Privacy Policy
TenantEvidence is a product of Kyvara Pty Ltd (ACN 697 072 049 / ABN 90 697 072 049) ("Kyvara", "we", "us", "our"). This policy explains what information we collect when you use TenantEvidence, how we handle it, and the rights you have over it.
This policy is written to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
TenantEvidence is a software tool that helps Victorian renters document maintenance issues and prepare written correspondence. TenantEvidence provides information only and is not a substitute for legal advice from a qualified lawyer. Kyvara is not a law firm.
1. What information we collect
We collect only what the app needs to do what you ask it to do.
1.1 Account information
When you create an account, we collect:
- your email address
- a password (stored as a one-way hash by Firebase Authentication — we never see your password in readable form)
1.2 Profile information
When you set up your tenancy profile, you may provide:
- your name
- your phone number (optional)
- your residential bond number (RTBA)
- your tenancy end date (if applicable)
- the property address
- the landlord or agent's name, agency name, and email address
1.3 Issue and evidence data
When you log a maintenance issue or related event, we collect:
- your description of the issue (text, or voice that the app transcribes to text)
- the category, urgency, and reported/resolved dates
- photos you take or upload
- EXIF metadata from photos (including capture timestamp)
- related correspondence you record
1.4 Lease documents
If you choose to upload a copy of your tenancy agreement, we store that document. Upload is optional and gated behind a consent screen that explains what we do with the file. You can delete an uploaded lease at any time from the app.
1.5 Generated correspondence and documents
The app can generate drafts of:
- maintenance request emails
- follow-up emails
- notices to remedy breach
- objections to VCAT extension applications
- consolidated evidence bundles (PDF)
Generating a draft sends the relevant parts of your profile and issue data to an AI service provider (Anthropic — see §4). The draft and the inputs are stored in your account so you can review, edit, and reuse them.
1.6 Waitlist
If you join our pre-launch waitlist at tenantevidence.com, we collect only your email address.
1.7 Technical and abuse-prevention data
We do not operate crash reporting, analytics, or behavioural telemetry inside the app. The app does not record usage events or forward error reports to any service.
When the app communicates with our backend (Firebase / Google Cloud), standard operational metadata — such as your app version, Firebase SDK version, and the timing of your requests — is visible to Google in its role as infrastructure provider. We do not store or analyse this metadata ourselves.
For requests to tenantevidence.com (our waitlist sign-up), we record a one-way salted hash of your IP address and your browser's user-agent string, used only to rate-limit abuse. We do not store or log raw IP addresses.
1.8 What we do not collect
We do not collect:
- your device's precise GPS location
- contact lists, photo library contents beyond what you explicitly select, or any other data from apps or services you haven't interacted with inside TenantEvidence
- biometric data
- advertising identifiers — TenantEvidence contains no advertising and no advertising SDKs
- crash reports or analytics events — the app contains no crash reporting or analytics SDKs
2. How we use your information
We use the information above only to:
- operate the app and keep your account working
- generate the drafts and documents you request
- keep your data secure and prevent abuse
- respond to you when you contact us
- comply with legal obligations that apply to us
We do not use your information for advertising, profiling, or any form of behavioural targeting. We do not sell your information.
We do not use your information to train AI models. When you generate a draft through the app, the relevant inputs are processed by Anthropic under their standard API terms: Anthropic does not use our API inputs or outputs to train their general-purpose models, and retains API request data only for a limited period for abuse monitoring and service operation. Anthropic's infrastructure is located in the United States. We do not operate AI models of our own that are trained on your data.
3. Where your information is stored and processed
Your data is stored in Australia. Our database, file storage, and user accounts all run in Google's australia-southeast1 region (Sydney):
- user accounts (Firebase Authentication)
- profile, issue, and correspondence data (Firestore)
- photos and uploaded lease documents (Firebase Storage)
Some processing of your information occurs on cloud infrastructure located in the United States. When the app generates documents or processes your requests, the request is handled by cloud functions running in Google's us-central1 region before the result is returned to your device and any saved data is written back to our Australian database. As described in section 2, content you submit for AI-generated drafts is also processed by our third-party AI provider, which operates in the United States.
We take reasonable steps to ensure that overseas recipients handle your information consistently with the Australian Privacy Principles. We are reviewing moving this processing to an Australian region in a future update.
