This notice describes how Endolum GmbH processes personal and technical data inside the Sentinel vulnerability scanner. It complies with the Swiss Federal Act on Data Protection (revFADP) and, where applicable, the EU General Data Protection Regulation (GDPR). The marketing website at endolum.io publishes a separate site privacy policy that covers tracking and contact forms on the public pages.
Endolum GmbH, Oberdorfstrasse 8, 8853 Lachen SZ, Switzerland. Commercial register UID CHE-297.991.738. Contact: contact@endolum.io.
To run a scan, Sentinel needs a target IP address or domain name. You provide this when you submit the form on the marketing site, from the dashboard inside the product, or through an authorised API call. For business accounts the target must be a verified asset under your organisation.
The scanner records the open ports it discovers, the services and versions returned by those ports, the security headers and certificates it observes, the DNS records associated with the target, the findings produced by each scan module, and the timing of every scan phase. This data describes the security posture of the target. It is technical data about infrastructure rather than personal data about individuals, but it may incidentally contain identifiers such as administrative email addresses inside DNS SOA records, hostnames listed in TLS certificates, or banner strings that disclose software versions.
For paid business accounts the Endolum Identity Service stores the email address, display name, organisation membership, multi factor authentication state, and permission claims required for the product to function. The Identity Service is the source of truth for these records and applies its own retention and deletion rules.
Subscription billing is operated through Stripe Payments Europe Limited. Endolum receives the customer record, subscription state, and invoice metadata. Card numbers, expiry dates, and CVV values are never received or stored by Endolum.
For free tier scans the email address you provide on the submission form is used to deliver the report. For business accounts the report recipients configured on the account receive the report.
The backend records request URLs, IP addresses, user agents, and timestamps in line with normal operational logging. Logs are kept for up to 30 days and are used to diagnose errors, monitor for abuse, and protect the service against automated attack.
After a scan completes, Sentinel sends the structured scan results to Anthropic PBC in the United States to generate a calibrated, human readable report. Specifically the payload contains the target, the open ports, the detected services and versions, the findings produced by each module, the certificate details where applicable, and the timing of each phase. The payload does not include account passwords, payment data, or content unrelated to the scan.
Anthropic is a sub processor of Endolum under the Anthropic Data Processing Addendum, which incorporates Standard Contractual Clauses for the transfer to the United States. Endolum has a Zero Data Retention arrangement with Anthropic for the Sentinel workload, which means scan content is processed in real time and is not stored at rest by Anthropic after the API response is returned, except where retention is required by law or to combat misuse of the platform. Anthropic does not train models on Sentinel scan data.
The structured report returned by the model is stored in the Sentinel database alongside the scan and is rendered as HTML, PDF, and email body for the recipients you configure.
| Purpose | Legal basis |
|---|---|
| Running scans, generating reports, and delivering them to the configured recipients on a paid account | Performance of a contract |
| Running free tier scans submitted through the public form | Consent, given by submitting the scan request |
| Account management, authentication, and multi factor authentication | Performance of a contract |
| Subscription billing and statutory invoicing | Performance of a contract and legal obligation |
| Operational logging, abuse prevention, and platform security | Legitimate interest in keeping the service available and free from abuse |
| Statutory retention of accounting and invoicing data | Legal obligation |
Sentinel relies on the sub processors listed below to deliver the service. The full, up to date list of Endolum sub processors across all products is published at endolum.io/sub-processors.
| Sub processor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Hosting of the Sentinel backend, databases, and Identity Service on a Kubernetes cluster | Falkenstein, Germany (EU) |
| Akamai Technologies (Linode) | Isolated scanner node that executes the scan against the target | Frankfurt, Germany (EU) |
| Anthropic PBC | AI assisted report generation. Zero Data Retention enabled. Anthropic does not train on Sentinel scan data. | San Francisco, United States |
| Stripe Payments Europe Limited | Subscription billing, invoice generation, payment processing | Dublin, Ireland (EU), with processing in the United States |
Sentinel runs on infrastructure in Germany within the EU/EEA. Two flows leave the EU. The transfer of scan results to Anthropic in the United States for report generation relies on Standard Contractual Clauses incorporated in the Anthropic Data Processing Addendum, supported by a Zero Data Retention arrangement that prevents storage at rest after the API response is returned. The transfer of billing data to Stripe relies on Stripe's certification under the EU-US Data Privacy Framework and on Standard Contractual Clauses for residual transfers. Where any other sub processor processes data outside Switzerland or the EEA, we rely on an adequacy decision, Standard Contractual Clauses, or your explicit consent for the specific transfer.
Data in transit is protected by TLS. Databases are encrypted at the storage layer. The scanner node is firewalled to the backend egress IP only and does not expose any other interface to the public internet. Authentication uses RS256 signed tokens issued by the Endolum Identity Service. Multi factor authentication is available and recommended. Account deletion triggers a cascade that removes scan data, findings, schedules, and alert rules across the platform.
Under the revFADP and, where it applies, the GDPR, you have the right to:
Most of these rights can be exercised directly inside the product. To delete an account, use the account settings in the dashboard. To export your data or to ask a question, write to contact@endolum.io. We respond within 30 days.
If you believe your data protection rights have been violated, you may lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland. If the GDPR applies to your situation, you may also lodge a complaint with a supervisory authority in the EU or EEA.
We may update this notice from time to time. The version date is shown at the top of the page. Material changes are reflected in the date and the changed sections, and where the change affects existing customers we provide reasonable advance notice.
For privacy related questions about Sentinel, write to contact@endolum.io or to Endolum GmbH, Oberdorfstrasse 8, 8853 Lachen SZ, Switzerland.