Privacy Policy

Cognizer Privacy Policy

At Cognizer, we care about the privacy of your data and are committed to protecting it. This Privacy Policy describes how Cognizer collects, usesand protects certain types of data and information entered into or produced by Cognizer software products and systems (collectively “Cognizer Services”) and our website(s) (collectively “Cognizer Websites”).

The terms “you,” “your,” “yours,” and User refer to anyone utilizing the Cognizer Services. The terms “Cognizer,” “we,” “us,” and “our” refer to Cognizer, Inc. and its subsidiaries and affiliates. By accessing or using Cognizer Services, you are accepting the policies and practices described in this Privacy Policy. This Privacy Policy is incorporated into Cognizer’s Terms of Service and License Agreement. Each time you access or use Cognizer Services, you agree to our collection, use, and disclosure of the information that you provide as described in this Privacy Policy. We may periodically make changes to this Privacy Policy that we will include on this page. It is your responsibility to review this Privacy Policy frequently and remain informed about any changes.

Summary
  • We hope you read this entire Privacy Policy. However, if you’re in a hurry, here is a brief overview of the most important points:
    We don’t help third parties to advertise their products to you.
  • We do not andwill not sell your information.
  • We collect and analyze data about your interactions with and usage of Cognizer Services in order to provide you an excellent customer experience and improve our products.
  • We collect information about you and track your interaction with Cognizer Websites in order to provide you with an excellent and personalized experience.
  • We use a small number of trusted third parties to operate our Cognizer Services and Cognizer Websites. Please refer to the “Subprocessors” section below to learn more.

Please make note that this Privacy Policy does not apply to information collected by websites, applications or advertising owned by other organizations that may link to or be accessible from our products, applications,or websites. We are not responsible for their privacy policies or data collection and disclosure practices. We encourage you to review the privacy policies of every company that uses your data and each website you visit.

