AI Assurance & Governance

Privacy Policy

How Phi Cognition collects, uses, and safeguards information when you visit our website, contact us, or request a pilot engagement.

Last updated: June 30, 2026

Phi Cognition (“Phi Cognition,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit www.phicognition.com (the “Website”), contact us, or request a pilot engagement.

By using the Website or submitting information to us, you acknowledge that you have read and understood this Privacy Policy.

1

Scope of This Policy

This Privacy Policy applies to information we collect through the Website and through your business communications with us (for example, sales inquiries and pilot requests).

This policy does not govern data we process on behalf of clients during an engagement. When we provide AI output validation, governance, auditability, or risk-monitoring services, we may process data—including, where applicable, protected health information (PHI) or other regulated data—supplied by or on behalf of a client. That processing is governed by the separate written agreement between Phi Cognition and the client (such as a master services agreement, data processing agreement, and/or business associate agreement), and not by this Website Privacy Policy. In those engagements, the client is the controller (or covered entity), and Phi Cognition acts as a processor (or business associate) as defined in the applicable agreement.

2

Information We Collect

  • Information you provide directly: When you complete our pilot request form, email us, or otherwise contact us, we may collect your first and last name, work email address, company name, industry, telephone number (if provided), details about the AI workflow you are interested in, and any other information you choose to share.
  • Information collected automatically: When you visit the Website, we and our service providers may automatically collect technical information such as your IP address, browser type and version, device and operating system information, referring URLs, pages viewed, links clicked, and the dates and times of your visits. This information is collected through cookies and similar technologies (see Section 9).
  • Information from third parties: We may receive limited information about you from business sources such as professional networking platforms (for example, LinkedIn), referral partners, or analytics providers, consistent with their terms and applicable law.

We do not intentionally collect sensitive personal information through the Website, and we ask that you do not submit any health, financial, or other regulated personal data through our contact forms.

3

How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide the information or materials you request;
  • Evaluate, scope, and arrange pilot engagements and other services;
  • Communicate with you about our services, including follow-ups related to a request you submitted;
  • Operate, maintain, secure, and improve the Website and our services;
  • Conduct analytics to understand how the Website is used;
  • Send you marketing or informational communications where permitted by law (you may opt out at any time);
  • Comply with legal obligations, enforce our agreements, and protect our rights, property, and safety and those of others.
5

How We Share Information

We do not sell your personal information. We may share information in the following circumstances:

  • Service providers: Vendors who perform services on our behalf—such as website hosting, email delivery, customer relationship management, and analytics—who are authorized to use your information only as necessary to provide those services.
  • Professional advisors: Our lawyers, accountants, auditors, and similar advisors, where reasonably necessary.
  • Business transfers: In connection with a merger, acquisition, financing, reorganization, or sale of assets, in which case information may be transferred as part of that transaction.
  • Legal and safety reasons: Where we believe disclosure is required by law, regulation, legal process, or governmental request, or is necessary to protect the rights, property, or safety of Phi Cognition, our clients, or others.
6

International Data Transfers

Phi Cognition is based in the State of Delaware, USA. If you access the Website from outside that jurisdiction, your information may be transferred to, stored in, and processed in a country whose data protection laws may differ from those in your location. Where required, we implement appropriate safeguards (such as standard contractual clauses) for such transfers.

7

Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this policy, including to respond to your inquiry, manage a prospective or active business relationship, comply with our legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we securely delete or anonymize it.

8

Data Security

We maintain administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, or alteration. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. Please use care when transmitting information to us.

9

Cookies and Tracking Technologies

The Website uses cookies and similar technologies to enable core functionality, remember your preferences, measure traffic, and understand how the Website is used. You can control cookies through your browser settings and, where offered, through our cookie banner. Disabling certain cookies may affect Website functionality.

We may use third-party analytics, advertising, or performance tools that use cookies and similar technologies to help us understand how visitors use the Website and improve its functionality. These third-party providers process information in accordance with their own privacy policies.

10

Your Privacy Rights

Depending on where you live, you may have certain rights regarding your personal information, which may include the right to access, correct, delete, or receive a copy of your information; to object to or restrict certain processing; to withdraw consent; and to opt out of marketing communications.

EEA/UK residents have rights under the GDPR/UK GDPR, including the right to lodge a complaint with a supervisory authority.

California residents have rights under the California Consumer Privacy Act, as amended (CCPA/CPRA), including the right to know, delete, and correct personal information, and the right to opt out of “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined under the CCPA. We will not discriminate against you for exercising your rights.

To exercise any of these rights, contact us using the details in Section 14. We will respond as required by applicable law and may need to verify your identity before fulfilling your request.

12

Children's Privacy

The Website is intended for businesses and professionals and is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us so we can delete it.

13

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be communicated through the Website or by other appropriate means. Your continued use of the Website after any changes become effective constitutes your acceptance of the revised Privacy Policy.

14

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us: