At SentraDMARC, transparency is our core principle. This document outlines exactly what data we collect, how we process it, and the third-party infrastructure we rely on to deliver our services.
We process two distinct categories of data to provide our services:
Information required to manage your account and subscription.
Data processed on your behalf via DMARC reports.
We partner with industry-leading providers to ensure the security, reliability, and performance of our infrastructure. The following sub-processors are authorized to process data on our behalf:
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Object Storage & Edge Functions | Europe |
| OVHcloud | Dedicated Infrastructure & RiDatabaseLine Hosting | Europe |
| Stripe | Payment Processing & Billing | Global (HQ: USA) |
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption standards across our databases and storage buckets.
Strict least-privilege access policies are enforced. Production access is limited to authorized engineering personnel via secure VPN and MFA.
Customer data is logically isolated within our multi-tenant architecture to prevent unauthorized cross-account access.
We perform automated security scanning of our codebase and infrastructure dependencies daily to identify and remediate vulnerabilities.
For any questions regarding your data privacy or to exercise your rights under GDPR/CCPA, please contact our Data Protection Officer at contact@sentradmarc.com.