Security & Data Practices

We focus on:

• limiting access to data based on role and need
• using reputable cloud infrastructure and managed services
• separating customer and tenant data where applicable
• maintaining auditability where product workflows require it
• reducing unnecessary data collection
• reviewing data flows before production use

For the public website, we collect only the information needed to respond to inquiries, schedule calls, understand website usage, and protect the site from abuse.

See our Privacy Policy for more detail.

Some Cognify Works products and custom solutions may process business, operational, education, MSP, IT service, or workflow data. Those engagements require separate written agreements that define:

• data ownership
• permitted use
• hosting responsibilities
• access controls
• retention expectations
• support responsibilities
• data processing obligations

Some hosted products may support education or other regulated workflows. We do not claim blanket compliance or certification from this website alone. Compliance responsibilities, including FERPA-related handling where applicable, must be addressed in the customer agreement and implementation process.

When AI is used in a customer solution, the intended use, data flow, model behavior, review process, and guardrails should be defined during implementation. We avoid treating AI as a black box for business-critical decisions without appropriate oversight.

Cognify Works may use cloud hosting, email, analytics, scheduling, storage, AI model providers, and other vendors to operate the website and deliver services. Customer-specific vendor and subprocessor details should be addressed in the relevant agreement or data processing terms.

If a security issue affects customer data, response obligations and notification procedures should follow the applicable customer agreement and legal requirements.

For security or data-practice questions, contact: [email protected]