Legal & Compliance - SentinelOne
Experiencing a Breach?
en
en
Get a Demo
Back
Get a Demo
Experiencing a Breach?

Legal Documents

Customer

 

Master Subscription Agreement

Solutions Addendum: Singularity Platform Terms

Solutions Addendum: DataSet Terms

Terms of Service – GSA

Public Sector Addendum

Technical Account Manager Terms

Support Terms

Vigilance Service Addendum

Incident Response Retainer Addendum

SDK Addendum

Ransomware Warranty

Sentinelone Watchtower Addendum

Admin Tools Addendum

Privacy

 

Privacy Policy

Cookie Policy

Data Protection Addendum

List of Sub-processors

CCPA Privacy Notice

 

Compliance

 

Modern Slavery Statement

Responsible Disclosure Policy for Third Parties

 

Intellectual Property

 

Trademark Guidelines

Patents

Inactive Agreements

 

SentinelOne Terms of Service

Scalyr Online Terms

Terms of Service – Public Sector non-GSA

SentinelOne Privacy Compliance

HIPAA compliance

 

SentinelOne provides endpoint protection solutions that collect and process various datasets equally, without regard to how a customer might classify their data. As such, SentinelOne does not treat any specific dataset processed by its Solutions as Personal Healthcare Information (PHI) under HIPAA and/or HITECH. Any processing of specific data types is purely incidental, and not required to use the Solutions. SentinelOne does not collect any PHI in providing its Solutions to customers.

SentinelOne has implemented a host of information security controls to protect all customers data it processes on behalf of its customers in accordance with HIPAA’s Privacy and Security Rules, and ensure confidentiality, integrity, protection against anticipated threats, workforce management, and access controls among a host of technical, administrative and physical safeguard. As such, SentinelOne is now HIPAA compliant and able to enter business associate agreements to such effect. For more information about SentinelOne’s Business Associate Agreement (“BAA”), please contact SentinelOne privacy team at [email protected]

GDPR Compliance

 

SentinelOne has implemented a range of privacy and security controls across the organization to ensure compliance with the General Data Protection Regulation (GDPR) by the May 2018 deadline.

Among other things, SentinelOne has trained its employees and established an ongoing training program, added a host of technical security measures, mapped PII storage throughout the organization, defined appropriate access right limitations, ensured that individual access/portability/right-to-be-forgotten rights are respected, appointed a Data Protection Officer (DPO), entered into Data Processing Addendums (DPAs) with relevant data processors, and offers to enter into DPAs with EU-based customers subscribing to the Solutions at certain pricing levels.

SentinelOne is committed to continued compliance with GDPR and all other relevant privacy regulations for the benefit of its customers. Contact us for more information about Our privacy program.

How SentinelOne Can Help Your Organization’s Compliance

HIPAA Compliance

 

The SentinelOne Solution can help your organization achieve compliance with HIPAA Security Rule, which requires that organizations use and regularly update anti-virus software or programs on all systems commonly affected by malicious software.

The SentinelOne Static and behavioral AI can help your organization to detect and respond to malware attacks.

The SentinelOne Deep Visibility and automated EDR capabilities can help your organization to understand and mitigate suspicious events.

The SentinelOne Vigilance automated SOC services can add another level of security to your organization, by offering the services of security experts that can proactively help your organization detect and respond to threats.

For more information about how SentinelOne can help your organization’s HIPAA compliance, read the Tevora PCI and HIPAA Whitepaper.

GDPR Compliance

 

The SentinelOne Solution can help your organization achieve GDPR compliance with the data protection by design and by default requirement in Article 25, the security of processing requirement in Article 32 which require applying technical and organizational measures for data processors and with Articles 33 and 34 which apply specific requirement for breach notification, assessment and remediation.

For more information about how SentinelOne can help your organization’s GDPR compliance, read the SentinelOne GDPR Datasheet.

Contact Information

All legal issues:

[email protected]

All privacy related issues:

[email protected]