Privacy Policy

Sentinel Global Technologies, Inc. ("Sentinel Global," "we," "us," or "our") is committed to protecting the privacy and confidentiality of information entrusted to us. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information in connection with our website (sentinelglobal.ai) and our forensic intelligence, verification, and investigative services. This Privacy Policy applies to: • Visitors to our website • Clients who engage our services • Individuals whose information is submitted to us in connection with an engagement • All other individuals who interact with us By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy covers the following entities (collectively, "Sentinel Global"): • Sentinel Global Technologies, Inc., a Delaware corporation • Sentinel Global LLC, a Wyoming limited liability company Sentinel Global Receivership Services, LLC is governed by separate confidentiality protocols applicable to court-supervised engagements.

We collect information you voluntarily provide to us, including: • Contact information: name, email address, phone number, mailing address • Professional information: company name, job title, industry • Financial information: payment card details, billing address, wire transfer information • Engagement information: information you provide in connection with service requests, including details about the subject matter of an investigation or due diligence inquiry • Communications: emails, messages, and other correspondence with our team • Identity verification documents: when required for compliance or engagement purposes

When you visit our website, we automatically collect certain technical information, including: • IP address and approximate geographic location • Browser type, version, and language • Device type, operating system, and screen resolution • Pages visited, time spent on each page, and navigation path • Referring website or search query • Date and time of access • Cookies and similar tracking technologies (see Section 8)

In the course of providing forensic intelligence and investigative services, we may collect information about individuals and entities from a wide range of third-party sources, including: • Public records and government databases • Court filings and legal records • Corporate registries and beneficial ownership databases • Financial intelligence and sanctions databases • Open-source and publicly available information • Commercial data providers and intelligence platforms • Blockchain and digital asset analytics platforms Such information is collected and processed solely for the purpose of delivering contracted services to our clients and is handled under strict confidentiality protocols.

We use the information we collect to: • Deliver forensic intelligence, investigation, and due diligence services • Communicate with clients regarding engagements, findings, and deliverables • Process payments and manage billing • Verify identity and conduct compliance screening (KYC/AML) • Prepare court-ready reports, analyses, and supporting documentation • Maintain engagement records and chain of custody documentation

We also use information for internal business purposes, including: • Improving our website, services, and methodologies • Responding to inquiries and providing customer support • Sending administrative communications (service updates, policy changes, invoices) • Analyzing usage patterns to enhance user experience • Ensuring the security and integrity of our systems • Complying with legal, regulatory, and contractual obligations

For individuals in the European Economic Area (EEA), we process personal data on the following legal bases: • Contract performance: processing necessary to fulfill our contractual obligations to clients • Legitimate interests: fraud prevention, security, service improvement, and business operations • Legal obligation: compliance with applicable laws, regulations, and court orders • Consent: where you have expressly consented to a specific processing activity You may withdraw consent at any time where consent is the legal basis for processing.

We share information with the client who retained us for a specific engagement to the extent necessary to deliver the contracted services and deliverables.

We may share information with trusted third-party service providers who assist us in operating our business, including: • Payment processors and financial institutions • Cloud hosting and data storage providers • Secure communication and collaboration platforms • Legal and compliance advisors • Analytics and cybersecurity vendors All service providers are contractually bound to maintain the confidentiality and security of information and may only use it for the purposes we specify.

We may disclose information when required by law or in good faith belief that disclosure is necessary to: • Comply with a legal obligation, subpoena, court order, or lawful government request • Protect and defend the rights or property of Sentinel Global • Prevent or investigate possible wrongdoing in connection with our services • Protect the personal safety of users of our services or the public • Protect against legal liability We will, where legally permissible, notify affected clients prior to any compelled disclosure.

In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, personal information may be transferred as part of that transaction. We will notify clients of any such transfer and any material changes to this Privacy Policy.

We do not sell, rent, or trade personal information to third parties for their own marketing purposes. We do not share personal information with advertising networks or data brokers.

Sentinel Global implements industry-standard technical and organizational security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction, including: • Encryption of data in transit (TLS/SSL) and at rest (AES-256) • Access controls and role-based permissions • Multi-factor authentication for internal systems • Regular security assessments and vulnerability testing • Secure document handling and chain of custody procedures • Employee training and confidentiality agreements

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that affects your rights or freedoms, we will notify you in accordance with applicable law.

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including: • Client engagement records: minimum seven (7) years following completion of engagement, or longer if required by applicable law or ongoing legal proceedings • Payment records: seven (7) years for tax and financial compliance purposes • Website analytics data: up to twenty-four (24) months • Communications and correspondence: five (5) years following last contact Retention periods may be extended where required by law, regulation, court order, or legitimate business necessity.

Upon expiration of applicable retention periods, personal information is securely deleted or anonymized using industry-standard data destruction procedures.

Our website may use the following types of cookies and similar technologies: • Essential cookies: necessary for the website to function properly • Analytics cookies: help us understand how visitors interact with our website (e.g., pages visited, time on site) • Preference cookies: remember your settings and preferences • Security cookies: help detect and prevent fraud and abuse

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or delete cookies that have already been set. Please note that disabling certain cookies may affect the functionality of our website. For more information about managing cookies, visit your browser's help documentation or a resource such as www.allaboutcookies.org.

Our website does not currently respond to Do Not Track (DNT) signals from browsers. We will update this policy if our practices change.

Subject to applicable law, you may have the right to: • Access the personal information we hold about you • Request correction of inaccurate or incomplete information • Request deletion of your personal information (subject to legal retention obligations) • Object to or restrict certain processing activities • Request portability of your personal information in a structured, machine-readable format • Withdraw consent where processing is based on consent • Lodge a complaint with a data protection supervisory authority To exercise any of these rights, contact us at privacy@sentinelglobal.ai.

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including: • The right to know what personal information is collected, used, disclosed, or sold • The right to delete personal information (subject to certain exceptions) • The right to opt out of the sale or sharing of personal information • The right to non-discrimination for exercising privacy rights • The right to correct inaccurate personal information • The right to limit use of sensitive personal information Sentinel Global does not sell personal information. To submit a verifiable consumer request, contact us at privacy@sentinelglobal.ai or +1-210-772-5604. We will respond within 45 days as required by law.

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including rights of access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with your local supervisory authority. In the EU, you can find your authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en. In the UK, the supervisory authority is the Information Commissioner's Office (ICO).

Our website may contain links to third-party websites, services, or resources. This Privacy Policy does not apply to those third-party sites. We are not responsible for the privacy practices of third parties and encourage you to review their privacy policies before providing any personal information.

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child under 18, we will promptly delete such information. If you believe we have collected information from a minor, please contact us immediately at privacy@sentinelglobal.ai.

Sentinel Global operates globally and may transfer personal information to countries outside your country of residence, including the United States and other jurisdictions where our service providers operate. These jurisdictions may have different data protection laws than those in your home country. Where we transfer personal data from the EEA or UK to a third country, we rely on appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other transfer mechanisms permitted under applicable law.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. We will notify you of material changes by: • Posting the updated policy on our website with a new effective date • Sending notice to the email address associated with your account or engagement (for active clients) Your continued use of our website or services after the effective date of any revised policy constitutes your acceptance of the changes.

For questions, concerns, or requests related to this Privacy Policy or our data practices, please contact: Sentinel Global Technologies, Inc. Attn: Privacy Email: privacy@sentinelglobal.ai Phone: +1-210-772-5604 We will respond to all privacy inquiries within thirty (30) days. For verifiable consumer requests under CCPA or rights requests under GDPR, we will respond within the timeframes required by applicable law.