Privacy Policy

Revised March 18, 2024

1. Introduction

Welcome to Cosign AI, Inc. ("Cosign AI," "we," "our," or "us"). Protecting your privacy and securing your information is of utmost importance to us. This Privacy Policy outlines how we collect, use, and protect the Information you provide to us and to assist you in making informed decisions when you use our website or mobile applications (collectively “Platform”), and other online products and services (collectively, the "Services") or when you interact with us, such as through our customer support channels, or on social media pages. Please note that this Privacy Policy does not apply to content processed on behalf of customers using our business offerings, such as our API. The processing of such data is governed by our customer agreements covering access to and use of those offerings.

By clicking on the “I agree to Cosign’s Privacy Policy and Terms and Conditions” you accept our Privacy policy and Terms and Conditions and you consent to our collection, storage, use and disclosure of your information as described in this Privacy Policy. Further, upon notice of a change or updates to this Privacy Policy, your continued use of the Services signifies your consent to the Privacy Policy.

2. Personal Information We Collect

2.1. Personal Information You Provide to us.

We collect Personal Information that can be used, either alone or in combination with other information, to identify you. Personal Information includes information that is deemed “personal data” or “personal information” (or other analogous variations of such terms) under data protection law. The types of Personal Information we collect include:

1. Account Information: When you create an account with us, we collect information associated with your account, including your name, contact information (such as email, postal address and phone number), account credentials, payment card information, transaction history, and a form of identification.
2. User Content: When you use our Services, we may collect Personal Information that is included in the input, file uploads, or feedback you provide, as well as any other information you chose to provide (“Content”).
3. Communication Information: If you communicate with us, we may collect your name, contact information, and the contents of any messages you sent.

4. Social Media Information: If you interact with our social media pages, we may collect Personal Information you choose to provide, such as your contact details. Additionally, the hosting companies of our social media pages may provide us with aggregate information and analytics about our social media activity.

2.2. Personal Information We Receive Automatically from Your Use of the Services (Technical Information).

We automatically collect certain information about your interactions with us or our Services including:

1. Log Data: Information automatically sent by your browser when you use our website, including your Internet Protocol address, browser type and settings, date and time of your request, and interactions with our website.
2. Transactional Information: When you make a purchase or return, we collect information about the transaction, such as product and/or service details, purchase price, and the date and location of the transaction.
3. Usage Data: Information about your use of the Services, including the types of content you view or engage with, features used, actions taken, time zone, country, access dates and times, user agent, device type, operating system, and browser.
4. Device Information: Details about the device you use, including device name, operating system, and browser, depending on the type of device and its settings.
5. Cookies: In an effort to improve the quality of the Service, we track information provided to us by your browser or by our software application when you view or use the Service, such as the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the Service, the time and date of access, and other information that does not personally identify you. We track this information using cookies, tracking pixels, and other similar technologies. Cookies are small data files that our web servers send to your browser and which get saved on the hard drive of the computer or device that you are using to access the Platform. You can adjust your browser settings to accept all cookies, reject all cookies, or notify you when a cookie is offered. If you do not want to allow cookies on your computer or device, most browsers have a feature that allows you either to automatically decline cookies or to decline or accept particular cookies from particular websites. If you choose to reject cookies from our Platform, you may be unable to use certain features, and functionality. If you choose to accept cookies from us and our service providers, you are agreeing to let us and our service providers install cookies on your computer or device. To learn more about cookies, please visit http://allaboutcookies.org. Tracking pixels (also known as web beacons, action tags, or transparent GIF files) collect and store information about your visits to our website, such as page visits, the duration of the visit, the specific link(s) that you clicked during your visit, and the address of the website from which you arrived at the Platform.

6. Analytics: We engage others to provide analytics services across the web and in mobile apps. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our Services and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in mobile apps, links clicked, and conversion information. This information may be used by us and others to, among other things, analyze and track data, determine the popularity of certain content, and better understand your online activity.

