Privacy Policy

Last updated:

1. Overview

Sentinel Forged respects your privacy. We collect only the data required to respond to inquiries, operate securely, and improve services. We never sell personal data.

2. Data We Collect

  • Contact Information: name, email, message, company.
  • Technical Information: IP address, browser, device type, timestamps, analytics logs.
  • Cookies & Analytics: minimal, security-focused cookies and anonymized traffic metrics.

3. Purpose of Processing

  • Responding to messages and requests.
  • Protecting and monitoring Site security.
  • Detecting and preventing fraud or misuse.
  • Complying with regulatory or contractual obligations.

4. Data Retention

We retain data only as long as necessary for legitimate business or legal purposes, then securely delete or anonymize it per NIST SP 800-88 Rev 1 guidelines.

5. Security Controls

  • Transport Layer Security (TLS 1.3) encryption in transit.
  • Encrypted storage and restricted administrative access.
  • Periodic access reviews and vulnerability management.
  • Incident-response plan aligned to NIST CSF & ISO 27035.

6. Third-Party Processors

We use reputable providers for hosting, form handling (Formspree), analytics, and email. Each maintains GDPR-compliant Data Processing Agreements (DPAs) and security certifications (SOC 2 Type II / ISO 27001 where applicable).

7. Data Subject Rights

Depending on jurisdiction, you may have rights to access, correct, delete, or restrict your data. Email info@sentinelforged.com to exercise these rights.

8. Incident Response and Breach Notification

If a data incident occurs, we follow internal procedures to investigate, contain, and remediate the event. Affected individuals and regulators will be notified as required by law (e.g., GDPR Articles 33–34, U.S. state breach laws).

9. Regulatory Compliance

Our controls support alignment with GDPR, CCPA, and ISO 27001 Annex A principles. Sentinel Forged acts as a data controller for inquiries and as a data processor for client data under an MSA/DPA.

10. International Transfers

Where data leaves its originating region, we rely on Standard Contractual Clauses or equivalent safeguards.

11. Children’s Privacy

Our Site is not directed to minors under 13 (16 in EEA). We do not knowingly collect such data.

12. Contact

info@sentinelforged.com