SangraMate is operated by Worklair Pty Ltd (ACN 685 645 452, ABN 16 685 645 452) — "we" and "us" in this policy — an Australian company based in Sydney. We provide the SangraMate iPhone app, its companion web portals for clinics and carers, and this website, and you can reach us about anything in this policy at info@sangramate.com.
Because SangraMate handles health information, we hold ourselves to the Privacy Act 1988 (Cth) and the Australian Privacy Principles as our baseline — wherever in the world you use the app.
Glucose readings, insulin doses, meals and the other records you keep in SangraMate are health information — a category of sensitive information under Australian privacy law. We collect it only with your consent: you choose to connect your LibreLinkUp account, to log events and to use the AI features. You can withdraw that consent at any time by disconnecting your sensor or deleting your account.
Almost everything comes directly from you or your sensor: what you log, what you ask the assistant, and the readings SangraMate fetches from Abbott's LibreLinkUp service using the credentials you provide. The rest — forecasts, insights, briefings — is generated by the app itself from your data.
We do not sell personal information, and we do not use it for advertising.
Followers and clinic connections see your data only after you invite them, and you can remove their access at any time. Nobody is added by default.
We use a small set of specialised providers, each receiving only what its function needs:
Our service providers process your information only to provide their service to us — never for advertising, and never to sell to third parties. Some providers may use de-identified, aggregated information (which does not identify you) to operate and improve their services.
We use service providers located overseas, principally in the United States (cloud hosting, AI processing, speech transcription, subscription management, notifications and error monitoring). We take reasonable steps, including contractual data-processing terms, to ensure these providers handle your information consistently with Australian privacy law. By using SangraMate you consent to your information, including health information, being transferred to and processed in the United States for these purposes.
Your health data has no time-based expiry — it stays available to you until you delete it or your account. In detail:
| Data | Kept |
|---|---|
| Glucose readings, logs, chats, reports | Until you delete the entry or your account |
| Meal photos | Removed immediately when you delete or re-log the entry; a scheduled storage cleanup deletes any remainder within 90 days |
| Voice audio | Not retained by SangraMate — only the transcript is kept, until your account is deleted |
| AI request logs | Until your account is deleted |
| Account, subscription and support records | Until your account is deleted |
When your account is deleted, this data is deleted from our production systems, and residual copies in backups and storage cleanups expire within 90 days.
Data moves over encrypted connections. LibreLinkUp credentials and two-factor secrets are encrypted at rest, passwords are stored only as hashes, and access to the clinic and admin portals is role-gated.
No system is perfectly secure. If a breach ever puts you at likely risk of serious harm, we will notify you and the Office of the Australian Information Commissioner under the Notifiable Data Breaches scheme.
Most of your data is visible and editable directly in the app. For anything else — a copy of your data, a correction, or a question about what we hold — email info@sangramate.com from your account address. We aim to answer within 30 days.
Email info@sangramate.com from your account address and we will delete your account and its data. Self-serve deletion is on our roadmap; until it ships, deletion is handled by our team.
If you think we've mishandled your information, tell us first — we take it seriously and will respond within 30 days. If you're not satisfied with our answer, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or on 1300 363 992.
When this policy changes, we will update it here and adjust the date above. If a change meaningfully affects how we handle your data, we'll tell you in the app or by email first.