This policy describes how General Cognitions collects, processes, and protects information in the course of operating the platform. It applies to estate telemetry, operator account data, and information collected through our marketing surfaces.
This policy applies to: (a) the General Cognitions platform and its services; (b) the marketing site at generalcognitions.com; (c) any communications from our team. It does not apply to third-party tools that you connect to the platform, which are governed by their own policies.
With your authorisation, we ingest configuration, asset, identity, policy, and event data from your IT estate via the connector matrix. This is processed into the digital twin and is the substrate against which agents reason.
For each operator we collect: name, work email, role, multi-factor authentication artefacts, and an audit record of every action taken in the platform.
On the marketing site, we collect minimal first-party analytics: page views, referrer, and aggregated geography. We do not run third-party advertising trackers.
We use a small set of sub-processors for infrastructure, observability, and communications. A current list is maintained in your trust portal. We do not sell, rent, or trade Customer Data. We share information only as required to operate the service or to comply with valid legal process.
Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Tenant data is logically isolated. Access is gated by hardware-bound MFA and short-lived, audited credentials. Production access is restricted to a named engineering roster on a least-privilege basis.
Estate telemetry is retained for the term of your subscription plus the retention window specified in your order form. Audit logs are retained for a minimum of twelve months. Operator account data is retained for the duration of the operator’s engagement and ninety days thereafter, then destroyed.
Subject to applicable law, you may request access to, correction of, or deletion of personal data we hold about you. Requests should be sent to privacy@generalcognitions.com and will be processed within thirty days.
We do not use Customer Data to train foundation models without explicit, written, opt-in consent. The platform’s reasoning capabilities are built on models we license, trained against our own synthetic and licensed data sets.
Customer Data is processed in the region specified on your order form (U.S., EU, or UK by default). Cross-region transfers, where required for service operation, are governed by Standard Contractual Clauses or an equivalent transfer mechanism.
The marketing site uses a small number of strictly-necessary cookies to preserve session state. We do not deploy advertising cookies, fingerprinting scripts, or session replay tooling on any of our surfaces.
The platform is intended for enterprise IT operators. We do not knowingly collect information from anyone under the age of sixteen.
Privacy enquiries: privacy@generalcognitions.com. Postal: General Cognitions, London, United Kingdom.
document-id : gc-pp-04 · build [01] · revision 2026·04·01 classification : open / unrestricted
