Privacy Policy

Effective Date: 27th July, 2025
Last Updated: 27th July, 2025

This Privacy Policy describes how Maziwa LLC ("Cognition," "we," "us," or "our") handles information in relation to our WhatsApp chat analysis service available at cognitioncv.com (the "Service").

1. Information Collection and Use

Your WhatsApp Conversations Are Never Collected

Cognition employs revolutionary client-side architecture that makes data collection impossible:

  • Zero Server Contact: Your messages don't touch our infrastructure. Not during upload. Not during processing. Not ever.

  • Browser-Only Processing: All analysis occurs exclusively in your web browser using WebAssembly

  • No Digital Footprint: No cloud backups, no analytics tracking, no cookies remembering content, no logs, no traces, no exceptions

  • Verifiable Privacy: Open your browser's developer tools, click the Network tab, and verify yourselfno data flows to our servers

1.2 Limited Information We Collect

Account Information (via Clerk)

  • Email address for authentication

  • Encrypted password

  • Account creation date

  • Last login timestamp

Payment Information (via Stripe)

  • Payment method token (we never see full card details)

  • Transaction identifier

  • Purchase date and amount

  • Billing email address

Basic Technical Information

  • Browser type and version (for compatibility only)

  • General geographic location (country level from IP)

  • Error logs that contain no personal data

1.3 How We Use Information

The limited information we collect is used solely to:

  • Authenticate your access to the Service

  • Process your one-time payment

  • Provide customer support

  • Ensure Service compatibility

  • Comply with legal obligations

2. Data Processing Architecture

2.1 The Client-Side Revolution

Everything happens in YOUR browser. Unlike every other analytics app, Cognition never sees your data. Your conversations analyze themselveswe just provide the mirror.

2.2 End-to-End Processing Flow

  1. You export your WhatsApp chat

  2. Upload happens only to your browser's memory

  3. Processing occurs locally using WebAssembly

  4. AI requests go directly to Google's Gemini API

  5. Results render in your browser

  6. Close the tab = complete data erasure

Data Breaches Can't Touch You - When Target gets hacked, millions suffer. When Facebook leaks data, billions are exposed. When Cognition gets hacked? Nothing happens. Because we have nothing. Your data never existed on our servers.

Employee Access Impossible - Even we can't read your conversations. Our own team, our CEO, our engineersnobody can access what was never uploaded. This isn't policy; it's physics.

Government Requests Return Empty - Subpoenas, warrants, court ordersthey all receive the same response: we have no data to provide. Not won't provide. Can't provide. Your privacy is architecturally guaranteed.


2.3 Direct Browser-to-AI Architecture

All API calls originate directly from your browser to Google's Gemini API endpoints. No intermediary servers. No proxies. No data routing through our infrastructure.

3. Information Sharing and Disclosure

3.1 We Cannot Share What We Don't Have

Since your WhatsApp conversations never reach our servers, sharing them is architecturally impossible.

3.2 Limited Sharing of Account Information

We may share your email address only:

  • With Clerk for authentication services

  • With Stripe for payment processing

  • When required by law (though we'll resist where possible)

  • With your explicit consent

3.3 Government Requests Return Empty

Subpoenas, warrants, court ordersthey all receive the same response: we have no conversation data to provide. Not won't provide. Can't provide. Your privacy is architecturally guaranteed.

4. Third-Party Services

4.1 Google Gemini (AI Processing)

  • Processes data directly from your browser

  • Never touches our servers

  • Under Gemini's enterprise terms, conversations are never used for model training

  • Data analyzed in milliseconds then permanently deleted

  • Verify yourself: API calls go directly to generativelanguage.googleapis.com

4.2 Clerk (Authentication)

  • Maintains minimal authentication data in isolation

  • Cannot access conversation content (none exists in our system)

  • Subject to Clerk's privacy policy for authentication data only

4.3 Stripe (Payments)

  • Handles PCI-compliant payment processing

  • Has zero access to conversation data

  • Maintains only transaction records

  • Subject to Stripe's privacy policy

5. Data Security

5.1 Why This Architecture Matters

Data Breaches Can't Touch You
When Target gets hacked, millions suffer. When Facebook leaks data, billions are exposed. When Cognition gets hacked? Nothing happens. Because we have nothing. Your data never existed on our servers.


Employee Access Impossible
Even we can't read your conversations. Our own team, our CEO, our engineersnobody can access what was never uploaded. This isn't policy; it's physics.

5.2 Security Comparison

Traditional Apps:

  • Upload your data to their servers

  • Store conversations in their databases

  • Employees can potentially access

  • Vulnerable to breaches

  • Can be subpoenaed

  • Track your usage patterns

Cognition:

  • Everything stays in your browser

  • No server storage whatsoever

  • Impossible employee access

  • Breach-proof architecture

  • Nothing to subpoena

  • Zero tracking or analytics

5.3 Additional Security Features

Automatic Data Purging: The moment you close your browser tab, every trace vanishes. No cleanup needed. No "delete my data" requests.

Verifiable Security: Don't trustverify. Use your browser's developer tools to confirm no data leaves your device.

6. Data Retention

6.1 Conversation Data

  • Retention Period: Zero (never stored on our servers)

  • Browser Storage: Temporary, cleared on tab closure

  • Our Access: None

6.2 Account Data

  • Active Accounts: Retained while account exists

  • After Deletion: Removed within 30 days

  • Payment Records: 7 years (tax law requirement)

7. Your Rights

7.1 Universal Rights

You have the right to:

  • Access: Request the limited account data we maintain

  • Rectification: Correct your email or account information

  • Erasure: Delete your account entirely

  • Verification: Confirm our privacy practices yourself using browser tools

  • Objection: Opt-out of any optional communications

7.2 Regional Rights

California Residents (CCPA)

  • Right to know what personal information is collected (detailed above)

  • Right to delete personal information

  • Right to opt-out of sale (we never sell any data)

  • Right to non-discrimination

EU/UK Residents (GDPR)

  • Right to data portability

  • Right to withdraw consent

  • Right to lodge complaints with supervisory authorities

  • Right to restriction of processing

8. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect information from children. If we discover underage usage, we terminate the account and delete all associated data.

9. International Data Transfers

Since conversation data never leaves your browser, there are no international transfers of chat data. Limited account data may be processed in the United States by our service providers under appropriate safeguards

10. Cookies and Tracking

We use minimal, essential cookies only for:

  • Session authentication (via Clerk)

  • Basic security functions

  • Behavioral profiling

  • Analytics cookies

  • Advertising cookies

  • Cross-site tracking

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. For material changes, we will:

  • Email registered users

  • Display prominent website notices

  • Provide 30 days notice before changes take effect

12. The Privacy Promise

Your conversations achieve greater privacy through Cognition than native WhatsApp storage. We've architected physical impossibility of data exfiltration through zero-knowledge architecture. Data access isn't restrictedit's architecturally impossible.

13. Contact Us

For privacy inquiries or to exercise your rights:

Support Team

Maziwa LLC

30 N GOULD ST STE N

SHERIDAN WYOMING 82801,
United States

Email: support@cognition.cv
Response Time: Within 7 days

14. Legal Basis for Processing (GDPR)

For EU residents, we process limited data under:

  • Performance of Contract: Account and payment data necessary for service

  • Legitimate Interests: Security and fraud prevention

  • Legal Obligations: Tax and accounting requirements