Privacy Policy

Last updated: 23 October 2019

This privacy policy (Policy) applies to all personal data (Data) processed by Tapi Limited (Tapi, us, we, or our).

Thank you for your interest in our website (www.tapihq.com) (Website), applications, dashboards, embedded widgets, chat-bots and other services provided by us (together our Platform).

This policy is intended to provide you with clear and transparent information about the Data we collect, why we collect it, how we use and disclose it, how we safeguard your Data, when your Data will be deleted, and your privacy rights.


  1. Changes and Updates

    1. We may be required to review and make changes to this Policy from time to time to comply with Data Protection Laws, utilise new technologies or to improve your experience. Please revisit this page periodically to stay aware of any changes.
    2. If we modify this Policy we will make it available through the Platform and indicate the date of the latest revision. Your continued use of the Platform after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.
  2. People we process Data from

    1. We collect different types of Data from people who have access to the restricted areas of the Platform (End Users), and other people who interact the public areas of the Website, engage with us, who we target our Platform to, or whose Data is submitted to the Platform by End Users (Visitors).
    2. End Users includes property managers, landlords, tenants and property maintenance contractors who have been authorised (by Tapi or by another End User) to access or otherwise use the Platform.
  3. The Information We Collect

      Information you give us

    1. When you access or otherwise use the Platform, whether as an End User or as a Visitor, you may provide Data to us in various ways. For example, when you:
      1. register for an account on the Platform;
      2. send emails or other messages via the Platform, or respond to such emails or messages (from Tapi or an End User) via the Platform;
      3. use a Tapi widget embedded on an End User’s website; or
      4. engage with Tapi’s chat-bot.
    2. Examples of such Data includes name, residential address, email address, telephone and mobile phone numbers, property information (including ownership and maintenance details), information contained within invoices issued via the Platform, and the billing information (of our customers only).
    3. If you contact us, including for customer support, we may keep a record of our correspondence with you.
    4. Information that others give us

    5. Where reasonably practical we aim to collect Data directly from the person who is the subject of the Data. However End Users may provide Data about you when they submit content to the Platform. For example, we may receive your Data from a property manager when they designate you as a tenant of a property that they manage.
    6. We may receive information about you when an End User integrates third-party services with the Platform. For example, a property manager may authorise the integration of the Platform with their trust account platform, allowing Tapi to process Data within that service.
    7. The Data we receive when an End User integrates the Platform with a third-party service depends on the settings and permissions of that third-party. You should always check the privacy settings and notices of these third-parties to understand what Data may be disclosed to us or shared with the Platform.
    8. If you provide us with Data about someone else or authorise an integration of the Platform with a third-party service, then you must ensure that you are authorised to disclose that Data to us in accordance with applicable Data Protection Laws.
    9. We may obtain Data from third party providers of business information and publically available sources including mail addresses, job titles, email addresses, phone numbers and social media profiles, for the purposes of targeted advertising of services that may interest you, delivering personalised communications, event promotion and profiling.
    10. Information we observe

    11. We collect Data when you interact with the Platform. This includes the features of the Platform you use and the links you click on. We also collect information about the other End Users and Visitors you engage with via the Platform and how you work with them.
    12. When you use the Platform we may automatically record certain Data from the End User’s or Visitor’s device by using various types of technology. How much Data we collect depends on the type and settings of the device you use to access the Platform. For example we may collect your IP address or other device address or ID, approximate geographic location, web browser and/or device type, the web pages or sites visited just before or just after using the Platform, the pages or other content you view or interact with on the Platform, and the dates and times of the visit, access, or use of the Platform.
    13. Tapi and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different services and devices. You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website (or, as applicable, our third party partners’ websites).
  1. Purpose Of Collection & Lawful Basis

    1. We use the Data that we collect so that we may pursue our legitimate business functions and activities. These interests include:
      1. Operations: To operate, maintain, enhance and provide all features of the Platform, to respond to comments and questions and to provide support to End Users and Visitors.
      2. Improvements: To understand how you are using the Platform so that we can improve the Platform and develop new products, services, features and functionality.
      3. Communication: To contact you for customer service purposes, to address issues related to use of the Platform, or for marketing purposes. You have the ability to opt-out of receiving any promotional communications.
      4. Benchmarking: Combining and analysing Data to create benchmarks for the industry. For example, average costs of appliances and average time and costs of maintenance work. Where possible we will use data that has been collated in such a way so that it no longer reflects or represents any individual to undertake this analysis.
      5. Cookies and tracking: We use Data to provide customised content and information, monitor and analyse the effectiveness and usage of the Platform and undertake marketing activities.
      6. To protect our interests and rights: Where required by law or where we believe it is necessary to protect our legal rights, interests, we may use Data in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
    2. We may also process your Data where you have given us consent to do so for a specific purpose. You have the right to withdraw your consent at any time, but this will not affect any Data processing that has already taken place. You may decline to share certain Data with us, in which case we may not be able to provide to you some of the features and functionality of the Platform.
  2. Disclosure Of Information

