Your conversations
stay yours.

Sentinel is built and operated by Sentinel Labs, an independent software company developing behavioral intelligence tools to help consumers defend themselves against social engineering scams. The Sentinel browser extension is the first product in this line.

For the purposes of GDPR and similar regulations, Sentinel Labs is the data controller for any data we receive — though as you'll see in this policy, that's a deliberately small list.

The Sentinel extension stores the following data locally in your browser:

• —Counters — total conversations scanned, threats flagged, blocks performed
• —Last event metadata — for the most recent flagged or blocked conversation: the contact's display name, the calculated risk score, the matched scam typology, and a timestamp
• —Settings — whether the extension is enabled, panel visibility preferences
• —Install date — when the extension was first installed

Things Sentinel does not collect, store, transmit, or have access to:

Sentinel reads message text in your browser, in real time, to apply pattern detection — but the text itself is never written to disk, never transmitted over the network, and never persists past the moment of analysis. Only the result (a numeric score and a list of pattern IDs) is held briefly to render the floating panel, then discarded when you navigate away.

To understand the privacy posture, it helps to understand how the engine works:

• —When you open a Messenger or Instagram DM thread, the extension reads the visible message text from the page's DOM. This happens in your browser, in memory.
• —The text is run through 19 regular-expression patterns, each scoring a specific behavioral signal (crypto wallet shared, platform migration request, urgency tactics, etc.).
• —The matched patterns produce a numeric score (0–100) and an inferred scam typology. Only this score and pattern list are kept.
• —The floating panel and intervention modal render based on these results.
• —When you navigate to a different conversation, all in-memory data from the previous one is discarded.

The extension requests the following Chrome permissions:

We do not request the tabs permission, the history permission, or any “all sites” host permission. The extension cannot see what you do outside of Messenger and Instagram.

All Sentinel data is stored exclusively in chrome.storage.local, which Chrome sandboxes per-extension on your device. This means:

• —The data does not sync across your Chrome profiles or devices
• —It cannot be read by other extensions or websites
• —It is automatically and completely deleted when you uninstall Sentinel
• —It is automatically deleted when you clear browsing data with the "extension data" option

Sentinel Labs does not operate a server that stores any user data generated by this extension. There is no backend database, no cloud storage, and no logs of your activity.

Sentinel does not use any third-party services in the extension itself. Specifically:

• —No analytics providers (no Google Analytics, no Mixpanel, no Amplitude)
• —No error reporting services (no Sentry, no Bugsnag)
• —No CDNs serving extension code (everything is bundled in the extension package)
• —No advertising networks
• —No social media SDKs

The extension communicates only with the Messenger, Facebook, and Instagram domains specified in its permissions — and only to read the page's DOM. It makes no outbound network requests of its own.

Future API enrichment (not in this version)

A future release may offer optional AI-powered analysis for conversations that cross a high-risk threshold. If and when that ships, it will be: (a) opt-in per conversation, (b) clearly disclosed in this policy before activation, and (c) covered by a separate data-processing addendum explaining what is sent to which provider. Until then, this section is informational only.

Because we don't collect your personal data, most data-protection rights under GDPR, CCPA, and similar laws are satisfied by default:

• —Right to access — your data is already on your device. Open the popup to see your stats; check chrome.storage.local via developer tools to see the raw values.
• —Right to deletion — uninstall the extension. All Sentinel data is removed automatically. There is nothing on our servers to delete because we don't have any.
• —Right to portability — your stats are not in a format we can hand back to you because we don't hold them. Chrome's storage APIs allow developer-tools export if you need it.
• —Right to object / restrict processing — toggle the extension off in the popup, or uninstall it entirely.

Children: Sentinel is intended for users 13 and older. We do not knowingly collect data from children under 13.

If we update this privacy policy, we will:

• —Update the "Effective" date at the top of this page
• —Maintain a changelog of substantive changes (visible below)
• —Notify users of material changes via the extension's update notes

Changelog

• —April 30, 2026 — v1.0 — Initial publication.

Questions about this policy, the extension, or your data:

• —Email: privacy@sentinel-app.online
• —Web: sentinel-app.online

For privacy-specific concerns, please mark your email subject line with [Privacy] so we can route it to the right person.