2.3 Information We Collect from Other Sources.

We obtain information from other sources. For example, we may collect information from identity verification services, advertising networks and data analytics providers. Additionally, if you create or log into your Cosign AI account through a third-party platform (such as Google), we will have access to certain information from that platform, such as your name and profile picture, in accordance with the authorization procedures determined by such platform.

2.4 Information We Derive. 

We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your approximate location based on your IP address.

3. How We Use Personal Information

We may use Personal Information for the following purposes:

1. To provide, administer, maintain, and analyze the Services.
2. To improve our Services and conduct research.
3. To communicate with you.
4. To develop new programs and services.
5. To prevent fraud, criminal activity, or misuse of our Services and ensure the security of our IT systems, architecture, and networks.
6. To comply with legal and financial obligations and processes and to protect our rights, privacy, safety, property, and that of our affiliates, you, or other third parties.
7. To ensure contact information is up to date and accurate, to reduce risk and prevent fraud, to provide you with a personalized experience on our Platform and to communicate with you regarding new Service features and related products and services provided by our partners, events, and other information and notices we believe you may find interesting or useful.
8. We use usage data and other information collected to maintain, secure and improve our Platform and Services and to understand your interests when visiting our website.
9. We may aggregate or de-identify Personal Information and use it for purposes such as analyzing the effectiveness of our Services, improving and enhancing features, conducting research, and sharing general user statistics with third parties. We will maintain and use de-identified information in anonymous or de-identified form and will not attempt to re-identify the information.
10. As noted above, we may use Content you provide or that we collect to improve our Services.

4. Disclosure of Personal Information

In certain circumstances, we may disclose your Personal Information to third parties without further notice to you, unless required by law. These circumstances include:

1. Vendors and Service Providers: We use various third-party service providers that assist us in providing the Platform. We may provide Personal Information to vendors and service providers who assist us in business operations, including hosting services, cloud services, information technology services, event management, email communication software, web analytics, and more. These parties will access, process, or store Personal Information solely for the purpose of performing their duties on our behalf.
2. Business Transfers: If we engage in strategic transactions, any merger or sale of company assets or acquisition of all or a portion of our business by another company, reorganization, bankruptcy, receivership, or transfer of services to another provider ("Transaction"), your Personal Information may be disclosed during the diligence process and transferred to a successor or affiliate as part of that Transaction, along with other assets.
3. Legal Requirements: We may disclose Personal Information when required by law, including to meet national security or law enforcement requirements, protect and defend our rights or property, prevent fraud, act in urgent circumstances to protect safety, or comply with legal liability.
4. Affiliates: Personal Information may be shared with our affiliates, meaning entities that control, are controlled by, or are under common control with Cosign AI. Our affiliates will use the Personal Information in a manner consistent with this Privacy Policy.
5. Other circumstances: We also disclose Personal Information in the following circumstances or as otherwise described in this policy:

• If you provide a product or service review or otherwise share content on our Services, we disclose this information publicly and to other users of our Services.
• We may disclose Personal Information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
• We disclose Personal Information with your consent or at your direction.  
• We also disclose aggregated or de-identified information that cannot reasonably be used to identify you.

5. Your Choices

1. Account Information: You may update and correct certain account information at any time through your profile settings.
2. Communication preferences: You may opt out of receiving promotional emails from Cosign AI by following the instructions in those communications. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.

6. Your Rights

Our Services are currently only provided within the United States of America. We respect these rights within this scope, which may include:

1. Access: You have the right to access your Personal Information.
2. Deletion: You can request the deletion of your Personal Information.
3. Correction/Update: You may correct or update your Personal Information.
4. Data Portability: You have the right to request the transfer of your Personal Information.
5. Consent Withdrawal: You can withdraw your consent when we rely on it as the legal basis for processing.
6. Objection/Restriction: You may object to or restrict the processing of your Personal Information when we rely on legitimate interests as the legal basis for processing.

