Privacy Policy | Sentinel Nerd

Sentinel Nerd ("we," "us," or "our") operates the sentinelnerd.com website and the Sentinel Nerd security monitoring platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not use the Service.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored as a one-way hash). If you subscribe to a paid plan, we collect billing information including your payment method details, which are processed and stored by our payment processor (Stripe). We do not store your full credit card number.

Network Security Data

When you connect your UniFi controller to our Service, we receive and process security event data from your network. This includes:

Syslog messages from your UniFi controller
IDS/IPS alert data
Device connection and disconnection events
Firewall rule match logs
UniFi Protect, Access, and Talk event metadata

This data may include internal IP addresses, MAC addresses, device hostnames, and network traffic metadata. We do not capture packet payloads or the content of your network traffic.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, browser type, operating system, referral URLs, and timestamps of visits. We use this data to improve the Service and diagnose technical issues.

Cookies and Tracking

We use cookies and similar technologies as described in our Cookie Policy. You can control cookie preferences through your browser settings.

How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Service
Process security events and generate alerts
Deliver AI-powered threat analysis when requested
Send alert notifications through your configured channels
Process payments and manage subscriptions
Send service-related communications (updates, security notices, support responses)
Improve the Service through usage analytics and aggregated threat intelligence
Respond to your support requests and inquiries
Detect and prevent fraud, abuse, and security incidents

Data Sharing

We do not sell your personal information. We share data only in these limited circumstances:

Service Providers: We share data with third-party providers who assist in operating the Service, including cloud hosting (AWS), payment processing (Stripe), email delivery, and AI analysis (OpenAI). These providers are bound by contractual obligations to protect your data.
Threat Intelligence: If you opt in to threat intelligence sharing, we contribute anonymized, aggregated threat data to our collective threat intelligence database. No individual customer data is identifiable in shared threat intelligence.
Legal Requirements: We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is subject to a different privacy policy.

Data Retention

We retain your account information for as long as your account is active. Security event data is retained according to your plan's retention policy (30 days for Starter, 90 days for Pro, customizable for Enterprise). Usage data is retained for 12 months.

When you delete your account, we delete all your personal information and security event data within 30 days, including from our backups. Some anonymized, aggregated data may be retained for statistical purposes.

Your Rights

Depending on your location, you may have the following rights:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate personal data
Deletion: Request deletion of your personal data
Data Portability: Request your data in a structured, machine-readable format
Objection: Object to certain types of processing
Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, contact us at privacy@sentinelnerd.com. We will respond within 30 days.

Cookies

For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where required. Enterprise customers can select their preferred data processing region.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and sending an email to the address associated with your account. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@sentinelnerd.com
Mail: Sentinel Nerd, Inc., 548 Market St #35921, San Francisco, CA 94104