Privacy Policy

1. Introduction

This Privacy Policy applies to SentinelCore, referred to as “SentinelCore”, “we”, “us” or “our”. It applies to visitors to our website, people who submit enquiry forms, prospective clients, existing clients, suppliers, representatives, employees of client organisations, authorised users, and any other person whose information is provided to or processed by SentinelCore in connection with our services.

SentinelCore provides secure software systems, technical consulting, security reviews, AI data protection guidance, compliance readiness support, network monitoring, remote support, on-site consulting and related services. Because our work may involve technical systems, business data, security information and operational details, we treat privacy and confidentiality as an important part of service delivery.

By using our website, submitting a request, communicating with us, accepting a quotation, or engaging our services, you acknowledge that we may process information as described in this Privacy Policy.

2. Contact for Privacy Queries

All privacy, legal, data access, correction, deletion, confidentiality, NDA, service and general queries must be sent to:

Email: hello@sentinelcore.co.za

To protect security and prevent unauthorised disclosure, we may require reasonable verification before responding to requests relating to personal information, client records, service records, technical material or confidential information.

3. Information We May Collect

Depending on how you interact with SentinelCore, we may collect information including your name, email address, telephone number, company or organisation name, job title, location, employee count, service requirements, urgency level, project details, billing details, payment references, communication history and information submitted through website forms.

Where you engage SentinelCore for technical work, we may also receive or process technical and operational information such as domain names, website URLs, server details, hosting provider details, application information, configuration details, system architecture information, security findings, logs, access requirements, vulnerability notes, compliance context, AI tool usage details, monitoring requirements, screenshots, documents, support requests and incident descriptions.

We may collect limited technical website data such as IP address, browser type, device information, approximate location derived from network data, referring pages, pages visited, timestamps, error information and interaction data. This may be collected through hosting logs, analytics tools, security tools, spam protection systems, chat widgets, form protection systems or similar technologies.

4. Sensitive Information and Credentials

You should not submit passwords, private keys, API secrets, banking credentials, confidential legal material, protected health information, unnecessary identity documents, highly sensitive employee data or regulated secrets through public website forms, live chat or ordinary email unless we have expressly agreed to a suitable transmission method.

Where sensitive access is required for legitimate service delivery, SentinelCore may request a safer method such as temporary credentials, role-based access, password manager sharing, restricted accounts, secure vault access, time-limited access, screen-share support, or another method appropriate to the engagement.

You are responsible for ensuring that any information you provide to SentinelCore is lawfully shared, relevant to the service requested, accurate, and provided with the necessary permissions from your organisation, staff, clients, suppliers or other affected parties.

5. How We Use Information

SentinelCore may use information to respond to enquiries, assess service requirements, prepare quotations, deliver services, perform consultations, carry out technical work, provide security reviews, monitor systems, troubleshoot issues, produce reports, communicate about projects, manage billing, maintain records, improve services, prevent abuse, secure our website, verify submissions, comply with legal obligations and protect our rights.

We may also use information to understand the nature of your environment, risks, business needs and technical requirements so that our recommendations and services are practical, relevant and appropriately scoped.

We do not sell client personal information, project information, security findings or confidential business information as a standalone product.

6. Legal Bases and Lawful Processing

Where applicable, SentinelCore processes information on lawful grounds such as consent, contract performance, legitimate business interest, legal obligation, protection of rights, fraud prevention, security monitoring, service delivery and steps taken at your request before entering into an agreement.

Legitimate interests may include responding to enquiries, protecting systems, preventing spam or abuse, keeping business records, improving our services, securing communications, enforcing terms, managing client relationships and delivering professional technical services.

7. Confidentiality and Client Protection

SentinelCore treats client information, project information, technical details, security findings, access information, business context, reports and internal operational details as confidential unless they are publicly available, independently known, lawfully received from another source, required by law to be disclosed, or disclosure is reasonably necessary to deliver the service.

All clients may request NDA protection. Where requested, SentinelCore will consider and, where appropriate, enter into a separate non-disclosure agreement that sets out specific confidentiality obligations for the relevant engagement. Any NDA must be agreed in writing and signed or otherwise formally accepted by the relevant parties before it applies.

