Last updated: 7/17/2025
CognitiveCore Technologies, LLC (“CognitiveCore,” “we,” “our”) is the controller of personal data processed via the Service.
This Policy explains how we collect, use, disclose, and secure personal data when you: (a) visit our website, (b) create an account, or (c) interact with AI features.
| Category | Examples | Source |
|---|---|---|
| Account Data | name, email, password hash | you |
| Company Profile | company name, URL, uploaded descriptions | you |
| Usage Data | IP address, device, log files, page views, prompt/response logs | automated |
| Payment Data | last 4 digits, billing address (processed by Stripe/PayPal) | processor |
| AI Output Logs | prompts and generated content linked to your user ID | generated |
We do not intentionally collect sensitive personal data unless you upload it.
| Purpose | Legal Basis (GDPR art. 6) |
|---|---|
| Provide and maintain the Service | Contract (b) |
| Improve models & analytics | Legitimate interest (f) – performance & security |
| Marketing emails | Consent (a) (you may withdraw) |
| Compliance, fraud, and security | Legal obligation (c) & Legitimate interest (f) |
No solely automated decisions with legal or similarly significant effect are made.
We share personal data with:
All subprocessors are bound by Data Processing Agreements (DPAs).
Data may be transferred to the United States and other jurisdictions. Transfers from the EEA/UK rely on Standard Contractual Clauses (SCCs) and supplementary safeguards.
We retain personal data for the duration of your account plus 12 months, or as required for legal or audit purposes, then delete or anonymize.
EEA/UK/Swiss residents may request access, rectification, erasure, restriction, data portability, or object to processing. California residents have CCPA/CPRA rights to know, delete, and opt-out of “sales” or “sharing.” We do not sell personal data.
To exercise rights, email contact@cognitivecoretechnologies.com. We respond within 30 days. You may lodge complaints with your supervisory authority (e.g., Irish DPC).
We employ industry-standard controls: encryption in transit and at rest, role-based access, vulnerability scanning, and incident response procedures.
We use strictly necessary cookies for authentication and optional analytics cookies (PostHog, Google Analytics). EEA/UK visitors see a consent banner.
The Service is not directed to children under 16. We do not knowingly process their data.
We will post updates here and notify you by email or in-app at least 30 days before material changes.
For privacy questions, data-subject requests, or complaints, email contact@cognitivecoretechnologies.com.
(If legally required, list an EU/UK representative and Data Protection Officer here.)