Privacy Policy

Sentura — a service of Virtual Caffeine IO LLC

Effective date: July 8, 2026
Canonical URL: https://sentura.io/legal/privacy

1. Who we are and what this Policy covers

Sentura is an email-authentication monitoring and management service (DMARC, SPF, DKIM, MTA-STS, and related reporting). Sentura is operated by Virtual Caffeine IO LLC ("VCIO," "we," "us"), a Washington limited liability company. In this Policy, "Sentura," "the service," and "we" refer to the Sentura service as operated by VCIO.

This Policy applies to the Sentura websites and application at sentura.io (including app.sentura.io, www.sentura.io, and docs.sentura.io), the Sentura web application, and the free public tools offered on the Sentura site. It describes our own practices as the operator of the service.

If you use Sentura under an agreement between VCIO and your employer or organization, that organization controls the account and its instructions govern data in the account; this Policy describes our practices as the service operator.

Virtual Caffeine IO LLC operates other products under other brands; each has its own separate terms and privacy policy on its own site. This Policy governs Sentura only.

2. Information we collect

Information you provide:

Information collected automatically:

DMARC and email-authentication report data:

Sentura ingests DMARC aggregate reports and related authentication reports for the domains you monitor. These reports are generated by receiving mail providers and describe authentication results — sending IP addresses, the domains claimed in the "From" header, SPF/DKIM/DMARC pass/fail outcomes, message counts, and dates. They do not contain the content or bodies of email messages. We process and store this reporting data to provide the service and your history.

Information from our free public tools:

Sentura offers free tools (for example, domain and email-authentication checkers). When you submit a domain or similar input, we process it to produce your result and we log the submission (input value, timestamp, IP address) for abuse prevention and service improvement. Free-tool submissions are not linked to an account unless you are signed in. We retain free-tool submission logs for 90 days, after which they are deleted or de-identified.

Payment information:

Payments are processed by our third-party payment processor. Your card number is collected by that processor directly and never touches Sentura or VCIO systems. We receive limited billing details (such as name, billing contact, card brand/last four, and transaction status) to manage your subscription.

Information from identity providers:

Sentura uses single sign-on. When you sign in, we receive basic profile details (name, email, organization/tenant identifiers) from your identity provider to create and secure your session.

We do not knowingly collect information from children. Sentura is a business tool intended for adults.

3. How we use information

We use the information above to: provide, operate, and secure Sentura; authenticate users; process payments and manage subscriptions; respond to support requests; send transactional service email (such as authentication alerts, monitoring summaries, account notices, and receipts); prevent abuse and enforce our Terms; comply with law; and improve the service, including analyzing aggregated, de-identified usage.

We do not sell personal information, and we do not use your data for third-party advertising. Our regular emails are transactional — service and security alerts, monitoring summaries, account notices, and receipts — which are part of the service. We may also occasionally send product-update or check-in emails (for example, about new features); these are not required to use Sentura, always include a working unsubscribe link, and you can opt out of them at any time without losing service. We do not send third-party or partner marketing.

A note on how Sentura makes decisions. Sentura's trust-critical determinations — in particular its verdicts about whether a sending source is authenticated — are made by deterministic logic, not AI. Some non-critical features (for example, written summaries in generated reports) may use an AI provider under commercial terms that do not use inputs or outputs to train models; the specific model may change over time.

4. How we share information

We share personal information only with:

5. Hosting and data location

Sentura runs on VCIO-operated US infrastructure and US-based hosting providers. If you require a specific data-residency arrangement, ask us before purchase.

6. Retention

We keep personal information only as long as needed for the purposes in this Policy:

When retention ends, we delete or de-identify the data.

7. Cookies and analytics

Sentura uses strictly necessary cookies — session and authentication cookies required to sign you in and keep the service secure, and cookies set by our security/CDN provider to protect against abuse. These are always active because the service cannot function without them.

We also use analytics to understand how our public site and application are used so we can improve them. Analytics may set non-essential cookies or use similar technologies. Where required, we present a cookie-consent control so you can accept or decline non-essential cookies; declining does not affect your ability to use the service. We do not use advertising cookies and we do not sell or share information for cross-context behavioral advertising. This section serves as our cookie disclosure.

8. Security

We use technical and organizational measures appropriate to the data we handle, including encryption in transit, role-based access controls, tenant isolation, and least-privilege administration. No system is perfectly secure; if we learn of a breach affecting your personal information, we will notify you as required by applicable law.

9. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to opt out of sale or sharing (we do not sell or share personal information for cross-context behavioral advertising).

California residents: you may exercise these rights under the CCPA/CPRA. We do not sell or share personal information as those terms are defined by the CCPA/CPRA, and we will not discriminate against you for exercising your rights.

To exercise any right, email [email protected]. We will verify your request (typically by confirming control of the account email) and respond within the time required by applicable law. If your account is managed by your organization, we may direct your request to that organization.

10. Changes to this Policy

We may update this Policy from time to time. Material changes will be noted on this page and, for significant changes affecting account holders, by email or in-product notice. The effective date above always reflects the current version.

11. Sub-processors (current providers)

We use the following categories of third-party providers to operate Sentura. We may change providers within a category; we keep this list current and dated, and material changes are reflected in the effective date above. Customers under a data processing agreement receive notice of new sub-processors as that agreement requires.

As of July 8, 2026:

CategoryPurposeCurrent provider(s)
Hosting / infrastructureApplication and database hostingVCIO-operated US infrastructure; Hetzner Online GmbH (US)
Identity / sign-inAuthentication and session managementMicrosoft (Entra ID)
DMARC-report & mailbox intakeReceiving and reading DMARC aggregate reports sent to SenturaMicrosoft 365 / Microsoft Graph
DNS, CDN & edgeDNS, content delivery, edge security, and hosted DNS recordsCloudflare, Inc.
Payment processingSubscription billing (card data handled by the processor, not by us)Stripe, Inc.
Transactional emailService and alert emailsResend
AI-assisted report text (optional)Written narrative in generated reportsAnthropic, PBC (commercial API terms; inputs/outputs not used to train models)

12. Contact

Virtual Caffeine IO LLC (operator of Sentura)
Camano Island, Washington, USA
[email protected]