Privacy Policy

Last updated: May 10, 2026

This page describes what data SentinelX collects, why, and how it's stored. SentinelX is a hosted MCP service that lets you operate Linux servers from inside Claude.ai or ChatGPT via a small agent installed on your servers.

What we collect

Account data

When you sign in with Google or GitHub, we receive from your identity provider:

• Your email address
• Your name (as provided by your identity provider)
• A stable user ID issued by your identity provider (the OpenID Connect sub claim)

We use these to identify your SentinelX account and bind your enrolled hosts to it. We do not receive your password — your identity provider (Google or GitHub) handles authentication.

Host data

For every server you enroll with SentinelX, we store on our hub:

• A unique host ID generated at install time
• Your server's hostname (as reported by the agent at handshake)
• Any optional label you've set
• The agent version and protocol version
• Metadata about the active connection (session ID, connect time)

We do not store the contents of your server's filesystem, the output of commands you run, or any application data on your host. The agent runs commands locally and returns results to your LLM session — they pass through our hub but are not persisted.

Operational logs

For service health, debugging, and abuse prevention, our hub logs each tool call with:

• Your user ID (not your email)
• The target host ID
• The operation name (exec, edit, etc.)
• A timestamp
• Whether the call succeeded

We do not log command arguments, file paths, file contents, or command output in our hub. Those stay between your agent and your LLM session.

What we do NOT collect

• Your password — your identity provider authenticates you, we never see it
• Contents of files on your servers
• Output of commands you run via SentinelX
• SSH keys, credentials, or other secrets stored on your hosts
• Browsing or telemetry data unrelated to using SentinelX

How long we keep data

• Account data: for as long as your account exists. Delete your account to remove it.
• Host registrations: until you uninstall the agent or revoke the host.
• Operational logs: 30 days, then automatically rotated out.

Who we share data with

We do not sell your data. We share account data only with infrastructure providers required to operate the service (compute, DNS, certificate authorities), and only as needed for them to deliver their service.

Where data is stored

SentinelX hub infrastructure runs on servers physically located in Argentina. If we add additional regions, we'll update this page.

Your controls

• Disconnect a host: uninstall the agent (systemctl disable --now sentinelx-cloud-core) or remove its identity file. The host stops appearing in your account.
• Delete a label: ask your LLM to call sentinel_remove_host_label.
• Delete your account and all associated data: email privacy@pensa.ar. We process the request within 30 days.

Security

All connections between your agent, our hub, and your LLM are TLS-encrypted. Identity tokens are short-lived JWTs. The agent never accepts inbound connections — it only opens an outbound WebSocket to our hub. Each agent's authority is scoped to its own host.

Changes to this policy

We'll update the "last updated" date when we make material changes. For significant changes, we'll email you via the address provided by your identity provider.

Contact

Questions: privacy@pensa.ar