Privacy Policy

Effective Date: February 19, 2026  |  Last Updated: February 19, 2026

Disclaimer: This Privacy Policy is provided for informational purposes and does not constitute legal advice. We recommend consulting with a qualified legal professional for advice specific to your situation.

1. Introduction

This Privacy Policy explains how CognX (pronounced “cog-nex”), operated by Som Chakravarty (sole proprietor, based in Bangalore, India), collects, uses, stores, and protects your information when you use our service at cognx.ai (“Service”).

CognX connects, reads, acts, automates, and analyzes across GitHub, Linear, and Jira via Slack. Because our Service integrates with these third-party platforms, this policy specifically addresses how data flows between CognX and these services.

By using CognX, you agree to the practices described in this Privacy Policy. Please also review our Terms of Service and Refund Policy.

2. Data We Collect

2.1 Account Information

  • Full name and display name
  • Email address
  • Organization/company name
  • Billing information (processed and stored by our payment processor — we do not store full payment card details)

2.2 Data from Slack

When you connect CognX to your Slack workspace, we may access:

  • Workspace name and ID
  • User profiles (names, email addresses, roles)
  • Channel names and metadata (not message content unless explicitly invoked)
  • Messages and commands directed to CognX (e.g., slash commands, bot mentions)
  • Slack user IDs and workspace member lists

2.3 Data from GitHub

When you connect a GitHub account or organization, we may access:

  • Repository names, metadata, and visibility settings
  • Issues, pull requests, and their associated comments and labels
  • Commit metadata (authors, messages, timestamps, branch info)
  • GitHub usernames and profile information
  • Webhook event data (push events, PR events, issue events, etc.)
  • Organization and team membership data

2.4 Data from Linear

When you connect a Linear workspace, we may access:

  • Issue titles, descriptions, statuses, priorities, and labels
  • Project and cycle information
  • Team structures and member lists
  • Comments and activity history on issues
  • Linear user profiles and IDs
  • Workflow state configurations

2.5 Data from Jira

When you connect a Jira instance, we may access:

  • Issue keys, summaries, descriptions, statuses, and priorities
  • Project names, keys, and configurations
  • Sprint and board data
  • Comments and work logs
  • Jira user profiles and account IDs
  • Workflow configurations and transitions
  • Custom field values relevant to connected workflows

2.6 Usage Data

  • Log data (IP address, browser type, operating system, access times)
  • Feature usage patterns and interaction data within CognX
  • Error reports and performance data

2.7 Cookies and Similar Technologies

We use cookies and similar technologies for:

  • Essential cookies: Required for the Service to function (authentication, session management).
  • Analytics cookies: Help us understand how the Service is used (anonymized where possible).
  • Preference cookies: Remember your settings and preferences.

You can manage cookie preferences through your browser settings. Disabling essential cookies may impair Service functionality.

3. How We Use Your Data

We use the data we collect to:

  • Provide the Service: Connect your tools, automate workflows, surface insights, and deliver CognX's core functionality.
  • Process transactions: Manage subscriptions, billing, and payments.
  • Communicate with you: Send service announcements, updates, security alerts, and support messages.
  • Improve the Service: Analyze usage patterns to enhance features, fix bugs, and optimize performance.
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access.
  • Comply with legal obligations: Meet applicable legal, regulatory, and tax requirements.

We do not:

  • Sell your personal data to third parties.
  • Use your connected data (from GitHub, Linear, Jira, or Slack) for advertising purposes.
  • Train general-purpose AI models on your private data.

4. How Data Flows Through Third-Party Integrations

4.1 Authorization Model

CognX uses OAuth 2.0 (or equivalent secure authorization) to connect with GitHub, Linear, Jira, and Slack. You explicitly grant permissions during the connection process, and you can revoke access at any time through the respective platform's settings or through CognX.

4.2 Data Processing

  • Data from connected services is processed in real time to deliver automations and insights.
  • We cache relevant data to ensure fast response times and reduce API calls to third-party services.
  • Cached data is refreshed periodically and purged when you disconnect a service.

4.3 Data Isolation

  • Each organization's data is logically isolated within our systems.
  • Cross-organization data access is not permitted.

5. Data Sharing and Disclosure

We may share your data only in the following circumstances:

  • Service providers: Trusted third-party vendors who assist in operating the Service (hosting, payment processing, analytics). These providers are contractually bound to protect your data.
  • Legal requirements: When required by law, regulation, legal process, or governmental request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to you.
  • With your consent: When you explicitly authorize sharing.
  • Safety: To protect the rights, safety, or property of CognX, our users, or the public.

6. Data Retention

  • Account data: Retained for as long as your account is active, plus 90 days after account deletion to allow for reactivation.
  • Integration data: Cached data from third-party services is retained only while the integration is active. Data is purged within 30 days of disconnection.
  • Usage and log data: Retained for up to 12 months for analytics and security purposes, then anonymized or deleted.
  • Billing records: Retained as required by applicable tax and financial regulations (typically 7 years for Indian tax law).

7. Your Rights

7.1 General Rights (All Users)

Regardless of your location, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your account and associated personal data.
  • Export your data in a portable format.
  • Disconnect any third-party integration at any time.

7.2 Rights Under GDPR (EEA/UK Users)

If you are located in the European Economic Area or the United Kingdom, you additionally have the right to:

  • Object to processing based on legitimate interests.
  • Restrict processing in certain circumstances.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

Legal basis for processing: We process your data based on:

  • Contract performance — to provide the Service you subscribed to.
  • Legitimate interests — to improve and secure the Service.
  • Consent — where you have explicitly opted in (e.g., marketing communications).
  • Legal obligation — to comply with applicable laws.

7.3 Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used.
  • Delete your personal information.
  • Opt out of the sale of personal information (note: we do not sell personal information).
  • Non-discrimination — we will not discriminate against you for exercising your rights.

To exercise any of these rights, contact us at support@cognx.ai. We will respond within 30 days (or sooner if required by applicable law).

8. Data Security

We implement reasonable technical and organizational measures to protect your data, including:

  • Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls: Role-based access controls and the principle of least privilege for internal systems.
  • Infrastructure: Hosted on reputable cloud infrastructure with SOC 2 compliance.
  • Monitoring: Continuous monitoring for unauthorized access and anomalies.
  • Incident response: Documented incident response procedures with timely notification to affected users as required by law.

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

CognX is operated from India. If you are accessing the Service from outside India, your data may be transferred to and processed in India or other jurisdictions where our service providers operate.

Where required (e.g., for EEA/UK users), we ensure appropriate safeguards are in place for international data transfers, such as Standard Contractual Clauses or equivalent mechanisms.

10. Children's Privacy

CognX is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at support@cognx.ai, and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • Email notification to your registered email address.
  • A prominent notice on the Service.

Changes take effect 30 days after notification unless otherwise stated. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact Us

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

Email: support@cognx.ai
Website: cognx.ai

Data Controller:
Som Chakravarty
Bangalore, Karnataka, India

© 2026 Som Chakravarty. All rights reserved.