Last updated: 14 October 2025

Sentinay (“Sentinay”, “we”, “us”, or “our”) is a UK-based company providing AI messaging and automation services. We process certain personal information as a data controller (for example, for billing, account management, and marketing) and, where our customers instruct us to handle their end-customer data, as a data processor.

We are committed to complying with the UK GDPR and the Data Protection Act 2018. We maintain internal policies, procedures, and technical/organisational measures to protect the personal information entrusted to us.

If a Sentinay customer is the controller of your personal data (for example, a trades or service business using Sentinay to contact you), please refer to that customer’s own privacy notice. This policy explains how Sentinay processes data both as a controller and as a processor.

1. What Personal Information We Collect

We collect only what is relevant, adequate, and necessary for clearly identified purposes.

a) Information You Provide Directly

When you:

• Register on our website, knowledge base, or community

• Request a demo or information about products, services, or events

• Interact with our social media or marketing

• Register for an event

• Download resources (e.g., eBooks, guides)

• Apply for a job

• Or contact us via phone, chat, or email

  
  

We may collect the following information:

• Identification: First name, last name

• Contact: Business email address, business phone number, company name, country/region

• Professional details: Role/title, LinkedIn profile

• Recruitment: CV/resumé, cover letter, work history, portfolio/LinkedIn URL

• Other: Any additional information you choose to share with us

  
  

b) Information from Third Parties

We may receive business contact details from your employer, resellers/partners, trusted data providers, or professional databases. We assess all vendors to ensure lawful collection, appropriate notice/consent, and adequate security.

Categories include: Name, business email, business phone, role/title, company, and LinkedIn profile.

c) Public Sources

We may review publicly available information (e.g., LinkedIn) to support recruitment and B2B outreach. This may include your name, business contact details, job information, and skills.

For details, contact our Data Protection team at support@sentinay.com.

2. Why We Collect and Use Personal Information

Purposes (Examples):

• Responding to your enquiries and demo requests

• Sales and customer relationship management (B2B)

• Marketing communications about our products, services, and events (B2B), including telemarketing where permitted

• Contract management, onboarding, and customer support (may include payment information)

• Managing relationships with prospective customers, suppliers, resellers, and partners

• Event registrations (e.g., webinars, meet-ups, roundtables)

• Office access management (if applicable)

• Website analytics and cookies (see our Cookie Policy)

• Compliance with law (e.g., sanctions/export controls), asserting or defending legal claims

• Recruitment and hiring

  
  

Lawful Bases (UK GDPR):

• Contract (Article 6(1)(b)) – To provide services or take steps at your request

• Legitimate interests (Article 6(1)(f)) – For example, B2B marketing, sales operations, service improvement, and security (balanced with your rights)

• Consent (Article 6(1)(a)) – Where required (e.g., certain marketing or cookies)

• Legal obligation (Article 6(1)(c)) – Where we must process data to comply with the law

  
  

Marketing

Depending on the context, we rely on legitimate interests or consent and comply with PECR rules (including “soft opt-in” for existing customer relationships, where applicable). You can opt out at any time (see below).

Sanctions / Export Screening

We may run automated checks against sanctions lists and request clarification where needed.

We do not sell personal data.

3. Data Retention

We retain personal information only as long as necessary for the purposes listed above and to meet legal, accounting, or reporting obligations.
Specific retention details can be requested by contacting support@sentinay.com.

4. Your Rights (Under UK GDPR)

Subject to conditions and exemptions, you have the right to:

• Access your personal data and obtain a copy

• Rectify inaccurate or incomplete data

• Erase your data (“right to be forgotten”)

• Restrict processing in certain circumstances

• Exercise data portability (receive your data in a structured, machine-readable format and transmit it to another controller)

• Object to processing based on legitimate interests, including direct marketing

• Not be subject to solely automated decisions that have legal or similarly significant effects

• Withdraw consent at any time where processing relies on consent

  
  

You also have the right to complain to the Information Commissioner’s Office (ICO):

• Website: ico.org.uk

• Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

• Phone: 0303 123 1113

  
  

To exercise your rights, contact support@sentinay.com.

5. Your Choices

• Marketing messages: You can opt in to receive updates and opt out at any time by clicking “unsubscribe” in an email or emailing support@sentinay.com.

• Events: We collect only the information needed to manage your registration and event communications.

• Cookies & similar technologies: You can decline non-essential cookies via our cookie banner/settings (see our Cookie Policy).

  
  

6. Exercising Your Rights / Contacting Us

Please email support@sentinay.com with your request.
We may need to verify your identity before acting on your request.

7. Sharing Your Information

We may share personal data with:

• Trusted SaaS/service providers acting as processors under our instructions

• Resellers, partners, and strategic alliances supporting sales (where lawful and appropriate)

• Event partners or sponsors for co-hosted events (with appropriate notice)

• Affiliates operating under our security/privacy standards and applicable laws

• Professional advisers (e.g., lawyers, accountants, insurers)

• Authorities where required by law or to assert/defend legal claims

• Potential buyers in connection with a merger, acquisition, or corporate reorganisation (subject to confidentiality obligations)

  
  

We do not permit processors to sell personal data.

You may request a list of our key processors at support@sentinay.com.

8. International Data Transfers

We are UK-based but may process or store data in the UK, EEA, and other countries (including the United States) via our providers and affiliates.

Where data is transferred outside the UK/EEA, we use appropriate safeguards — such as the UK Addendum to the EU Standard Contractual Clauses (SCCs) or other approved mechanisms — plus technical and organisational measures.

9. Security

We maintain robust technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

These include policies, access controls, encryption (in transit and at rest, where applicable), logging and monitoring, staff training, vendor due diligence, and business continuity planning.

We regularly review and improve these controls.

10. Controller vs Processor Activities

When Sentinay determines the purposes and means of processing (e.g., account management, billing, marketing), we act as the data controller.

When our customers use our services to message their leads or customers, we act as the data processor, processing data strictly under their instructions and our data processing agreement.

11. Updates to This Policy

We may update this policy from time to time.

The “Last updated” date above shows when changes were made.

Significant changes will be communicated where appropriate.

12. Contact Us

If you have any questions about this policy or our data practices, please contact:
support@sentinay.com

Ready to give us a try?

We’ll help you get started and answer any questions about privacy, data protection, or security — just email support@sentinay.com.