COGNIT Privacy Policy

Effective date: 25 February 2026

This Privacy Policy explains how COGNIT ("COGNIT", "we", "our", or "us") collects, uses, and protects information in connection with our AI‑powered missed call texting service and related websites, applications, and services (collectively, the "Service"). It is intended for business users who use COGNIT to handle missed calls from their customers, as well as for individuals whose calls or messages are processed through the Service.

1. Who We Are

COGNIT is an AI‑powered communications tool that helps businesses automatically respond to missed phone calls using SMS text messages. We provide a web‑based/SaaS‑style platform that detects missed‑call events and sends automated or semi‑automated text responses on behalf of our business customers to keep customer interactions seamless and confidential.

For the purposes of applicable data protection laws, COGNIT generally acts as a “data processor” or “service provider” in relation to the caller information we process on behalf of our business customers, and as a “data controller” in relation to our own business customer account information and Service analytics. Where this Policy uses the terms "you" or "your", it may refer both to our business customers and to individuals whose calls or messages are processed via the Service, depending on the context.

2. What the Service Does and Who It Is For

COGNIT is designed for businesses, professionals, and organizations that receive inbound phone calls from customers, clients, or leads. When a call is missed, the Service can:

  • Detect the missed call event from a compatible phone number or system.
  • Trigger an automated or semi‑automated SMS response to the caller.
  • Use AI to help generate appropriate, customizable responses based on business settings and caller context, where enabled by the business customer.
  • Log call events and messaging outcomes for the business customer’s records and follow‑up.

COGNIT is not a consumer application for personal use. Our direct customers are responsible for ensuring that their use of the Service, and their instructions to us, comply with applicable telecom, marketing, and privacy laws in the jurisdictions where they operate and where their callers are located.

3. Information We May Collect and Process

COGNIT is focused on secure, confidential customer communication. According to the service design, we do not intentionally expose or store personal data such as emails, names, or payment card details unless explicitly provided by our business customers for account or billing purposes. However, as a telecom‑related and AI‑assisted messaging service, we necessarily process certain information to operate the Service. This section explains those categories.

3.1 Information Provided by Business Customers

When a business signs up for and uses COGNIT, we may collect and process the following information directly from that business or its authorized users:

  • Business account details, such as business name, contact phone number(s), and other configuration details you choose to provide.
  • Login and authentication information for administrators or users (such as usernames and hashed passwords or single‑sign‑on identifiers).
  • Service configuration data, including the phone numbers connected to COGNIT, routing rules, messaging templates, and AI response settings.
  • Billing and subscription information, which may include limited billing contact details and transaction records processed via our payment providers.

3.2 Information Processed About Callers on Behalf of Business Customers

When a caller dials a phone number that is configured to use COGNIT and the call is missed, we may process certain information relating to that call and subsequent SMS responses on behalf of the relevant business customer. This may include:

  • Caller phone number (originating number) and the business number that was called.
  • Call metadata, such as call start time, end time, duration, call status (e.g., missed, answered, voicemail), and related technical identifiers.
  • SMS metadata, such as the sending and receiving numbers, timestamps, and delivery status.
  • SMS content, including the text of messages sent by the Service to the caller, and any replies the caller may send back to that number.
  • Technical and device information transmitted by telecom carriers or network providers that is required to route and deliver calls and messages.

We process this information strictly to provide the Service to the relevant business customer, in accordance with their configuration and lawful instructions. Business customers are responsible for ensuring that they have a lawful basis to process caller information and to use COGNIT to send SMS communications to their callers.

3.3 Limited Use of Personal Details Such as Emails, Names, or Payment Information

COGNIT is designed not to require or intentionally store directly identifying personal details (such as email addresses, full names, or payment card numbers) of callers simply for the purpose of responding to missed calls by SMS. However:

  • Business customers may choose to provide contact names or labels in their own configuration to better identify callers; such information is processed as part of their account data.
  • We may collect account‑level contact details (such as an email address and name of a business representative) solely for account management, support, and billing communications.
  • Payment details (for example, card numbers) are generally collected and processed by independent, PCI‑compliant payment processors; we do not store full payment card numbers on our own systems.

