Privacy and Data Policy

What user information do we collect and who controls your personal information?

Cognition will ask you to provide your name and email address. When you are using the website, some information is also collected via cookies. You can review your personal information and delete your account at any time. Once data has been deleted it cannot be recovered, data will be cleared permanently from our automated backups after 14 days.

Why is this information collected?

We need your email to authenticate your identity and to send you a password recovery email if necessary. We also need your name to personalize your user experience, and to contact you if support is needed. Cookies help us to generate a seamless user experience, for instance, helping us to authenticate and distinguish users.

Who will be able to access my information?

We will never share any personal information about our users with a third party. We do not access or share any data that is collected by our users.

Responsibility for deletion of participant data falls to the researcher including accidental deletion of participant data. While data recovery is theoretically possible, we do not guarantee this service and encourage users to regularly back up their collected data. Researchers can delete all data from a task or only the data pertaining to an individual participant. When this action is taken, data will be removed immediately from the database, and cleared permanently from our automated backups after 14 days.

How is my data protected?

Cognition is hosted on Amazon Web Services (AWS). Our database is hosted on Amazon Web Services (AWS RDS). AWS is responsible for protecting the infrastructure that runs AWS services in the AWS Cloud. Third-party auditors regularly test and verify the effectiveness of AWS security as part of the AWS compliance programs. To learn about the compliance programs that apply to Amazon RDS, see AWS Services in Scope by Compliance Program. Currently, all our instances are located in Frankfurt (Germany), within the European Union. In the future, we may need to expand to other regions as we take on more international users. This may allow us to keep data storage to specific jurisdictions if this is a requirement for country-specific data protection. All traffic to and from Cognition is encrypted via TLS/SSL.

How long will Cognition honor this privacy policy?

Effective from 15 June 2020, any change in our privacy policy will need to be communicated to the user.

Who is responsible for the realization of this privacy policy?

The site administrator of Cognition is responsible for compliance with this privacy policy. You can contact the administrator via email to admin [at] cognition.run or via phone: +1 650 507 93 77.

Your responsibility to protect participants’ personal information

If you are hosting experiments on Cognition it is also your responsibility to protect the privacy of your participants. Cognition will store the information that you collect from participants until you decide to delete them. You decide which information you collect in your experiment and you will have full control over that information. We encourage you to collect minimal personal information, in line with the ethics agreement approved by your institutional review board. When your study is complete, we suggest that you delete all subject specific information from the server, however, this is your sole responsibility and we will neither access nor share any information that is collected in the course of your tasks.