Confidentiality & Information Handling

Sentivery operates in environments where discretion, trust, and structured information control are fundamental.

We apply disciplined protocols for handling confidential, sensitive, and restricted information across all advisory engagements. Our approach is proportionate, risk-aware, and aligned with institutional and defence-grade expectations.

• Strategic plans and programme documentation

• Commercial and contractual information

• Technical specifications and drawings

• Governance and board materials

All client information is treated as confidential unless explicitly stated otherwise.

1. Confidentiality Commitment

This includes, but is not limited to:

Confidentiality obligations apply before, during, and after engagement.

• Financial data and cost structures

• Personal data and contact information

• Security-sensitive or restricted materials

Where required, Sentivery enters into Non-Disclosure Agreements (NDAs) or confidentiality undertakings prior to commencement of services.

• Public

• Internal

• Confidential

• Restricted / Sensitive

Sentivery works in alignment with recognised classification principles typically applied in institutional and defence environments:

2. Information Classification & Handling

Information is handled according to its classification level and the client’s specific security requirements.

Where client-specific protocols exist, those take precedence.

• Controlled access to project materials

• Secure digital storage environments

• Encrypted communication channels where appropriate

• Segregation of client data between engagements

Information security practices include:

3. Secure Communication & Storage

Confidentiality obligations apply before, during, and after engagement.

• Limited device access and authentication controls

Physical documents, if used, are stored securely and disposed of appropriately after engagement completion unless otherwise agreed.

• Collected only where necessary

• Used strictly for engagement delivery

• Retained only for as long as required

Sentivery operates in accordance with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR).

Where Sentivery acts as a data processor or data controller (as applicable), responsibilities are defined contractually.

4. Data Protection & GDPR Compliance

• Not transferred to third parties without lawful basis

Personal data is:

• Engagements are assessed for potential conflicts of interest

• No confidential information is shared across clients

• Independent advisory judgement is maintained at all times

To protect client interests:

5. Conflict Management & Ethical Safeguards

Sentivery does not disclose client names, project details, or engagement outcomes without explicit written consent.

• Third parties are engaged under equivalent confidentiality obligations

• Access to information is limited to scope-specific requirements

• Responsibility for oversight remains with Sentivery

Where specialist expertise is required and agreed with the client:

6. Sub-Consultants & Third Parties

No subcontracting occurs without client awareness.

• Client materials may be returned upon request

• Digital records are retained only as required for legal, regulatory, or professional purposes

• Secure deletion procedures are applied where appropriate

Upon completion of engagement:

7. Information Retention & Destruction

Retention periods are proportionate and compliant with applicable law.

• The client will be informed without undue delay

• Appropriate containment and remediation measures will be implemented

• Regulatory notification requirements will be followed where applicable

In the unlikely event of a data breach or information security incident:

8. Incident Response

• Restricted site access

• Controlled document handling environments

• Additional classification or clearance requirements

Sentivery recognises that certain projects may involve enhanced security protocols, including:

9. Defence & Institutional Context

Where such conditions apply, Sentivery aligns with the client’s established security framework.

Confidentiality and structured information handling are not administrative formalities.
They are foundational to independent delivery governance and sponsor-level trust.

Sentivery maintains continuous awareness of evolving regulatory, digital, and security requirements to ensure disciplined and responsible handling of all entrusted information.

10. Ongoing Commitment

For questions regarding Privacy Policy or formal contracting matters, please contact:

legal@sentivery.com