Cogni is a financial technology company, not a bank. Banking services provided by Community Federal Savings Bank. Member FDIC.
Important: Please read carefully, Effective as of February 14, 2021
Who we are:
Cogni, Inc. (“Cogni,” “we“, “our“, or “us“) is a financial services company. When you use our services, you’ll share some information with us that could be used to identify you or that is associated with information that identifies you (“Personal Information”). Our goal is to clearly inform you about the information we collect, how we use it, and whom we share it with. This Privacy Policy applies to Personal Information that we gather or collect via our website or our app (collectively, the “Services”). It does not apply to any Personal Information collected by third party websites not operated by us.
You may also email us at privacy@getcogni.com with any privacy-related questions you have.
The information we collect:
There are three basic categories of information we collect:
● Personal Information you provide to us
● Automatically-collected data
● Information we get from third parties
Personal Information you provide to us
We may collect Personal Information that you choose to share with us. For example, when you set up an account, we need to collect important details about you, such as your name, phone number, date of birth, unique username, contact list, location, social security number, and email address. We may also collect any communications between you and Company and any other information you provide to Company. To help the government fight the funding of terrorism and money laundering activities, we obtain, verify and record information about beneficial owners, including you, of Clients and other permitted users of Services. This means that when you access or use our Services, we may ask for your name, address, date of birth and other information that will allow us to identify you. We may also ask to see other identifying documents, such as a driver’s license. If, for any reason, you are unable to provide the information necessary to verify your identity, you are not permitted to access or use the Services. Please ensure that you only send us an image of yourself. Do not include any images of others.
Automatically-collected data
We, and our third-party partners, collect certain Personal Information automatically when you visit our online services, read our e-mails, access or use our Services, or otherwise engage with us. This information is typically collected through a variety of tracking technologies, including cookies, web beacons, embedded scripts, location-identifying technologies, file information, and other technology (collectively, “Tracking Technologies”).
We, and our third-party partners, use these Tracking Technologies and other tools to automatically collect usage and device information, such as:
● Your IP address, location, browser type, Internet service provider, platform type, device type, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account, your internet service provider, and other such information.
● We also collect information about the way you use or access our Services, for example, the site from which you came and the site to which you are going when you leave our website, the pages you visit, the links you click, how frequently you access the Services, whether you open e-mails or click the links contained in e-mails, whether you access the Services from multiple devices, and other actions you take on the Services.
● When you access our Services from a mobile device, we may collect unique identification numbers associated with your device or our mobile application (including, for example, a UDID, Unique ID for Advertisers (“IDFA”), Google AdID, or Windows Advertising ID), mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, phone number and, depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g., latitude and/or longitude) or similar information regarding the location of your mobile device, or we may be able to approximate a device’s location by analyzing other information, like an IP address.
Do Not Track Signals. We are unable to respond to Do Not Track signals set by your browser at this time. If you would prefer not to accept cookies, most browsers will allow you to (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. Depending on your mobile device and operating system, you may not be able to delete or block all cookies and you may not be able to block non-cookie technologies and these browser settings that block cookies may have no effect on such techniques. You may also set your e-mail options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it. Deleting cookies does not delete Local Storage Objects (LSOs) such as Flash objects and HTML5. You can learn more about – including how to manage privacy and storage settings for Flash cookies – on Adobe’s website. If you choose to delete Flash objects from our sites, then you may not be able to access and use all or part of the sites or benefit from the information and services offered.
Information we get from third parties
We may collect Personal Information about you from other users, our affiliates, and third parties, as permitted by law. For example, we may collect information from third-party verification services, credit bureaus, financial institutions, mailing list providers, and publicly available sources to verify your identity. We may also collect information about you from third parties in connection with any identity or account verification process, fraud detection process, or collection procedure, or as may otherwise be required by applicable law.
