Privacy Policy

1. Scope

This Policy explains how Sentinel processes personal data when you use our websites, apps, SDKs, APIs, the dVPN network, and Sentinel Scout (the “Services”). Separate notices may apply for Node Operators, enterprise customers, or specific regions.

2. Data We Process (Data Minimization)

• Account & Contact: name/alias, email, organization, wallet address(es), authentication data, billing contact
• Transactions & Billing: plan, invoices, payment method (processed by payment partners), tax country, support tickets.
• Device & Network: app version, OS, device IDs, coarse location/country, IPs used for anti‑abuse/fraud, crash logs, performance metrics.
• Usage (dVPN): session start/stop timestamps, server/region, data transferred (MB/GB), protocol type, and performance telemetry necessary for routing, metering, and abuse detection. We do not log traffic contents or destination websites/DNS queries at the Sentinel control plane.
• Node Operators: payout addresses, uptime/throughput metrics, reputation scores, compliance attestations, abuse reports.
• Scout: dataset titles/metadata, ingestion configs, indexes, transformation logs; your submitted content (e.g., URLs/fields). Avoid personal/sensitive data unless you have a lawful basis.
• Public Blockchain: on‑chain transactions/addresses/contract interactions are public/immutable; erasure rights cannot alter on‑chain history.
• Cookies/Local Storage: essential cookies for session/anti‑fraud; optional analytics/preferences (see §8).

3. Purposes & Legal Bases

• Provide the Services (contract): routing, node connections, payments, APIs.
• Secure & maintain (legitimate interests): prevent abuse/fraud/DDoS, debug, capacity planning.
• Improve & research (legitimate interests/consent where required): QoS tuning, aggregated analytics, experiments.
• Comply with law (legal obligation): accounting, lawful requests, consent recording (GDPR and other applicable laws).
• Communicate (consent/legitimate interests): service updates & security advisories; marketing only if opted‑in.

4. dVPN Privacy Notes

• No activity logs: no destination IPs/hostnames, DNS queries, or content of traffic at the Sentinel control plane.
• Ephemeral session data: routing/accounting data may be processed in memory and discarded after metering/abuse checks; aggregated totals may be retained.
• Community Nodes: Independently operated exit nodes act as separate controllers for data they process on egress. We require operators to avoid activity logging, but we cannot guarantee individual operator practices. Choose trusted nodes and regions.

5. Sentinel Scout (AI Data Layer) Notes

• Your responsibility: you are the controller for datasets you ingest; scope jobs to avoid personal/sensitive data without a lawful basis.
• Do‑Not‑Train: dataset‑level flag (where available) to exclude from model training; indexing for your retrieval still applies.
• Provenance: we may store source URLs/timestamps, checksums, and signatures for transparency/abuse defense.
• API Keys: stored encrypted; used only to execute your jobs; revoke by deleting keys.

6. Sharing & Transfers

We share with: (i) processors/vendors (hosting, analytics, payments, email); (ii) Node Operators (only what’s needed to connect/meter sessions); (iii) enterprise admins (managed accounts); (iv) authorities where required by law; (v) parties to a business transfer (merger/acquisition). International transfers: we use Standard Contractual Clauses (SCCs) or equivalent safeguards where required.

7. Retention

We retain personal data only as long as necessary for purposes above, then delete or de‑identify it. On‑chain data cannot be altered. Typical targets: billing (7 years or as required), support (18–24 months), security logs (90–365 days), aggregated telemetry (ongoing, non‑identifying). Session‑accounting retention targets for dVPN should be confirmed with engineering (e.g., automatic deletion ≈30 minutes after session end).

8. Cookies & Analytics

Essential cookies: auth/session integrity, anti‑abuse, preferences. Optional analytics may be used on marketing sites (not product portals) and are aggregated; we obtain consent where required (EU/UK). Manage preferences via Cookie Settings.

9. Your Rights

Depending on your region, you may have rights to access, correct, delete, port, restrict, and object.

• EU/UK (GDPR): Articles 15–21 rights; right to complain to a supervisory authority.
• California (CCPA/CPRA): rights to know, delete, correct, and opt‑out of “sale”/“sharing” of personal information. We do not sell personal information. Contact privacy@yourdomain to exercise rights. We may verify your request. Some rights are limited by law (e.g., security/billing logs; on‑chain immutability).

10. Security

We use appropriate technical/organizational measures (encryption in transit & at rest for account data and stored credentials, RBAC, regular security reviews). No system is 100% secure—use strong passwords, keep apps updated, and review node trust settings.

11. Children

We do not knowingly process children’s personal data or provide Services to minors. If a minor has provided data, contact us to delete it.

12. Regional Disclosures

• EU/UK: Controller details and lawful bases in §3; SCCs for transfers as needed.
• California: CCPA categories include identifiers, internet activity, coarse geolocation, and inferences (none used for targeted ads without consent).

13. Changes

We may update this Policy as practices or laws evolve. Material changes will be communicated via the Services with a new effective date.

14. Contact