Last updated: 1970-01-01

Privacy Policy

What we collect

Account email, OAuth tokens and API tokens for the services you connect (Supabase, GitHub, Vercel), your encrypted BYOK AI provider API key, scan metadata, and the minimum code or configuration snippets required to detect issues and propose fixes.

Storage and security

OAuth tokens, API tokens, and your BYOK AI key are stored encrypted at rest. They are never stored, logged, or transmitted in plaintext.

No selling of user data

We do not sell your data to third parties. Ever.

How we use your connected tokens and BYOK keys

Connected tokens and BYOK keys are used only to perform actions you explicitly request — running a scan you initiated, or applying a fix you confirmed.

Data retention and deletion

You can delete your account and all associated data at any time by contacting support@sentinel.example. We will remove your account, encrypted tokens, scan history, and stored API keys within 30 days.

Cookies

See our cookie policy for details on essential and analytics cookies.

Contact

For privacy inquiries, email privacy@sentinel.example.