Privacy Policy
Your Data. Handled with Responsibility.
Privacy Policy
Your Data. Handled with Responsibility.
Engineering Digital
Transformation with
Intelligence
We transform businesses through software innovation and intelligent systems. We enable digital transformation by combining deep engineering capabilities with a strong understanding of business, operational, and industry-specific realities.
Effective Date :13 May 2026
Last Updated: 13 May 2026
Cogentis Technologies Private Limited (“Cogentis,” “we,” “us,” or “our”) is the data controller responsible for personal information processed in connection with our website (cogentistech.com), services, and business operations. We are a digital engineering company headquartered in Pune, India. This Privacy Policy explains how we collect, use, process, store, and safeguard personal and organizational information when you interact with our website, services, and communication channels. When delivering services to clients, Cogentis sometimes processes personal data on behalf of those clients. In those engagements we act as a data processor, and our processing is governed by the relevant Data Processing Agreement with the client, not by this notice. This Privacy Policy applies to our role as a data controller. By accessing this website or engaging with Cogentis Technologies Private Limited, you acknowledge the practices outlined in this policy.
Our Privacy Policy
1. Information We Collect
We collect information required to support business communication, service delivery, operational security, and platform performance.
a. Information You Provide Directly
This may include:
- Name and business contact details
- Company name and designation
- Email address and phone number
- Project, service, or inquiry details submitted through forms or communication channels
- Information shared during consultations, assessments, or business engagements
b. Information Collected Automatically
When you access our website, certain technical and usage information may be collected automatically, including:
- IP address
- Browser and device information
- Operating system
- Pages visited and interaction patterns
- Cookies and session identifiers
- Referral sources and access timestamps
This information helps us improve website performance, usability, security, and operational monitoring.
c. Recruitment & Candidate Information
If you apply for a role with us or are referred to us as a candidate, we may collect your CV, professional history, qualifications, references, and interview notes. We retain this information for 12 months after the recruitment decision unless you consent to extended retention for future opportunities.
2. How We Use Your Information
Information collected by Cogentis Technologies is used for legitimate business and operational purposes. The table below describes each activity, its purpose, and the lawful basis under which we process the data:
| Activity | Purpose | Lawful basis (GDPR / UK GDPR) |
|---|---|---|
| Responding to inquiries and business requests | Communicating with prospects and visitors | Legitimate interest |
| Delivering consulting, engineering, and support services | Performing our contract with you | Contract |
| Managing client communication and engagement | Maintaining client relationships | Contract / Legitimate interest |
| Sending marketing communications | Sharing relevant updates about our services | Consent |
| Improving website functionality and user experience | Service improvement and analytics | Legitimate interest |
| Monitoring platform performance and cybersecurity events | Protecting our infrastructure and users | Legitimate interest |
| Supporting compliance, governance, and audit requirements | Meeting legal and regulatory obligations | Legal obligation |
| Conducting analytics, reporting, and operational assessments | Understanding service usage and demand | Legitimate interest |
We do not sell personal information or disclose confidential business information for unauthorized commercial use.
3.Data Protection & Security
Cogentis Technologies implements administrative, technical, and operational safeguards designed to protect information against unauthorized access, misuse, disclosure, alteration, or destruction.
Security controls may include:
- Role-based access management
- Identity and authentication controls
- Network and infrastructure security measures
- Encryption of sensitive data where applicable
- Logging, monitoring, and incident management practices
- Secure cloud and application deployment standards
4. Cookies & Tracking Technologies
Our website may use cookies and related technologies to improve navigation, understand usage behavior, and support website analytics.
Strictly Necessary
Cookies may be used for:
| Cookie | Source | Purpose | Duration |
|---|---|---|---|
| wpEmojiSettingsSupports | WordPress | Determines whether the browser supports emoji rendering | Session |
Analytics (consent required for EU/UK visitors)
| Cookie | Source | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique visitors | 13 months |
| _ga_* | Google Analytics | Stores and counts page views; tracks session data | 13 months |
Cogentis does not use targeting or advertising cookies.
Pages embedding third-party content (such as YouTube videos or social media widgets) may set additional cookies controlled by those providers. Please refer to their respective privacy policies. You can manage cookies through your browser settings or our cookie consent banner. Disabling strictly necessary cookies may affect site functionality.
5. Third Party Services
Cogentis Technologies uses third-party platforms, tools, and service providers for hosting, analytics, communication, cloud infrastructure, and operational support. These providers may process information strictly for authorized business purposes and are required to maintain appropriate confidentiality and security controls.
A current list of sub-processors used in our service delivery is available on request to privacy@cogentistech.com.
We are not responsible for the privacy practices of external websites linked from our platform.
6. International Data Transfers
Because Cogentis is headquartered in India, personal data of clients, visitors, or candidates from the European Economic Area (EEA), the United Kingdom, or other regions may be transferred to and processed in India.