How we use your information:
To provide the Services, we may use your Personal Information to fulfill requests for products, Services, or information, including information about potential or future Services, including to:
● Create and process an account for you and deliver the Services to you and manage individual information and accounts;
● Respond to questions, comments, and other requests;
● Verify an individual’s identity by comparing your selfie image against your government-issued identification;
● Send you transactional information, including confirmations, invoices, technical notices, product and services information, updates, security alerts, support and administrative messages, and information about your transactions using the Services;
● Process payment for products or Services purchased;
● Process applications and transactions;
● Provide access to certain areas, functionalities, and features of our Services;
● Communicate with you, such as to respond to your comments and questions, provide customer service or feedback, or respond to employment opportunities for which you’ve applied, of for any other purposes in connection with the Service;
● Facilitate any transaction requested by you; and
● Allow you to register for events.
For internal business purposes, we may use Personal Information for its internal business purposes, including to:
● Conduct research and analytics to understand our visitors and customers, and tailor our product offerings;
● Operate, maintain, test, enhance, update, monitor, diagnose, fix and improve our Service;
● Develop new products and Services or improve existing products and Services;
● Ensure internal quality control;
● Communicate about individual accounts and activities on our Services and systems, and, in our discretion, changes to any our policy;
● Comply with regulatory and legal requirements;
● Prevent, investigate or provide notice of fraud or unlawful or criminal activity, and enforce and carry out contracts and agreements between us and you;
● Protect the safety of any person, to address fraud, security or technical issues, or to protect our rights or property; and
● For any other purpose for which you have given express permission or consent to us.
For marketing purposes, we may analyze and use Personal Information to provide you with materials about offers, products, and Services that may be of interest, including new content or Services. We may provide you with these materials by phone, postal mail, email, as permitted by applicable law. Such uses include:
● To provide you with, and to tailor, content, advertisements, and offers;
● To notify you about offers, products, and services that may be of interest to you;
● To provide Services to you and our partners and affiliates;
● For other purposes disclosed at the time you provide Personal Information;
● Facilitate contests, promotions and rewards and provide you with news about products and services offered by us and our selected partners; and
● Otherwise with your consent.
App Privacy
Cogni collects UserDefaults to enhance your banking experience and provide personalized services tailored to your financial needs. By gathering information such as your preferred language and account settings, we strive to offer a seamless and personalized banking journey for you. Rest assured, your data is kept secure and used strictly for improving our banking services.
Non-personal Information
We may also use non-personally identifiable information that does not personally identify you, including by aggregating and/or de-identifying Personal Information, in order to understand better how our visitors use the Services, research our visitors’ demographics, interests, and behavior, improve the Services, provide visitors with customized services and information, and for other similar purposes. We may share this information with others for information or promotional purposes, and may use non-personally identifiable information in any manner permitted by law. When any non-personally identifiable information is combined with other information that identifies you, it will be treated as Personal Information in accordance with this Privacy Policy.
Sharing of your Personal Information:
We may share your Personal Information in the instances described below.
● To verify your identity. For example, we may share information about you with credit reporting agencies, financial institutions or government agencies to verify your identity or to otherwise establish eligibility for a product or our Services;
● With vendors and service providers for: (i) provision of IT and related services; (ii) provision of information and Services you have requested; (iii) payment processing; (iv) customer service activities; (v) fraud prevention; (vi) analytics services; and (vii) in connection with the provision of the Services;
● We may share Personal Information with our business partners, affiliates, and for our affiliates’ internal business purposes or to provide you with a product or service that you have requested. We may also share Personal Information with business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you;
● With third parties for legal reasons. We may share information about you if we reasonably believe that disclosing the information is needed to: (i) comply with any valid legal process, governmental request, or applicable law, rule, or regulation; (ii) investigate, remedy, or enforce potential Terms of Service violations; (iii) protect the rights, property, and safety of us, our users, or others; or (iv) detect and resolve any fraud or security concerns;
● With third parties as part of a merger or acquisition. Your Personal Information may also be one of the transferred assets as part of a merger, acquisition or bankruptcy; and
● As otherwise permitted by law, including the Gramm-Leach-Bliley Act.
