Pre-product · Building to enterprise standards

Enterprise Security.
From Day One.

We're building Sentient to meet SOC 2 and HIPAA standards from the ground up. Transparency and trust are embedded in every part of our business.

Security & Compliance

SOC 2 Type II

Building to SOC 2 standards from day one. Certification expected Q3 2026.

HIPAA Ready

Designing for HIPAA compliance from day one. BAA available upon product launch.

GDPR Ready

Data Processing Addendum with Standard Contractual Clauses for lawful EU-US transfers.

Zero Data Training

Customer data is never used to train AI models. Period.

Human-in-the-Loop

AI assists human decision-making. Every output requires human review.

AES-256 Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3).

AI Governance

No Training on Customer Data

Non-negotiable commitment

Your data is yours. We never use customer data to train AI models—not our own systems, and not any third-party AI providers we work with.

Zero data retention (ZDR) with AI providers
Enterprise AI agreements with explicit no-training clauses
Data isolation and confidentiality guaranteed

Human-in-the-Loop Design

AI assists, humans decide

Our AI features are designed to assist human decision-making, not replace it. Every AI-generated output is a suggestion that requires human review and approval.

All AI outputs flagged for human review
Audit trail for every AI-assisted decision
Human approval required before any action

Infrastructure

Enterprise Cloud

Building on SOC 2 certified cloud infrastructure with geographic redundancy

Encryption Everywhere

TLS 1.2+ in transit, AES-256 at rest

Access Controls

Role-based access (RBAC), MFA, and SSO support planned

Data Residency

US hosting with GDPR-compliant safeguards for EU data transfers

Data Handling

Data Residency & Transfers

Data hosted in the United States. For EU customers, we use Standard Contractual Clauses (SCCs) to ensure lawful data transfers in compliance with GDPR.

Data Retention

Data retained for agreement term. 30-day export window upon termination, then permanent deletion.

Sub-processors

List of current sub-processors available to customers upon request. All sub-processors meet our security standards.

Legal Documents

Privacy Policy

How we handle data for our website and services

View Document

AI Privacy Notice

AI-specific data practices and commitments

Coming Soon

Data Processing Addendum

GDPR-compliant processing terms with SCCs

Request Access

Business Associate Agreement

HIPAA compliance for protected health information

Request Access

Security Documentation

Technical security architecture and controls

Request Access

Incident Response

Report a Security Issue

To report a security vulnerability or concern, contact our security team. We acknowledge receipt within 24 hours.

[email protected]

Breach Notification

In the event of a confirmed data breach affecting customer data, we notify affected customers within:

DPA customers72 hours
BAA customers48 hours

Frequently Asked Questions

Questions about security or compliance?

Our team is here to help. Reach out for security documentation, compliance questions, or to discuss your specific requirements.

Security TeamPrivacy TeamLegal Team

Sentient Network, Inc.
555 Bryant Street, San Francisco, CA 94107

Last Updated: January 1, 2026

← Back to Home