Built to be reviewed.
Documented to be approved.
Everything an enterprise security, legal, or procurement team needs to assess Sentinel — in one place. We are in open beta and we are honest about what that means: real DPA, real sub-processor list, real vulnerability disclosure policy, and an explicit statement of what compliance attestations we do not yet hold.
Data we process & why
Network metadata (IP, ASN, proxy/VPN signals) and device telemetry (browser fingerprint, tampering, behavioural signals) processed under GDPR Art. 6(1)(f) legitimate interest. No PII storage. 7-day raw-log retention.
Privacy Policy →Who we share data with
Spur (network intel), Fingerprint Pro (device intel), Cloudflare (CDN), Railway (host), Turso (DB), Resend (email), Google (Sign-In, Fonts, Ads), Have I Been Pwned (k-anonymity password check).
Sub-processor list →Report a vulnerability
Scope, response targets, safe-harbour commitments under UK CMA / US CFAA / EU Cybercrime Directive. Bounty stance and contact methods documented. RFC 9116 /.well-known/security.txt served.
Click-through & MSA
Standard click-through Terms cover most usage. MSA available for procurement that can't accept click-through. DPA aligned to UK/EU GDPR Art. 28 with Standard Contractual Clauses available on request.
Terms of Service →Uptime & incidents
Best-effort 99.9% uptime target during beta. Real-time status and incident history. Enterprise plans include a contractual SLA with service credits — typical 99.95% with 24-hour incident response.
Status page →What we set in your browser
localStorage for the auth token only. Google Ads gtag.js loaded after first interaction for conversion tracking. No analytics cookies, no retargeting pixels.
Security controls in place today
Honest snapshot. Some are standard, some go beyond what most beta-stage products do — we will not list ones we don't have.
| Control | Implementation |
|---|---|
| Authentication | Email + bcrypt-hashed password, Google OAuth (RS256 JWKS verified), TOTP 2FA, audit log of active sessions, account lockout on repeated failures. |
| API key generation | crypto.randomBytes; key prefix sk_live_; rotation supported via dashboard. |
| Password breach check | Have I Been Pwned k-anonymity (5-char SHA-1 prefix only) on signup and password reset. |
| Transport security | TLS 1.2+; HSTS preload; CORP same-origin; CSP with allowlists; X-Content-Type-Options nosniff; X-Frame-Options DENY; Permissions-Policy (camera/mic/geo/payment off). |
| Rate limiting | Per-API-key (1,000/hr) and per-source-IP (500/hr) caps on the evaluate endpoint. Exponential backoff on auth endpoints. |
| CSP violation reporting | Live /api/csp-report endpoint capturing browser-side policy breaches. |
| Account deletion | GDPR Art. 17 — self-service deletion via dashboard with password re-auth; 30-day window before personal data is purged. |
| Session binding | JWT auth tokens bound to fingerprint at login; mismatch triggers re-auth before high-value actions (payout, password change, key rotation). |
| Encryption at rest | Turso (libSQL) managed encryption at rest. Application-level field encryption for sensitive secrets (API keys are stored hashed, never recoverable). |
| Logging & retention | Raw lookups retained 7 days then aggregated; account events retained for the lifetime of the account, deleted within 30 days of account deletion request. |
For procurement teams
Documents available on request from [email protected]:
| Document | Notes |
|---|---|
| Data Processing Agreement (DPA) | UK GDPR / EU GDPR Article 28 aligned, with Standard Contractual Clauses for international transfers and current sub-processor list. |
| Master Services Agreement (MSA) | For customers who can't accept the click-through Terms. |
| SIG-Lite questionnaire response | Standardized Information Gathering questionnaire — completed responses available. |
| CAIQ questionnaire response | Cloud Security Alliance Consensus Assessments Initiative Questionnaire — completed responses available. |
| Custom security questionnaire | We will respond to bespoke questionnaires within 5 business days; complex ones can be co-walked on a video call. |
| Penetration test summary | Most recent third-party pen-test executive summary on request; raw findings under NDA. |
| Insurance certificates | Cyber liability + professional indemnity certificates of insurance available on request. |
| Sub-processor change notice subscription | 30-day advance notice via email for any new sub-processor that processes customer data, with right to object. |