Privacy Policy

Last Updated: January 29, 2026

Your privacy is our priority. Learn how we protect and handle your data with CMMI Level 5 certified processes.

1. Introduction

CognexiaAI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Enterprise Resource Planning (ERP) platform and related services (collectively, the "Services"). Our privacy practices are certified under CMMI Level 5, ISO 27001, and SOC 2 Type II standards.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, job title, and password
  • Business Data: Customer records, employee information, financial data, inventory data, and other business-related information you input into our Services
  • Payment Information: Billing address, payment card details (processed securely through PCI-DSS compliant payment processors)
  • Communications: Support requests, feedback, and other communications with us

2.2 Automatically Collected Information

  • Usage Data: Pages viewed, features used, time spent, click patterns, and session information
  • Device Information: IP address, browser type, operating system, device identifiers, and network information
  • Cookies and Tracking Technologies: Session cookies, persistent cookies, web beacons, and similar technologies

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Provide, maintain, and improve our ERP platform and Services
  • AI and Analytics: Train AI models, generate insights, and provide predictive analytics (only with aggregated, anonymized data)
  • Communication: Send service updates, security alerts, technical notices, and support responses
  • Security: Detect, prevent, and respond to fraud, security threats, and illegal activities
  • Compliance: Comply with legal obligations, regulatory requirements, and law enforcement requests
  • Marketing: Send promotional materials and updates (with your consent, and you may opt-out anytime)

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party vendors who perform services on our behalf (cloud hosting, payment processing, analytics). All service providers are bound by strict data protection agreements.
  • Business Transfers: In connection with mergers, acquisitions, or sale of assets, subject to confidentiality obligations.
  • Legal Requirements: When required by law, court order, or government investigation.
  • With Your Consent: Any other sharing with your explicit permission.

5. Data Security

We implement comprehensive security measures aligned with CMMI Level 5, ISO 27001, and SOC 2 Type II standards:

  • Encryption: AES-256 encryption at rest and TLS 1.3 in transit
  • Access Controls: Multi-factor authentication, role-based access control, and principle of least privilege
  • Monitoring: 24/7 security monitoring, intrusion detection, and incident response
  • Infrastructure: Enterprise-grade cloud infrastructure with redundancy and disaster recovery
  • Regular Audits: Annual third-party security audits and penetration testing

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Data Portability: Request a copy of your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications
  • Object: Object to processing of your personal information

To exercise these rights, contact us at privacy@cognexiaai.com

7. Data Retention

We retain your information for as long as necessary to provide Services and comply with legal obligations. Account data is retained while your account is active. After account closure, we retain data for 90 days for recovery purposes, then securely delete it unless required by law to retain longer. Backup data may be retained up to 1 year for disaster recovery purposes.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data in accordance with this Privacy Policy and applicable data protection laws.

9. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will promptly delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or prominent notice on our Services at least 30 days before the changes take effect. Your continued use of the Services after changes constitutes acceptance of the updated Privacy Policy.

11. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us:

Email: privacy@cognexiaai.com

Data Protection Officer: dpo@cognexiaai.com

Phone: +91-9167422630

Address: CognexiaAI, Mumbai, India

GDPR & CCPA Compliance

We are committed to compliance with the General Data Protection Regulation (GDPR) for EU residents and the California Consumer Privacy Act (CCPA) for California residents. If you are located in the EU or California, you have additional rights as outlined in this Privacy Policy. For specific GDPR or CCPA requests, please contact our Data Protection Officer.