Opnlabs
Opnlabs
  • Home
  • DyDox
    • DyDox
    • Capabilities
    • Offerings
    • Book A Demo
    • Book A Slot
  • Careers
  • Contact Us
  • More
    • Home
    • DyDox
      • DyDox
      • Capabilities
      • Offerings
      • Book A Demo
      • Book A Slot
    • Careers
    • Contact Us

  • Home
  • DyDox
    • DyDox
    • Capabilities
    • Offerings
    • Book A Demo
    • Book A Slot
  • Careers
  • Contact Us

DYDOX ON-DEMAND PRIVACY POLICY

Effective Date: 24 June 2026


1. Introduction

This Privacy Policy describes how OpnLabs Pty Ltd ("OpnLabs", "we", "our" or "us") collects, uses, discloses, stores and protects personal information in connection with the DyDox On-Demand service ("DyDox").

OpnLabs is committed to protecting privacy and handling personal information in accordance with applicable Australian privacy laws, including the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Notifiable Data Breaches Scheme.

By accessing or using DyDox, you acknowledge that you have read and understood this Privacy Policy.

2. Scope of this Privacy Policy

This Privacy Policy applies solely to the DyDox On-Demand service operated by OpnLabs Pty Ltd.

This Privacy Policy does not necessarily apply to:

  • Professional consulting services;
  • Cybersecurity advisory services;
  • Managed services;
  • Assessment services;
  • Training services; or
  • Other products and services provided by OpnLabs,

unless expressly stated otherwise.

Where separate contractual arrangements, privacy notices or service agreements apply, those arrangements prevail to the extent of any inconsistency.

3. Privacy Principles

OpnLabs adopts the following principles:

  • Privacy by Design;
  • Data Minimisation;
  • Security by Design;
  • Least Privilege Access;
  • Confidentiality by Default.

As a general principle, OpnLabs does not collect, process, retain or use personal information, customer information, business information or system information unless reasonably necessary to:

  • Deliver DyDox services;
  • Process bookings and payments;
  • Provide support;
  • Meet legal obligations;
  • Protect the security and integrity of DyDox.

OpnLabs seeks to collect the minimum information reasonably necessary to provide the requested service.

OpnLabs does not:

  • Sell customer information;
  • Monetise customer data;
  • Share customer data for advertising purposes;
  • Use customer data for behavioural profiling;
  • Use customer data to train proprietary artificial intelligence models.

4. Information We Collect

We may collect information including:

4.1 Information You Provide

  • Name;
  • Email address;
  • Organisation name;
  • Position title;
  • Contact details;
  • Billing information;
  • Booking information;
  • Technical support requests;
  • Uploaded documents and assessment artefacts.

4.2 Information Automatically Collected

When you use DyDox, we may automatically collect:

  • IP address;
  • Browser type;
  • Device information;
  • Session information;
  • Usage statistics;
  • Diagnostic information;
  • Website analytics information.

5. Assessment Data and Uploaded Documents

Users may upload information including:

  • Security documentation;
  • Architecture diagrams;
  • Security policies;
  • Risk registers;
  • Compliance artefacts;
  • Assessment evidence;
  • Technical documentation;
  • Configuration information.

Users remain solely responsible for ensuring uploaded information is appropriate for processing through DyDox.

Users should not upload:

  • Classified information;
  • National security information;
  • Protected information;
  • Sensitive government information;
  • Information prohibited from cloud processing;

unless authorised under their own organisational policies and risk assessment processes.

6. AI and Automated Processing

DyDox uses artificial intelligence, machine learning and automation technologies to:

  • Analyse documentation;
  • Generate cybersecurity artefacts;
  • Create draft documentation;
  • Generate assessment outputs;
  • Create knowledge graphs;
  • Identify relationships between information;
  • Generate recommendations.

Users acknowledge that:

  • Outputs may contain errors;
  • Outputs may contain omissions;
  • Outputs may be incomplete;
  • Outputs require independent human review.

DyDox outputs do not constitute professional advice, certification, accreditation or regulatory approval.

7. How We Use Information

We may use collected information to:

  • Deliver DyDox services;
  • Facilitate bookings and payments;
  • Provide support services;
  • Improve service performance;
  • Maintain platform security;
  • Prevent fraud and misuse;
  • Comply with legal obligations;
  • Communicate with users regarding bookings and services.

8. Lawful Basis for Processing

We process information where reasonably necessary to:

  • Perform contractual obligations;
  • Provide requested services;
  • Comply with legal obligations;
  • Protect legitimate business interests;
  • Protect platform security and integrity.

9. Data Retention

DyDox is designed around data minimisation principles.

Uploaded information and generated outputs are not intentionally retained beyond what is reasonably necessary to provide the booked service.

Retention periods may vary depending upon:

  • Operational requirements;
  • Security requirements;
  • Legal obligations;
  • Payment and accounting obligations.

10. Data Deletion

Upon completion of a booking session:

  • Allocated computing resources may be recycled;
  • Temporary processing environments may be destroyed;
  • Uploaded information may become irretrievable.