We also use a crash-reporting service (Sentry) to detect and diagnose technical errors in the app. When the app encounters an error, limited diagnostic information — the type of error, your device model and operating system version, and a technical error trace — is sent to Sentry's servers in the European Union (Frankfurt, Germany). This diagnostic data does not include your tenancy records, photos, documents, or the content you enter into the app. To group related diagnostics from the same installation, the crash-reporting service uses a randomly-generated identifier that is created when you install the app and reset if you reinstall it. This identifier is not your name, email, or device advertising identifier, and we do not use it to track you across other apps or services.
4. Who we share your information with
We share information only with service providers acting on our behalf, or where required by law.
4.1 Service providers
| Provider | What they do | Where they process data |
|---|---|---|
| Google (Firebase / Google Cloud) | App infrastructure — accounts, database, file storage, serverless functions, hosting | Australia (see §3); some diagnostic / support traffic may cross borders within Google's global infrastructure |
| Anthropic, PBC | AI drafting of emails, notices, and objections | United States |
Each of these providers is bound by their own published terms and, where applicable, by a data processing agreement with Kyvara.
4.2 Cross-border disclosure
As shown above, some of your information is processed outside Australia, in particular by Anthropic in the United States. Under APP 8 we take reasonable steps to ensure overseas recipients handle personal information in a manner consistent with the APPs. Sending draft content to Anthropic is necessary to provide the core drafting feature of the app, and you can choose not to use that feature.
4.3 Legal disclosure
We may disclose information if we are legally required to (for example, in response to a valid subpoena or court order). We will not volunteer your information to landlords, agents, law enforcement, or any other third party outside the circumstances set out in this policy.
4.4 We do not sell data
We do not sell your personal information and do not share it for advertising or marketing purposes.
5. How long we keep your information
- Account and profile data: kept for as long as your account is active.
- Issues, photos, correspondence, lease uploads: kept for as long as your account is active or until you delete them from the app.
- Generated drafts: kept alongside the issue they relate to, until you delete them or delete your account.
- Waitlist email addresses: kept until launch and for a reasonable period afterward to send you launch notifications, or until you ask us to remove you.
- Abuse-prevention logs (hashed IP / user-agent): kept indefinitely in aggregate form for security analysis. These cannot be reversed to identify an individual.
When you delete your account, we delete your profile, issues, photos, correspondence drafts, and lease uploads from our active systems within 30 days. Scheduled backups made in the ordinary course of operations are retained for up to 30 days before being overwritten; during that window, deleted data may persist in backup form but is not accessible through the app and is not used for any purpose other than disaster recovery.
6. Security
We take reasonable steps to protect your information:
- traffic between the app and our servers is encrypted in transit (TLS)
- data stored in Firestore and Firebase Storage is encrypted at rest by Google
- Firebase security rules restrict access so that each user can only read or write their own data
- our serverless functions require authentication for protected endpoints
- the public waitlist endpoint is rate-limited and uses a honeypot to filter automated abuse
No system is perfectly secure. If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act.
7. Your rights
Under the APPs you have the right to:
- access the personal information we hold about you
- correct information that is inaccurate, out of date, or incomplete
- ask us to delete your information
- ask how we are handling your information
To make any of these requests, email us at richard@kyvara.ai. We will respond within a reasonable period, normally within 30 days.
You also have the right to complain to us if you believe we have mishandled your information. If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner at oaic.gov.au or on 1300 363 992.
8. Children
TenantEvidence is not directed to children under 15. If you are under 18 and live in Victoria, you may nevertheless have rights as a renter and may use TenantEvidence to document issues; but you should consider discussing your situation with a trusted adult. If we learn that we hold personal information of a child under 15 without appropriate consent, we will delete it.
9. Anonymity
Where it is lawful and practicable, you can deal with us anonymously or under a pseudonym. In practice, however, most features of TenantEvidence rely on specific information about you and your tenancy (name, bond number, property address, landlord details). Without this information, generated correspondence cannot be produced meaningfully.
10. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you through the app or by email before those changes take effect. The "Last updated" date at the top of this policy always reflects the most recent revision.
11. Contact us
If you have any questions about this policy or about how we handle your information:
TenantEvidence — a Kyvara product