Types of Information Collected

  1. User and Account Information. In order to make use of our Cognizer Services, we collect discrete information including but not limited to your legal name and email address. You are responsible for providing complete and accurate information to Cognizer (at the time of initial collection, and in the event of any changes). If the organization you work for uses our Cognizer Services, we may also collect information including but not limited to your job title, department, team, business name and domain name. We expect all users to follow their organization’s privacy policy and any applicable regulatory requirements when entering, uploading, accessing and using personal information while using our Cognizer Services. See the Source Content section for more details.
  2. Payment Cognizer Services and Information. In certain cases, you must enter payment related information in order to make use of our Cognizer Services. We do not directly collect or store payment related (i.e. credit card) data; instead we use third-party payment Cognizer Services to collect, process, manage and securely store payment information and process payments. Please see the Subprocessors section for more detail.
  3. Cognizer Services Usage Data. We collect and analyze data about your interactions with and usage of Cognizer Services in order to provide you an excellent customer experience and improve our products. For example, each time you access Cognizer Services, we collect data describing when, how and where you did do, changes to any settings you made and and how our Cognizer Services responded to your actions.
  4. Cognizer Websites Usage Data. We collect information about you and track your interaction with Cognizer Websites in order to provide you with an excellent and personalized experience. For example, each time you access Cognizer Websites, we collect data describing when, how and where you did do and how our Cognizer Websites responded to your actions. We use third-party service providers to improve our performance (e.g. Google Analytics) and analyze usage patterns, which certain features and functions of Cognizer Websites you and other users access, and better understand how we can be of service to you.
  5. Cognizer Customer Service Data. Cognizer strives for exceptional customer service, and when you may submit a request for help or assistance we record this information (“Service Data”).
  6. Cookies and Pixel Tags. We use technologies like cookies and pixel tags in Cognizer Services and Cognizer Websites to improve your experience. Cookies are small data files sent to your browser when you visit a website or use a mobile application. We use cookies to help you (i) log you into our products; (ii) remember preferences and settings; and (iii) better understand how you are interacting with Cognizer Services and Cognizer Websites. You can set your browser to not accept cookies, but this may limit your ability to interact with Cognizer Services and Cognizer Websites. A pixel tag is a small piece of code that can be embedded on websites and emails. We use pixel tags to learn how you interact with Cognizer Websites and emails we send you. This information helps us personalize and tailor your experience. For example, if you have not made use of any new features of our Cognizer services, we may send you an email explaining how to do so. If you do not open that email, we may send you a reminder a few days later to ensure you are well informed.
  7. Source Content and OAuth Tokens. Cognizer Services use artificial intelligence to read, interpret, and learn from your documents, emails, messages, files and other types of unstructured content (“Source Content“). Doing so involves connecting and reading from a variety of content repositories (e.g. Box.com, Drobox, Gmail, Google Drive, Outlook, OneDrive, SharePoint.) When you authorize us to access your account(s) with such third-party sources (“Content Repositories”), we use OAuth (Open Authorization); an open standard authorization framework for token-based authorization on the internet. OAuth, which is pronounced “oh-auth,” enables your account information to be used by Content Repositories without exposing your account credentials to Cognizer Services. You can disable our access to your Source Data anytime by de-linking the Content Repository from our Cognizer Services. When you de-link your third-party data sources from our Cognizer Services, all your Learned Data (as described below) derived from your Source Content in the de-linked Content Repository is deleted from all Cognizer Services. Please see the “Additional Limits on Use of Your Google User Data” section below for more information about our collection of your Google User Data.
  8. Learned Data. Cognizer Services use artificial intelligence and machine learning to convert authorized Source Content from authorized Content Repositories from an unstructured format to structured formats. Specifically, Cognizer Services extract and organize the facts and details contained in Source Content into formats which can be used functionally to answer your questions, power applications or automations in the manner in which you permit. This is Learned Data (“Learned Data”). If you de-link any Content Repository from our Cognizer Services, the Learned Data derived from the Source Content in the de-linked Content Repository is deleted. Once deleted it cannot be directly restored, but you can re-link the Content Repository to trigger Cognizer Services to repeat the learning process. Closing your Cognizer Services account also deletes Learned Data.
  9. Metadata. Source Content contains additional data that describe it, such as the name of a file or the date it was created (“Metadata”). Cognizer Services uses Metadata in several ways such as providing evidence for an answer to your questions or determining if a new version of that document has replaced an older one. Metadata may also be used to determine access control to facts or details derived from Source Content. If you de-link any Content Repository from our Cognizer Services, the Metadata derived from the Source Content in the de-linked Content Repository is deleted. Closing your Cognizer Services account also deletes Metadata.
  10. Event Logs. Cognizer Services log all the activities each user performs, including linking and de-linking Source Content. In addition, automated processes that Cognizer Services perform, such as the generation of Learned Data, are logged. Event logs are used to improve your experience, monitor Cognizer Services and alert us in the event of any unauthorized intrusion. Event logs are also used to track the date, time and location of technical issues, cybersecurity breaches and compute resource activity all of which is used to isolate the cause, as well as take immediate steps to remedy the issue or breach. Closing your Cognizer Services will be stored in Event Logs but the data within these Event Logs are not deleted.

Use of Information

Cognizer does not share, sell, lend or lease any information. that identifies a client or purchaser of Cognizer Services (such as email addresses or personal details) with anyone.

However, all other data and information that does not identify you as the client or any of your end-clients or customers –such as information collected through the use of cookies as well as data collected about your interaction with our Cognizer Services –may be used by us for any lawful business purposes, including the following:

