Overview
WYRM Sentinel ("Sentinel," "we," "us") is built by James Reed. This policy covers what data we collect, why we collect it, and what we do with it. The short version: we collect as little as possible and we do not sell anything to anyone.
What We Collect
Waitlist Signups
When you join the waitlist, we collect your email address. That is it. No name, no phone number, no employer. We use your email to notify you when early access opens. One email. When it is ready.
Account Data (When Available)
When the platform launches, creating an account will require an email and password. We will also store your alert preferences, tracked entities, and notification channel configurations. All account data is stored in Supabase with row-level security enabled.
Analytics
We use privacy-respecting analytics to understand how visitors use the marketing site. This includes page views, referrer URLs, and approximate location (country level). We do not use tracking pixels, fingerprinting, or cross-site tracking. No ad networks touch this site.
Cookies
The marketing site uses only essential cookies for analytics. No advertising cookies. No third-party tracker cookies. When the dashboard launches, session cookies will be used for authentication. That is it.
Third-Party Services
We use the following services to operate Sentinel. Each processes only the minimum data required for its function:
| Service | Purpose | Data Processed |
|---|---|---|
| Supabase | Database, authentication, realtime | Email, password hash, account preferences |
| Vercel | Frontend hosting and edge rendering | IP address (for routing), request logs |
| Cloudflare | DNS, CDN, DDoS protection | IP address (for routing), request headers |
| Anthropic | AI agent processing (Claude Sonnet 4) | OSINT event data only — no user PII |
Data Retention
Waitlist emails are retained until early access launches or you request removal. Account data is retained for the lifetime of your account. Analytics data is aggregated and contains no personally identifiable information. If you delete your account, all associated data is permanently removed within 30 days.
Your Rights
Regardless of where you are located, you have the right to:
- Request a copy of all data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Withdraw consent for data processing at any time
- Request removal from the waitlist
To exercise any of these rights, email hello@wyrm.ai. We will respond within 14 days.
Security
All data is encrypted in transit (TLS 1.3) and at rest. Database access is controlled by row-level security policies. Backend services use service-role isolation. Authentication is handled by Supabase Auth with bcrypt password hashing. We do not store passwords in plaintext. Ever.
Changes to This Policy
If we change this policy, we will update the date at the top and notify active users by email. Material changes will include a 30-day notice period before taking effect.
Contact
Questions about this policy? Email hello@wyrm.ai.
See also our Terms of Service and About page for more context on who we are and how Sentinel works.