We do not sell personal data and do not use customer account details, caller phone numbers, or message content for unrelated marketing purposes.

4. Legal Bases and Purposes for Processing

Where applicable (for example, if you are located in the European Economic Area, the United Kingdom, or a jurisdiction with similar requirements), we rely on the following legal bases to process personal data:

  • Performance of a contract: To provide and operate the Service under our agreement with business customers, including detecting missed calls, generating and sending SMS responses, and providing account and support services.
  • Legitimate interests: To secure and maintain our infrastructure, prevent fraud and abuse, improve and optimize the Service (including our AI models, where allowed), and understand general usage patterns, provided that such interests are not overridden by your data protection rights.
  • Compliance with legal obligations: To comply with applicable laws, regulations, court orders, or lawful requests from public authorities, including telecom and data retention obligations.
  • Consent: Where required by law (for example, for certain marketing communications or optional analytics), we may rely on your consent, which you can withdraw at any time.

In general, we use information we process (whether about business users or callers) for the following purposes:

  • Service delivery and operations, including detecting missed calls, routing events, and sending SMS replies.
  • Service configuration, customization, and customer support.
  • Security, fraud prevention, and abuse detection (for example, preventing spam or unauthorized access).
  • Service improvement and analytics, including improving the accuracy and relevance of AI‑generated responses using aggregated or appropriately safeguarded data.
  • Compliance with legal, regulatory, or contractual obligations.

5. How We Use Information

We use the information we collect or process in connection with the Service only as necessary and proportionate to operate and improve COGNIT, and in accordance with our agreements with business customers. This includes, in particular:

  • Detecting and registering missed‑call events and related call metadata.
  • Generating, delivering, and, where applicable, personalizing SMS replies using AI models and predefined templates configured by the business customer.
  • Routing messages through the appropriate telecom carriers and infrastructure providers.
  • Maintaining logs to troubleshoot issues, confirm delivery, and provide records to business customers.
  • Monitoring the Service for security, preventing unauthorized use or abuse, and enforcing our terms.
  • Aggregating or de‑identifying data where feasible to understand general usage trends and improve the performance, accuracy, and reliability of our AI capabilities and platform.
  • Communicating with business customers about their account, subscriptions, product updates, and support requests.

6. Data Sharing and Disclosure

We do not sell personal data. We share information only with the following categories of recipients and only to the extent necessary to provide and secure the Service or as required by law:

  • Telecom carriers and messaging providers: To route and deliver calls and SMS messages between business customers and their callers.
  • Cloud hosting and infrastructure providers: To host our platform, store logs, and ensure reliable performance.
  • AI and analytics providers: To support AI‑assisted responses and analytics features, under contractual restrictions that protect confidentiality and limit use of data.
  • Payment processors: To process subscription payments and manage billing, where these providers typically act as independent controllers of payment data.
  • Professional advisers: Such as legal, accounting, or security consultants, where reasonably necessary to protect our legal rights or comply with obligations.
  • Public authorities and law enforcement: Where we are legally required to do so, or where disclosure is necessary to protect the rights, property, or safety of COGNIT, our customers, callers, or others.

Where we engage third‑party service providers to process information on our behalf, we require them by contract to implement appropriate security measures and to process information only in accordance with our instructions and applicable law.

7. Data Retention

We retain information only for as long as reasonably necessary to provide the Service, fulfill the purposes described in this Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. In general:

  • Call and SMS metadata and logs may be retained for a period determined by the business customer’s configuration, our contractual commitments, and any applicable telecom or legal requirements.
  • SMS content (message bodies) may be retained for a limited operational period to support delivery confirmation, troubleshooting, AI improvements where allowed, and business customer access, after which it may be deleted, anonymized, or aggregated.
  • Account and billing records for business customers may be retained for longer periods as required by accounting, tax, or legal record‑keeping obligations.

Where feasible, we aim to minimize retention of directly identifying information and encourage business customers to configure retention settings that align with their own legal and business needs.

