Privacy Policy

Primax AI Pty Ltd (“PRiMAX,” “we,” “us,” “our”) operates the corporate website primaxai.ioand the project portals hosted at app.primaxlaunch.com/[project name]. PRiMAX is a behavioural intelligence platform for off-the-plan property developers in Australia and New Zealand. We capture digital buyer behaviour through hosted project portals, model purchase intent using proprietary machine learning, and write the resulting commercial intelligence into our developer clients’ existing CRM systems.

This Privacy Policy explains how we handle personal information. It applies in Australia and New Zealand and is designed to comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and the New Zealand Privacy Act 2020 and the Information Privacy Principles (IPPs).

If you do not agree with this policy, please do not use our website or the project portals.

1. Our role and who controls your information

Our role depends on where you provide your information.

• primaxai.io (our corporate website). PRiMAX is the data controller. We collect personal information from prospective developer clients, partners, and other visitors, and decide how it is used.
• Project portals at app.primaxlaunch.com/[project name].When you interact with a project portal hosted by PRiMAX, the relevant property developer is the data controller of buyer information. PRiMAX acts as the processor and handles the information on the developer’s behalf in accordance with our agreement with them. The developer’s own privacy notice will also apply.
• Our own analytics, product improvement, and AI development. PRiMAX is the data controller for the de-identified and aggregated data, model training inputs, and benchmarks we generate from interactions across our platform.

2. Information we collect

Depending on how you interact with us, the following categories of information may be collected:

• Identity and contact information: name, email, phone number, and country or region of residence.
• Buyer information: property preferences, buyer category (for example, Investor, Owner-Occupier, or First Home Buyer), budget range, and any other details provided through an enquiry or registration form.
• Behavioural data: digital behavioural signals from your interactions with project portals and marketing assets, including session activity, engagement patterns, the content and units viewed, time spent, click sequences, devices used, IP address, and browser type.
• Derived data: model outputs about likely purchasing behaviour, including the PRiMAX intent score and intent tier.
• Attribution and marketing data: UTM parameters with first-touch and last-touch tracking, and a custom role classification that tags how a lead was generated or enhanced.
• CRM data: contact records read from or written to the developer’s CRM, and the outputs of contact deduplication and matching logic.
• Communications: messages, voice notes, or other information you send us, our developer clients, or their selling agents through the website, email, SMS, phone, or chat.

Anonymous browse sessions on project portals are not written back to a developer’s CRM. Behavioural signals are only linked to a named individual once they identify themselves through an enquiry or registration.

We do not knowingly collect sensitive information (as defined under the Privacy Act 1988 (Cth)) and ask that you do not provide it.

3. How we use information

Where PRiMAX is the controller (primaxai.io and our own analytics, model training, and benchmarks), we use information to:

• Respond to enquiries, deliver our services, and manage our relationship with developer clients and prospects.
• Operate, maintain, and improve our website, products, and services.
• Build, train, and improve our proprietary machine-learning models, including the intent scoring and tiering models, primarily using de-identified and aggregated data.
• Produce aggregated benchmarks across projects and developers (for example, which unit types, price points, or release sequences are resonating).
• Send marketing and service communications about PRiMAX, where permitted by law or with your consent.
• Comply with our legal obligations and protect our legal rights.

Where PRiMAX is the processor (the project portals), we use information only as instructed by the relevant developer and as needed to deliver the platform, including to:

• Capture buyer behavioural signals across the portal and associated marketing touchpoints.
• Generate an intent score and intent tier for each identifiable buyer.
• Write contact records, scores, tiers, and attribution data back into the developer’s CRM, including deduplicating and merging records.
• Help the developer optimise across pricing, velocity (release sequencing), mix (channel allocation), and margin.
• Support the developer’s sales team with lead prioritisation and the developer’s commercial team with pricing and stock-release decisions.
• Enable the developer or their selling agents to follow up with you by email, SMS, phone, or other channels they are authorised to use.

4. Disclosure of information

PRiMAX does not sell buyer information. We may disclose information to:

• The relevant property developer and their appointed selling agents and advertising agencies, where you have interacted with their project portal.
• Our developer clients’ CRM systems, which currently include integrations with Salesforce, HubSpot, Zoho, Pipedrive, PropertyBase, PropertyShell, and Vault. The CRM provider chosen by the developer will receive contact records, scores, tiers, and attribution data on the developer’s behalf.
• Our service providers, including cloud hosting, email and SMS providers, analytics tools, and AI infrastructure providers.
• Professional advisers (legal, accounting, audit).
• Government authorities, regulators, or law enforcement where required or authorised by law.
• A successor entity in connection with a sale, merger, or restructure of our business.

