Privacy Policy
Last updated: 7 March 2026.
Logic X1 Pty Ltd, trading as SentinelMedX (“SentinelMedX”, “we”, “us”, or “our”), is committed to protecting your privacy and handling personal information responsibly, transparently, and in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you access or use the SentinelMedX platform, register an account, visit our website, or otherwise interact with us. By using our services, you agree to the handling of personal information as described in this policy.
1. Scope of this policy
This policy applies to personal information collected through our website, the SentinelMedX platform, account registration and management, billing and payments, and communications with users.
SentinelMedX is a business-to-business (B2B) platform. Our services are intended for use by organisations and by individuals accessing the platform on behalf of those organisations. Where an organisation subscribes to the platform, it is responsible for ensuring that its authorised users are made aware of this policy, and for ensuring it has any necessary rights or consents in relation to personal information it provides to us or uploads to the platform.
This policy does not apply to third-party websites, applications, or services that may be linked from the platform. We encourage you to review the privacy policies of any third parties you interact with separately.
2. Anonymity and pseudonymity
Under APP 2, individuals have the option of not identifying themselves, or of using a pseudonym, when dealing with us, where it is lawful and practicable to do so.
As access to the SentinelMedX platform requires authenticated user accounts, it is not practicable to allow anonymous or pseudonymous use of the platform itself. You are required to provide identifying information (such as your name and email address) to create an account and use the platform.
Where you contact us for general enquiries that do not require account access (for example, by emailing us), you may do so without identifying yourself if you choose, to the extent that this is practicable in the circumstances.
3. Personal information we collect
We collect only the personal information reasonably necessary to operate the platform and provide our services. The types of personal information we may collect include:
Account and registration information: when you or your organisation creates an account, we collect your full name, email address (which serves as your username), and a password. Passwords are stored in encrypted form. We may also collect other professional details relevant to your use of the platform.
Platform usage information: we automatically collect information about how you interact with the platform, including searches you perform, features you use, content you access, and general navigation activity.
Technical information: we collect standard technical information including IP addresses, browser type and version, device type, operating system, session identifiers, and log data relating to system access and usage.
Billing and subscription information: for paid subscriptions, we collect limited transaction, billing contact, and subscription information. Payment processing is handled by our third-party payment provider, Stripe. We do not store full payment card details.
Communications: if you contact us for support or other purposes, we collect the content of those communications and any personal information you include in them.
We do not intentionally collect sensitive information, as defined under the Privacy Act (such as health information, financial information beyond what is reasonably necessary for billing, or other special categories of personal data). If you believe you have inadvertently provided sensitive information, please contact us using the details in section 17.
4. How we collect personal information
We collect personal information in the following ways:
• Directly from you, when you register for an account, communicate with us, or use the platform.
• Automatically, as you use the platform, through standard technologies such as server logs, session tokens, and analytics tools.
• From your organisation, where your employer or subscribing organisation provides your details to us in connection with setting up or managing a subscription.
• From publicly available sources, such as publicly available information about your organisation, to the extent reasonably necessary.
We do not collect personal information from data brokers or similar third-party sources.
5. How we use personal information
We use the personal information we collect for the following purposes:
• To operate the platform, manage user accounts, authenticate access, and deliver core functionality.
• To understand how the platform is used and to improve its performance, features, and user experience.
• To monitor for security incidents, fraud, misuse, and technical issues.
• To provide customer support and respond to enquiries.
• To process billing, payments, and subscriptions.
• To send service-related communications, including account notifications, billing information, and important platform updates (see section 13 on Communications).
• To comply with our legal obligations, resolve disputes, and enforce our agreements.
We may also use aggregated or de-identified information for analytics and product improvement purposes. Such information does not identify any individual.
6. Cookies and tracking technologies
We use cookies and similar technologies to maintain user sessions, remember preferences, improve platform performance, and understand how users interact with the platform and our website.
You can control the use of cookies through your browser settings. However, disabling certain cookies may affect the functionality of the platform, including your ability to remain logged in. Where we use third-party analytics services, those providers may set their own cookies in accordance with their own privacy policies.
7. Disclosure of personal information
We may disclose personal information in the following circumstances:
• To our third-party service providers who assist us in operating the platform, such as cloud hosting and infrastructure providers and payment processors (see section 8).
• To professional advisers, including legal, accounting, or other advisers, where reasonably necessary.
• To regulators, law enforcement agencies, courts, or other authorities where we are required or permitted by law to do so.
• To a third party in connection with a corporate transaction, such as a merger, acquisition, restructure, or sale of assets, where personal information is transferred as part of that transaction (subject to confidentiality obligations).
We do not sell personal information to third parties. We do not disclose personal information for direct marketing purposes by third parties.
