Case Studies Docs Blog Contact
Log in Get started
Enterprise

Serious about security.
Built for procurement.

Everything your security, legal, and procurement teams will ask about, answered up front — no sales call required to read the fine print. When you are ready, [email protected] goes straight to the founding team.

Art. 28 DPA available Custom MSA & SLA Annual invoice billing EU data processing UK registered company
Compliance

GDPR & CCPA

UK/EU GDPR and CCPA compliant. We operate as a data processor for end-user evaluation — Art. 28 DPA available on request, with a 30-day notice commitment before any sub-processor change.

Privacy policy →
Data residency

EU data processing

Network and device intelligence is evaluated through EU endpoints. End-user analysis runs on network and device metadata — never names, emails, or payment data.

Trust & security →
Retention

Minimal retention

Evaluation IPs are one-way hashed after 7 days. Passwords are bcrypt-hashed and breach-checked via k-anonymity — plaintext never leaves the device.

Retention details →
Account security

Hardened by default

TOTP two-factor authentication, active session management with per-device revocation, and breach-checked password policies on every account.

Security overview →
Reliability

Measured, not promised

Sub-40ms evaluations at the 95th percentile, a public status page, published service level objectives, and transparent rate limits — no silent throttling, Retry-After on every 429.

Service level objectives →
Procurement

Paperwork, handled

Enterprise agreements, custom MSAs, security questionnaires (CAIQ / SIG Lite), and vendor-onboarding forms are handled directly by the founding team — typical turnaround is days, not quarters.

[email protected]

The paperwork, up front

What we can put in front of your legal and security teams today:

DocumentStatusHow to get it
Data Processing Agreement (Art. 28)AvailableEmail [email protected]
Master Service Agreement / custom termsAvailableNegotiated directly with the founding team
Service level objectivesPublishedsntlhq.com/sla — contractual SLA with credits under enterprise MSA
Named sub-processor listAvailable under DPACategories published in the Cookie Policy; named list with the DPA
Security questionnaires (CAIQ, SIG Lite, custom)AvailableSend yours to [email protected]
SOC 2 Type II reportPre-auditWe publish the audit firm and scope when the engagement is signed — see Trust

Billing: self-serve plans are billed by card. Enterprise agreements can be billed annually by invoice — vendor-onboarding forms and purchase orders are no problem.

Startup & enterprise evaluation program

Building a startup or evaluating Sentinel for an enterprise platform? Tell us what you're working on and we'll unlock up to 1,000,000 evaluations per month, free — full signal set, production traffic, no credit card.

Get the program Or use the contact form →