Even where a separate NDA has not been signed, SentinelCore aims to handle client information responsibly and to avoid unnecessary disclosure of client systems, security weaknesses, business operations, private data, project details or sensitive technical material.

8. Non-Disclosure Agreements on Request

If you require NDA protection before disclosing project details, security details, internal systems information, business processes, proprietary methods, customer data or confidential documentation, please contact hello@sentinelcore.co.za before submitting that material.

SentinelCore may use its own NDA template or review a client-supplied NDA. We may decline, negotiate or amend NDA terms that are unreasonable, overly broad, inconsistent with service delivery, inconsistent with legal obligations, or commercially unsuitable.

NDA protection does not prevent SentinelCore from complying with legal obligations, protecting its own rights, using general knowledge and skills, disclosing information to trusted service providers where necessary under appropriate confidentiality expectations, or retaining records required for legal, accounting, security or service continuity purposes.

9. Sharing and Disclosure

SentinelCore may share information only where reasonably necessary for service delivery, administration, security, legal compliance or business operations. This may include trusted hosting providers, email providers, cloud providers, security tools, payment providers, communication platforms, analytics tools, support tools, contractors, consultants, legal advisers, accountants and other service providers.

Where third parties are used, they may process information according to their own terms and privacy policies. SentinelCore is not responsible for the independent conduct of third-party platforms, but we aim to use reputable providers and disclose only what is reasonably necessary.

We may disclose information if required by law, court order, regulator request, law enforcement process, legal advice, payment dispute, security incident investigation, rights enforcement, fraud prevention, or where disclosure is necessary to protect SentinelCore, our clients, users, systems or the public.

10. Service Providers and International Processing

Some tools used for hosting, email, analytics, security, spam prevention, live chat, monitoring, AI, cloud infrastructure or payment processing may be operated outside South Africa or outside your jurisdiction. This means information may be transferred, stored or processed in other countries.

By using our website or services, you acknowledge that cross-border processing may occur where necessary for service delivery, communication, security, hosting, payment processing, support or administration.

11. Website Forms, Turnstile and Spam Protection

Our website forms may use security measures such as CSRF tokens, honeypot fields, rate limiting and Cloudflare Turnstile or similar anti-abuse services. These tools help detect automated submissions, spam, malicious activity and abuse.

Form protection providers may process technical information such as IP address, browser characteristics, device data, challenge responses and interaction signals in order to verify that a form submission is legitimate. If you do not want these checks to occur, you may contact us directly at hello@sentinelcore.co.za.

12. Live Chat and Communication Tools

If you use the live chat widget or similar communication tools on our website, messages and associated technical data may be processed by the chat provider and by SentinelCore for support, response, quality, security and recordkeeping purposes.

You should not submit passwords, secret keys, private access tokens or highly sensitive regulated information through live chat unless SentinelCore has expressly confirmed that the channel is appropriate for that information.

13. Cookies and Similar Technologies

Our website and third-party tools may use cookies, local storage, pixels, scripts or similar technologies to provide website functionality, remember settings, protect forms, support live chat, analyse website performance, detect abuse and improve user experience.

You can usually control cookies through your browser settings. Blocking cookies may affect website functionality, form submission, chat availability, spam protection or analytics accuracy.

14. Security Measures

SentinelCore uses reasonable technical, organisational and administrative measures to protect information against unauthorised access, misuse, loss, alteration or disclosure. Measures may include access control, limited access, secure configuration, encryption where appropriate, careful credential handling, logging, monitoring, backups, malware prevention, staff awareness and supplier selection.

No method of transmission, storage, communication, hosting or processing can be guaranteed as perfectly secure. You acknowledge that all digital systems carry risk, including risks caused by third-party compromise, configuration changes, user error, malware, account takeover, hosting failures, insecure client-side practices or malicious actors.

15. Data Retention

SentinelCore retains information for as long as reasonably necessary for the purposes for which it was collected, including service delivery, client support, legal compliance, accounting, dispute resolution, audit, security, backup, monitoring, internal administration and protection of rights.

Retention periods may vary depending on the type of information, the service provided, legal requirements, payment records, support history, security relevance, warranty or dispute periods, and operational needs. Where information is no longer required, SentinelCore may delete, anonymise or archive it.

