Privacy Policy

Cogniagent ("we," "us," or "our") is an AI automation agency that builds and operates AI voice agent systems, lead management pipelines, and client-facing analytics dashboards for businesses in the roofing and home services industries.

This Privacy Policy applies to:

• Business Clients — companies that purchase our services (e.g., roofing contractors)
• End Users / Leads — individuals whose data is processed through our systems on behalf of our clients
• Website Visitors — anyone who visits cogniagent.in

We provide three core service lines: the Inbound Booking System, the Missed Lead Recovery System, and the Speed-to-Lead Follow-Up System — all powered by AI voice agents, automated workflows, and real-time client dashboards.

We collect and process the following categories of data:

From Business Clients

• Business name, address, phone number, email address
• Contact person name and role
• Billing and payment information (processed via Stripe/Wise — we do not store card details)
• Business configuration preferences and service settings

From End Users / Leads (provided by our clients)

• Full name, phone number, email address
• Physical address or service location
• Appointment details and service type requested
• Call recordings and transcripts (with consent — see Section 5)
• Lead status and interaction history
• Source of lead (e.g., Meta Ads, inbound call, referral)

From Website Visitors

• IP address, browser type, pages visited (via standard server logs / analytics)
• Information you voluntarily submit via contact forms

We use data collected solely to provide and improve our contracted services:

• Operating AI voice agents to make and receive calls on behalf of clients
• Routing and cleaning call data through automated workflows (n8n)
• Storing structured lead and call data in client-specific databases (Supabase)
• Powering real-time analytics dashboards visible to our clients
• Sending automated SMS, WhatsApp, and email follow-ups on behalf of clients
• Booking appointments and managing lead statuses
• Providing client support and system maintenance

Our AI voice agents are powered by Retell AI and utilize synthetic voices. All outbound and inbound calls made through our system include the following disclosures:

Call recordings are stored securely and are accessible only to the authorized client business through their dashboard. Recording retention follows the terms set out in Section 9.

The Telephone Consumer Protection Act (TCPA) governs automated calls and text messages to US consumers. Cogniagent takes TCPA compliance seriously:

• Consent Warranty: Our clients contractually warrant that all leads provided to us have given prior express written consent.
• Calling Hours: All outbound calls are made between 8:00 AM and 9:00 PM in the recipient's local time zone.
• DNC Compliance: We scrub all outbound call lists against the National Do Not Call Registry.
• Opt-Out Handling: Any individual who requests to stop receiving calls is immediately added to a suppression list.
• Client Indemnification: Clients are contractually responsible for ensuring valid TCPA consent exists for all leads they provide.

• Storage Location: All client and lead data is stored in Supabase (PostgreSQL), hosted on AWS in the United States (us-east-1).
• Encryption at Rest: AES-256 encryption for all stored data.
• Encryption in Transit: TLS 1.3 for all data transmitted between our systems and third-party services.
• Access Controls: Each client can only view their own data — no cross-client data access is possible.
• No Card Data Storage: All billing is processed through Stripe or Wise.
• Incident Response: We notify affected clients within 72 hours of discovery of any data breach.

We work with the following third-party sub-processors to deliver our services:

We will notify clients of any material changes to our sub-processor list with at least 30 days' advance notice.

• Active Client Data: Retained for the duration of the service agreement plus 90 days after termination.
• Call Recordings: Retained for 12 months from the date of the call.
• Lead & Appointment Data: Retained for the duration of the engagement plus 90 days.
• Billing Records: Retained for 7 years for accounting and tax compliance.
• After Termination: Clients may request a full data export within 30 days. After 90 days, all data is permanently deleted.

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Deletion: Request that your personal data be deleted from our systems.
• Right to Correction: Request that inaccurate data be corrected.
• Right to Opt-Out: Opt out of receiving automated calls, SMS, or email messages at any time.
• Right to Data Portability: Request your data in a portable, machine-readable format.

For California residents, these rights are additionally governed by the CCPA/CPRA. We do not sell personal information as defined under CCPA.

To exercise any of these rights, contact us at info@cogniagent.in. We will respond within 30 days.

Our business clients (Data Controllers) are responsible for:

• Obtaining valid prior express written consent from leads before providing their contact information to Cogniagent
• Maintaining a compliant privacy policy on their own website
• Honoring opt-out and data deletion requests from their leads and customers
• Ensuring their lead lists are scrubbed against applicable DNC registries before submission
• Notifying Cogniagent immediately of any legal claims or regulatory inquiries

For any questions, concerns, or requests regarding this Privacy Policy, please reach out:

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will notify active clients via email at least 14 days before the change takes effect.