Privacy Policy
This policy explains how Nixsa collects, uses, stores and discloses personal information when operating our website, communicating with prospects and clients, and designing, configuring and supporting automation systems for real estate agencies.
Nixsa is a trading name of TailorBite Pty Ltd, ABN 35 686 767 457. If this policy conflicts with a signed client agreement, statement of work or data processing arrangement, that signed document will prevail to the extent of the inconsistency for that client engagement.
1. About this Privacy Policy
This Privacy Policy applies to TailorBite Pty Ltd trading as Nixsa, ABN 35 686 767 457 (Nixsa, we, us or our).
It explains how Nixsa handles personal information in connection with our website, enquiries, discovery calls, proposals, client projects, support, reporting and automation services.
Nixsa aims to handle personal information consistently with the Privacy Act 1988 (Cth), the Australian Privacy Principles where they apply, the Spam Act 2003 (Cth), and other applicable Australian privacy, data protection and direct marketing laws.
2. Who we are and how to contact us
Nixsa is an AI automation agency based in Brisbane, Australia. We design, build and install lead capture, instant response, CRM, SMS, email nurture, reporting and workflow automation systems for real estate agencies.
Privacy contact: hugh@nixsa.com.au.
Website: nixsa.com.au.
If you are a lead, buyer, seller, landlord, tenant or other contact of one of our client agencies, you may also need to contact that agency directly because it may be the main organisation responsible for the information collected through its forms, CRM and marketing systems.
3. When this policy applies
This policy applies when you:
- visit or interact with the Nixsa website;
- submit a website form, discovery call form or enquiry to Nixsa;
- book a call with Nixsa or communicate with us by email, phone, SMS, social media or meeting tools;
- receive Nixsa marketing or business development communications;
- become a Nixsa client, staff contact, authorised user, contractor or supplier;
- provide information to us so that we can build, support, monitor or improve an automation system;
- interact with an automation workflow that Nixsa has built or supports for a client, to the extent Nixsa handles your information as part of that service.
This policy does not replace the privacy policy of any client agency. If a client agency collects your personal information through its own website, lead form, CRM, social media, SMS, email or booking system, that agency's privacy policy may also apply.
4. Our role when handling client lead data
Nixsa often builds systems inside the client's own accounts. This may include the client's CRM, SMS automation, social media handling, form account, workspace, calendar and related platforms.
For client lead data, the client agency usually decides why the information is collected, what information is collected, which leads are contacted, what messages are sent, and how long records are kept. In that situation, Nixsa acts as an implementation provider or service provider to the client.
Nixsa may access, view, route, test, troubleshoot or process client lead data only to the extent reasonably required to provide the agreed services, support the system, investigate errors, improve workflows, comply with law, or as otherwise authorised by the client.
Client-owned account structure is important: where practical, client data should remain in the client's own platform accounts rather than being held permanently in Nixsa-owned accounts.
5. Personal information we collect
The types of personal information we collect depend on how you interact with us and the services we provide.
Website, enquiry and sales information may include name, email address, phone number, business name, agency name, role, location, website, social media profile, message content, call booking details, discovery call notes and proposal information.
Client project and account information may include client staff names, work emails, phone numbers, job titles, authorised users, platform access details, workflow settings, implementation notes, support requests, screenshots, meeting notes, billing details and payment status.
Lead and CRM information processed for clients may include lead names, email addresses, phone numbers, enquiry source, property address or suburb, buyer/seller intent, property details, timeframe, warmth tag, SMS/email replies, booking activity, conversation status, source channel, internal notes and lead engagement history.
Marketing and communications information may include communication preferences, opt-out status, email/SMS engagement, replies, complaints, consent records where provided and business relationship history.
Technical and usage information may include IP address, device and browser information, website analytics, form completion data, automation logs, error logs, timestamps, integration events and security records.
Payment and billing information may include invoice details, payer name, business contact details, payment status and limited payment metadata. We do not intentionally store full card numbers in our own systems.
We do not intentionally collect sensitive information unless it is necessary for a specific purpose and lawful consent or another legal basis applies.
6. How we collect personal information
We may collect personal information directly from you when you complete a form, book a call, send us an email, speak with us, sign a proposal, provide access to a platform, attend a meeting, request support, pay an invoice or otherwise communicate with us.
We may collect personal information from clients when they provide lead lists, CRM records, form submissions, social media enquiries, SMS replies, email replies, booking records, support tickets, screenshots, platform exports or access to their accounts.
We may collect personal information automatically through website analytics, cookies, forms, CRM integrations, workflow logs, error logs and third-party platform events.
We may collect limited information from public sources such as agency websites, business directories, LinkedIn or public social media where relevant to business-to-business outreach and client relationship management.
7. Why we collect, use and disclose personal information
We collect, use and disclose personal information for the purposes for which it was collected, related purposes you would reasonably expect, purposes authorised by you or a client, and purposes permitted or required by law.
These purposes may include responding to enquiries and booking discovery calls, assessing fit, preparing proposals, issuing invoices, managing client relationships, designing and supporting automation systems, capturing and handing off real estate leads for client agencies, sending operational messages, sending business-to-business marketing where permitted, improving workflows, protecting system security, training team members, and complying with legal, regulatory, accounting, tax, insurance and dispute resolution obligations.
8. AI, automation and workflow tools
Nixsa uses automation and AI-assisted tools to help design, route, summarise, classify, tag, test, monitor, report on and improve workflows.