8. Third-party service providers and sub-processors
We use trusted third-party providers to support our services. These providers may process personal information on our behalf as part of delivering their services to us. Our current key service providers include:
• Amazon Web Services (AWS): for cloud infrastructure, hosting, storage, and database services. Data may be processed and stored in AWS data centres, which may be located in the United States or other countries.
• Stripe: for payment processing and billing management. Stripe processes payment and subscription information in accordance with its own privacy policy.
We take reasonable steps to ensure that our third-party providers handle personal information securely and in a manner consistent with applicable privacy obligations. We maintain agreements with key service providers that include appropriate data handling and confidentiality obligations.
We will update this section if we engage additional providers that process personal information on our behalf.
9. Overseas handling of personal information
Some of our third-party service providers operate infrastructure or process data in countries outside Australia. In particular:
• Amazon Web Services may store or process data in the United States or other jurisdictions where AWS operates data centres.
• Stripe processes payment information from its operations in the United States and other countries.
Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to that information. We do this through contractual arrangements with our providers that require them to handle personal information consistently with Australian privacy law, or by relying on providers who maintain recognised privacy certifications or compliance programs.
You acknowledge that, in the circumstances described above, we may not be able to take reasonable steps to ensure the overseas recipient's compliance, and by using the platform you consent to such disclosure where we are otherwise unable to comply with APP 8.1.
10. Data security
We take reasonable technical and organisational measures to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:
• Secure cloud infrastructure managed through AWS.
• Encryption of passwords and sensitive credentials at rest.
• Access controls and authentication measures limiting access to personal information.
• Regular monitoring of the platform for security issues.
No system can be guaranteed to be completely secure. If you believe there has been a security incident affecting your account or personal information, please contact us immediately using the details in section 17.
11. Notifiable data breaches
We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). In the event of an eligible data breach - that is, a breach that is likely to result in serious harm to one or more individuals - we will:
• Promptly assess the breach to determine whether it is likely to result in serious harm.
• Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable after forming a reasonable belief that an eligible data breach has occurred.
• Notify affected individuals whose personal information was involved in the breach, where required to do so, as soon as practicable.
The notification will include a description of the breach, the kinds of personal information involved, and the steps we are taking or recommend you take in response.
If you become aware of or suspect a data breach involving our platform, please contact us immediately at the details provided in section 17.
12. Data retention
We retain personal information only for as long as is reasonably necessary for the purposes for which it was collected, to maintain business records, to comply with legal and regulatory obligations, and to resolve any disputes.
When your account is terminated (whether by you or by us), we will retain your account information and usage data for a period of time consistent with our data retention obligations and business practices. Following that period, or sooner upon your written request, we will take reasonable steps to securely delete or de-identify your personal information unless we are required by law to retain it.
If you wish to request deletion of your personal information following account termination, please contact us using the details in section 17. We may be unable to delete information we are required to retain for legal, regulatory, or contractual reasons, and will advise you accordingly.
13. Communications
We may send you service-related communications, such as account notifications, billing and subscription information, security alerts, and important updates about the platform. These communications are necessary for the operation of your account and cannot be opted out of while your account remains active.
We will not send you marketing or promotional communications unless you have expressly opted in to receiving them. If you have opted in and wish to opt out at any time, you may do so by:
• Clicking the "unsubscribe" link in any marketing email we send; or
• Contacting us directly at privacy@sentinelmedx.com with a request to opt out.
We will action opt-out requests promptly and within a reasonable timeframe. Opting out of marketing communications does not affect your receipt of service-related communications.
14. Access and correction
You may request access to the personal information we hold about you, and request that we correct any information that is inaccurate, incomplete, or out of date. We will respond to such requests within a reasonable timeframe.
To make an access or correction request, please contact us using the details in section 17. We may need to verify your identity before responding to your request. In certain circumstances, we may be permitted under applicable law to refuse access or decline to make a correction. If we decline a request, we will explain our reasons.
There is no charge for making an access or correction request, although we may charge a reasonable fee to cover the cost of providing access in some circumstances.
15. Third-party links
Our website or platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those sites, and this policy does not apply to them. We encourage you to review the privacy policies of any third-party sites you visit.
16. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our services, business practices, or legal obligations. When we make material changes, we will notify you by email or by posting a prominent notice on the platform. The latest version will always be available at sentinelmedx.com/privacy.
Your continued use of the platform after the effective date of an updated policy constitutes your acceptance of the changes. If you do not agree to the updated policy, you should stop using the platform.
17. Complaints
If you have a concern or complaint about how we have handled your personal information, please contact us using the details below. We will acknowledge your complaint promptly and investigate and respond within a reasonable timeframe (ordinarily within 30 days).
If you are not satisfied with our response, or if you wish to make a complaint directly, you may contact the Office of the Australian Information Commissioner (OAIC):
• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Online: oaic.gov.au/privacy/privacy-complaints
18. Contact Details
Logic X1 Pty Ltd
• Email: privacy@sentinelmedx.com
• Website: sentinelmedx.com
