Sentra Logo Sentra
Home About Pricing Contact Login

Privacy Policy

Effective Date: August 10, 2025

1. Introduction

This Privacy Policy describes how Sentra ("we," "our," or "us") collects, uses, and protects your information when you use our moderation and staff management platform. Sentra is a Software-as-a-Service (SaaS) platform that provides moderation tools and staff management solutions for gaming communities and organizations. Sentra is operated by GIGABYTE GAMES LTD.

2. Information We Collect

2.1 Account Information

  • Organization Data: Organization name, plan type, billing information, and administrator contact details.
  • Discord Data: When you authenticate with Discord, we collect your Discord user ID, username, and avatar URL for authentication purposes.
  • Roblox Data: When you verify your Roblox account, we collect your Roblox user ID and username for moderation and verification purposes.

2.2 Platform Usage Data

  • Session Information: Login/logout times and browser information for security and platform functionality.
  • Organization Activity: Usage statistics, feature utilization, and API call metrics for billing and service optimization.
  • Staff Management: Staff roles, permissions, and organizational hierarchy within your organization.

2.3 Moderation Data

  • Moderation Actions: Records of warnings, bans, kicks, and other moderation actions taken within your organization's games or communities.
  • Appeals: Any ban appeals submitted through your organization's system, including messages and moderator responses.
  • Reports: User reports submitted through your organization's system, including evidence and timestamps.
  • Audit Logs: Comprehensive logs of all administrative and moderation actions for accountability and compliance.

2.4 Billing and Subscription Data

  • Payment Information: Billing addresses, payment method details (processed securely through third-party payment processors).
  • Subscription Details: Plan type, billing cycle, usage limits, and subscription status.
  • Usage Metrics: API calls, active staff count, and other metrics relevant to your subscription plan.

3. How We Use Your Information

3.1 Service Delivery

  • Provide and maintain the Sentra platform and its features
  • Authenticate users and manage organization access
  • Process billing and manage subscriptions
  • Provide customer support and technical assistance

3.2 Platform Security and Compliance

  • Monitor platform security and prevent unauthorized access
  • Ensure compliance with terms of service and acceptable use policies
  • Maintain audit logs for security and compliance purposes
  • Investigate security incidents and platform misuse

3.3 Service Improvement

  • Analyze usage patterns to improve platform features and performance
  • Develop new features and capabilities based on customer needs
  • Conduct research and analytics to enhance user experience
  • Provide personalized recommendations and support

4. Information Sharing and Multi-Tenancy

4.1 Data Isolation

Sentra operates as a multi-tenant platform. Your organization's data is strictly isolated from other organizations:

  • Each organization's data is logically separated and cannot be accessed by other organizations
  • Staff members can only access data for organizations they are authorized to view
  • Moderation actions and logs are only visible within your organization

4.2 Internal Sharing

Within your organization, information may be accessed by:

  • Staff members with appropriate permissions and roles
  • Organization administrators and owners
  • Sentra technical personnel for platform maintenance and support (limited to what's necessary)

4.3 External Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information in the following limited circumstances:

  • Legal Requirements: When required by law, court order, or government request
  • Safety and Security: To protect the rights, property, or safety of our users or the public
  • Service Providers: With trusted third-party services that help us operate our platform (hosting, payment processing, analytics)
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with appropriate safeguards)

4.4 Integration with External Platforms

  • Discord Integration: We communicate with Discord APIs to manage roles and verification status
  • Gaming Platform APIs: We integrate with Roblox and other gaming platforms to retrieve public profile information and manage moderation actions
  • Third-party Integrations: We may integrate with other tools and services as requested by your organization

5. Data Security

We implement comprehensive technical and organizational measures to protect your information:

  • End-to-end encrypted data transmission using TLS/HTTPS
  • Secure database storage with encryption at rest and in transit
  • Multi-tenant data isolation with strict access controls
  • Regular security assessments, penetration testing, and vulnerability scanning
  • Staff training on data protection and security best practices
  • Role-based access control with principle of least privilege
  • Automated backup and disaster recovery procedures
  • 24/7 security monitoring and incident response capabilities

6. Data Retention

  • Account Data: Retained while your account and organization subscription are active
  • Moderation Records: Retained for the duration specified in your organization's data retention policy, or as required by applicable laws
  • Billing Data: Retained for 7 years for tax and accounting purposes
  • Security Logs: Retained for up to 2 years for security monitoring and incident investigation
  • Audit Logs: Retained as required by your organization's compliance requirements

Upon subscription termination, data will be securely deleted within 90 days unless legally required to retain it longer.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request access to your personal data and information about how it's processed
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your data (subject to legal, contractual, and operational requirements)
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Restriction: Request restriction of data processing in certain circumstances
  • Objection: Object to processing of your data for certain purposes
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time

To exercise these rights, please contact us at contact@gigabyteweb.com or through your organization's administrator.

8. Cookies and Tracking

We use the following types of cookies and tracking technologies:

  • Essential Cookies: Required for authentication, session management, and core platform functionality
  • Security Cookies: Used for CSRF protection and preventing unauthorized access
  • Analytics Cookies: Help us understand platform usage and improve our services (anonymized data only)

You can manage cookie preferences through your browser settings, though disabling essential cookies may impact platform functionality.

9. Children's Privacy

Sentra is intended for use by organizations and their authorized personnel. While we do not specifically target children under 13, some organizations may use our platform to moderate gaming communities that include minors. We comply with applicable children's privacy laws including COPPA and GDPR requirements for processing children's data.

10. International Data Transfers

Sentra operates globally and your data may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and provide appropriate safeguards, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for certain countries
  • Binding Corporate Rules where applicable
  • Data Processing Agreements with all service providers

11. Business Customers and Data Processing

For organization administrators and business customers, Sentra acts as both a data controller (for account and billing information) and a data processor (for moderation and user data processed on behalf of your organization). Your organization remains the data controller for user data within your games and communities.

We provide comprehensive Data Processing Agreements (DPAs) to our business customers that outline our respective responsibilities for data protection and compliance.

12. Compliance and Certifications

Sentra is committed to maintaining the highest standards of data protection and privacy:

  • GDPR compliant (EU General Data Protection Regulation)
  • CCPA compliant (California Consumer Privacy Act)
  • SOC 2 Type II certified (Service Organization Control)
  • Regular third-party security audits and penetration testing
  • ISO 27001 information security management practices

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page with a new "Effective Date"
  • Sending email notifications to organization administrators
  • Providing in-platform notifications for significant changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • General Contact: contact@gigabyteweb.com
  • Company: GIGABYTE GAMES LTD
  • Address: Portland House, Belmont Business Park, Durham, DH1 1TW, England
  • Company Number: 15339175
Data Controller and Processor Information

For Organization Account Data: GIGABYTE GAMES LTD acts as the data controller.

For Customer Data: Your organization acts as the data controller, and GIGABYTE GAMES LTD acts as the data processor under the terms of our Data Processing Agreement.