  • General Business Uses. We may use the information that we collect for a variety of internal, business purposes, including: (1) to provide and administer our Cognizer Services, authenticate users for security purposes, provide personalized user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Cognizer Services; (2) to communicate with you about your use of our Cognizer Services, product announcements, and software updates, as well as respond to your requests for assistance, including providing account verification support if you’re having difficulty accessing your account; (3) to display relevant content associated with your account and make sure it is available to you when you use our Cognizer Services; (4) to monitor and analyze trends, usage, and activities in connection with our Cognizer Services, and for marketing or advertising purposes; and (5) to investigate and prevent fraudulent transactions, unauthorized access to our Cognizer Services, and other illegal activities. In addition, we work with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis, and other Cognizer Services for us. These service providers may have access to your information for the purpose of providing those Cognizer Services for us. Please see the “Additional Limits on Use of Your Google User Data” section below for more information about our use of your Google User Data.
  • Aggregated or Anonymized Data. Except for Google Data, we may also use for internal purposes any aggregated or anonymized information that does not directly identify you.
  • Other Authorized Users. Enterprise versions of our Cognizer Services may display user and profile information of each authorized user under such enterprise license to other authorized users within the enterprise.
Legal disclosures
It is possible that we may need to disclose personal information when required by law, subpoena, or other legal processes as identified in the applicable legislation. We attempt to notify our clients about legal demands for their personal data when appropriate in our judgment unless prohibited by law or court order or when the request is an emergency.
 
Change in Control
We can also share your personal data as part of a sale, merger or change in control or in preparation for any of these events. Any other entity which buys us, or part of our business will have the right to continue to use your data, but only in the manner set out in this Privacy Policy unless you agree otherwise.
 
Other Important Information
We will only collect and process personal data about you where we have a lawful reason for its collection. When you visit our Website and provide us with your personal information, we collect and use it with your consent.
 
As an Application End User, you consent to our collection of your personal information when you log in for the first time. However, your employer has control of the account and may upload and share additional personal information. It is your employer’s responsibility to ensure the collection, use and sharing of the personal information uploaded to the Application complies with all applicable legislation.
 

Additional Limits on Use of Your Google User Data:  With your authorization, our Cognizer Services access and use the files and information within your G Suite account, including the files stored in your Google Drive service, the labels, messages, and attachments sent and received in your Gmail service, including metadata stored within each service (collectively, “Google Data”). You can connect our Cognizer Services to your Google accounts using OAuth authentication, a secure mechanism to give us access to your Google Data without letting us know your password. Once you provide access, we can collect and use Google Data through the G Suite APIs. Notwithstanding anything else in this Privacy Policy, if you provide us with access to the following types of your Google Data, our use of that data will be subject to these additional restrictions:

  • We will only use access to read Google Data to provide you with our Cognizer Services.
  • We will not transfer Google Data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
  • We will not use Google data for serving advertisements.

We will not allow humans to read this data unless:

  • we have your affirmative agreement for specific content
  • doing so is necessary for security purposes such as investigating abuse or technical issues.
  • to comply with applicable law; or
  • for our internal operations and even then, only when the data has been aggregated or anonymized.

Our use of information received from Google APIs will adhere to Google API Cognizer Services User Data Policy, including the Limited Use requirements.

How We Protect Your Information
We are committed to protecting the security of your information and take reasonable precautions to protect it from unauthorized access, use, or disclosure. However, no method of transmission over the Internet, or method of electronic storage, is fully secure; and as a result, we cannot guarantee that your data will be 100% secure while in transit or at rest; and you acknowledge that you are aware of such risks.
 
Cognizer Services utilize advanced encryption techniques to protect data in transit and at rest. We use Transport Layer Security, or TLS, a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. TLS protects your Account Data as you type it on your web browser, and the reading of your Source Content. We use an advanced AES 256-bit CBC encrypted vault to project data at rest, such as the Learned Data and Account Data once processed. In addition, we have implemented best-practice standards and controls in compliance with internationally recognized security frameworks.
 
Our data protection methods cannot protect the Source Content in your Content Repository accounts, the files on your computer or mobile device, or passwords stored in your browser. You should notify us of any unauthorized use of your account or devices.
 