You can exercise some of these rights through your Cosign AI account. If you are unable to do so through your account, please submit a verifiable consumer request to us by emailing us at support@co-sign.ai.

The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

7. Important Notice to Non-U.S. Residents

Our Services and their servers are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us maybe transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to use any of our Services, you consent to any transfer and processing of your personal information in accordance with this Privacy Policy and you do so at your own risk.

8. California Privacy Rights

California residents have specific privacy rights related to their Personal Information under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act. These rights include:

1. Right to Know: You can request information about the processing of your Personal Information, including specific pieces collected.
2. Right to Deletion: You have the right to request the deletion of your Personal Information.
3. Right to Correction: You may correct your Personal Information.
4. Non-Discrimination: You are free from discrimination for exercising privacy rights.
5. We do not sell or share Personal Information as defined by the CCPA, nor do we process sensitive personal information for inferring consumer characteristics.

Exercising Your Rights: California residents can exercise their CCPA privacy rights by sending their request to support@co-sign.ai.

Verification: To protect your Personal Information from unauthorized access or changes, we may require verification of your credentials before processing requests. If you do not have an account with us or if we suspect fraudulent activity, you may be asked to provide additional information and proof of residency for verification.

Authorized Agents: You may submit rights requests through authorized agents, who must present signed written permission to act on your behalf. Additionally, you may be required to independently verify your identity and residency with us for agent requests.

9. Children

Cosign AI does not knowingly request or collect information from any person under 13 years of age without parental consent.  If you believe that a child under 13 has provided Personal Information to Cosign AI through the Service, please contact us at support@co-sign.ai. We will investigate such notifications and, if appropriate, delete the Personal Information from our systems.

10. Links to Other Websites

Our Service may contain links to third party websites not operated or controlled by Cosign AI (“Third Party Sites”). Your interactions with Third Party Sites are governed by their specific privacy policies and terms of service, not by this Privacy Policy. We do not imply endorsement or review of these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

11. Security and Retention

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, or destruction, both online and offline. However, no Internet or email transmission is entirely secure. You should exercise caution when deciding what information to send us via the Service or email. We are not responsible for the circumvention of privacy settings or security measures on the Service or third-party websites.

We retain your Personal Information only as long as necessary for providing our Service, legitimate business purposes (e.g., dispute resolution, safety, security, legal obligations), and in compliance with applicable laws. Retention periods depend on factors such as information quantity, nature, sensitivity, potential risk, processing purpose, and legal requirements. We may also use anonymized or de-identified information for research or statistical purposes without further notice.

12. HIPAA Compliance and Handling of Protected Health Information (PHI)

Cosign AI, Inc. is not a Covered Entity as defined under the Health Insurance Portability and Accountability Act and the and the Health Information Technology for Economic and Clinical Health Act (collective “HIPAA”) but Cosign AI may be considered a “Business Associate” to Covered Entities. As such, Cosign AI is dedicated to the compliant handling of Protected Health Information (“PHI”) in accordance with its Business Associate Agreement (or “BAA” as defined under HIPAA) that Cosign AI executes as part of its services to Covered Entities.  

Compliance with the BAA: Our handling of PHI is governed by the terms of our BAA, which takes precedence over any conflicting terms in other agreements.

13. Changes to the Privacy Policy

We may change this Privacy Policy at any time. When we do, we will post an updated version on this page or provide other required notices under applicable law. We may also provide you with additional notice (for example, by adding a statement to the Services or sending you a notification), such as in connection with making material changes to this Privacy Policy.  By continuing to use our Service or providing us with Personal Information after an updated Privacy Policy is posted or other notice is provided, you consent to the revised Privacy Policy. You will be able to determine when this Privacy Policy was last revised by checking the "Last Updated" information that appears at the top of this page.

14. How to Contact Us

If you have any questions or concerns not addressed in this Privacy Policy, please contact us at support@co-sign.ai.