SentnelOps

Data Handling & Privacy

How SentnelOps accesses, processes, and protects customer data.

Public beta · Privacy-aware by design

SentnelOps is designed to minimize data exposure while enabling accurate DevSecOps decision-making. This page explains what data we access, how it is used, and the controls in place to protect it.

Data we access

SentnelOps accesses only the data required to evaluate DevSecOps decisions.

  • Infrastructure metadata (resource types, configurations)
  • Cost and usage metrics
  • Security findings and policy signals
  • Operational health indicators (e.g., SLO status)

SentnelOps does not access application-level customer data or payloads.

Data we do not access

  • Application source code
  • Customer application data
  • End-user personal data
  • Secrets, credentials, or plaintext keys

Customer data ownership always remains with the customer.

How data is used

  • Evaluate cost, security, and reliability trade-offs
  • Generate decision recommendations
  • Produce explainable decision records
  • Support auditability and review

Data is used solely for decision evaluation and platform operation.

Data access model

SentnelOps follows a least-privilege, read-only-first access model.

  • Read-only access by default
  • Scoped permissions per environment
  • No standing execution credentials
  • Customer-controlled access configuration

Execution, when enabled, occurs through customer-approved mechanisms.

Data storage and retention

  • Encrypted data in transit and at rest
  • Decision records stored for audit and review
  • Retention periods configurable by customer (where applicable)
  • Data deletion supported upon request

Beta note: Retention controls will expand as the platform matures.

Isolation and multi-tenancy

  • Logical tenant isolation
  • Environment-level access controls
  • No cross-tenant data access

Customer environments are isolated by design.

Privacy principles

Data minimization

Purpose limitation

Least privilege access

Transparency and auditability

These principles guide product and architectural decisions.

Customer control and visibility

  • Visibility into decision inputs
  • Full access to decision records
  • Ability to approve, reject, or defer actions
  • Control over integrations and access scopes

Beta transparency

SentnelOps is currently in public beta. Data handling practices are reviewed continuously as features evolve.

We prioritize safety and correctness over rapid expansion.

Questions or concerns

For privacy or data handling questions, contact:

privacy@sentnelops.com

Built to reason, not to retain data

SentnelOps is designed to make better DevSecOps decisions while minimizing data exposure and preserving customer control.

Designed for SOC 2– and ISO-aligned environments.