Users are solely responsible for downloading and retaining generated outputs.

OpnLabs does not guarantee recovery of uploaded information after a session has ended.

11. AI Model Training and Data Usage

OpnLabs does not use:

  • Customer-uploaded documents;
  • Customer-generated outputs;
  • Customer assessment data;
  • Customer intellectual property;

to train:

  • Proprietary AI models;
  • Large Language Models (LLMs);
  • Foundation models;
  • Machine learning models.

Customer information is not used to improve AI training datasets.

12. Disclosure of Information

We may disclose information where reasonably necessary to:

  • Deliver services;
  • Facilitate payment processing;
  • Operate cloud infrastructure;
  • Comply with legal obligations;
  • Respond to lawful requests;
  • Investigate security incidents;
  • Support corporate transactions.

We do not sell customer information.

13. Cross-Border Data Transfers

DyDox may utilise infrastructure and service providers located:

  • Within Australia;
  • Outside Australia.

Information may be transferred, stored or processed in jurisdictions outside Australia.

Users acknowledge that:

  • Processing locations may change;
  • Infrastructure providers may change;
  • Data sovereignty obligations remain the responsibility of the user.

14. Cloud Hosting and Infrastructure Providers

OpnLabs may utilise:

  • Amazon Web Services (AWS);
  • Microsoft Azure;
  • Google Cloud Platform (GCP);
  • Other commercial cloud providers;
  • GPU-enabled infrastructure providers.

Infrastructure selection may depend upon:

  • Availability;
  • Performance requirements;
  • GPU capacity;
  • Operational requirements.

15. Security Measures

OpnLabs implements reasonable administrative, technical and organisational security controls including:

  • Authentication controls;
  • Role-based access controls;
  • Encryption technologies;
  • Security monitoring;
  • Logging;
  • Network security controls;
  • Security reviews.

No system can guarantee absolute security.

16. Confidentiality

OpnLabs takes reasonable steps to protect confidential information.

However:

  • No cloud platform is entirely risk-free;
  • No system is completely secure;
  • Users remain responsible for determining whether information is suitable for cloud processing.

17. Cookies and Website Analytics

OpnLabs may use:

  • Cookies;
  • Analytics technologies;
  • Usage monitoring tools;
  • Website optimisation technologies.

These may include:

  • Google Analytics;
  • Similar analytics and performance monitoring platforms.

Users may disable cookies through browser settings, although some functionality may be affected.

18. Marketing Communications

OpnLabs may send:

  • Product updates;
  • Service announcements;
  • Event invitations;
  • Marketing communications.

Users may unsubscribe from marketing communications at any time.

Service-related communications may still be sent where necessary to provide the service.

19. Third-Party Services

DyDox may rely upon third-party providers including:

  • Cloud providers;
  • Payment processors;
  • Email providers;
  • Support platforms;
  • Analytics providers;
  • AI service providers.

Third-party providers operate under their own privacy policies and terms.

20. Children's Privacy

DyDox is intended for business and professional users.

DyDox is not directed towards individuals under 18 years of age.

21. Your Rights

Subject to applicable law, individuals may request:

  • Access to personal information;
  • Correction of personal information;
  • Updates to personal information;
  • Marketing preference changes.

Requests may be submitted to the Privacy Officer.

22. Complaints

Privacy complaints may be submitted to: Privacy Officer
OpnLabs Pty Ltd
Email: support@opnlabs.com

OpnLabs will investigate complaints and respond within a reasonable timeframe.

If you remain dissatisfied, you may contact the Office of the Australian Information Commissioner (OAIC).

23. Data Breach Notifications

OpnLabs will respond to eligible data breaches in accordance with Australian law, including the Notifiable Data Breaches Scheme.

Where required, affected individuals and regulators will be notified.

24. Limitation of Privacy Obligations

OpnLabs cannot control:

  • User behaviour;
  • Customer security practices;
  • Handling of downloaded outputs;
  • Storage of customer data after download.

Users remain responsible for their own information security and data handling obligations.

25. Changes to this Privacy Policy

OpnLabs may amend this Privacy Policy at any time by publishing an updated version on its website.

Continued use of DyDox constitutes acceptance of the revised Privacy Policy.

26. Contact Information

Privacy Officer
OpnLabs Pty Ltd Email: support@opnlabs.com Support: support@opnlabs.com Website: https://opnlabs.au/dydox-on-demand/privacy-policy

27. Governing Law

This Privacy Policy is governed by the laws of New South Wales, Australia.

28. Contact and Further Information

For questions regarding this Privacy Policy or the handling of personal information, please contact the Privacy Officer using the details above.

Privacy Policy  |  Terms of Service  |  Intellectual Property Policy


Copyright © 2019 - 2026 Opnlabs - All Rights Reserved.

  • Capabilities
  • Book A Demo
  • Book A Slot
  • Contact Us

Powered by AI | Managed by Homo Sapiens

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept