Privacy at CognoSys

Privacy policy

This policy explains how information may be handled when you visit the CognoSys public website, contact the company, or take part in an early business conversation.

Effective 17 July 2026

Purpose and scope

This policy applies to personal information associated with the public CognoSys website, direct business enquiries, and related communications. It does not replace a customer, supplier, employment, product, or project-specific privacy notice where a separate notice or written agreement applies.

In this policy, personal information means information that identifies a person or can reasonably be connected with one. The exact definition and the rights available to an individual may vary under applicable law.

Information flows

Information you choose to provide

CognoSys may receive your name, professional contact details, organisation, role, enquiry details, and correspondence when you contact the company or continue a business discussion. If you send documents, they may also contain information about you or other people.

Please provide only the information needed for the enquiry. Public contact routes are not intended for passwords, access keys, financial credentials, health records, government identifiers, classified information, or other highly sensitive material. If a discussion requires protected information, an appropriate exchange method should be agreed first.

Website operations

Technical and usage information

When the website is requested, CognoSys and service providers supporting its delivery may process ordinary technical records. These can include an IP address, device and browser characteristics, requested pages, referral information, timestamps, response status, and security-event data.

This information helps deliver pages, diagnose faults, understand aggregate website use, protect infrastructure, and investigate suspected misuse. Cookies, local storage, or comparable technologies may also be used where they are configured for essential operation, security, preferences, or measurement. Browser controls can limit some of these technologies, although doing so may affect website behavior.

Responsible use

Why information may be processed

Information may be used to respond to enquiries, route a request to the appropriate team, evaluate a potential engagement, maintain correspondence, operate and secure the website, improve public content, and administer professional relationships.

Where applicable law requires a recognised basis for processing, that basis may include taking steps requested before a contract, performing an agreement, meeting a legal obligation, protecting legitimate interests such as service security and business administration, or consent where consent is the appropriate basis. CognoSys does not treat consent as irrevocable when applicable law gives a person the right to withdraw it.

Controlled disclosure

When information may be shared

Information may be made available to personnel and professional advisers who need it for the purposes described in this policy. It may also be processed by providers supporting hosting, cybersecurity, communications, collaboration, document management, analytics, or other business operations.

CognoSys may disclose information when reasonably necessary to comply with applicable law, respond to a valid legal process, protect people or systems, investigate suspected fraud or misuse, or support a corporate transaction subject to appropriate confidentiality and due-diligence controls. Personal information is not presented as a product for sale.

Global operations

International processing

The internet, cloud infrastructure, and business communications can involve processing in more than one country. A service provider or authorised recipient may therefore handle information outside the country in which it was originally collected.

Where cross-border processing is subject to specific legal requirements, appropriate contractual, organisational, or other recognised safeguards may be used as required. The protections and public-authority access rules of another country may differ from those in your location.

Lifecycle controls

Retention and security

Information is retained for as long as reasonably needed for the purpose for which it was collected, ongoing correspondence, security and audit needs, dispute management, and applicable record-keeping obligations. Different records can require different retention periods. Information may then be deleted, anonymised, or retained in a restricted form where appropriate.

CognoSys applies administrative and technical safeguards proportionate to the nature of the information and the context in which it is handled. No website, transmission route, or storage system can be represented as completely secure. Visitors should use an agreed secure channel before sharing confidential or sensitive project material.

Individual control

Your privacy choices

Depending on your location and the circumstances, you may be able to ask whether CognoSys holds personal information about you, request access or correction, object to or restrict certain processing, request deletion, withdraw consent, or request a portable copy. Some requests can be limited by legal exceptions, another person’s rights, security requirements, or an overriding need to retain a record.

CognoSys may request reasonable information to verify identity and understand the scope of a request before acting. You may also have the right to raise a concern with the privacy or data-protection authority applicable to you. Applicable law may provide additional rights and protections when a person makes a legitimate privacy request.

Audience boundaries

Children and third-party information

The public website is intended for professional and general business audiences and is not designed to solicit personal information from children. If CognoSys becomes aware that information was provided by a child in circumstances where consent or another safeguard was required, the matter will be reviewed and appropriate action taken.

If you provide information about another person, you should have a lawful and appropriate reason to do so and should direct that person to this policy when relevant. Links to third-party websites are governed by the privacy practices of those third parties, not this policy.

Policy governance

Updates and contact

This policy may be updated when the website, information practices, or applicable requirements change. The effective date shown above identifies the current published version. Materially different processing may also be explained through a more specific notice at the relevant point of interaction.

For a privacy question, request, or concern, use the Contact CognoSys page and describe the matter without including unnecessary sensitive information. A request may be routed to the appropriate responsible team for review.