This Cookie Policy explains how Sentinel Edge Networks LTD ("Sentinel", "we", "us") uses cookies and similar tracking technologies on sntlhq.com and any associated subdomains ("the Website"). This policy complies with the EU ePrivacy Directive, the General Data Protection Regulation (GDPR), and applicable UK law.
1. What Are Cookies?
Cookies are small text files placed on your device when you visit a website. Similar technologies include browser local storage, session storage, and JavaScript-based signals used for security purposes. We use a minimal set of these technologies — only what is strictly necessary to operate the platform securely.
2. Storage We Use
2.1 Strictly Necessary (localStorage)
We use browser localStorage (not traditional cookies) to keep you logged in and remember your preferences. This does not require consent under the ePrivacy Directive as it is essential to the service you requested.
| Key (localStorage) | Purpose | Duration | Type |
|---|---|---|---|
sentinel_token |
Stores your JWT authentication token to keep you logged into the dashboard. Cleared on logout. | 24 hours / until logout | Essential |
cookie_consent |
Remembers your cookie consent choice so we don't show the banner again. | 12 months | Essential |
2.2 Security & Fraud Prevention
We use proprietary security SDKs on our signup, login, contact, and dashboard pages. These SDKs collect network-layer signals (IP address, connection type, VPN/proxy status) and device-level signals (browser fingerprint, tampering detection, bot detection) to protect our platform from bot abuse, account takeover, antidetect browsers, and fraudulent signups.
This processing is based on our Legitimate Interest under GDPR Article 6(1)(f) to protect the platform and its users from fraud, abuse, and security threats. These SDKs do not set persistent cookies. They use in-memory session data and device signals for real-time threat assessment only.
We also check passwords against the Have I Been Pwned breach database during signup and password reset. Only a partial hash of the password is sent (k-anonymity) — your actual password is never transmitted.
We offer optional 3D Face Login powered by FaceTec. If you enable this feature, your device camera captures a 3D liveness scan to verify you are a real person. The face scan data is processed by FaceTec's servers for liveness verification only — we do not store facial images or biometric data on our servers. Your device identity is linked to your account to enable face-based authentication.
If you wish to object to this processing under GDPR Article 21, please contact us at [email protected]. Note that objecting may prevent you from using certain features of the platform.
2.3 Performance & Analytics
We do not currently use third-party analytics (e.g. Google Analytics). If we introduce analytics in the future, we will update this policy and request your explicit consent before activating them.
2.4 Marketing & Advertising
We do not use any marketing, retargeting, or advertising cookies or trackers on this Website.
3. Third-Party Services
The following third-party services are integrated and may process data from your device:
| Provider | Purpose | Data Processed | Privacy Policy |
|---|---|---|---|
| Resend | Transactional email delivery (OTP codes, password resets). | Email address, IP address | resend.com/privacy |
| Railway | Application hosting and infrastructure. | Server logs, IP address | railway.app/legal/privacy |
| Google Sign-In | Optional OAuth authentication ("Sign in with Google"). | Email, name, Google account ID | policies.google.com/privacy |
| FaceTec | Optional 3D face liveness verification for Face Login feature. | Camera feed (processed in real-time, not stored), liveness result | facetec.com/privacy-policy |
| Google Fonts | Serving web fonts (Space Grotesk, DM Mono) for the site's typography. | IP address (per Google's standard CDN logging) | policies.google.com/privacy |
4. How to Control Storage
4.1 Our Cookie Banner
When you first visit the Website, a consent banner is shown. You can accept or decline non-essential storage at that time. To update your preferences, clear your browser's localStorage for sntlhq.com and reload the page.
4.2 Browser Settings
You can clear localStorage and cookies via your browser's developer tools or settings. Note that clearing sentinel_token will log you out of the dashboard. Instructions for major browsers:
5. International Transfers
Some third-party providers (Resend, Railway, Google) may process data outside the UK and European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs), UK International Data Transfer Agreements, or adequacy decisions.
6. Your GDPR Rights
As an EU/EEA resident, you have the following rights regarding your personal data:
- Right of Access — request a copy of data we hold about you.
- Right to Rectification — request correction of inaccurate data.
- Right to Erasure — request deletion of your data ("right to be forgotten").
- Right to Restrict Processing — request that we limit how we use your data.
- Right to Object — object to processing based on legitimate interests.
- Right to Data Portability — receive your data in a structured, machine-readable format.
To exercise any of these rights, email [email protected]. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or another supervisory authority in your country of residence. We will respond to all requests within 30 days.
7. Changes to This Policy
We may update this Cookie Policy periodically. Material changes will be notified via a banner on the Website and by email. The "Last Updated" date at the top reflects the most recent revision.
8. Contact
170 West Hendon Broadway, London, NW9 7AA, United Kingdom