Third party tracking and online advertising:
We may participate in interest-based advertising and use third-party advertising companies to serve you targeted advertisements based on your browsing history or other information. We may share or we may permit third-party services to collect information about your use of our website over time so that they may play or display ads on our website, online platform or in connection with our Service, on other devices you may use, and on other websites, apps, or services. Typically, though not always, the information we share is provided through cookies or similar tracking technologies, which recognize the device you are using and collect information, including click stream information, browser type, time and date you visited the site, and other information. A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services, including helping us analyze Services usage more accurately. For instance, our Site may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Site. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research.
We, or our third-party partners, may link your various devices so that content you see on one device can result in relevant advertising on another device. We do this by collecting information about each device you use when you are logged in to our Service. We may also work with third-party partners who employ tracking technologies or the application of statistical modeling tools to determine if two or more devices are linked to a single user or household. We may share a common account identifier (such as an email address or user ID) with third-party advertising partners to help recognize you across devices. We, and our partners, can use this cross-device linkage to serve interest-based advertising and other personalized content to you across your devices, to perform analytics, and to measure the performance of our advertising campaigns.
We may use Google Analytics to recognize you and link the devices you use when you visit our site or Service on your browser or mobile device, log in to your account on our Service, or otherwise engage with us. We may share a unique identifier, like a user ID or hashed email address, with Google to facilitate the service. Google Analytics allows us to better understand how our users interact with our Service and to tailor our advertisements and content to you. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google’s site “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners/. You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Ad-On here https://tools.google.com/dlpage/gaoptout/.
Please review the section title ‘Your choices’ below to understanding your choices regarding third party tacking and online advertising.
How long we keep your information:
We will retain your information for as long as you use our Services, to resolve disputes, establish legal defenses, conduct audits, enforce our agreements, comply with applicable laws or as long as we otherwise deem appropriate. We also maintain your Personal Information as part of our standard backup procedures.
Links to Other’s Sites and Services:
Our Services may contain links to other websites and other websites may reference or link to our Services. These websites are operated by third parties not controlled by us, and by linking to them or being linked from them, we do not endorse, approve or make any representations about third-party websites or domains. We encourage you to read the privacy policies of each and every website and domain that you interact with. We are not responsible for the privacy practices or content of such other websites or domains and you visit them at your own risk.
Social Media:
Our Services may contain links and interactive features with various social media platforms. If you already use these platforms, their cookies may be set on your device when using our Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible social media platform, blog, or chat room, or otherwise online, or that you share in an open forum, may be viewed and used by others without any restrictions. We have no control over such uses of your information when interacting with a social media platform, forums or otherwise online and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by third parties.
How we store and protect your Personal Information:
Data storage and transfer: Your information collected through our Service may be stored and processed in the United States or any other country in which Company or its parent, subsidiaries, affiliates, or service providers maintain facilities or otherwise stores information. If you are located in other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction. In addition, information collected about you may be stored on the block chain or using cloud-based services. Information recorded on the block chain or information stored in the cloud may be maintained by third-party networks in locations in which such third-party networks operate or maintain data storage or processing facilities.
Keeping your information safe: We care about the security of your information and employ physical, administrative, and technological safeguards designed to preserve the integrity and security of all information collected through our Service. However, no security system is impenetrable, and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Your choices:
If you no longer want to receive email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. You will continue to receive transaction-related emails regarding products or services you have requested. We may also send you certain communications regarding us and you will not be able to opt out of those communications (e.g., communications regarding updates to our Privacy Policy).
We may give you choices regarding the sharing of your information with affiliates and third parties. Choices you have about the sharing of your information will be described in the privacy policies or notices you receive in connection with the products or Services you obtain from us.
Cookies and Flash cookies. Most browsers allow you to adjust your browser settings to: (i) notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies.
Blocking or deleting cookies may negatively impact your experience using the Service, as some features and services on our Service may not work properly.
Deleting cookies does not delete Local Storage Objects (LSOs) such as Flash objects and HTML5. To manage Flash cookie settings and preferences, you must use the settings manager on Adobe’s website. If you choose to delete Flash objects from our Service, then you may not be able to access and use all or part of the Service or benefit from the information and services offered.
Interest-based advertising. To learn about interest-based advertising and how you may be able to opt-out of some of this advertising, you may wish to visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org/choices and/or the DAA’s resources at www.aboutads.info/choices.
Cross-device linking. Please note that opting-out of receiving interest-based advertising through the NAI’s and DAA’s online resources will only opt-out a user from receiving interest-based ads on that specific browser or device, but the user may still receive interest-based ads on his or her other devices. You must perform the opt-out on each browser or device you use.
Mobile advertising. You may also be able to limit interest-based advertising through the settings on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest based ads” (Android). You may also be able to opt-out of some – but not all – interest-based ads served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app.
Some of these opt-outs may not be effective unless your browser is set to accept cookies. If you delete cookies, change your browser settings, switch browsers or computers, or use another operating system, you will need to opt-out again.
Changes to this Privacy Policy
We may modify or update this Privacy Policy from time to time to reflect the changes in our business and practices, so you should review this page periodically. When we change the policy in a material manner, we will let you know and update the ‘last updated’ date at the top of this page. If you object to any changes, you may close your account. Continuing to use our Services after we publish changes to this Privacy Policy means that you are consenting to the changes.
Other Rights and Important Information:
Children’s Privacy
We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our Services are directed to children under the age of 13. If you learn that your child has provided us with Personal Information without your consent, please let us know by contacting us at privacy@getcogni.com. If we learn that we have collected any personal information from children under 13, we will use commercially-reasonable efforts to delete such information.
California “Shine the Light” Law
If you are a user of the Services and a California resident, California’s “Shine the Light” law (California Civil Code §1798.83) permits you to request and obtain from us once a year, free of charge, information regarding our disclosure of your personal information (if any) to third parties for direct marketing purposes. If this law applies to you and you would like to make such a request, please submit your request in writing in compliance with the below section (Contact Us).
Contact Us:
If you have any questions about this Privacy Policy or the Service, please contact us at privacy@getcogni.com
Community Federal Savings Bank Privacy Policy
The Cogni prepaid debit card is issued by Community Federal Savings Bank (the “Issuing Bank”). Cogni shares Personal Information collected by Cogni with the Issuing Bank in order to have a prepaid account issued to the primary account holder. The Issuing Bank’s privacy policy is available at http://www.cfsb.com/privacy
California Privacy Notice
Last Updated: [November 6, 2019]
Scope of DisclosuresThis California Privacy Notice (the “CA Disclosures”) supplements the information contained in our Privacy Policy and applies solely to individual residents of the State of California (“consumers” or “you”).
These CA Disclosures describe how we collect, use, disclose, and otherwise process personal information of individual residents of the State of California, either online or offline, within the scope of the California Consumer Privacy Act of 2018 (CCPA).
Unless otherwise expressly stated, all terms in these CA Disclosures have the same meaning as defined in our Privacy Policy or as otherwise defined the CCPA.
Personal Information Disclosures
When we use the term “personal information” in these CA Disclosures, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
For the purposes of these Disclosures, personal information does not include:
● Publicly available information from government records.
● Deidentified, aggregated or anonymized information that is maintained in a form that is not capable of being associated with or linked to you.
● Information excluded from the CCPA’s scope, such as:
● Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
● Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
Collection and Use of Personal Information
We collect various categories of Personal Information in connection with our Services. Please review the Privacy Policy, including the ‘Information we collect’ section, to learn more about the personal information we collect.
How to Exercise Your California Consumer Rights
To exercise your Right to Know and/or your Right to Deletion, please submit a request by:
● Emailing privacy@getcogni.com with the subject line “California Rights Request”; or
● Calling Toll free: 833-264-6447
We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your account. We will only use personal information provided in connection with a Consumer Rights Request to review and comply with the request.
In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.
To Exercise Your Right to Opt Out of Personal Information Sales
Unless you have exercised your Right to Opt Out of Personal Information Sales, we may sell personal information to third parties for monetary or other valuable consideration. The third parties to whom we sell personal information may use such information for their own purposes in accordance with their own privacy statements, which may include reselling this information to additional third parties. Once you make an opt-out request, you may change your mind and opt back in to personal information sales at any time by contacting us at privacy@getcogni.com.
At this time, we do not sell your Personal Information.
