AusMDM
← ausmdm.com.au

AusMDM Privacy Policy

Effective date: 1 July 2026 · Last updated: 3 July 2026 (added billing/business details for invoicing)

1. Who we are

AusMDM ("we", "us") is operated by AUSMDM PTY LTD (ACN 699 803 542, ABN 37 699 803 542), based in Queensland, Australia. We provide a mobile device management (MDM) platform that Australian businesses use to manage their own company-owned Android devices. The AusMDM Agent (com.ausmdm.agent) is the application installed on those managed devices, and businesses manage their devices through our web console.

Contact: matthew@ausmdm.com.au · https://ausmdm.com.au

2. Important - the role of your employer

AusMDM is deployed by businesses on devices those businesses own, to manage and secure those devices. If you are an employee or user of a device managed with AusMDM, your employer (the organisation that owns and enrolled the device) decides what data is collected and how it is used. In data-protection terms, your employer is the controller of that data and AusMDM acts as the processor operating the platform on their behalf. If you have questions about how your device is managed or want to access or correct your information, please contact your employer in the first instance.

3. Customers, end users and administrators

AusMDM is a device-management service that businesses subscribe to in order to manage their own devices. To explain how privacy responsibilities are split, this policy uses the following terms:

For account information about Customers and Administrators - such as login details, billing details, and use of the console - AusMDM decides how that information is used and is responsible for it (the data controller). This is the information described elsewhere in this policy.

For information on or about managed devices and their End users, AusMDM acts only on the Customer's instructions and handles that information on the Customer's behalf (as a data processor). In these cases the Customer is responsible for the End user's information (the data controller). If you are an End user and you want to access, correct, or delete your information, or you have questions about why a device is managed, please contact your employer or the organisation that manages your device - they control that information, not AusMDM.

Some AusMDM support features - including remote view, screenshots, and remote control - can display whatever is shown on a managed device at the time an Administrator uses them. A Customer is responsible for telling its End users that their devices are managed and may be viewed or controlled remotely for support, and for obtaining any consent required by law before enrolling a device.

4. What the AusMDM Agent collects on managed devices

The Agent only operates on managed, company-owned devices, and collects only what is needed to manage those devices:

DataWhy it is collected
Device location (approximate and precise, including in the background)To let the managing business locate its own company-owned devices in the admin console, and to allow a business's clock-in/clock-out web app to record location at the time of clock-in.
Device identifiers & information (device ID, model, manufacturer, serial where available, Android version)To identify and manage each enrolled device and apply the correct policies.
Device status / telemetry (battery level, charging state, network/connectivity status, online status, last-seen time)To show device health in the admin console and deliver management reliably.
App / management information (which managed apps are installed or assigned, kiosk/policy state, management actions and logs)To apply and enforce the policies the business configures (e.g. kiosk, allowed apps, updates).
Screen content (live screen view and on-demand screenshots, captured by the accessibility service)To let an administrator remotely view the device screen for support and troubleshooting. Whatever is displayed at the time - which could include personal information you have entered - is visible to the administrator.
Remote control input (taps, swipes, key presses and text entered remotely by an administrator)To let an administrator remotely operate the device for support. Because this runs through the Android accessibility service, the service can also observe on-screen content, including text in input fields.
Photos (a photo captured by the device camera, e.g. a "selfie" at clock-in, when a managed app requests it)To support clock-in/identity-verification features that the managing business has configured. The captured image is passed to the managing business's app.

What the Agent does NOT collect: we do not collect SMS or call logs, contacts, the microphone or audio, calendar entries, health/fitness data, or web-browsing history.

What an administrator can see and do

Because AusMDM is a remote-management tool, an administrator from the managing business can - using the features above - view your device's screen live, take screenshots, remotely control the device, and trigger a camera photo. While doing so, they may see whatever is on the screen at the time, which can include personal information. These capabilities exist so the business can support and manage its own devices. Your employer decides when and how they are used and is responsible for informing you about it; if you have questions, contact your employer.

5. Information from businesses, administrators and website enquiries

Separately from the device data above, we collect account information from the businesses that buy AusMDM and the administrators who use our web console. This includes the business or organisation name, the administrator's name and email address, a securely hashed password, and the management settings and device data the business configures in its console. Where a business is billed for the service, we also collect billing and business details for invoicing - the business name and ABN, a billing contact name, a billing email address, and a billing address. We use this to create and secure accounts, provide and support the service, issue invoices, and contact administrators about their account. Administrators can view and update their profile details by signing in to the console.

Website enquiries and demo requests. When you submit an enquiry or request a demo through ausmdm.com.au, we collect the details you provide - your name, business name, email address, phone number (if you provide one), region or time zone, approximate number of devices, your preferred demo date and time (for demo requests), and any message - and, if you tick the optional box, your consent to receive AusMDM product updates. We use these details only to respond to your enquiry or arrange your demo and, where you have opted in, to send occasional updates you can unsubscribe from at any time. Enquiry and demo details are delivered to us by email through our email provider, Resend, and are not published or sold.

Cookies and session storage. The AusMDM console and website use only the cookies and browser storage needed to sign you in and keep the service working (for example, keeping you signed in). We do not use advertising or cross-site tracking cookies.

6. How we use information

We use the information above only to: enrol and identify managed devices; apply the management policies the business configures (kiosk/single-app mode, allowed apps, updates, location); deliver remote commands and policy updates; provide remote support (live screen view, screenshots, and remote control) and identity/clock-in features (camera capture) that the business configures; create, secure and support console accounts; show device status in the admin console; and keep the Agent and platform running and updated. We do not use it for advertising, and we do not sell it.

7. How information is shared

We do not sell personal information, and we do not share it for third-party advertising.

8. Apps and content deployed through AusMDM

AusMDM lets a Customer install third-party apps and open web content on managed devices. Those apps and websites are provided by other companies and are governed by their own privacy policies and terms, not by this policy.

AusMDM does not collect, receive, store, or control the personal information that a deployed app or website gathers. For example, if a Customer deploys a staff clock-in app, any details an End user enters into that app - such as their name, email address, or date of birth - are collected and held by that app's provider, not by AusMDM. We never see that information.

Each Customer is responsible for choosing which apps and websites to deploy to its devices, for reviewing the privacy practices of those providers, and for informing its End users and obtaining any consent those providers or the law require.

9. Where your information is stored

We host our platform on servers located in Sydney, Australia. Some supporting providers process limited information overseas: our email-delivery and push-notification providers may handle some data outside Australia, including in the United States. Where information is handled overseas, we take reasonable steps to ensure it is protected consistently with this policy and the Australian Privacy Principles.

10. Sub-processors

To run the service, AusMDM uses a small number of trusted third-party providers ("sub-processors") that may process limited information on our behalf. They are:

As described in the section on where your information is stored, the large majority of your information stays in Australia. Only email delivery and push notifications involve a limited amount of information being processed overseas, in the United States. We take reasonable steps to ensure our sub-processors protect information consistently with this policy and applicable law, and we will update this list if our providers change.

11. Emails and communications

Service messages. We send emails that are part of providing the service and that you cannot opt out of while you have an account - for example account invitations, password resets, security notices, and notices about changes, updates or upgrades to the service.

Marketing. We may also send administrators and customers emails about AusMDM products, features and offers. If you tick the optional updates box when submitting a website enquiry or demo request, you are opting in to these emails. You can opt out of marketing emails at any time using the unsubscribe link in the email or by contacting us, and we handle marketing messages in line with the Spam Act 2003 (Cth). Opting out of marketing does not stop the service messages above. We do not send marketing to device end users.

12. Data retention

We retain management data for as long as a device is enrolled and the business remains a customer, and for a reasonable period afterwards as needed for support, security, audit, and legal obligations. When a device is unenrolled or an account is closed, associated data is deleted or de-identified in line with the managing business's instructions and our retention practices.

13. Security

We use reasonable technical and organisational measures to protect information, including encrypted transport (HTTPS) between devices and our servers and access controls on the admin console. No method of transmission or storage is completely secure, but we work to protect information against unauthorised access, loss, or misuse. If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner as required by the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth).

14. Your rights and choices

Because your employer controls the data on a managed device, please direct requests to access, correct, or delete your information to your employer. Where we hold information directly (for example, an administrator's account details), you can access and update it in the console, or contact us at matthew@ausmdm.com.au to request access to or deletion of your account information (subject to information we are required or permitted by law to keep). We handle personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles.

15. Complaints

If you have a privacy question or complaint, please contact us at matthew@ausmdm.com.au and we will work with you to resolve it. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

16. Children

AusMDM is an enterprise product for managing business-owned devices. It is not directed to children and we do not knowingly collect personal information from children.

17. Changes to this policy

We may update this policy from time to time. We will post the updated version here and change the "Last updated" date above.

18. Contact

AUSMDM PTY LTD - matthew@ausmdm.com.au - https://ausmdm.com.au