Sentrock
  • Features
  • Security
  • How It Works
  • Tiers
  • About
Sign in to Console Join Waitlist
Features Security How It Works Tiers About
Sign in to Console Join Waitlist
Home›Legal›Privacy Policy

Privacy Policy

Effective Date: July 10, 2026|Last Updated: July 10, 2026

This Privacy Policy explains how Sentrock, Inc. collects, uses, shares, and protects personal information in connection with our product health monitoring platform and website. We are committed to handling your information responsibly and transparently.

Contents

  1. 1Introduction
  2. 2Information We Collect
  3. 3How We Use Your Information
  4. 4How We Share Your Information
  5. 5Data Retention
  6. 6Cookies & Tracking Technologies
  7. 7Data Security
  8. 8International Data Transfers
  9. 9Your Privacy Rights
  10. 10Children's Privacy
  11. 11Third-Party Links & Integrations
  12. 12Changes to This Policy
  13. 13Contact Us

1.Introduction

Sentrock, Inc. ("Sentrock," "we," "us," or "our") provides a multi-tenant, business-to-business software-as-a-service platform for product health monitoring (the "Services"). This Privacy Policy describes how we collect, use, disclose, and safeguard personal information.

This Privacy Policy applies to:

  • Our marketing website at www.sentrock.io;
  • Our application and platform at app.sentrock.io; and
  • Any communications, sales interactions, events, webinars, or support engagements you have with us.

Customer Data vs. Service Data

The Services allow organizations that subscribe to Sentrock ("tenants") and their authorized users to onboard their own products, configure and run health rules, and manage credentials. It is important to distinguish between two categories of data:

  • Customer Data means the data that tenants and their users upload, input, or process through the Sentrock platform — including health rule outputs and execution history, credentials and service account identifiers, product configurations, and related content. Sentrock processes Customer Data as a data processor (service provider) acting on behalf of, and under the instructions of, the applicable tenant. This Privacy Policy does not govern Customer Data. Our processing of Customer Data is governed by the applicable customer agreement and Data Processing Addendum between Sentrock and the tenant.
  • Service Data means the personal information Sentrock collects and processes directly, as a data controller, in connection with providing, administering, securing, and improving the Services — such as account and contact details, authentication and usage data, billing information, and support interactions. This Privacy Policy governs Service Data.

Where this Privacy Policy refers to "Personal Information," it means information that identifies, relates to, or could reasonably be linked with an individual.

Sentrock does not sell your Personal Information. We describe our sharing practices in Section 4.

2.Information We Collect

2.1 Information You Provide Directly

  • Account registration: name, email address, job title, company name, phone number, and password.
  • Billing and payment: billing address and payment method details. Card numbers and full payment credentials are processed by our third-party payment processor and are not stored by Sentrock.
  • Product and credential onboarding: service account identifiers, API endpoint URLs, credential expiration dates, and notification email addresses. Information entered to onboard and monitor products is generally Customer Data processed on behalf of the tenant (see Section 1).
  • Support and communications: the content of support tickets, feedback submissions, chat logs, and email correspondence.
  • Marketing and events: name, email, and company when you request a demo, join a waitlist, subscribe to a newsletter, or register for a webinar.
  • Profile settings: your preferences, notification settings, timezone, and language.

2.2 Information Collected Automatically

  • Device and browser information: IP address, browser type and version, operating system, and device identifiers.
  • Usage and activity data: pages visited, features used, aggregated health rule execution counts, dashboard interactions, session duration, and referring URLs.
  • Authentication events: login timestamps, multi-factor authentication (MFA) enrollment and verification events, and session tokens.
  • Error and performance data: crash reports, error logs, performance metrics, and API response times.
  • Cookies and similar technologies: as described in Section 6.

2.3 Information from Third-Party Sources

  • Payment processors: transaction confirmation and billing status.
  • Analytics providers: aggregated website and product behavior data.
  • Marketing data providers: company and contact enrichment for sales and marketing purposes.
  • Publicly available sources: professional profiles and company information.

3.How We Use Your Information

We use the Personal Information we collect for the following purposes:

3.1 Providing and Operating the Platform

  • Creating and managing tenant accounts and individual user accounts.
  • Authenticating users, enforcing MFA, and managing sessions.
  • Running health rules and delivering rule execution results.
  • Sending alert and notification emails when health rule statuses change.
  • Sending credential expiration reminder notifications.
  • Displaying the Roadmap page and sending feature availability notifications to subscribers.

3.2 Billing and Account Management

  • Processing payments and managing subscriptions.
  • Enforcing tier-based feature access (Demo, Advanced, Business, and Enterprise).
  • Sending billing receipts and subscription notifications.

3.3 Customer Support

  • Responding to support tickets, inquiries, and bug reports.
  • Diagnosing technical issues using logs and usage data.
  • Improving our support documentation and self-service resources.

