Privacy Policy

Last updated: 2026-06-05

This policy explains how the website at cognicores.com ("the Site") handles your information. We operate tellerio.com as a separate product with its own privacy policy — the practices differ.

Operator and data controller

The Site is operated by:

• Volker Arndt, trading as Cognicores
• Address: Jucar 29, 46190 Riba-roja de Túria, Valencia, Spain
• NIF: Y8754104L
• Email: hello@cognicores.com

Volker Arndt is the data controller for the purposes of the EU General Data Protection Regulation (GDPR). The information above also constitutes the "información general" required under Article 10 of Spanish Law 34/2002 (LSSI-CE).

What we collect, and why

We collect only what's needed to run the Site and respond to enquiries:

• Chat messages — when you talk to the chatbot, your messages are sent to our generation backend, processed in memory, and used to produce the bot's reply. Messages are not written to disk on the backend; they exist only in your browser session and (until you close the page) are sent back with each new turn so the conversation has context.
• Email and/or phone number — when you submit them via the "Leave your details" form. We use them to contact you about your enquiry. Submitting at least one is required if you want us to follow up.
• Conversation transcript — when you submit the contact form, the transcript of your chat is included in the notification email we send to ourselves so we have context for follow-up. The transcript ends up in our regular inbox alongside your email/phone.
• IP address — used to enforce rate limits and prevent abuse. Stored as a short-lived counter that automatically deletes within 24 hours; not associated with any other data.
• Browser metadata — Cloudflare receives standard request headers (user-agent, referrer, country) to operate its network and security features. We do not use third-party analytics or tracking pixels.

Is providing your data required?

You can browse the Site and chat with the bot without identifying yourself — only an IP-based rate-limit counter is recorded (and deleted within 24 hours). The "Leave your details" form requires an email or phone number; without one, we have no way to reach you. You're under no legal obligation to provide your data; it's your choice whether to submit the form.

Cookies and local storage

We do not set tracking cookies. The only cookies you may encounter are short-lived security cookies set by Cloudflare for bot detection and during the contact-form challenge. Under EU/Spanish ePrivacy rules these are classified as "strictly necessary" and do not require consent. The Site uses no localStorage for personal data.

Who we share data with

We use a small number of processors to run the Site:

• Cloudflare, Inc. — hosting, DDoS protection, the Turnstile bot challenge, and the Workers KV store used for rate limits (privacy policy).
• Resend (Drift.com, Inc.) — sends the contact-form notification email to us (privacy policy).

The chatbot generation backend runs on hardware we control; chat messages do not leave our infrastructure for the LLM/TTS step.

We do not sell, trade, or rent your information, and we do not share it with advertisers.

How long we keep it

• Chat messages — not retained server-side. Held in your browser session only; gone when you close the tab.
• Contact-form submissions (email, phone, transcript) — kept in our email archive for as long as we have a legitimate interest in following up, normally up to 24 months. You can ask us to delete them at any time.
• IP rate-limit counters — automatically deleted after 24 hours.

Legal basis (GDPR)

• Consent — for processing the email/phone you submit via the contact form so we can reach out about your enquiry. You give consent by submitting the form, and you can withdraw it at any time by emailing us.
• Legitimate interest — for IP-based rate limiting and abuse prevention. The interest is keeping the free demo available and our infrastructure costs predictable; the impact on your privacy is minimal because the IP counter is short-lived and not joined with any other data.
• Contract performance — for processing the chat messages you send so the bot can respond.

AI-generated responses

The chatbot you talk to on this Site is an AI system. Its responses are generated by a language model and may be inaccurate, outdated, or out of context. Anything the bot says about Cognicores's services, pricing, timelines, or capabilities is informational; nothing in a chat session constitutes a contractual offer. We confirm specifics in writing during follow-up.

Your rights

If you are in the EU, the UK, or another jurisdiction with similar laws, you have the right to:

• Access the data we hold about you
• Have it corrected if it's wrong
• Have it deleted (the "right to be forgotten")
• Restrict how we process it
• Object to processing based on legitimate interest (such as our IP-based abuse prevention)
• Receive it in a portable format
• Withdraw consent at any time
• Lodge a complaint with your local data-protection authority (in Spain: the Agencia Española de Protección de Datos)

To exercise any of these, email hello@cognicores.com from the address on file. We respond within 30 days.

International transfers

Some of our processors (notably Resend) operate in the United States. Where personal data leaves the EEA, we rely on appropriate safeguards (such as the EU–US Data Privacy Framework or standard contractual clauses).

For US visitors (CCPA / CPRA)

We do not sell or share your personal information for cross-context behavioural advertising as those terms are defined under the California Consumer Privacy Act, and we have not done so in the past 12 months. If you are a California resident, you have the right to know what personal information we collect about you, to request its deletion, and to be free from discrimination for exercising your privacy rights. To exercise any of these rights, email hello@cognicores.com.

How we keep your data safe

All traffic to and from the Site is encrypted using HTTPS/TLS. Our processors (Cloudflare, Resend) hold relevant security certifications and store data in encrypted form at rest. The chat backend runs on hardware we control, not on shared hosting. No system is perfectly secure, but we follow common-sense practices and limit access to the minimum needed to operate the Site.

Changes to this policy

We may update this policy as the Site evolves. The "Last updated" date at the top reflects the most recent change. The updated text takes effect when posted.

Contact

Questions, requests, or concerns: hello@cognicores.com.

© 2026 Volker Arndt · Privacy · Terms · hello@cognicores.com