SENTINEL
Try free
Legal

Privacy Policy

Last updated · May 10, 2026

This policy explains what data Sentinel (Perpetual Core) collects, how we use it, who we share it with, how long we keep it, and what rights you have. We aim to be plain rather than legalistic; the FAQ at the bottom answers the questions we get most often.

1. What we collect

Account data. Email, name (if provided), authentication tokens, subscription tier, billing identifiers, usage counts. Provided by you and/or our auth and billing partners (Supabase, Stripe).

Subject data. The information you submit about a person or entity when you open an engagement: name, aliases, jurisdictions, the relationship and decision context you describe, and your permitted-purpose attestation.

Generated reports. The agent's output, including evidence with source URLs, evidentiary labels, and cost metadata.

Operational logs. Refusal reasons, errors, audit-log entries for sensitive actions, anonymous request metrics (latency, model, cost).

Support conversations. Messages exchanged with our SupportAgent chat widget and any escalated email threads.

We do not collect device-fingerprint data, advertising identifiers, or social-graph information. We do not run third-party trackers on the marketing site or app.

2. How we use it

To deliver the service: run the agent, return the report, persist your history.

To process payments and quotas: through Stripe and our own subscription database.

To maintain quality: sample agent outputs against an automated rubric (our OpsAgent), review escalations, fix patterns we see drift in. Sampled outputs are treated with the same confidentiality as production data.

To meet legal obligations: tax and accounting, responding to lawful requests, enforcing our terms.

We do not sell your data. We do not use your queries or reports to train Anthropic or any third-party AI models. We do not share with advertisers.

3. Who we share with

Strictly the third parties needed to run the service:

  • Anthropic — the language model. Your queries are sent to their API. Per our Anthropic agreement, query and output content are not retained by Anthropic for training.
  • Supabase — auth and database hosting (Postgres, U.S. region). Encrypted at rest, encrypted in transit.
  • Stripe — payment processing. Card data goes directly to Stripe and is never stored on our servers.
  • Resend — transactional email (escalations, monitor change alerts, account notifications).
  • Vercel — application hosting and edge delivery.
  • Public-record providers the agent calls during a run (Exa, Tavily, OpenSanctions, OpenCorporates, ICIJ, CourtListener, SEC EDGAR, Companies House, and similar). These calls are subject-name queries, not personal-data transfers about you.

We will disclose data in response to lawful subpoenas, court orders, or to protect our rights and safety. We will notify you of such requests unless legally prohibited.

4. How long we keep it

Account data: for as long as your account is active, plus 90 days after closure.

Subject data and reports: 7 years from the date of the engagement, to align with U.S. recordkeeping norms for due-diligence work. After 7 years they are archived and access is restricted to legal/compliance review.

Audit log entries: 7 years.

Support conversations: 2 years.

Anonymous usage metrics: indefinitely (no PII).

5. Anonymous use of the public Quick Vet

The free Quick Vet at /run can be used without an account. We do not persist the report for anonymous users; closing the tab discards it. We do log the anonymous run (subject name, timestamp, cost, refusal/error if applicable) to a server-side audit log to detect abuse, but we do not associate that log with any signed-in identity unless you later create an account.

6. Your rights

Wherever you live, you can ask us to access, correct, or delete your account data and any reports tied to it. Contact lorenzo@perpetualcore.com from your account email; we respond within 30 days.

EU/UK (GDPR). You have rights to access, rectification, erasure, portability, and objection, plus the right to lodge a complaint with your data protection authority. Our legal basis is contract (delivering the service you asked for) and legitimate interests (operating, securing, and improving the service). For subject-data submitted by paying customers, our customer is the controller and Sentinel is the processor; direct subject requests to that customer.

California (CPRA). You have rights to know, delete, correct, and limit. We do not sell or share personal information for cross-context behavioral advertising. Authorized agent requests must include written authorization.

Subjects of reports. If you are the subject of a report and believe the report is inaccurate or was generated for a prohibited purpose, see our Permitted Use Policy and contact lorenzo@perpetualcore.com. We will investigate, and we will not retaliate against good-faith requests.

7. Security

Data in transit is encrypted with TLS 1.2+. Data at rest is encrypted using provider-managed keys (Supabase, Stripe). We use row-level security to isolate your data from other accounts. Access by Perpetual Core staff is limited to operational necessity and is logged.

We have not yet undergone SOC 2 attestation. If you require it for your compliance program, contact us; an Institutional+ engagement can include a security questionnaire and DPA.

8. International transfers

Our infrastructure runs primarily in the United States. If you access from outside the U.S., your data will be transferred to and processed in the U.S. For EU/UK transfers we rely on Standard Contractual Clauses with our subprocessors.

9. Children

Sentinel is not intended for use by anyone under 18, and we do not knowingly collect data from minors. We refuse engagements that target minors absent lawful guardianship authority. See Permitted Use.

10. Changes

We will notify you by email and an in-app notice at least 14 days before material changes take effect.

Contact

Privacy questions, access requests, deletion requests: lorenzo@perpetualcore.com