Privacy Policy

Who CogentQAI is

CogentQAI is a software product and website focused on helping people assess machine fit, plan AI setups, and generate practical guidance for AI development stacks and related workflows.

In this policy, "CogentQAI", "we", "us", and "our" mean the operator of the CogentQAI site and product.

What information we may collect

The exact information depends on how you use the site. We may collect account, product, technical, and payment-related information where needed to run the service.

• Account and sign-in information, such as your name, email address, and basic account details returned by supported authentication providers if you choose to sign in.
• Session and access-control information used to recognise signed-in users, protect account routes, and control access to internal-only admin pages.
• Information you submit or generate through the product, including hardware analysis inputs, saved scan history, wizard selections, prompts, configuration choices, and related generated outputs.
• AI helper prompts you submit through the embedded CogentQAI AI panel, together with the generated guidance returned to you.
• Donation information processed through Stripe Checkout, including checkout session ID, payment intent ID, customer ID, donor name, donor email, amount, currency, status, and timestamps.
• Technical and security information such as timestamps, request metadata, error details, webhook verification data, and access-control checks used to operate and protect the service.
• Limited browser-side storage data, including analysis state, saved analysis history, and certain local UI state used to support core product behaviour in the browser.

Why we collect this information

We collect and use information only where there is a practical reason to do so. That may include delivering the core service, authenticating users, saving user-requested history, processing donations, preventing misuse, troubleshooting problems, and protecting internal admin tools.

If you use the AI helper, we also use the prompt content you submit to generate CogentQAI-relevant setup and stack guidance, and to preserve signed-in continuity where that feature is active.

We also use data to improve product reliability, investigate errors, respond to support or privacy requests, and keep the service secure.

Authentication and account sessions

CogentQAI supports secure sign-in and session handling. Where configured, authentication may be provided through third-party identity providers such as Google or GitHub.

When you sign in, we may receive basic profile information needed to identify your account and maintain an authenticated session. We use that information to let you access account features, protect signed-in routes, and recognise whether an account is authorised for internal access.

A small number of internal admin routes are restricted to signed-in accounts whose email addresses match an internal allowlist. This helps prevent public access to internal donation review tools.

Stripe donations and payment information

If you choose to support CogentQAI through a one-time donation, payment is handled through Stripe Checkout rather than directly on our site.

CogentQAI stores only limited donation records needed for operational and internal review purposes, such as the Stripe checkout session ID, payment identifiers, donor name or email where available, amount, currency, payment status, and timestamps.

We use Stripe webhook validation to confirm completed checkout events before saving donation records into the internal admin view.

What we do not store directly

CogentQAI does not directly store full payment card numbers, card security codes, or full card expiry details. Those are handled by Stripe under Stripe's own payment and compliance systems.

We do not currently run advertising technology or public-site marketing trackers designed to build advertising profiles of visitors.

Some product state is intentionally kept in your own browser rather than permanently stored by us. For example, parts of the analysis and wizard experience may be held in local browser storage unless and until you explicitly save or submit data to a server-side feature.

The AI helper is designed to return setup and stack guidance. It is not intended for storing sensitive secrets, payment card information, or other information you would not want processed by a third-party AI provider.

Cookies, local storage, and similar technologies

CogentQAI aims to minimise cookies and similar technologies. We do not describe the site as cookie-free unless that is genuinely true, and at present that would be misleading.

Current cookies or similar technologies are used only where needed for essential functions such as secure sign-in, session handling, access control, and core service delivery.

The product also uses limited browser storage for practical product behaviour, such as keeping your current analysis state, retaining saved analysis history in the browser, and preserving a small amount of local UI state.

CogentQAI does not currently use advertising cookies, remarketing cookies, or non-essential public-site tracking cookies for marketing purposes. Based on the current implementation, we are not presently relying on a cookie consent banner because the site is currently using only strictly necessary cookies and similar technologies.

If non-essential analytics, advertising, or marketing technologies are introduced later, this policy and the site's consent approach should be updated at the same time.

Security and admin-access related data

We use reasonable technical and operational measures to protect the service and reduce the risk of unauthorised access, misuse, or tampering.

That includes authentication checks, session handling, email allowlist checks for internal admin access, webhook signature validation for Stripe events, and operational logging where needed to investigate service or security issues.

Security, diagnostic, and admin-access related data may be reviewed when necessary to prevent abuse, investigate errors, protect donation records, or maintain the integrity of the service.

Who information may be shared with

We may share information with service providers that help us run CogentQAI, but only where that is necessary for the service to work or for us to operate it safely and responsibly.

• Authentication providers, such as Google or GitHub, when you choose to sign in through them and those providers are enabled.
• Stripe, for donation checkout, payment processing, and payment event confirmation.
• AI model and inference providers used to generate CogentQAI helper responses when you submit prompts through the AI panel.
• Hosting, infrastructure, and storage providers that help deliver the site and keep it available and secure.
• Technical or security providers where needed for error handling, logging, fraud prevention, or service protection.

Data retention

We keep data for as long as it is reasonably needed for the purpose it was collected, and then remove it or stop using it where appropriate.

In practical terms, account and session information may be kept while your account or session remains active, donation records may be kept for operational, accounting, audit, or anti-fraud reasons, and technical or security logs may be kept for shorter troubleshooting or protection periods.

Browser-side storage remains in your browser until it is cleared by the product, replaced, reset, or removed by you through browser controls.

Your privacy requests and choices

If you want to ask about the personal information we hold about you, request a correction, request deletion where appropriate, or raise a privacy concern, you can contact us using the details below.

We may need to verify your identity before acting on a request, and we may keep certain information where it is still needed for security, payment records, fraud prevention, legal compliance, or internal operational reasons.

Policy updates

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, security improvements, or changes in how the service operates.

When the policy is updated, we will revise the "Last updated" date on this page. If the changes materially affect how personal information is handled, the page should be updated clearly and promptly.