Family Sentinel LLC ("we"), a Texas company, provides fraud-detection and alerting services for families ("the Service").
| Category | Examples | Source |
|---|---|---|
| Account data | Names, emails, phone numbers of the protected person and family contacts; billing information | You |
| Monitored signals | Incoming email content (processed transiently), voicemail transcripts, transaction descriptions and amounts | The services you authorize (Google/Microsoft read-only access, Plaid, phone carrier) |
| Stored results | Risk verdicts, category, plain-English reason, minimal evidence (sender, subject) | Generated by us |
| Threat evidence | Full copies of messages flagged as suspicious or malicious — retained encrypted for 14 days for expert review and your evidence file, then automatically deleted. Ordinary (unflagged) mail is never stored. Never retained for minors' accounts | Generated by us |
| Service telemetry | Audit logs of our own systems' access | Generated by us |
We do not collect or store: passwords or credentials, ordinary email bodies at rest, bank statements, Social Security numbers, or health records.
We use the data described above solely to detect and alert on likely fraud targeting the people you enroll, to maintain the security and audit trail of our own systems, and for billing and support.
Google API Services — Limited Use disclosure. Family Sentinel's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: Gmail data is used only to provide the user-facing fraud-detection features described here; it is never used for advertising; it is never sold; humans read messages only with the account holder's affirmative consent (our signed authorization), for security purposes, or as required by law; and Gmail data is never used to develop, improve, or train generalized artificial-intelligence or machine-learning models.
Email and transaction text is analyzed by Anthropic's Claude models via API under commercial terms; Anthropic does not train on API data. Processing is transient — content in, verdict out.
Only with: (a) the family contacts the account holder designates (alerts); (b) service providers under contract that make the Service work (hosting, Anthropic, Plaid, SMS delivery — current list available on request); (c) law enforcement when legally required, or when we in good faith believe the protected person is the victim of a crime and the designated contacts consent. We never sell or rent personal information, and we run no advertising.
Encryption in transit and at rest; per-client isolation with per-client encryption keys; read-only authorizations; least-privilege access; independent audit logging; a documented incident-response plan with a kill switch. Our founder is a professional security-operations analyst; a full security overview is available on request.
Flagged-threat evidence: 14 days, then automatic deletion. Verdict and alert records: 12 months, then deleted. On cancellation, all data for your household is deleted within 30 days with confirmation; backups age out within 14 days thereafter.
Access, correction, deletion, and portability of your data — email privacy@familysentinel.org. We honor these rights for all customers regardless of statutory thresholds. You may revoke the Service's access to any connected account at any time, directly with the provider or by asking us.
If a breach affects your data we will notify affected contacts without unreasonable delay, consistent with Texas Business & Commerce Code §521.053, and tell you plainly what happened, what was and wasn't exposed, and what we are doing about it.
Monitoring for household members under 18 is offered only with verifiable parental consent and operates in a restricted, metadata-only mode: no message content or attachments are ever retained for minors' accounts.
Material changes are announced by email 30 days in advance.