Privacy Policy
Last updated: 13 March 2026
Titus CRM Pty Ltd (ABN 28 616 760 206) is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Who We Are
Titus CRM Pty Ltd ("Titus CRM", "we", "us", "our") provides AI-powered customer relationship management software for Australian NDIS, Aged Care, and Community Service providers. Our principal place of business is in Brisbane, Queensland, Australia.
Contact: info@titus-crm.com
2. Information We Collect
2.1 Information you provide directly
- Waitlist and enquiry forms: Name, email address, phone number, state, provider type, business structure, and areas of interest.
- Service agreements: Provider and participant details, NDIS plan information, support items, and signatures when using the Agreement Builder.
- Account information: When you subscribe to Titus CRM, we collect business name, contact details, billing information, and staff/client data you enter into the platform.
- Communications: Emails, phone calls, and messages sent to or through our platform.
2.2 Information collected automatically
- Usage data: Pages viewed, features used, and interaction patterns within the platform.
- Device and browser information: IP address, browser type, operating system, and screen resolution.
- Error tracking: We use Sentry for error monitoring to improve platform stability.
3. How We Use Your Information
We use your personal information to:
- Provide, maintain, and improve the Titus CRM platform and services.
- Process waitlist registrations and respond to enquiries.
- Generate service agreements and related documents.
- Send transactional emails (agreement delivery, account notifications).
- Send marketing communications (only with your consent; you can unsubscribe at any time).
- Comply with legal obligations, including NDIS Quality and Safeguards requirements.
- Detect, prevent, and address technical issues and security threats.
4. How We Store and Protect Your Data
- Cloud infrastructure: Data is stored on Supabase (hosted in AWS ap-southeast-2, Sydney) and Cloudflare's global network.
- Encryption: All data is encrypted in transit (TLS 1.2+) and at rest.
- Access controls: Role-based access ensures staff only see data relevant to their role.
- Row Level Security: Database-level policies enforce tenant isolation in our multi-tenant architecture.
- Regular backups: Automated daily backups with point-in-time recovery.
5. Sharing Your Information
We do not sell your personal information. We may share information with:
- Service providers: Supabase (database), Cloudflare (hosting and security), Resend (email delivery), Sentry (error tracking), and Anthropic (AI features) — each bound by their own privacy policies and data processing agreements.
- Your organisation: If you use Titus CRM as part of an organisation, administrators in your organisation may access your platform data.
- Legal requirements: When required by law, regulation, legal process, or government request.
- NDIS Quality and Safeguards Commission: When required for compliance or audit purposes.
6. Your Rights
Under the Australian Privacy Principles, you have the right to:
- Access your personal information held by us.
- Correct inaccurate or outdated information.
- Request deletion of your data (subject to legal retention obligations).
- Withdraw consent for marketing communications at any time.
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached your privacy.
To exercise any of these rights, email us at info@titus-crm.com.
7. Cookies and Tracking
Our marketing website does not use cookies for tracking or advertising. We use Sentry for error monitoring, which may store minimal session data. The Titus CRM platform uses session cookies for authentication purposes only.
8. Data Retention
We retain your information for as long as your account is active or as needed to provide services. Waitlist data is retained until you request removal. After account termination, we retain data for up to 7 years as required by Australian tax and NDIS record-keeping obligations, after which it is securely deleted.
9. Children's Privacy
Titus CRM is a business-to-business platform and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. NDIS participant data involving minors is managed by authorised providers in accordance with NDIS guidelines.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the platform. The "Last updated" date at the top of this page indicates when the policy was last revised.
11. Contact Us
If you have questions about this Privacy Policy or how we handle your data:
- Email: info@titus-crm.com
- Phone: 0488 810 958
- Address: Brisbane, QLD, Australia
- ABN: 28 616 760 206
If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).