How We Scan and Report Data Vulnerabilities
Cognizer regularly performs vulnerability scans to identify threats and vulnerabilities relating to our Cognizer Services. Issues identified are analyzed and remediated in a timely manner. In the event that we are required by law to inform you of a breach to your information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
 
To report vulnerabilities or concerns about Cognizer’s Data Security or Privacy, please contact us via email: security@cognizer.ai
 
Your Data; Your Rights
Cognizer Services are compliant with standards used by many privacy regulations such as the General Data Protection Regulation (GDPR) governing data protection and privacy in the European Union and the European Economic Area or the California Consumer Privacy Act of 2018 (CCPA). Here is how we service your rights under these regulations.
 
We honor your right to obtain information about what personal information we process about you or to obtain a copy of your personal information.
  • You can receive a list of the Account Data, Service Data and the list of Source Content from which we generated Learned Data that is stored in Cognizer Services by completing this data privacy request form; we endeavor to respond to all such requests within ten (10) business days.
  • As described above, your Account Data contains personal information, all of which is visible to you by logging into your Cognizer Service account.
  • As described above, your Service Data may also include personal information, such as your name and email. Our Website Services used to provide you with customer or technical support and/or product information may also contain personal information.
  • In some cases, your Source Content may contain personal information. Inspecting the Source Data in your Content Repository will display any personal information contained within. The Learned Data generated from your Source Content will contain the very same personal information, as those are facts and details which Cognizer Services reads and learns.

We honor your right to update/correct your personal information.

  • Once you receive the aforementioned list of Account Data, Service Data and list of Source Content from which we generate Learned Data, you can contact us using the data privacy request form to inform us how you would like this data updated or corrected.
  • Your Account Data can be edited by you directly.
  • Your Service Data can be easily edited by us.
  • Your Learned Data can be corrected by updating your Source Content in the Content Repository within which it was read and that will automatically update your Learned Data derived from your Source Content. If you prefer to remove a specific item in your Content Source from Cognizer Services, you can simply password protect it in your Content Repository, and it will automatically be removed from Cognizer Services.

We honor your right to request deletion of your personal information at any time.

  • Simply use our data privacy request form to inform us of your desire to have us fully delete your data from Cognizer Services and Website Services. Please note that once you do so, the email associated with your account will no longer be eligible to make future use of Cognizer Services.
  • You can directly delete your Account Data and Learned Data by closing your Cognizer Services account.
  • We will manually purge any of your personal information contained within Cognizer Customer Service Data and Website Usage Data associated with your account.
  • Once you receive the aforementioned list of Account Data, Service Data and list of Source Content from which we generate Learned Data, you can contact us using the data privacy request form to inform us how you would like this data updated or corrected.
  • Your Account Data can be edited by you directly.
  • Your Service Data can be easily edited by us.
  • Your Learned Data can be corrected by updating your Source Content in the Content Repository within which it was read and that will automatically update your Learned Data derived from your Source Content. If you prefer to remove a specific item in your Content Source from Cognizer Services, you can simply password protect it in your Content Repository, and it will automatically be removed from Cognizer Services.

We honor your right to request deletion of your personal information at any time.

  • Simply use our data privacy request form to inform us of your desire to have us fully delete your data from Cognizer Services and Website Services. Please note that once you do so, the email associated with your account will no longer be eligible to make future use of Cognizer Services.
  • You can directly delete your Account Data and Learned Data by closing your Cognizer Services account.
  • We will manually purge any of your personal information contained within Cognizer Customer Service Data and Website Usage Data associated with your account.
How long we keep your personal information

We retain information as long as it is necessary to provide the Cognizer Services to you and our Clients, subject to any legal obligations to further retain such information.

We may also retain information to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce our Terms of Service and take other actions permitted by law.

The information we retain will be handled in accordance with this Privacy Policy.

Information connected to you that is no longer necessary and relevant to provide our Cognizer Services may be de-identified or aggregated with other non-personal data to provide insights which are commercially valuable to Cognizer, such as statistics of the use of the Cognizer Services.

Cognizer Subprocessors

A sub-processor is a vendor that Cognizer uses to perform specific functions associated with Cognizer Services that we do not perform ourselves. Some of these sub-processors may directly or indirectly process personal data on behalf of our customers. We list our Sub Processors here and the activities each performs.