3.4 Platform Improvement and Development

  • Analyzing aggregated usage patterns to improve features.
  • Monitoring performance, stability, and reliability.
  • Developing new features, including roadmap items.

3.5 Security and Fraud Prevention

  • Detecting and preventing unauthorized access, abuse, and security threats.
  • Enforcing rate limits, circuit breakers, and sandbox execution controls.
  • Monitoring for cross-tenant data access anomalies.
  • Maintaining and reviewing audit logs.

3.6 Marketing and Communications

  • Sending product updates, newsletters, and feature announcements to opted-in recipients.
  • Contacting prospects about the Sentrock platform.
  • Managing Roadmap feature subscription notifications.

3.7 Legal and Compliance

  • Complying with applicable laws and regulations.
  • Responding to lawful legal process and government requests.
  • Enforcing our Terms of Service and other agreements.
  • Maintaining required business records.

4.How We Share Your Information

4.1 Service Providers and Subprocessors

We share information with third-party vendors who process it on our behalf under contractual obligations. Categories of these providers include:

  • Cloud infrastructure hosting, storage, and compute (our third-party cloud infrastructure provider).
  • Payment processors.
  • Email delivery providers.
  • Analytics providers.
  • Customer support platforms.
  • Security monitoring tools.

All subprocessors are contractually required to maintain appropriate security measures and to use the data only as directed by Sentrock.

4.2 Tenant Administrators

Within a tenant account, tenant administrators have access to:

  • User account information for users in their tenant;
  • Audit logs scoped to their tenant; and
  • Health rule configuration and execution history.

This access is governed by the applicable customer agreement.

4.3 Legal Requirements

We may disclose information when required by law, regulation, legal process, or an enforceable government request, or where we believe disclosure is necessary to protect the rights, property, or safety of Sentrock, our users, or the public.

4.4 Business Transfers

In the event of a merger, acquisition, sale of assets, financing, or bankruptcy, Personal Information may be transferred as part of that transaction. We will notify affected users before their Personal Information becomes subject to a different privacy policy.

4.5 With Your Consent

We share information with third parties when you have explicitly authorized us to do so.

4.6 We Do Not Sell Personal Information

Sentrock does not sell, rent, or trade Personal Information to third parties for their own commercial purposes.

5.Data Retention

We retain Personal Information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention practices are:

  • Account and profile data: retained for the life of the account plus [X] days following account closure to allow for reinstatement, after which it is deleted or anonymized.
  • Health rule execution history: retained for [X] days per the tenant account's settings, then deleted.
  • Billing records: retained for a minimum of 5–7 years as required by applicable tax and financial regulations.
  • Support communications: retained for [X] months following resolution of the support matter.
  • Audit logs: tenant audit logs retained for [X] months; platform administrator audit logs retained for [X] months.
  • Security and fraud prevention logs: retained for up to 12 months.
  • Marketing contact data: retained until you opt out or after [X] months of inactivity.
  • Anonymized or aggregated data: may be retained indefinitely, as it no longer identifies individuals.

Note: Bracketed values marked [X] are placeholders. The Sentrock team will confirm specific retention periods before publication.

6.Cookies and Tracking Technologies

6.1 What We Use

  • Essential / strictly necessary cookies: session management, authentication, and security (including CSRF tokens).
  • Functional cookies: user preferences such as language and timezone.
  • Analytics cookies: aggregate usage data to help us understand how the platform and website are used.
  • Marketing cookies: used on www.sentrock.io only (not within the application) to measure marketing campaign effectiveness.

6.2 How to Control Cookies

  • Use your browser settings to delete or block cookies.
  • Use the cookie preference center on www.sentrock.io, presented on first visit and accessible at any time via the website footer.
  • Opt out of analytics via your browser settings or Global Privacy Control (GPC) signals.
  • Please note that essential cookies cannot be disabled, as they are required for the platform to function.

6.3 Do Not Track

Sentrock honors Global Privacy Control (GPC) signals where applicable law requires.

7.Data Security

We maintain administrative, technical, and organizational safeguards designed to protect Personal Information and Customer Data, consistent with the architecture of our platform, including:

  • Encryption of data in transit (TLS) and at rest.
  • Credential values stored in encrypted form and never in plaintext.
  • Tenant data isolation enforced at both the application and database layers.
  • MFA enforcement capability for all tenant users.
  • Role-based access controls at both the tenant and platform administrator levels.
  • Custom code execution isolated in a sandboxed environment with restricted network egress, resource limits, and no access to other tenants' data (available on eligible tiers).
  • Regular security reviews, penetration testing, and audit logging.
  • Documented incident response procedures.

No security system is completely infallible. While we work hard to protect your information, we cannot guarantee absolute security, and you are responsible for safeguarding your own account credentials and access.

