Sentinel
by A.I. Esquire
Privacy Policy

No black box. No surprises.

Last updated: 2026-05-05. This policy applies to A.I. Esquire Sentinel (the "Service"), the browser extension, and the desktop app, all operated by A.I. Esquire, LLC ("Sentinel," "we").

1. The promise underneath the policy

Sentinel exists so that attorneys can use AI safely. That goal is compatible with exactly one approach to your data: minimize collection, never train on it, encrypt and log everything we do hold, and let the firm delete it whenever they want.

2. What we collect

  • Firm identity. Firm name, billing details, attorney user accounts and bar admissions.
  • Audit log entries. Each time the extension or desktop app classifies a paste, we write one append-only row: timestamp, attorney user ID, AI tool, classifications, policy action, redacted text. Raw paste contents are never sent to Sentinel servers in default mode.
  • Citation lookups. When you verify a brief, Sentinel sends only the extracted citation strings (e.g., "347 U.S. 483") to CourtListener.
  • Crash + performance telemetry. Sentry-scrubbed error reports without prompt content.

3. What we do not do

  • We do not train any AI model on customer content.
  • We do not sell or share customer data with advertisers.
  • We do not transmit raw paste contents to Sentinel servers in default mode. Layer-1 classification runs locally in your browser/desktop; only the redacted text + classification metadata are forwarded.
  • We do not retain prompts longer than the firm's configured retention window (default 7 years; configurable).

4. Sub-processors

See the live list at /trust. Anthropic (under HIPAA BAA), Supabase, Cloudflare R2, Stripe, Sentry, CourtListener. Material changes are emailed to firm admins with at least 30 days' notice.

5. Security

  • TLS 1.3 in transit, AES-256 at rest.
  • SOC 2 Type II readiness via Vanta; audit kickoff in 2026 Q3.
  • Optional customer-managed encryption keys (Pro / On-Prem).
  • Optional zero-knowledge mode where Sentinel cloud cannot decrypt content (Pro / On-Prem).
  • Annual third-party penetration test; redacted summary published in the trust center.
  • Bug bounty: security@aiesquire.io. See security.txt.

6. Your rights

  • Export. Firm admins can export the full audit log at any time.
  • Delete. On subscription cancel, all firm data is hard-deleted after a 30-day grace period.
  • Access. Email privacy@aiesquire.io with any data-subject request; we respond within 30 days (15 in California).

7. The browser extension specifically

The Sentinel browser extension intercepts paste events on a fixed allowlist of AI tools (chatgpt.com, chat.openai.com, claude.ai, gemini.google.com, copilot.microsoft.com, perplexity.ai, poe.com). It runs Layer-1 classification in your browser. It does not transmit raw paste content anywhere.

The extension forwards classification metadata (counts, scores, redacted text, tool used) to the Sentinel API for the audit log. You can disable forwarding via the Options page.

8. Contact

privacy@aiesquire.io
A.I. Esquire, LLC
Hartford, Connecticut, USA