Minors Under Age 16
We do not sell the personal information of consumers we know to be less than 16 years of age, unless we receive affirmative authorization (the “Right to Opt In”) from either the minor who is between 13 and 16 years of age, or the parent or guardian of a minor less than 13 years of age. Please contact us at [insert email] to inform us if you, or your minor child, are under the age of 16.
Authorized Agent
In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf where (i) you provide sufficient evidence to show that the requestor is an authorized agent with written permission to act on your behalf and (ii) you successfully verify your own identity with us.
Updates to These CA Disclosures
We will update these CA Disclosures from time to time. When we make changes to these CA Disclosures, we will change the “Last Updated” date at the beginning of these Disclosures. All changes shall be effective from the date of publication unless otherwise provided in the notification.
Contact Us
If you have any questions or requests in connection with this Notice or other privacy-related matters, please send an email to privacy@getcogni.com.
Alternatively, inquiries may be addressed to:
Cogni, Inc.
34 Howard Street,
New York, New York 10013
34 Howard Street,
New York, New York 10013
Wallet Terms and Conditions:
1.1. Non-Custodial Wallet
Cogni app is a universal platform that allows building solutions for storing and managing crypto assets. It is based on a secure multi-party computation protocol, which is used as a foundation of the off-chain multisig crypto wallet. This approach combines the benefits of custodial (when the user does not own the private keys) and non-custodial (when the user owns the private keys) crypto wallets.
Also, Cogni app provides users with access to crypto liquidity, through the app, enabling customers to trade, store, spend digital assets, and connect to decentralized finance space in a regulatory-friendly and secure way.
1.2. Definitions and Abbreviations
● Private key – a secret piece of data used to sign and/or decrypt messages in cryptographic algorithms.
● Public key – a non-secret piece of data corresponding to a set private key and used to verify the signature and/or encrypt messages in cryptographic algorithms.
● Partial private key – a secret piece of data used in conjunction with other partial private keys in distributed cryptographic algorithms.
● Distributed (ephemeral) private key – a collective term used to describe a set of isolated partial private keys used in distributed cryptographic algorithms in order to generate a signature and/or decrypt a message as if said an ephemeral private key exists in one place. In practice, due to usage of SMPC algorithms, such keys are never reconstructed in any way.
● Distributed (compound) public key – a collective term used to describe a public key corresponding to a set distributed private key. As public keys are not considered a secret data such keys are reconstructed during a synchronization procedure and used in various ways within the system. For example, a signature generated by a SMPC signing algorithm with a set of partial private keys is verifiable with a distributed public key corresponding to said partial private keys, and would be totally indistinguishable from a signature generated by a classical signing algorithm with a reconstructed ephemeral private key.
● Secret – a piece of secret data owned by every participant of the SMPC algorithm and used to derive partial private keys used in those algorithms.
Usage of secrets instead of plain partial private keys guarantees easier recoverability of multiple keys while maintaining security of individual keys.
You acknowledge and agree that Cogni has no control over, and no duty to take any action regarding: (i) failures, disruptions, errors, or delays in the processing of Digital Assets that you may experience while using the Services; (ii) the risk of failure of hardware, software, and Internet connections; (iii) the risk of malicious software being introduced or found in the software underlying Cogni Wallet; (iv) the risk that third parties may obtain unauthorized access to information stored within your wallet, including, but not limited to your wallet address, private key, and Secret Phrase; and (v) the risk of unknown vulnerabilities in or unanticipated changes to the the applicable blockchain networks. You release us from all liability related to any losses, damages, or claims arising from: (a) user error such as forgotten passwords, incorrectly constructed transactions, or mistyped Digital Asset addresses; (b) server failure or data loss; (c) unauthorized access to the Cogni Wallet application; (d) bugs or other errors in the Cogni Wallet software; and (e) any unauthorized third party activities, including, but not limited to, the use of viruses, phishing, brute forcing, or other means of attack against Cogni Wallet. We make no representations concerning any Third Party Content contained in or accessed through our Services. Any other terms, conditions, warranties, or representations associated with such content, are solely between you and such organizations and/or individuals.