Serious about security.
Built for procurement.
Everything your security, legal, and procurement teams will ask about, answered up front — no sales call required to read the fine print. When you are ready, [email protected] goes straight to the founding team.
GDPR & CCPA
UK/EU GDPR and CCPA compliant. We operate as a data processor for end-user evaluation — Art. 28 DPA available on request, with a 30-day notice commitment before any sub-processor change.
Privacy policy →EU data processing
Network and device intelligence is evaluated through EU endpoints. End-user analysis runs on network and device metadata — never names, emails, or payment data.
Trust & security →Minimal retention
Evaluation IPs are one-way hashed after 7 days. Passwords are bcrypt-hashed and breach-checked via k-anonymity — plaintext never leaves the device.
Retention details →Hardened by default
TOTP two-factor authentication, active session management with per-device revocation, and breach-checked password policies on every account.
Security overview →Measured, not promised
Sub-40ms evaluations at the 95th percentile, a public status page, published service level objectives, and transparent rate limits — no silent throttling, Retry-After on every 429.
Paperwork, handled
Enterprise agreements, custom MSAs, security questionnaires (CAIQ / SIG Lite), and vendor-onboarding forms are handled directly by the founding team — typical turnaround is days, not quarters.
[email protected] →The paperwork, up front
What we can put in front of your legal and security teams today:
| Document | Status | How to get it |
|---|---|---|
| Data Processing Agreement (Art. 28) | Available | Email [email protected] |
| Master Service Agreement / custom terms | Available | Negotiated directly with the founding team |
| Service level objectives | Published | sntlhq.com/sla — contractual SLA with credits under enterprise MSA |
| Named sub-processor list | Available under DPA | Categories published in the Cookie Policy; named list with the DPA |
| Security questionnaires (CAIQ, SIG Lite, custom) | Available | Send yours to [email protected] |
| SOC 2 Type II report | Pre-audit | We publish the audit firm and scope when the engagement is signed — see Trust |
Billing: self-serve plans are billed by card. Enterprise agreements can be billed annually by invoice — vendor-onboarding forms and purchase orders are no problem.
Startup & enterprise evaluation program
Building a startup or evaluating Sentinel for an enterprise platform? Tell us what you're working on and we'll unlock up to 1,000,000 evaluations per month, free — full signal set, production traffic, no credit card.