Legal

Privacy Policy

Last updated: 17 July 2026

BITS Blackrock IT Solutions LLC(“SentiQore”, “we”, “us”, or “our”) operates the SentiQore business continuity management platform. This Privacy Policy explains what personal data we collect, how we use it, and the rights you have under applicable data-protection law, including the EU General Data Protection Regulation (GDPR).

1. Data Controller

The data controller for all personal data processed through SentiQore is:

BITS Blackrock IT Solutions LLC

8 Ali Basha Zolfakar Street, Alexandria, Egypt

E-mail: privacy@bits-solution.com

Website: www.bits-solution.com

2. Personal Data We Collect

We collect the following categories of personal data:

  • Account & identity data: Name, email address, password (hashed), profile photo. Collected when you register or sign in via Google OAuth.
  • Billing data: Subscription status, plan tier. Card numbers are handled exclusively by Lemon Squeezy (our Merchant of Record) and are never stored on our infrastructure.
  • Usage data: Features accessed, timestamps of actions, error logs. Used to operate and improve the service.
  • Client BCM data you enter: Risk registers, BIA records, recovery strategies, governance documents, contact lists. This data relates to your clients' organisations, not to individuals in most cases. Where it contains personal data (e.g. emergency contact names), you are the data controller for that data and SentiQore acts as a data processor.
  • Technical data: IP address, browser type, device identifiers, session tokens. Collected automatically via Clerk (auth) and our hosting infrastructure (Hetzner, Germany).

3. Legal Bases for Processing (GDPR Art. 6)

Contract performance

Providing the SentiQore service, managing your subscription, customer support.

Legitimate interests

Security monitoring, fraud prevention, service improvement, product analytics.

Legal obligation

Retaining billing records for tax and accounting requirements.

Consent

Marketing communications (where you have opted in). You may withdraw consent at any time.

4. Sub-processors

We engage the following sub-processors to operate SentiQore. A full list with data transfer mechanisms is available on our Trust Center.

Sub-processorPurposeLocation
ClerkAuthentication & identityUSA — SOC 2 Type II
SupabaseDatabase & storageEU (Frankfurt)
Hetzner Online GmbHHostingGermany (EU)
AnthropicAI inference (Rasid)USA — no-retention
Lemon SqueezyPayment processingUSA — PCI-DSS

5. International Data Transfers

Some sub-processors are located in the United States. Transfers to the USA are covered by Standard Contractual Clauses (SCCs) adopted by the European Commission, supplemented by the Technical and Organisational Measures described on our Trust Center. AI inference requests sent to Anthropic are processed without retention — no training data is derived from your inputs.

6. Retention

  • Account and BCM data: retained for the duration of your subscription and deleted within 90 days of account closure, unless legal obligations require longer retention.
  • Billing records: retained for 7 years in accordance with applicable tax law.
  • Server logs: retained for 30 days and then automatically purged.
  • AI conversation history: not persisted server-side; conversations are ephemeral per session.

7. Your Rights (GDPR Art. 15–21)

As a data subject under GDPR, you have the right to:

Access

Request a copy of the personal data we hold about you.

Rectification

Correct inaccurate or incomplete personal data.

Erasure

Request deletion of your personal data (“right to be forgotten”).

Restriction

Ask us to limit processing while a dispute is resolved.

Portability

Receive your data in a structured, machine-readable format.

Object

Object to processing based on legitimate interests.

To exercise any of these rights, email us at privacy@bits-solution.com. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority.

8. Cookies & Local Storage

SentiQore uses only technically necessary cookies and browser storage. We do not use tracking cookies, advertising pixels, or third-party analytics cookies. Session tokens are managed by Clerk and stored in HTTP-only cookies. Your locale preference is stored in localStorage.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email to registered users at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

10. Contact

For any privacy-related questions or to exercise your rights, contact the Data Protection team at privacy@bits-solution.com.

BITS Blackrock IT Solutions LLC