Legal

Privacy Policy

RR Sols Pty Ltd t/a WattleAddr · ABN 00 000 000 000 · Last updated 12 July 2026

RR Sols Pty Ltd (ABN 00 000 000 000) t/a WattleAddr is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We host and process all data in Australia and never send it offshore.

1. Introduction

This Privacy Policy explains how RR Sols Pty Ltd (ABN 00 000 000 000), trading as WattleAddr ("we", "us", "our"), handles personal information. We handle personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs).

It applies to our website, the WattleAddr developer console, and the WattleAddr API. By using our services you agree to this policy.

2. Whose information this covers

  • Website visitors and enquirers.
  • Account holders and customers (the people who sign up to and administer a WattleAddr account).
  • End Users — individuals whose address input is submitted to the API by our customers' applications. For this data we generally act as a service provider (processor) on behalf of our customer, who determines how it is used. Our handling of that data on a customer's behalf is also governed by our Data Processing Agreement.

3. What personal information we collect

We collect only what we need to provide and support the Service. This may include:

  • Account and contact information: name, work email, company name, ABN, billing contact and address.
  • Authentication data: hashed passwords and session records (we never store passwords in plain text).
  • Address queries: the address text that customers' End Users type into forms and submit to the API, and the matched address returned. This "search log" may contain personal information (for example, a person's residential address). Retention and whether the raw query text is stored are configurable by the customer, and queries can be stored hashed or omitted.
  • Usage and technical data: API request metadata, IP addresses, timestamps, usage counts, device and browser information, and log data used for security, billing and diagnostics.
  • Payment information: billing details and payment records. Card and bank details are collected and processed by our payment processor (Pinch); we do not store full card numbers.
  • Communications: support requests and correspondence with us.

We do not intentionally collect sensitive information (as defined in the Privacy Act) and ask that you do not submit it through the Service.

4. How we collect it

We collect personal information directly from you when you visit our site, create an account, use the console, or contact us; and through your use of the API (including address queries your application submits). Where lawful and practicable, we collect personal information directly from the individual concerned. Customers submit End User data to us on their own behalf and are responsible for having a lawful basis to do so.

5. Why we collect and use it

We collect, hold and use personal information to:

  • provide, operate, secure and improve the Service, including matching and returning address results;
  • authenticate accounts and API keys, and prevent fraud, abuse and security incidents;
  • meter usage, bill you, and manage your account;
  • provide support and respond to enquiries;
  • comply with our legal obligations and enforce our terms.

We only use personal information for the purposes for which it was collected, for a directly related secondary purpose you would reasonably expect, or as otherwise permitted by the APPs or with your consent (APP 6).

6. Disclosure of personal information

We do not sell personal information. We disclose it only:

  • to service providers who help us run the Service, under confidentiality and data-protection obligations (see "Our service providers" below);
  • to a customer, where the information relates to that customer's account or its End Users;
  • where required or authorised by law, or to a court, regulator or law-enforcement body acting lawfully;
  • to protect the rights, property or safety of any person, or to investigate suspected unlawful activity;
  • in connection with a sale or restructure of our business, subject to this policy.

7. Data residency and cross-border disclosure (APP 8)

We store and process all personal information within Australia. Our primary infrastructure is in Sydney with a backup in Melbourne, on Australian cloud infrastructure (Binary Lane). We do not disclose personal information to overseas recipients, and address queries are not routed or processed outside Australia. Our payment processor (Pinch) and data source (Geoscape) are Australian.

8. Address search log and End User data

Because address queries can contain personal information, we give customers control over the search log:

  • configurable retention (for example 7, 30, 90 or 365 days), after which entries are automatically purged;
  • an option to store queries hashed, or to omit raw query text, to minimise personal information held;
  • access limited to the customer's authorised workspace members and to our staff strictly as needed to operate and support the Service.

Where we handle End User data on a customer's behalf, we act on the customer's instructions as set out in our Data Processing Agreement.

9. Security (APP 11)

We take reasonable steps to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure, including: encryption in transit (TLS); Australian-hosted, access-controlled infrastructure; hashing of passwords and API keys; least-privilege access; logging and monitoring; and regular review of our controls. No system is completely secure, but we work to protect your information and to respond quickly to any incident.

10. Direct marketing (APP 7 and the Spam Act)

We may send you service and account communications, and occasionally information about features or offers. You can opt out of marketing at any time using the unsubscribe link or by contacting us. We comply with the Spam Act 2003 (Cth) and will not send commercial electronic messages without a lawful basis and an unsubscribe facility.

11. Cookies and analytics

Our website uses essential cookies and privacy-respecting, first-party analytics hosted in Australia. We do not use third-party advertising cookies or offshore analytics that would send your browsing data overseas. You can control cookies through your browser settings.

12. Access and correction (APP 12 and 13)

You may request access to, or correction of, the personal information we hold about you by contacting privacy@wattleaddr.com.au. We will respond within a reasonable time and may need to verify your identity. If we refuse access or correction, we will tell you why and how to complain. Where we hold End User data on behalf of a customer, please direct requests to that customer; we will assist them as required.

13. Retention and destruction

We keep personal information only as long as needed for the purposes described, to meet legal, accounting or reporting requirements, or to resolve disputes. Search-log data is retained per the customer's configured retention and then purged. When no longer required, we securely delete or de-identify personal information.

14. Data breaches

We maintain a data breach response plan. If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act), and will assist affected customers to meet their own obligations.

15. Children

The Service is intended for businesses and developers and is not directed at children. We do not knowingly collect personal information from children.

16. Complaints

If you have a privacy concern or complaint, contact our Privacy Officer at privacy@wattleaddr.com.au. We will acknowledge and investigate your complaint and aim to resolve it promptly. If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992.

17. Changes to this policy

We may update this policy from time to time. The current version, with its "last updated" date, is always available on our website. Material changes will be notified where appropriate.

18. Contact us

Privacy Officer, RR Sols Pty Ltd t/a WattleAddr — privacy@wattleaddr.com.au.

This document is provided for transparency and does not constitute legal advice. For questions, contact legal@wattleaddr.com.au.