SENTINEL MAN is a performance intelligence system. It collects operational data about you — your daily state, your decisions, your patterns — to produce personalised intelligence that improves over time.
We take the handling of this data seriously. This policy explains exactly what we collect, why, who sees it, and what you can do with it.
This policy is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are located in the European Union, the General Data Protection Regulation (GDPR) also applies to your data.
My Cosmic Message Pty Ltd (ABN 30 652 358 159), trading as WOW Enterprise Company, is the operator of SENTINEL MAN and the entity responsible for your data.
Contact for privacy matters: support@sentinelman.com
When you create an account:
Each time you complete a check-in, we collect:
This data is used to calculate your Readiness Score, assign your operational mode, and generate your morning brief. It is not shared with third parties for marketing, research, or any other purpose beyond delivering the product to you.
If you use the Decision Advisor, we collect:
This data is used to build your decision history and pattern intelligence. It is processed by AI models (see §6 — Third Parties).
The system generates inferred patterns from your operational data — for example, correlations between your sleep inputs and your decision quality scores. These patterns are stored against your account and used to personalise your intelligence output. Patterns are generated by automated analysis of your own data. No human reviews this data.
The principles you establish at onboarding or update over time. These are stored against your account and used by the Decision Advisor and pattern engine.
Payment processing is handled by Stripe (web) and Apple / Google (in-app). We do not store your credit card number, bank details, or full payment card information. We receive and store:
Standard technical information collected automatically:
If you connect a wearable device (Apple Watch, WHOOP, Oura Ring), we receive health metrics from that device including heart rate variability, sleep duration, and physical strain scores. This data is used exclusively to improve the accuracy of your Readiness Score and daily brief. It is not used for any other purpose and is not shared with third parties beyond the AI processing pipeline described in §6.
We collect data to:
We do not collect data to:
| Data Type | Retention Period |
|---|---|
| Daily check-in logs | 90 days rolling (older data deleted automatically) |
| Morning briefs | 90 days rolling |
| Decisions and outcomes | Indefinite (while account is active) |
| Patterns | Indefinite (while account is active) |
| Operating Principles | Indefinite (while account is active) |
| Account data | Until account deletion + 30 days |
| Payment records | 7 years (Australian tax law requirement) |
| Wearable data | 90 days rolling |
When you delete your account, all personal data is deleted within 30 days, except payment records which are retained for 7 years as required by law.
Your data is stored in Cloudflare's D1 database infrastructure, with primary processing at Cloudflare's Oceania region (Sydney-adjacent edge).
We implement:
No system is perfectly secure. If a breach occurs that affects your data, we will notify you within 30 days as required by the Privacy Act 1988 (Notifiable Data Breaches scheme).
We use the following third-party services. Each processes your data only as necessary to deliver the product.
| Service | Purpose | Location |
|---|---|---|
| Clerk | Authentication (login, session management) | USA |
| Cloudflare | Database, CDN, Workers (backend processing) | Global (OC region primary) |
| OpenRouter | AI model gateway | USA |
| Anthropic (Claude) | AI reasoning — brief generation, synthesis | USA |
| xAI (Grok) | AI reasoning — Decision Advisor contrarian lane | USA |
| OpenAI (GPT-4o) | AI reasoning — Decision Advisor context lane | USA |
| Stripe | Payment processing (web subscribers) | USA / Australia |
| Apple | Payment, push notifications (iOS) | USA |
| Payment, push notifications (Android) | USA | |
| Resend | Transactional email | USA |
Cross-border data transfer. Some of the services above are located in the United States. By using SENTINEL MAN, you consent to your data being transferred to and processed in the United States and other countries where these service providers operate. These transfers occur under data processing agreements consistent with the Australian Privacy Principles.
AI processing. When you submit a decision to the Decision Advisor or complete a daily check-in, your operational data (not your name or email) is sent to AI models via OpenRouter for processing. This data is used to generate your intelligence output and is not used to train AI models.
The SENTINEL MAN web app uses:
The marketing website (sentinelman.com) may use minimal analytics to understand visitor volume. No personally identifying information is collected via the marketing website unless you create an account.
Under the Privacy Act 1988 and the Australian Privacy Principles, you have the right to:
Access your data (APP 12). Request a copy of all personal data we hold about you. We will provide this within 30 days. Submit your request to support@sentinelman.com.
Correct your data (APP 13). If any information we hold is incorrect, you can request a correction. Most of your operational data can be corrected directly in the app.
Delete your data. You can delete your account and all associated data at any time via Settings → Account → Delete Account. Deletion is permanent and irreversible. Payment records are retained for 7 years as required by law.
Data portability. Export all your operational data (check-ins, decisions, patterns) as a CSV file at any time via Settings → Export Data.
Opt out of communications. You can opt out of non-essential communications (tips, updates) at any time. You cannot opt out of transactional emails (receipts, security alerts) while your account is active.
Lodge a complaint. If you believe we have handled your data incorrectly, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
If you are in the EU (GDPR rights). You have additional rights including the right to object to processing and the right to restrict processing. Contact support@sentinelman.com to exercise these rights.
SENTINEL MAN is intended for adults aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a person under 18 has created an account, contact us at support@sentinelman.com and we will delete the account immediately.
We will notify you by email or in-app notification if we make material changes to this policy. Continued use of SENTINEL MAN after notification constitutes acceptance of the updated policy.
Minor changes (correction of errors, clarification of existing practices) may be made without notification.
For all privacy-related enquiries:
Email: support@sentinelman.com
Response time: Within 5 business days (AEST)
For account deletion requests, you may also use the in-app function at Settings → Account → Delete Account.
MY COSMIC MESSAGE PTY LTD · ABN 30 652 358 159 · SYDNEY, AUSTRALIA