Privacy Policy

Last updated: 9 April 2026 · Version 2.0 · Terms of Service

Your project data is yours. We process it to power AI analysis — never to train models, never to sell, never to share beyond what's needed to run the service.

1. Who we are

Senshin is operated by Senshin Ltd, registered in England and Wales. We build an AI-powered Project Delivery Operating System for professional project managers, programme managers, and delivery leads.

Data controller: Senshin Ltd
Contact: privacy@senshin.io

2. What we collect

Account data

When you sign up: name, email address, organisation, role, and timezone. This is Tier 1 data — the minimum needed to create your organisation.

Project delivery data

Everything you enter to manage your projects:

Projects — name, description, dates, methodology, phase, health ratings, budget, strategic alignment.
RAID — risks, assumptions, issues, decisions, dependencies — including severity, owner, status, and mitigation strategies.
Finance — budget lines, actuals, accruals, forecasts, variance, multi-currency rates.
People — stakeholder profiles, RACI assignments, communication styles, engagement levels.
Activities — tasks, milestones, dependencies (FS/FF/SS/SF), critical path, % complete.
Artefacts — uploaded documents, versioned files, and metadata.

AI interaction data

Every AI analysis run is logged: trigger source, AI depth level (Observe/Advise/Challenge), signals produced, recommendations generated, confidence scores, and your response (accepted/dismissed). This powers the immutable audit trail.

Usage data

Pages visited, features used, timestamps, device type, browser, and session duration. Collected via first-party telemetry only — no third-party analytics trackers.

3. How we use your data

Purpose	Data used	Legal basis
Operating the platform	Account, project data	Contract performance
AI analysis & reasoning	Project, RAID, finance, people data	Contract performance
Signal computation (29 dimensions)	All project data	Contract performance
Improving the product	Anonymised usage data	Legitimate interest
Service communications	Email, name	Contract performance
Billing and payments	Email, plan data	Contract performance
Security and fraud prevention	IP address, session tokens	Legitimate interest

4. AI processing — how it works

Senshin's reasoning engine operates in two stages:

Deterministic reasoning (runs locally on our servers) — extracts signals across schedule, budget, RAID velocity, resource, and governance dimensions. No data leaves our infrastructure for this stage.
LLM narrative generation (Google Vertex AI) — your project context is sent to Vertex AI (Gemini models) in the europe-west2 (London) region to generate human-readable analysis, recommendations, and challenge-mode scrutiny.

Google does not use your data to train its models. Vertex AI processes data under Google Cloud's Data Processing Terms. All processing stays within the europe-west2 region.

5. Where your data lives

All data is stored and processed in the europe-west2 (London) region on Google Cloud Platform:

Cloud SQL (PostgreSQL 15) — structured project data, reasoning runs, audit logs.
Firestore — real-time project state, AI narratives, configuration.
Cloud Storage — uploaded artefacts and exported files.
Cloud Run — application compute (stateless containers).

All storage is encrypted at rest (AES-256) and in transit (TLS 1.3). Private IP networking between services — no data traverses the public internet within our infrastructure.

6. Who we share data with

We do not sell your data. We do not share it for advertising. Data is shared only with these processors:

Processor	Purpose	Location
Google Cloud Platform	Infrastructure, AI processing, storage	London (europe-west2)
Firebase Authentication	Identity and sign-in	EU
Stripe	Payment processing	EU/US
SendGrid (Twilio)	Transactional email	US

Each processor operates under a Data Processing Agreement compliant with UK GDPR. See our DPA for details.

7. Data retention

Active account: data retained for the lifetime of your account.
Closed projects: retained for 12 months after closure, then auto-archived.
Deleted account: all data permanently deleted within 30 days. Export your data before deletion.
Audit logs: retained for 24 months after account closure for compliance.
AI reasoning history: retained with project data. Deleted when the project is deleted.
Anonymised analytics: retained indefinitely (cannot be linked back to you).

8. Your rights under UK GDPR

You have the right to:

Access — request a copy of all data we hold about you.
Rectification — correct inaccurate data via your profile or by contacting us.
Erasure — delete your account and all associated data (Settings → Account → Delete).
Portability — export your data in JSON, PowerPoint, Word, or Excel format.
Restriction — request that we stop processing specific data while a dispute is resolved.
Object — object to processing based on legitimate interest.

To exercise any right, email privacy@senshin.io. We respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

9. Cookies

We use minimal cookies — only what's needed to run the service:

Cookie	Purpose	Duration
ss_token	Session authentication	Session
ss_user_id	User identification	Session
ss_consent_v1	Cookie consent preference	1 year
ss_settings	Display preferences (theme, density)	1 year

No advertising cookies. No third-party trackers. Analytics cookies are optional and only set with your explicit consent. See our Cookie Policy for the full table.

10. Security

Firebase Authentication with session cookies (httpOnly, secure, SameSite).
Biometric lock screen (Face ID / Touch ID / Windows Hello) for unattended sessions.
IAM-based access controls — no passwords stored in our systems.
RBAC with 7 role templates and 28 granular permissions.
CSRF protection via double-submit cookie pattern.
Input sanitisation on all API endpoints.
Immutable audit trail — every data change, AI run, and login is logged and cannot be altered.
TLS 1.3 for all connections. Private VPC networking between services.

Report security vulnerabilities to security@senshin.io.

11. Children

Senshin is a professional tool for project delivery. It is not intended for users under 18. We do not knowingly collect data from minors.

12. International transfers

Your data is primarily processed in the UK (London). Where sub-processors operate outside the UK (Stripe, SendGrid), transfers are protected by Standard Contractual Clauses (SCCs) or UK adequacy decisions.

13. Changes to this policy

We may update this policy. Material changes will be communicated via in-app notification and email with at least 14 days notice. The "Last updated" date at the top always reflects the current version.

14. Contact

Senshin Ltd
Registered in England and Wales
Privacy: privacy@senshin.io
Security: security@senshin.io
General: {{SUPPORT_EMAIL}}