Trust & Privacy
Security
Sentinel is designed with security as a foundation, not an afterthought. Every layer of the platform is built to keep your data private and isolated.
How Your Data is Protected
Dedicated, Isolated Bot
Your bot runs in its own isolated environment. It has its own memory, skills, documents, and conversation history. No other user or company on the platform can access your bot or its data.
Private Rooms
Your conversations happen in a private room that only your authorised team members and your bot can access. Rooms are invisible to other users — they cannot be searched for or discovered.
No Cross-Tenant Access
Users on the platform can only see people and rooms they share. There is no global directory. You cannot find other companies' users, bots, or rooms — and they cannot find yours.
Encrypted Token Storage
When you connect Google or Microsoft, your OAuth tokens are encrypted at rest using AES-256-GCM — the same standard used by banks and government systems. Tokens are never stored in plain text.
No Federation
Sentinel is a closed platform. It does not connect to or share data with any external messaging networks. Your data stays on Sentinel infrastructure and never leaves.
No Self-Registration
Users cannot create their own accounts. All accounts are provisioned by your administrator, ensuring only authorised people have access to the platform.
Data Handling
Everything your bot stores is scoped exclusively to your instance. Here's where your data lives:
Your conversations
Stored within your bot's private memory. Only your bot and authorised room members can access them.
Your documents
Stored in your bot's isolated file system. Uploaded files, generated reports, and reference material are only accessible within your room.
Your integrations
Google and Microsoft connections are scoped to your bot. Your email, calendar, and contacts are only accessible through your dedicated bot instance.
Your credentials
OAuth tokens, API keys, and passwords are encrypted and stored in your bot's secure credential store. They are never exposed in conversations or logs.
Infrastructure
Hosting
Sentinel runs on dedicated infrastructure hosted in a secure data centre. It is not a shared multi-tenant cloud service — your bot runs in its own isolated container.
HTTPS everywhere
All connections to Sentinel are encrypted in transit using TLS. This includes your browser connection, OAuth flows, and API calls to Google and Microsoft.
Access control
The platform uses password-based authentication with HMAC-signed session cookies. OAuth integrations use industry-standard flows with CSRF protection and signed state parameters.
Questions about security?
If you have specific security questions or need documentation for your compliance requirements, contact your Intelliprop administrator or email security@intelliprop.com.au.