We require third parties who handle personal information on our behalf to keep it confidential and protect it to a standard consistent with this policy and applicable law.

5. Where information is stored

PRiMAX data is hosted in the cloud in Australia, on Amazon Web Services (AWS) and Microsoft Azure.

Some of our service providers and our developer clients’ CRM providers may be located, or may process information, outside Australia or New Zealand. Where information is disclosed overseas, we take reasonable steps to ensure the recipient handles it consistently with the APPs (for Australian users) or the IPPs, including IPP 12 (for New Zealand users). This may include contractual safeguards or selecting providers in jurisdictions with comparable privacy protections.

6. How we store and protect information

We use reasonable technical and organisational measures to protect information, including:

• Encryption of data in transit and at rest.
• Role-based access controls limiting access to authorised personnel.
• Secure Australian cloud infrastructure (AWS and Microsoft Azure).
• Regular review of our security practices and supplier arrangements.

No method of transmission or electronic storage is completely secure. We cannot guarantee absolute security.

7. Data retention and use for model improvement

Where PRiMAX is the controller, we retain information for as long as necessary to fulfil the purposes in this policy or as required by law. Where PRiMAX is the processor for a developer, we retain information for the period agreed with that developer.

We may continue to use de-identified and aggregated data derived from interactions across our platform to train and improve our proprietary machine-learning models and to produce cross-project benchmarks, including after a developer engagement ends. We do not retain identifiable buyer data for our own purposes beyond what is permitted by the developer or required by law.

8. Cookies, pixels, and tracking technologies

PRiMAX, our developer clients, and their advertising agencies may use cookies, web beacons, pixels, and similar technologies to:

• Operate and improve our website and the project portals.
• Capture behavioural signals required for intent scoring.
• Support attribution (including UTM first-touch and last-touch).
• Support retargeting on third-party platforms such as Meta and Google, using pixels provided to a developer’s appointed advertising agency.

You can disable cookies through your browser settings and adjust ad preferences directly with platforms such as Meta and Google. Some parts of the website may not function as intended if cookies are disabled.

9. AI and automated processing

PRiMAX uses proprietary machine-learning models to generate an intent score and intent tier for identifiable buyers based on observed behaviour. We do not score buyers on stated intent or self-reported information. These outputs support, but do not replace, decisions made by the developer or selling agent. We do not use automated processing to make decisions that produce legal effects on you.

10. Marketing and communications

PRiMAX may contact developer clients and prospects about our own services through primaxai.io. Where you have interacted with a project portal, the relevant developer or their selling agent may contact you about that project and related opportunities, including by email, SMS, and phone.

All marketing communications include an unsubscribe option, in line with the Spam Act 2003 (Cth) and the Unsolicited Electronic Messages Act 2007 (NZ). You can opt out at any time without affecting our or the developer’s ability to contact you for non-marketing reasons (for example, to respond to a direct enquiry).

11. Data breach notification

If we become aware of a privacy breach that is likely to result in serious harm, we will notify affected individuals and the relevant regulator as required by law, and assist any developer client who is the controller in meeting their notification obligations:

• In Australia: the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches scheme.
• In New Zealand: the Office of the Privacy Commissioner under the Privacy Act 2020.

12. Your rights

Subject to applicable law, you have the right to:

• Request access to the personal information held about you.
• Request correction of information that is inaccurate, incomplete, or out of date.
• Request deletion of your personal information, where it is not required to be retained by law.
• Withdraw consent or opt out of marketing communications at any time.
• Make a complaint about how your personal information has been handled.

If your information was collected through a project portal, the relevant developer is the controller and primarily responsible for your request. Please contact them in the first instance, or contact us using the details in section 14 and we will route your request appropriately.

13. Complaints

If you believe we have breached our obligations under applicable privacy law, please contact us first using the details in section 14. We will investigate and respond within a reasonable timeframe.

If you are not satisfied with our response, you may also lodge a complaint with:

• Office of the Australian Information Commissioner (OAIC) – oaic.gov.au – 1300 363 992.
• Office of the Privacy Commissioner (New Zealand) – privacy.org.nz – 0800 803 909.

14. Contact us

For questions, requests, or concerns about this policy, please contact:

Level 12, 60 Castlereagh Street

Sydney, New South Wales 2000, Australia

Email: legal@primaxai.io

15. Changes to this policy

We may update this policy from time to time to reflect changes in our practices, technology, legal requirements, or service offerings. The current version will be posted at primaxai.io. Where changes are material, we will take reasonable steps to bring them to your attention.