Depending on the project, information may pass through workflow tools, CRM tools, SMS providers, email systems, form tools, scheduling tools, reporting dashboards and AI providers.
We take a practical data-minimisation approach: where possible, we limit the amount of personal information sent into AI or automation tools, avoid unnecessary sensitive information, and use business or enterprise settings where available.
AI and automation tools can assist workflows, but they are not a substitute for human review, client judgment, lawful consent, accurate market information or real estate compliance obligations.
9. Direct marketing, SMS and email communications
Nixsa may send business-to-business communications about our services to prospects, clients and business contacts where permitted by law. You can opt out at any time by using the unsubscribe option where provided or by contacting hugh@nixsa.com.au.
Where Nixsa builds or supports SMS/email nurture workflows for clients, the client is responsible for ensuring that it has lawful consent or another lawful basis to contact leads, and that message content, sender identification and opt-out processes are appropriate.
Commercial SMS and email workflows should be configured so recipients can stop receiving marketing messages where required. Nixsa may refuse to send, build or support campaigns that we reasonably consider unlawful, misleading, high-risk or non-compliant.
10. Cookies, analytics and website data
Our website may use cookies, pixels, analytics tools or similar technologies to operate the website, understand traffic, measure performance, improve content and support advertising or remarketing where enabled.
You can usually control cookies through your browser settings. Disabling cookies may affect website functionality.
11. Disclosure to service providers and third parties
We may disclose personal information to third parties where reasonably necessary for the purposes described in this policy.
These third parties may include client agencies and their authorised staff, Nixsa team members and contractors, CRM, SMS, email, social automation, form, calendar, payment, analytics, reporting, project management, cloud hosting and AI/automation providers, professional advisors, regulators, courts, law enforcement, government authorities, or parties involved in a proposed or actual restructure, merger, sale or transfer of all or part of Nixsa.
We do not sell personal information.
12. Overseas disclosure and cloud processing
Some third-party platforms used by Nixsa or its clients may store, process or access personal information outside Australia, including in the United States, Europe, Asia-Pacific or other regions depending on the provider's infrastructure and settings.
Where practical, Nixsa uses reputable providers and expects providers to maintain appropriate security, privacy and data processing standards. Each provider's own terms, privacy policy, data processing terms and hosting settings may apply.
Clients should review and approve the platforms used in their workflows, especially where data residency, franchise, enterprise, vendor panel or contractual requirements apply.
13. Security of personal information
Nixsa takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure.
Security measures may include access controls, least-privilege permissions, multi-factor authentication where available, separate client accounts, secure credential handling, staff confidentiality, reputable cloud providers, system monitoring, internal policies and deletion or de-identification where appropriate.
No internet transmission, cloud platform, CRM, SMS, email, AI tool or automation system is completely secure. Clients and users should take care when sending information online and should not send passwords or unnecessary sensitive information by email or plain text.
14. Retention and deletion
We retain personal information for as long as reasonably necessary for the purposes described in this policy, including to provide services, maintain records, comply with legal obligations, resolve disputes, enforce agreements and protect legitimate business interests.
Client lead data should generally remain in client-owned platform accounts. Nixsa may retain limited project, support, reporting or audit records where required for business, legal or compliance reasons.
When personal information is no longer needed, we will take reasonable steps to delete, de-identify or securely archive it, subject to legal, accounting, backup, dispute resolution and platform retention requirements.
15. Access, correction and privacy choices
You may contact us to request access to, or correction of, personal information that Nixsa holds about you.
You may also request deletion, opt-out, restriction or other assistance where available under applicable law and technically practical. We may need to verify your identity before responding.
If your information is held in a client agency's CRM, form, SMS, email or booking system, we may direct you to that client agency because it may control the relevant account and make decisions about the information.
16. Complaints
If you have a privacy concern or complaint, contact us first at hugh@nixsa.com.au with details of the issue.
We will aim to acknowledge your complaint within a reasonable time and work with you to resolve it. If you are not satisfied with our response and the Privacy Act applies, you may be able to contact the Office of the Australian Information Commissioner (OAIC).
17. Data breaches
Nixsa maintains processes for identifying, assessing and responding to suspected data breaches involving personal information handled by Nixsa.
If we become aware of a suspected or actual data breach affecting client data, we will take reasonable steps to contain and assess the incident, notify the relevant client where appropriate, and assist the client with reasonable information needed to manage the incident.
18. Client responsibilities
Clients remain responsible for their own legal obligations, including privacy notices, collection notices, consent, direct marketing compliance, real estate advertising, platform terms, staff use and the accuracy of messages and property information.
Clients must ensure they have authority to provide personal information to Nixsa and to use it in the workflows Nixsa builds or supports.
Clients should maintain their own privacy policy and data handling procedures, train staff, manage access permissions, keep platform billing current and promptly action unsubscribe, access, correction and complaint requests.
19. Children and sensitive information
Nixsa's services are designed for business clients and real estate agency workflows. They are not directed to children.
Clients should not design Nixsa workflows to intentionally collect information from children or collect sensitive information unless this is necessary, lawful, expressly agreed and supported by appropriate notices, consent and safeguards.
20. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our services, platforms, data handling practices, legal requirements or business operations.
The updated version will be posted on our website or otherwise made available. The date at the front of the policy shows when it was last updated.