Our commitment to your security. Compliance software is only useful if the records inside it can be trusted. We hold Personal Information in Australia, encrypt it at rest, and store only what AUSTRAC requires us to keep. This page describes the controls we have in place today and how to report a security issue. It was last updated on 10 June 2026.
1. How your records are protected
Compliance records are encrypted at rest in our Australian-hosted database and retained for the seven-year period AUSTRAC requires under the AML/CTF Act. We never store copies of identity documents. We keep only the structured outcome of each AML verification, which is whether the check passed or failed plus the verifier's attestation. That keeps what we hold to the minimum needed to be audit-ready.
How we collect, use and disclose Personal Information is described in full in our Privacy policy.
2. Access and audit
Access to the systems that operate the Service is restricted to named members of our team, each authenticated with multi-factor login and granted only the permissions their role requires. Internal preview environments used during development are not publicly accessible.
Every change to a compliance record is written to a tamper-evident audit trail, so any alteration of a historical record is detectable on later review.
3. Keeping the platform safe
Modern software depends on many small open-source packages, and a known risk is that one of those packages is compromised by a malicious actor. We use only mainstream, actively-maintained packages, lock the entire dependency tree against tampering, and patch newly disclosed vulnerabilities through GitHub's security alerts on a working day.
Should a control fail, the encryption and minimal-data posture above limits what could be exposed.
4. Reporting a security issue
If you find a security issue in anything we operate, please report it privately to security@senly.ai before any public disclosure. We will acknowledge within two business days and share our initial assessment within five. With your permission, we will credit you once a fix has shipped.
5. How to contact us
For security issues, email security@senly.ai. We aim to acknowledge within two business days.