 1300 363 992

Meaning of Words

In this Privacy Policy:

Words that are defined in Our Terms and Conditions have the same meaning in this Privacy Policy, unless expressly stated to the contrary.

Australian Privacy Principles means the Australian Privacy Principles contained in Schedule 1 to the Privacy Act l988(Cth) (or an applicable privacy code approved by the Federal Privacy Commissioner pursuant to that Act).

Personal information means any information or an opinion about You from which Your identity is apparent or can reasonably be ascertained.

Changes to this Privacy Policy

We may alter this Privacy Policy as a result of changes in the law, our Privacy audit and review procedures or as our business requirements change. Any changes to this Privacy Policy will be updated on www.getaire.com.au/privacy-policy/


This data guarantee relates to the trade data belonging to you that is managed by RITA in order to deliver her service.


All of your data is clearly stored as belonging to you.  All of our algorithms use your data: and your data alone.


Your CRM login is entered directly to connect Rita. to it, and this is done before she completes the first analysis. She doesn’t store the credentials you provide for her to access the CRM, so she can’t share them with anyone or any other application – ever.


Our solution only displays details about contacts in very limited number.  For example, in our daily campaigns of one suggestion to your agents, there will only be a limited number of contact details sent.  You can’t export entire data sets from anywhere in our solution.


In order to access the Rita. interface we use an enhanced security feature known as passwordless login. Users enter their email address and we send a single-use access link that expires after a limited amount of time.  The rise of password theft (commonly called ‘Phishing’) means that passwords are generally the weakest point in your data’s security.


We have nothing to gain by breaching our customer’s trust in this area.  In fact, we have everything to lose. Generally speaking, strict privacy regulations would prevent us from doing this anyway, but even so, we recognise that this goes away from our core goal.  We want to help you to build real value in your data. And we believe that value is yours, and yours alone, to capitalise on.