Where such transfers occur, we rely on appropriate safeguards, including:
- EU Standard Contractual Clauses (Commission Implementing Decision 2021/914) for transfers from the EEA;
- UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs for transfers from the United Kingdom;
- Supplementary technical and organizational measures where required by the transfer impact assessment.
Copies of these safeguards are available on request to privacy@cogentistech.com.
7. Data Retention
Information is retained only for as long as required to fulfill the purposes for which it was collected, or as required by legal, contractual, or regulatory obligations.
Indicative retention periods:
| Data Category | Retention Period |
|---|---|
| Business contact data (prospects) | 24 months after last interaction |
| Client engagement records | Duration of engagement + 7 years (Indian tax / contract law) |
| Marketing consent records | Until consent is withdrawn |
| Recruitment data | 12 months after decision, unless consent given for extended retention |
| Website analytics (Google Analytics) | 14 months from collection |
| Security logs | 12 months |
Information no longer required may be securely deleted, archived, or anonymized.
8. Compliance & Regulatory Alignment
Cogentis Technologies designs its data handling practices to align with applicable privacy and security regulations, including:
- General Data Protection Regulation (GDPR) — European Union
- UK Data Protection Act 2018 / UK GDPR — United Kingdom
- Digital Personal Data Protection Act 2023 (DPDPA) — India
- California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) — California, USA
- Other US state privacy laws including Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Texas (TDPSA)
- Industry-standard security and governance frameworks
Specific rights available to residents of these jurisdictions are outlined in Section 10 (Your Rights).
9. Intellectual Property & Confidentiality
All content, frameworks, methodologies, graphics, documents, and materials available on this website are the intellectual property of Cogentis Technologies Private Limited unless otherwise stated. Information shared during client engagements, assessments, or consulting discussions is treated as confidential within the scope of applicable agreements and operational requirements.
10. Your Rights
Depending on your jurisdiction, you have certain rights regarding your personal information. We honour these rights regardless of where you are located.
Rights available under GDPR / UK GDPR
- Access — request a copy of personal data we hold about you
- Rectification — correct inaccurate or incomplete data
- Erasure — request deletion (“right to be forgotten”) subject to legal exceptions
- Restriction — limit how we process your data
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interest
- Withdraw consent — at any time, where processing is based on consent
- Not be subject to automated decision-making that produces legal or significant effects
Additional rights for residents of India (DPDPA 2023)
- Right to Nominate — nominate another individual to exercise your rights in the event of death or incapacity
- Right to grievance redressal
Additional rights for residents of California (CCPA/CPRA)
- Right to know what personal information is collected, used, shared, or sold
- Right to limit use of sensitive personal information
- Right to non-discrimination for exercising privacy rights
- Right to opt out of “sale” or “sharing” of personal information (we do not sell or share)
Additional rights for residents of other US states
Residents of Virginia, Colorado, Connecticut, Texas, and other US states with comprehensive privacy laws have rights to access, correct, delete, port, and opt out of certain processing activities, as provided under applicable state law.
How to exercise your rights
Contact us at privacy@cogentistech.com with your request and a description of which right(s) you wish to exercise. We will respond within:
- 30 days for GDPR / UK GDPR requests
- 45 days for CCPA and other US state law requests
- As required under DPDPA 2023
We may need to verify your identity before fulfilling certain requests.
11. Complaints & Supervisory Authorities
If you believe we have not handled your personal information appropriately, please first contact us at privacy@cogentistech.com so we can address your concern. You also have the right to lodge a complaint with the supervisory authority in your jurisdiction:
- European Union residents — your national Data Protection Authority (a list is maintained by the European Data Protection Board at edpb.europa.eu)
- United Kingdom residents — the Information Commissioner’s Office (ico.org.uk)
- India residents — the Data Protection Board of India (once operational under DPDPA 2023)
- California residents — the California Privacy Protection Agency (cppa.ca.gov) or the California Attorney General
12. Policy Updates
Cogentis Technologies may update this Privacy Policy periodically to reflect operational, legal, security, or regulatory changes. Updated versions will be published on this page with revised effective dates where applicable. Continued use of the website after updates constitutes acceptance of the revised policy.
13. Contact Us & Data Controller Details
| Data Controller | Cogentis Technologies Private Limited |
| Registered Office | F. No. 102, Shreeram Classic, Lane No. 13-E, Vidya Nagar, Pune-Airport Road, Pune – 411032, Maharashtra, India |
| Privacy Contact | privacy@cogentistech.com |
| General Contact | info@cogentistech.com | +91 9172311963 |
| Website | www.cogentistech.com |
EU/UK Representative (Article 27 GDPR)
If you are located in the European Economic Area or the United Kingdom and wish to exercise your rights or raise a concern, you may contact us directly at the email address above. Where required by law, we will appoint a representative under Article 27 of the GDPR and update this notice accordingly.