    1. Except as described in this Policy, we will not intentionally disclose your Data to third parties without your consent, except in the following circumstances:
      1. Publically viewable: Information that you voluntarily publish in any publically viewable area of the Platform will be available to any person who has access to that content.
      2. Other End Users: Certain Data about one End User may be available to another, for example a contractor’s progress on maintenance work may be available to the relevant property manager, tenant and landlord.
      3. Integrations: End Users may choose to integrate the Platform with third-party services. Doing so may give the third-party access to any Data on the Platform that the End User chooses to use in connection with those third-party services. Third-party policies and procedures are not controlled by us and this Policy does not cover how third-parties will use such Data.
      4. Partners: We work with third parties who provide consulting, sales, support, and technical services to deliver and implement customer solutions. We may share Data with these third parties in connection with their services, for example to provide localised support.
      5. Platform providers: We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process Data as part of providing those services for us. We limit the Data provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such Data.
      6. De-identified Data: We may make certain aggregated or otherwise de-identifiable Data available to third parties for various purposes, including for business or marketing purposes and to assist such parties in understanding our End Users’ and Visitors’ interests, habits, and usage patterns.
      7. Regulatory disclosure: We may disclose Data if required to do so by applicable laws or to otherwise cooperate with government regulators.
      8. Professional advisors: We also reserve the right to disclose Data that we believe, in good faith, is appropriate or necessary to take precautions against liability, protect the security or integrity of the Platform, or protect our rights or the safety of others.
  3. Storage and Deletion of Data

      Storage and security

    1. We follow generally accepted industry standards to protect the Data submitted to us, both during transmission and once we receive it.
    2. We maintain appropriate administrative, technical and physical safeguards to protect Data against accidental or unlawful destruction, loss, alteration and misuse. This includes, for example, firewalls, encryption data transfers, password protection and other access and authentication controls.
    3. However, the internet is not a secure environment and we cannot give an absolute assurance the your Data will be secure at all times. Transmission of Data over the internet is at your own risk and you should only enter or instruct the entering of Data to our service within a secure environment.
    4. Deletion

    5. How long we keep Data depends on the type of information, as described below. After such time, we will either delete or anonymise the Data or, if this is not possible (for example, because the Data has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
    6. Data associated with an End User’s account will be retained for as long as the account is active. We will retain some Data where necessary to:
      1. comply with our legal obligations; and
      2. allow other End Users to make full use of the Platform. For example, we continue to display messages you sent to other End Users.
    7. If you have elected to receive marketing emails from us we will retain Data about your marketing preferences.
    8. We retain Data derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
  4. Sub-Processors and International Data Transfers

    1. We may transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers (Sub-processors) operate for the purpose of providing you the Platform.
    2. We use a commercially reasonable selection process to evaluate the security, privacy and confidentiality practices of proposed Sub-processors that may have access to Data. We use Sub-processors for Data storage, providing email services, hosting our chat-bot, event forwarding, customer support and communication, evaluating customer satisfaction and analysing use of the Platform.
    3. For End Users (property managers) who are subscribers to our Platform and submit Data concerning EU-based persons, a list of our Sub-processors is available . We will keep this list updated regularly to enable our subscribers to stay informed of the scope of sub-processing associated with the Platform.
    4. For EU-based persons please note that:
      1. Tapi is based in New Zealand, and that the appropriate safeguard in place for such a transfer is an adequacy decision under Article 45 of the General Data Protection Regulation (GDPR); and
      2. when we share Data with third-party service providers we make sure that they are Privacy Shield compliant or we use other appropriate legal mechanisms to safeguard the transfer.
  1. Rights of access and correction

    1. Pursuant to your rights under the Privacy Act 1993 (NZ), you have the right to:
      1. access any of your Data; and
      2. request correction of any of your Data,
      held by us by contacting us using the details given at clause 9 8. We will respond to your request in accordance with the Privacy Act.
    2. Rights for EU

    3. Under the GDPR, if you are an EU-based person you have the right to:
      1. access and correct your Data;
      2. in certain circumstances, have your Data erased;
      3. restrict the processing of your Data;
      4. move, copy or transfer your Data easily for your own purposes across different services in a safe and secure way;
      5. object to processing where we relying on legitimate interests as the basis for processing and at any time to processing of Data for direct marketing purposes; and
      6. withdraw your consent to our processing of your Data if your consent is being relied on by Tapi.
    4. Please note that in certain circumstances we may refuse to respond to a GDPR rights request where we have the right to do so under the GDPR, for example, where a request is manifestly unfounded or excessive.
  2. General

    1. For the purposes of this Privacy Policy, Data Protection Laws means the data protection and privacy laws applicable to the processing of Personal Data that we are committed to comply with, including:
      1. the Privacy Act 1993 (New Zealand);
      2. the Privacy Act 1988 (Cth, Australia);
      3. all applicable United States federal and state privacy laws;
      4. the General Data Protection Regulation (EU); and
      5. any other applicable privacy legislation.
    2. Contact us

    3. If you wish to contact us in relation to this Policy, our privacy standards, or our Data-handling practices please contact us using the details below:
      Address: 19 Edward Street, Te Aro, Wellington 6011
      Email: hi@tapihq.com