8. Security Measures

We implement technical and organizational measures designed to protect the confidentiality, integrity, and availability of the information we process. These measures may include, among others:

  • Encryption of data in transit using industry‑standard protocols (such as TLS) where supported by the relevant networks and providers.
  • Access controls, role‑based permissions, and authentication mechanisms to limit access to systems and data to authorized personnel only.
  • Segregation of environments and logging of administrative access and critical actions.
  • Use of reputable cloud infrastructure providers with robust physical and network security programs.
  • Internal policies and training regarding data protection and confidentiality obligations.
  • Regular monitoring for unusual activity and efforts to patch and update systems in a timely manner.

No system can be guaranteed to be completely secure, and we cannot promise that unauthorized access or breaches will never occur. However, we are committed to continually improving our security posture and to notifying affected parties where required by law if a security incident impacts their information.

9. International Data Transfers

Because COGNIT is a cloud‑based communications service, information processed via the Service may be transferred to, stored in, or accessed from countries other than the country where it originated. These countries may have data protection laws that differ from those in your jurisdiction.

Where required by law, we implement appropriate safeguards for such international transfers. These may include relying on adequacy decisions, using standard contractual clauses approved by relevant regulators, or other lawful transfer mechanisms. Business customers remain responsible for ensuring that their configuration and use of the Service comply with any restrictions on cross‑border data transfers that apply to them.

10. Rights of Users and Callers

Depending on your location and applicable law, you may have certain rights regarding personal data that relates to you. These rights may include, for example:

  • The right to access a copy of your personal data we process.
  • The right to request correction of inaccurate or incomplete personal data.
  • The right to request deletion (erasure) of your personal data, subject to legal retention requirements.
  • The right to restrict or object to certain types of processing.
  • The right to data portability, where technically feasible and required by law.
  • The right to withdraw consent where processing is based on your consent.
  • The right to lodge a complaint with a supervisory or regulatory authority.

If you are a caller whose information is processed by COGNIT on behalf of a business customer (for example, your phone number, call metadata, or SMS content), we typically act as a processor/service provider, and any request to exercise your data protection rights should in the first instance be directed to the relevant business that you called. We will support our business customers in responding to such requests in accordance with our contractual commitments and applicable law.

11. Managing and Deleting Data as a Business Customer

Business customers have primary control over the data processed through their COGNIT accounts. Depending on the features provided by the Service, you may be able to:

  • View, search, or export certain call and SMS logs associated with your numbers.
  • Configure retention settings or delete specific logs or records within your account, where such controls are available.
  • Update or delete account‑level information (such as contact details and configuration data).

If you require assistance in managing or deleting data processed via your COGNIT account, including in connection with a data subject request you receive, you may contact us using the details in the "Contact Us" section below. We will respond in accordance with our contractual obligations and applicable law. Please note that we may be unable to delete or anonymize certain information where we are legally required to retain it or where it is technically infeasible to do so without undue burden.

12. Children’s Privacy

The Service is intended for use by businesses and other organizations. It is not directed to or intended for use by children. We do not knowingly collect personal data from children under the age of 16 (or any higher age limit that may apply in a particular jurisdiction) as account holders or business users.

Because COGNIT processes inbound calls and messages, it is possible that callers may include individuals under this age threshold; however, such processing occurs only incidentally on behalf of business customers as part of their normal telecom activities. Business customers are responsible for ensuring that their use of the Service, including communications with minors if any, complies with applicable laws and parental consent requirements.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will take appropriate steps to notify business customers, such as by posting the updated Policy on our website, updating the “Effective date” at the top, and/or providing a notice through the Service or via email where feasible.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect information processed through COGNIT. Your continued use of the Service after any changes to this Policy will constitute your acknowledgment of the updated Policy.

14. Contact Us

If you have any questions or concerns about this Privacy Policy, our data protection practices, or would like to exercise your rights, you may contact us at:

Email: [email protected]
Call: 952-260-5722

When contacting us, please provide sufficient information to allow us to identify you and understand your request. If you are a caller seeking to exercise rights relating to communications you received from a specific business using COGNIT, we may direct you to contact that business where appropriate, and we will assist them in responding to your request as required by applicable law.

"No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties."