KKedalion Sentinel

Privacy Policy

Last updated: 30 April 2026

Short version: Kedalion Sentinel scans selected monday.com boards for potential sensitive data exposure, stores metadata and redacted evidence, and does not store raw board text or full sensitive values.

Who We Are

Kedalion Sentinel is a monday.com app operated by Financial Underdog. The app helps monday.com account administrators identify and review potential sensitive data stored in monday.com boards.

Data We Process

When you install or use Kedalion Sentinel, we may process the following data from your monday.com account:

  • Account, workspace, board, item, and column identifiers needed to locate findings.
  • Board names, item names, and supported text-like column values from boards selected for scanning.
  • Policy configuration such as enabled policy packs, selected boards, and scan cadence.
  • Finding metadata, including category, severity, confidence score, explanation, first seen time, last seen time, status, and reviewer actions.
  • Redacted evidence snippets, such as masked email addresses or payment-card endings.
  • monday.com user identifiers associated with installation and finding review actions.

Data We Do Not Store

  • We do not store raw full board text after scanning.
  • We do not store full payment-card numbers, full secrets, or full sensitive values as finding evidence.
  • We do not modify, delete, mask, or move customer data in monday.com in Release 1.

OAuth Tokens

The app stores monday.com OAuth access tokens so it can run manual and scheduled scans for installed accounts. Tokens are encrypted before storage using AES-256-GCM and are used only to access the monday.com data required for the app features.

How We Use Data

We use processed data to provide board scanning, finding classification, dashboards, review workflows, scheduled monitoring, exports, and setup diagnostics. We may also use aggregate operational information to maintain reliability and improve the product.

Subprocessors And Hosting

Kedalion Sentinel is hosted on Vercel and uses Supabase Postgres for production data storage. monday.com remains the system of record for customer board content.

Retention

Finding records, redacted evidence, scan history, and review audit events are retained while the app remains installed so teams can maintain an audit trail. If an account uninstalls the app, active installations are marked uninstalled and scheduled scanning stops. Deletion requests can be sent using the support contact below.

Security

We use encrypted token storage, HTTPS, monday.com OAuth, monday.com signed session tokens, lifecycle webhook verification, and least-needed app scopes. Diagnostic routes avoid exposing secrets.

Your Choices

Administrators can choose which boards are scanned, which policy packs are enabled, and whether scans run manually, daily, or weekly. The app can be uninstalled from monday.com at any time.

Contact

For privacy, deletion, or security questions, contact hello@kedalion.app.