Home Button

Privacy Policy

Total Owners Corporation Services PTY LTD
Effective date: 17/02/2026

1) Who we are and what this policy covers

This Privacy Policy explains how Total Owners Corporation Services PTY LTD (we/us/our) collects, uses, discloses and protects personal information in the course of providing Owners Corporation (OC) management services in Victoria. We manage records and communications for OCs and their members (lot owners and occupiers), engage contractors, and support OC governance and compliance.

  • We comply with Victorian law, including the Owners Corporations Act 2006 (Vic) and Regulations for records and access, and (where applicable) the Privacy and Data Protection Act 2014 (Vic)
  • We also comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) if that Act applies to us.

If this policy ever conflicts with a mandatory requirement of OC legislation (for example, a lot owner’s statutory right to inspect certain OC records), we will follow the law.

2) What personal information we collect

The types of personal information we collect include:

  • OC membership and contact details: names, postal addresses, service addresses, emails and phone numbers of lot owners and, where relevant, occupiers and authorized representatives. (Victorian OC law requires OCs to keep specific records and a register, including contact details.)
  • Property and levy information: lot details, lot entitlements/liabilities, fee and levy records, payment histories, debt collection information.
  • Governance records: meeting notices, minutes, resolutions, ballots, proxies, correspondence.
  • Contractor details: contact details, qualifications/insurances, job histories.
  • Security and building operations (if managed by us for the OC): e.g., CCTV footage of common property areas (no audio) and access control logs, where lawfully deployed by or for the OC. (Audio recording in private conversations is restricted in Victoria.)
  • Website and communications: enquiries, complaint details, and any information you provide to us.

If the APPs apply, “personal information” has the meaning in the Privacy Act; you may request access and correction as set out below.

3) How we collect personal information

We collect information directly from owners, occupiers, committee members, applicants and contractors, via forms, email, phone, meetings and our online portals. We also receive information:

  • from the developer/initial owner at the first OC meeting and through subsequent OC operations (as required by law); and
  • from managing agents, service providers, and public registers where lawful.

4) Why we collect and how we use personal information

We collect and use personal information to:

  • administer the OC (levies, meetings, communications, record‑keeping, insurance, maintenance, compliance);
  • communicate with owners, occupiers and contractors;
  • engage, manage and pay suppliers;
  • address complaints, disputes and legal claims; and
  • manage building security systems on behalf of the OC (e.g., CCTV), consistent with Victorian surveillance and privacy laws.

If the APPs apply to us, we only collect information reasonably necessary for our functions and we handle it in accordance with the 13 APPs.

5) Mandatory OC record access and disclosure

Victorian OC law requires that certain records be available for inspection by lot owners, mortgagees and purchasers (or their representatives) and permits provision of copies for a reasonable fee. From 1 Dec 2021, telephone numbers and emails of lot owners are deemed part of OC records. We will comply with these legal access rights on behalf of the OC, subject to any applicable legal privilege and privacy limits in the legislation.

Note: The scope of contact detail disclosure in OC registers has been considered in recent Victorian commentary and case updates; we follow the current law and authoritative guidance.

6) Who we disclose personal information to

We may disclose personal information to:

  • the OC and its committee (for governance and operations);
  • other lot owners/mortgagees/purchasers exercising their statutory inspection or certificate rights;
  • our service providers (e.g., software, mailing, payments, maintenance contractors) under confidentiality and security obligations;
  • insurers, lawyers, dispute resolution bodies and regulators where required or permitted by law; and
  • law enforcement if reasonably necessary or required.

Where the APPs apply, we do not sell personal information and we only disclose as permitted by APP 6 and related provisions.

7) Cross‑border disclosure

We aim to host OC data in Australia. If we use a cloud or vendor that stores data overseas, we will take reasonable steps (under APP 8, where applicable) to ensure the recipient protects the information in line with Australian standards or otherwise lawfully disclose with appropriate safeguards.

8) Data security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorized access, modification or disclosure—through access controls, staff training, contractual protections with vendors, and secure disposal practices.

9) CCTV and building surveillance (if applicable)

If an OC engages us to administer common‑property CCTV:

  • Cameras are positioned only in appropriate common areas for security and asset protection (not in private areas, and no audio recording).
  • Signage is used to notify residents and visitors of CCTV.
  • Access to footage is restricted to authorized personnel and disclosed only for legitimate purposes (e.g., incident investigation, insurance, law enforcement) or as required by law.
  • Retention periods are limited and footage securely deleted when no longer needed.
    Victorian law restricts audio recording of private conversations and covert workplace surveillance. We manage CCTV in line with the Surveillance Devices Act 1999 (Vic) and other applicable laws.

10) Data retention

We retain OC records for the periods required under Victorian law (for example, OC records, registers, minutes, financial records) and then securely destroy or de‑identify them when no longer required.

11) Access and correction

You can request access to, or correction of, your personal information by contacting us (see Section 15). We may need to verify your identity and may refuse access in limited circumstances permitted by law.
If the APPs apply, you have rights under APP12 (access) and APP13 (correction).

12) Direct marketing

We may use your contact details to send OC‑related notices and information required for governance (which are not promotional). Where the APPs apply, we will only send direct marketing in compliance with APP7 and you may opt out at any time.

13) Cookies and our website

Our website/portal may use cookies and similar technologies to improve functionality and security. You can adjust your browser settings to refuse cookies, noting this may affect site functionality.

14) Complaints

If you have a privacy concern, please contact us first (Section 15). We will respond in writing and aim to resolve your complaint promptly.

  • If the Privacy Act 1988 (Cth) applies and you’re not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC).
  • For issues about Victorian public sector information (where relevant), guidance and oversight are provided by the Office of the Victorian Information Commissioner (OVIC) under the PDP Act.

15) How to contact us

Total Owners Corporation Services PTY LTD
Email: [email protected]
Phone: 0401 233 369

16) Updates to this policy

We may update this policy to reflect changes in law or our practices. The latest version will be available on our website and is effective from the date stated at the top.