8.International Data Transfers

Sentrock is a United States–based company. Personal Information and Customer Data are processed and stored on cloud infrastructure located in the United States.

If you are located in the European Union, the United Kingdom, or Switzerland, transfers of your Personal Information are conducted under appropriate safeguards, which may include:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • the UK International Data Transfer Addendum where applicable; and
  • adequacy decisions where available.

We are committed to maintaining equivalent data protection standards regardless of where data is processed. For information about the specific transfer mechanisms we rely on, contact us at privacy@sentrock.io.

9.Your Privacy Rights

9.1 Rights for All Users

Regardless of location, all users may:

  • Access their Personal Information in their account settings;
  • Update or correct their account information;
  • Delete their account, subject to our retention obligations;
  • Opt out of marketing communications via the unsubscribe links in our emails or by emailing privacy@sentrock.io; and
  • Contact us with any privacy questions or concerns.

9.2 EU / UK / Swiss Residents (GDPR)

Under the General Data Protection Regulation (GDPR) and its UK and Swiss equivalents, you have the right to:

  • Access your personal data;
  • Rectify inaccurate data;
  • Erasure ("right to be forgotten"), subject to applicable legal bases;
  • Restrict processing;
  • Data portability;
  • Object to processing based on legitimate interests;
  • Withdraw consent, where processing is based on consent; and
  • Lodge a complaint with your local supervisory authority.

We rely on the following legal bases for processing Personal Information:

PurposeLegal Basis
Providing the platformPerformance of contract
Account managementPerformance of contract
Billing and paymentsPerformance of contract / Legal obligation
Security and fraud preventionLegitimate interests
Platform improvementLegitimate interests
Marketing communicationsConsent / Legitimate interests
Legal complianceLegal obligation
Audit loggingLegitimate interests

9.3 California Residents (CCPA / CPRA)

If you are a California resident, you have the following additional rights:

  • Right to Know the categories and specific pieces of Personal Information we collect;
  • Right to Delete your Personal Information;
  • Right to Correct inaccurate Personal Information;
  • Right to Opt Out of Sale or Sharing — note that Sentrock does not sell or share Personal Information as those terms are defined by the CCPA;
  • Right to Limit Use of Sensitive Personal Information;
  • Right to Non-Discrimination for exercising your rights; and
  • Notice at Collection, which we provide at or before the point of data collection.

The categories of Personal Information we collect are: identifiers; commercial information; professional or employment-related information; internet or other electronic network activity; approximate geolocation derived from IP address; audio or visual information (such as support call recordings, if applicable); and inferences drawn from the above.

9.4 Other U.S. State Residents

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), Oregon (OCPA), Montana (MTCDPA), and other states with applicable privacy laws may have similar rights. Contact us at privacy@sentrock.io to exercise your rights under applicable state law.

9.5 How to Submit a Privacy Request

  • Email: privacy@sentrock.io
  • Subject line: "Privacy Rights Request"
  • Include: your name, the email address associated with your account, and the specific right you are exercising.
  • We will verify your identity before processing the request.
  • Response timeline: within 30 days, or as otherwise required by applicable law.
  • If we decline a request, we will explain why and inform you of your right to appeal.

10.Children's Privacy

The Sentrock platform is a business product and is not directed at children under 13. We do not knowingly collect Personal Information from children under 13. If we learn that we have collected such information, we will promptly delete it. If you believe a child has provided us their information, please contact us at privacy@sentrock.io.

11.Third-Party Links and Integrations

The Sentrock platform and website may contain links to, or integrations with, third-party services. This Privacy Policy does not apply to those services. When you connect a third-party product or service to Sentrock — for example, by providing credentials for a monitored product — the data you provide to Sentrock is governed by this Privacy Policy, while the third-party product's own data handling is governed by its own privacy policy. Sentrock is not responsible for the privacy practices of third parties.

12.Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page;
  • Post a prominent notice on www.sentrock.io;
  • Send an email notification to registered account holders for significant changes; and
  • Where required by applicable law, obtain your consent before applying the change to existing data.

Your continued use of Sentrock after a policy update constitutes acceptance of the updated terms. We encourage you to review this page periodically.

13.Contact Us

For privacy questions, rights requests, or concerns, please contact us:

Privacy & Data Protection

Sentrock, Inc.

[Address]

[City, State ZIP]

United States

Email: privacy@sentrock.io

General inquiries: hello@sentrock.io
Website: www.sentrock.io

If you are an EU, UK, or Swiss resident, you may also contact your local data protection authority. Sentrock is committed to cooperating with supervisory authorities to resolve complaints that we cannot resolve directly with you.

Sentrock

Product health monitoring for modern teams.

© 2026 Sentrock. All rights reserved.

Product

Features Security How It Works Tiers Sign in to Console

Company

About Contact Privacy Policy Terms of Service