Privacy Policy

Last updated: December 2024

Key Points Summary

We never store your passwords - Zero-knowledge credential handling
No AI training on your data - Your business data stays private
30-day data retention - Automation logs auto-delete
Easy data deletion - Request removal anytime

1. Introduction

CognitiFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cognitiflow.ai and use our AI automation services.

2. Information We Collect

We collect information in the following ways:

2.1 Information You Provide

  • Account Information: Name, email address, company name, phone number when you sign up or contact us.
  • Automation Configuration: Details about the tasks you want to automate and the applications you use.
  • Payment Information: Billing details processed securely through Stripe (we do not store full card numbers).
  • Communications: Information you provide when you contact our support team.

2.2 Information Collected Automatically

  • Usage Data: How you interact with our website and services.
  • Device Data: Browser type, operating system, IP address, and device identifiers.
  • Automation Logs: Records of automated tasks performed (retained for 30 days).

2.3 Information We Do NOT Collect

  • Passwords: We never store or have access to your passwords for connected applications.
  • Sensitive Business Data: Content processed by automations is not stored beyond temporary processing.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our automation services
  • Process your transactions and send related information
  • Respond to your inquiries and provide customer support
  • Send you technical notices, updates, and administrative messages
  • Communicate with you about products, services, and promotions (with your consent)
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. Data Retention

We retain different types of data for different periods:

  • Account Information: Retained while your account is active and for 90 days after closure.
  • Automation Logs: Retained for 30 days, then automatically deleted.
  • Billing Records: Retained for 7 years for tax and legal compliance.
  • Support Communications: Retained for 2 years to improve service.

You can request deletion of your data at any time by contacting us at privacy@cognitiflow.ai.

5. AI and Machine Learning

Important: Your business data is never used to train our AI models or any third-party AI systems.

Our AI processes your data solely to perform the automations you configure. This processing is temporary and data is not retained beyond what is necessary to complete the task and maintain logs for the retention period specified above.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: 256-bit AES encryption for data at rest and TLS 1.3 for data in transit
  • Access Controls: Role-based access with multi-factor authentication for our team
  • Infrastructure: Hosted on SOC 2 Type II certified cloud providers
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Audits: Regular security assessments and penetration testing

7. Information Sharing

We do not sell, trade, or rent your personal information. We may share information with:

  • Service Providers: Companies that help us provide our services (hosting, email, analytics)
  • Payment Processors: Stripe for secure payment processing
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for the website to function properly
  • Analytics Cookies: Help us understand how visitors use our site
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

9. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your personal information
  • Restriction: Request restriction of processing
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@cognitiflow.ai. We will respond within 30 days.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information, including Standard Contractual Clauses approved by relevant authorities.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@cognitiflow.ai
General Inquiries: hello@cognitiflow.ai
Address: CognitiFlow, United States & Israel

← Back to Homepage