Privacy Policy
Last updated: December 27, 2025
At Cogitto, we take your privacy seriously. This policy describes how we collect, use, and protect your personal health information.
Information We Collect
When you use Cogitto, we collect the following types of information:
- Account Information: Email address, name, and password (encrypted) that you provide when creating an account
- Medication Data: Medications you add to your list, including names, dosages, schedules, and any notes you provide
- Chat History: Conversations with our AI assistant, including your questions and the responses provided
- Health Information: Any health notes, conditions, or allergies you voluntarily provide to improve your experience
- Usage Data: Anonymized information about how you interact with our app, such as features used and pages visited
How We Use Your Data
We use your information to:
- Provide medication tracking and interaction checking services
- Power our AI assistant to answer your medication questions
- Send important alerts about potential drug interactions
- Improve our services and develop new features
- Communicate with you about your account and service updates
- Ensure the security and proper functioning of our platform
We never sell your personal health information to third parties. Your data is not used for advertising purposes.
Data Security
Your health data is protected by multiple layers of security:
- End-to-end encryption for sensitive health data in transit and at rest
- Secure authentication with encrypted password storage
- Regular security audits and vulnerability assessments
- Strict access controls limiting employee access to user data
- Secure cloud infrastructure with SOC 2 compliance
Data Sharing
We only share your data in the following limited circumstances:
- AI Service Providers: We use AI services to power our assistant. Your queries are processed by these services but are not retained for their training purposes.
- Service Providers: We work with trusted providers for hosting and infrastructure who are bound by strict data protection agreements.
- Legal Requirements: We may disclose information if required by law or to protect the rights and safety of our users and the public.
We do not sell, rent, or share your personal health information with advertisers or data brokers.
Data Retention
We retain your personal data for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain certain information for legal or regulatory purposes.
Anonymized and aggregated data that cannot be used to identify you may be retained indefinitely to improve our services.
Your Rights
You have the following rights regarding your personal data:
- Access: Request a copy of all personal data we hold about you
- Correction: Request correction of any inaccurate or incomplete data
- Deletion: Request deletion of your account and all associated personal data
- Export: Download your data in a portable, machine-readable format
- Restriction: Request that we limit how we use your data
To exercise any of these rights, please contact us at support@cogitto.com. We will respond to your request within 30 days.
Children's Privacy
Cogitto is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@cogitto.com.
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email.
Contact Us
Questions about your privacy?
Email us at support@cogitto.com