How Sentia protects your data and our platform.
Sentia runs on AWS infrastructure in Australia (ap-southeast-2) and the US (us-east-1). All data is encrypted at rest using AES-256 and in transit using TLS 1.3. We use isolated, single-tenant database instances for Enterprise customers.
Authentication: Password hashing with bcrypt. MFA available on all plans. SSO/SAML on Enterprise.
Access controls: Role-based access control (RBAC) with least-privilege principles enforced across all services.
Vulnerability management: Automated dependency scanning with Snyk. Penetration testing conducted annually by a third-party security firm.
Audit logging: All user and API actions are logged with immutable audit trails. Enterprise customers can export logs to their SIEM.
API keys for third-party AI models (OpenAI, Google) are stored encrypted and never exposed in client-side code.
Conversation data sent to AI models is subject to our data processing agreement with each provider.
PII redaction is available to automatically strip sensitive information before sending to external AI APIs.
Encryption at rest: AES-256 for all stored data.
Encryption in transit: TLS 1.3 for all connections.
Data isolation: Each customer’s data is logically isolated. Enterprise customers receive physically isolated infrastructure.
Backups: Daily encrypted backups retained for 30 days.
We maintain a documented incident response plan. In the event of a security incident, we will notify affected customers within 72 hours in accordance with applicable data protection laws.
If you discover a security vulnerability, please report it responsibly to security@sentia.io. We will acknowledge receipt within 24 hours and provide regular updates on our remediation progress.