We keep this policy short. Cognition is built for engineering teams; we only collect what we need to run the product, secure accounts, and improve reliability.
What we collect
Account identifiers (name, email if provided), group membership, and keys you mint.
Operational logs needed to run the service (request metadata, errors, rate limiting).
Product data you explicitly send through Cognition (skills, approvals, and related metadata).
Privacy-safe product usage signals, such as setup milestones, session counts, derived agent activity types, skill usage, and value receipt metadata.
How we use it
Provide the service (group brain, skill storage, retrieval, and onboarding flows).
Security (abuse prevention, auditing, and incident response).
Reliability (performance monitoring and debugging).
Product improvement (understanding activation, blockers, feature usage, and whether Cognition is helping users reach value).
Analytics boundaries
We use aggregate analytics by default and limit drilldowns to support, debugging, security, and customer success needs.
We do not use product analytics to store raw prompts, raw tool outputs, secrets, private keys, or full session transcripts.
When we send product analytics to a third-party tool, we forward only governed event names and allowlisted metadata.
