No black box.

Sentinel is the ethics product for legal AI. We hold ourselves to the standard we sell. Below: our certifications, our model practices, our sub-processors, and our public commitments.

Certifications & posture

• SOC 2 Type II

  in-progress
  Readiness in progress (Vanta-backed)
• HIPAA

  ready
  BAA-grade architecture; Anthropic BAA in place
• ISO 27001

  in-progress
  Q3 2026 audit kickoff
• Encryption

  ready
  TLS 1.3 in transit, AES-256 at rest, optional CMK on Pro/On-Prem
• Data residency

  ready
  US-only by default. EU option for international firms.
• Retention

  ready
  Configurable; 7-year default to match common malpractice tail.
• Pen testing

  ready
  Annual third-party. Redacted summary published below.
• Bug bounty

  ready
  Live. Email security@aiesquire.io. See security.txt.

What we do not do

• We do not train models on customer content. Period. Contract, marketing, and code.
• We do not sell or share customer data with third parties.
• We do not use dark patterns: no fake urgency, no countdown timers, no pre-checked boxes.
• We do not make legal claims on your behalf. Sentinel classifies and logs. The attorney decides.

Sub-processor list

Updated quarterly. Subscribe to changes at trust@aiesquire.io.

• Anthropic (Claude API)
  Orchestration + classification (BAA)
  US
• Supabase
  Auth + Postgres (BAA available)
  US
• Cloudflare R2
  Audit log object storage (immutable)
  US/EU
• Stripe
  Billing
  US
• Sentry
  Error monitoring (PII scrubbed)
  US/EU
• CourtListener (Free Law Project)
  Citation lookup
  US