Privacy Policy
How we handle your data. Spoiler: responsibly.
Last updated: April 28, 2026
1. Information We Collect
When you use Sentinel AI's website, portal, or services ("Services"), we may collect the following types of information:
- Account Information: Name, email address, company name, phone number, and password provided during portal signup or contact form submissions. If you sign in with Google, we receive your Google profile data (name, email, profile photo, account ID).
- Project Information: Business details, brand guidelines, content, images, industry data, and requirements submitted through the intelligence briefing and portal editor.
- Portal & Editor Data: Content edits, image uploads, revision requests, support tickets, and project preferences submitted through the client portal.
- Connected Platform Data: When you connect a third-party platform (Google Business Profile, Yelp, Facebook), we receive data those platforms make available about businesses you authorize — reviews, ratings, hours, photos, posts, and engagement metrics. We only access accounts you explicitly connect.
- Visitor Analytics for Hosted Sites: For sites we build and host on your behalf, we collect anonymized visitor events — page views, click positions, scroll depth, time on page, session heartbeats, first-interaction signals — used to render your analytics dashboard. Approximate visitor location (country, city, region) is derived from Cloudflare's geo-IP service. We do not store visitor IP addresses.
- Payment Information: Billing details processed securely through Stripe. We do not store credit card numbers on our servers.
- Communications: Email correspondence, drip sequence interactions, and status page subscription preferences.
- Usage Data: Anonymous analytics about how you interact with our website and portal (page views, session duration, referral source).
- Technical Data: Browser type, device type, IP address, and operating system — collected automatically for security and performance.
2. How We Use Your Information
We use your information exclusively to:
- Build and deploy your custom website using our AI-powered pipeline
- Provide access to the client portal and content editing tools
- Communicate project status, deliverables, and account notifications
- Send transactional emails (welcome, deployment confirmation, revision updates)
- Send marketing emails and drip sequences (with your consent; unsubscribe anytime)
- Send system status notifications if you subscribe to updates
- Process payments and manage subscription billing
- Improve our AI deployment pipeline and service quality
- Comply with legal obligations
3. Connected Third-Party Platforms
Google Business Profile
When you click "Connect Google Business Profile," we use Google OAuth to obtain your permission. We request the business.manage scope, which lets us read reviews, ratings, locations, and posts for the Google account you authorize. We use this data only to display your reviews and presence metrics inside your Sentinel dashboard. We don't post on your behalf without an explicit action you take, and we don't share Google data with any third party.
Sentinel's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. You can revoke our access at any time at myaccount.google.com/permissions, or by clicking "Disconnect" inside your Sentinel dashboard.
Yelp Fusion API
We query the public Yelp Fusion API to retrieve business listings and review summaries by business name. Yelp data is read-only.
Facebook Pages
If you connect a Facebook Page, we receive Page metadata, posts, and review/recommendation data through the Facebook Graph API for the Pages you authorize. Use is read-only and limited to your dashboard.
4. Service Providers & Data Sharing
We do not sell, trade, or rent your personal information. We share data only with the service providers necessary to operate our Services:
- Cloudflare — Website hosting, CDN, SSL, DDoS protection, and the geo-IP headers we use for visitor analytics. See the Cloudflare Privacy Policy.
- Render — Backend application hosting for our portal and APIs.
- Anthropic (Claude), Google, OpenAI — AI providers used for site generation, content, and analytics insights. Prompts include your business context (industry, brand voice, page metadata). We do not send connected business profile data or visitor PII to AI providers, and we use providers that contractually do not train on our data.
- Stripe — Payment processing. Payment data is handled entirely by Stripe and subject to their PCI-DSS compliant security standards. See the Stripe Privacy Policy.
- Resend — Transactional and marketing email delivery.
We may disclose information if required by law, to enforce our terms, or to protect rights, property, or safety. If Sentinel is acquired or merged, your information may transfer as part of the transaction, subject to this policy.
5. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS 1.3) for all connections
- Secure authentication tokens with automatic expiry
- Role-based access controls for portal and admin systems
- Cloudflare's enterprise-grade DDoS protection and WAF
- Regular security reviews of our infrastructure
No system is 100% secure, but we take every reasonable precaution to protect your data.
6. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data and deployed sites
- Export your site's source code upon cancellation
- Unsubscribe from marketing emails and status notifications at any time
- Opt out of non-essential cookies
To exercise any of these rights, contact us at the email below. We respond to all requests within 30 days.
7. Data Retention
We retain your project data for the duration of your active subscription. Upon cancellation:
- Project files and site data are retained for 30 days, then permanently deleted
- Account information is retained for 90 days for reactivation purposes
- Payment records are retained as required by tax and accounting obligations
- Anonymous analytics data is retained for 12 months
- Email subscription preferences are honored immediately upon unsubscribe
8. Cookies
We use minimal cookies for:
- Essential: Authentication, session management, consent preferences
- Analytics: Anonymous usage data to improve our Services
We do not use advertising or tracking cookies. You can control cookie preferences through the consent banner on first visit or through your browser settings.
9. Children's Privacy
Our Services are not directed to individuals under 18. We do not knowingly collect personal information from minors. If we learn we have collected data from a minor, we will delete it promptly.
10. International Data
Our Services are operated from the United States. If you access our Services from outside the US, your data may be transferred to and processed in the United States. By using our Services, you consent to this transfer.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email to active subscribers. The "Last updated" date at the top reflects the most recent revision.
12. Contact
Questions about this policy? Contact us at sentinelai.build@gmail.com