Questions, answered

Fourteen days. No credit card required. Full feature access throughout.

Yes. Trial signup is blocked for free-email providers like gmail, yahoo, outlook, hotmail and similar. The reason is anti-abuse and product-fit: Centyon is built for organisations monitoring company-owned machines. If you're a freelancer or consultant evaluating on behalf of a client, email sales@centyon.com and we'll provision a trial manually.

No — one trial per company domain. If a workspace already exists for your domain, sign in instead. If you've forgotten which workspace it is, the sign-in page has a 'forgot workspace' lookup.

The workspace is suspended (not deleted) and we email you about converting. You retain your data and can re-activate when you're ready.

Most of our customers run shift-based businesses where three people share one machine. Per-user pricing would charge them three times for one endpoint. Per-machine pricing is fairer and lines up with what's actually being monitored: the device, not the seat.

A unique MAC address. Each Windows endpoint that runs the agent and reports to your workspace. Decommissioned machines can be removed at any time and free up the seat.

No fixed minimum. Talk to sales for the smallest tier that fits your size.

No. We deliberately don't do either. We capture application names and URLs, file-system and clipboard events (file paths only — not text), USB plug/unplug, print jobs, process events, network changes and install/uninstall. No keylogging, no screen video.

No. We detect and alert, not block. Real-time blocking requires a kernel-level DLP product like Microsoft Purview or Forcepoint. Centyon is the visibility layer — it shows you what's happening and writes the audit trail.

Windows only, by design. No macOS, no Linux, no mobile agent.

Shifts have explicit start and end times — and when start > end, the system understands the shift crosses midnight. Late and overtime arithmetic, working-day bitmasks and break tracking all handle this natively. Holidays attach per office (with its own timezone).

Each customer gets its own database, not row-level filtering in a shared table. The central database holds only tenants, domains and auth tokens — nothing about your activity. Strongest possible data separation.

Yes. Per-tenant SMTP is built in. You enter your SMTP credentials in the workspace settings (encrypted at rest), and all alert email sends through your own infrastructure.

There's a dedicated 'ops-admin' role that can manage machines, shifts, holidays, users, teams and offices — but cannot touch DLP detection rules, suppression lists, API tokens or SMTP. The 'tenant-admin' role is the inverse: full security/IT control. This lets you run HR and security on the same product without giving HR ops a view of the security console.

It's a Python-based Windows agent that runs in the user's logon session. No kernel driver, no admin install required for most features. You can disable individual DLP monitors per policy.

The agent buffers activity logs to disk and sends them when the network comes back. Event logs are sent live and not yet persisted across crashes — a real outage of more than a few hours risks losing in-flight events.

Yes — that's the recommended path. Install on a pilot group during the trial, validate the rule library against your environment, then roll out broadly.