16. Client Systems, Logs and Monitoring Data

Where SentinelCore provides monitoring, support, security review or incident guidance, we may process logs, alerts, telemetry, system events, screenshots, configuration data, error messages, vulnerability information and other technical records. This information is used to detect issues, investigate incidents, provide recommendations, document findings, improve service quality and support the client environment.

Monitoring and security data may contain personal information, usernames, IP addresses, device identifiers, access records or behavioural signals. Clients are responsible for ensuring they have appropriate internal policies, notices, authorisations and legal grounds to allow monitoring in their organisation.

17. AI and Automation-Related Data

Where SentinelCore assists with AI data protection, AI integration reviews, prompt handling, middleware patterns, redaction, audit logging or governance, we may process information about your AI tools, data flows, users, prompts, outputs, documents, API providers, access controls and integration architecture.

We may recommend ways to reduce unnecessary disclosure to third-party AI platforms. However, you remain responsible for your own use of AI tools, the information your users submit to those tools, and your compliance with applicable laws, contractual obligations and platform terms.

18. Payment and Billing Information

SentinelCore may process billing information such as client name, company details, invoice details, payment references, transaction status, tax-related information and payment communication. Payment processors, banks or payment gateways may independently process payment data according to their own terms and policies.

SentinelCore does not require clients to submit full payment card details through ordinary website forms or email.

19. Marketing Communications

Where permitted by law, SentinelCore may contact you about services, quotations, updates, security information, follow-ups or related offerings. You may ask us to stop marketing communications by contacting hello@sentinelcore.co.za. Service, legal, billing, security and transactional communications may still be sent where necessary.

20. Your Rights

Depending on applicable law, you may have rights to request access to personal information, correction of inaccurate information, deletion, objection, restriction, withdrawal of consent, portability, or information about how your data is processed.

Requests must be sent to hello@sentinelcore.co.za. SentinelCore may refuse, limit or delay a request where legally permitted, including where verification fails, the request is excessive, disclosure would affect another person’s rights, information must be retained for legal or security reasons, or the request relates to confidential internal business material.

21. Client Responsibilities

Clients must ensure that personal information, employee information, customer information, logs, documents, system access and other data provided to SentinelCore are shared lawfully and with any required permissions, notices or authorisations. Clients must not instruct SentinelCore to process information in a way that is unlawful, unauthorised, deceptive, abusive or outside the agreed service scope.

Clients are responsible for implementing appropriate internal security, access controls, staff policies, privacy notices, retention rules, backups and compliance processes. SentinelCore advice does not replace legal advice from a qualified legal professional.

22. Children’s Information

SentinelCore services are intended for businesses, organisations and adults. We do not knowingly seek to collect personal information from children through our website. If you believe a child has provided information to us, please contact hello@sentinelcore.co.za.

23. Data Breach and Incident Handling

If SentinelCore becomes aware of a security incident involving information under our control, we will take reasonable steps to assess the issue, contain the risk, investigate the matter, and where legally required or appropriate, notify affected parties or authorities.

Where an incident relates to client systems, third-party platforms, client credentials, client hosting, client staff, or systems outside SentinelCore’s direct control, the client remains responsible for its own legal, operational and notification obligations unless otherwise agreed in writing.

24. Third-Party Links

Our website or communications may contain links to third-party websites, tools, policies or platforms. SentinelCore is not responsible for the privacy practices, content, security or conduct of third-party websites. You should review their policies before submitting information to them.

25. Changes to This Privacy Policy

SentinelCore may update this Privacy Policy from time to time. The version published on this page will apply from its effective date. Continued use of our website or services after an update means you acknowledge the updated policy.

26. Relationship With Terms and Agreements

This Privacy Policy should be read together with SentinelCore’s Terms and Conditions, quotations, proposals, statements of work, invoices, service agreements, NDAs and any other written agreement that applies to a specific engagement. If there is a direct conflict between this Privacy Policy and a signed written agreement, the signed written agreement will apply only to the specific conflict and only for that engagement.

27. Contact Details

All privacy, confidentiality, NDA, service, billing, legal and general queries must be sent to:

Email: hello@sentinelcore.co.za

Business: SentinelCore

Effective date: 3 June 2026