Sentinel Docs PDF
Reference

Security & Compliance

Sentinel handles privileged and confidential legal data, so security and data handling are central to the product's design. This page describes the posture in plain terms. It reflects how the platform is built; for contractual specifics (your DPA, the current subprocessor list, and any certifications), contact Sentinel.

Multi‑tenant isolation

Sentinel is multi‑tenant, but customer data is not commingled:

  • Each customer is a tenant with its own database and its own storage for documents. One tenant's content is not stored alongside another's.
  • A separate platform layer handles cross‑tenant concerns (accounts, tenant registration) — it does not hold customer document content.
  • Background processing (text extraction, OCR, embeddings) is tenant‑scoped: each unit of work carries its tenant context so it's processed against the correct tenant's resources.

Data residency and hosting

Sentinel runs on Microsoft Azure. A tenant's application, database, and document storage live in Azure resources dedicated to that tenant. This keeps customer content within a known, controlled cloud environment rather than spread across ad‑hoc third‑party stores.

For customers requiring isolated network connectivity into their environment, Sentinel can deploy a private network bridge (an overlay edge router) so traffic doesn't traverse the public internet.

Encryption

  • In transit — all client‑to‑server and server‑to‑service traffic uses HTTPS/TLS. Session cookies are HTTP‑only and marked secure in production.
  • At rest — databases and storage use the cloud provider's managed encryption.

How AI providers handle your data

Sentinel uses AI models for inference (Emma, embeddings, extraction, transcription, summaries). The data‑handling posture:

  • Document embeddings and multimodal extraction run through Google Cloud Vertex AI configured for Zero Data Retention (ZDR) — your content isn't retained by the provider after the call and isn't used to train models. (One real‑time voice path is an exception noted in our internal documentation; it is not used for storing document content.)
  • Assistant inference (Emma) uses Anthropic's Claude. API usage under commercial terms is not used to train models.
  • Transcription and certain text inference use Azure AI services, isolated to Sentinel's subscription and not used for training.

The practical summary: customer content is stored and managed within the tenant's Azure resources, and where content is sent to a model provider for inference, it's over secure channels under terms that don't retain it for training.

Access control

Access is enforced at multiple layers:

  • Authentication — every API request requires a valid session (a short‑lived JWT) or a revocable API key. See API Reference → Authentication.
  • Roles — admin, attorney, deal team, and a Sentinel‑staff platform role bound what a user can do.
  • Per‑matter access — non‑admins access a matter only via an explicit assignment (or ownership / org‑wide data lakes), with an access level of full, read‑only, or limited. Mutations require full access. See Core Concepts → Access control.
  • Resource‑ID safety — single‑resource routes return 404 on a denied request so IDs can't be enumerated.
  • Two‑factor authentication — tenants can require 2FA for all users.

Audit logging and defensibility

  • Activity audit — sign‑ins, sign‑outs, support sessions, and document/matter actions are recorded with user, timestamp, and context. Recording an event never blocks the underlying action.
  • AI tool‑call audit — every action an AI assistant takes through the connector is logged at the tool‑call level (which tool, by whom, with what arguments, how long it took, any error), answering "what did the assistant see, when, on whose behalf?"
  • Citation grounding — Emma's responses are mechanically verified so she can't reference documents that weren't actually retrieved, keeping AI output defensible as work product. See Emma → Citations and guardrails.

Subprocessors

Third parties that may process customer data, by category (the authoritative, current list is maintained by Sentinel and provided with your DPA):

Category Provider
Cloud hosting, storage, database, OCR, speech, some inference Microsoft Azure
AI assistant inference Anthropic (Claude)
Embeddings & multimodal extraction (ZDR) Google Cloud (Vertex AI / Gemini)
Transactional email delivery Email delivery provider
In‑app issue / bug reporting Issue‑tracking provider

Additional providers may apply to optional features (for example telephony or payments) only when those features are enabled.

Compliance direction

Sentinel is built toward enterprise compliance expectations — segregation of duties in its release process, comprehensive audit logging, least‑privilege access, and tenant isolation. For the current status of formal attestations (such as SOC 2) and your specific contractual commitments, contact Sentinel.

This page is a plain‑language description of the platform's security design, not a contract or a certification. Authoritative security commitments are made in your agreement and supporting documentation.

PreviousAPI ReferenceNextFAQ