Security & Privacy

We see the bill.
Never the content.

Cognocient is a cost-metadata proxy. It sits between your code and AI providers to extract token counts, model names, and attribution headers — and nothing else. Your prompts, responses, and user data are invisible to us by design.

Core security principles

Zero payload logging

Cognocient is a cost-metadata proxy. We extract token counts and attribution headers — we never read, store, or transmit your prompt text or AI responses. Your intellectual property and customer data stay entirely private.

AES-256 key encryption

Your OpenAI, Anthropic, and provider API keys are encrypted at rest with AES-256-GCM. They are decrypted in memory only for the millisecond required to forward your request, then immediately discarded.

Opt-in debug tracing only

Prompt content logging is disabled by default. If your team enables debug tracing for development purposes, it is scoped to a specific API key, has a configurable retention window (max 7 days), and can be wiped on demand.

In-region data residency

Cost metadata is stored in the same region as your account (US or EU). We do not transfer your call metadata across regions. EU customers are stored exclusively on EU infrastructure.

Exactly what we store — and what we don't

No ambiguity. Here is the complete list.

Prompt text / AI responses Never
User data or PII from your application Never
Your provider API keys (plaintext) Never
IP addresses of end users Never
Call metadata: timestamp, model, token counts, cost Stored
Attribution header values (feature name, dept, session ID) Stored
Aggregated spend and waste analysis Stored
Your Cognocient account and billing data Stored

How the proxy handles your request

Your application
      │
      │  POST /v1/chat/completions
      │  Authorization: Bearer sk-cog-YOUR-KEY
      │  X-Cost-Feature: ticket-resolver
      │  Body: { "model": "gpt-4o", "messages": [...] }  ← never read or stored
      ▼
Cognocient proxy  ─────────────────────────────────────────────────────
  1. Authenticate your proxy key
  2. Extract: model name, token estimate, attribution headers
  3. Retrieve your provider key from encrypted vault (in memory only)
  4. Forward the UNMODIFIED request to OpenAI / Anthropic / etc.
  5. Receive the response → extract: actual token counts, cost
  6. Log metadata row: { timestamp, model, tokens, cost, feature, dept }
  7. Stream the UNMODIFIED response back to your application
  8. Provider key discarded from memory
──────────────────────────────────────────────────────────────────────
      │
      │  Response streams back immediately
      ▼
Your application  (latency added: ~3–8ms)

Added latency is typically 3–8 ms per request — imperceptible to end users and well within provider SLAs.

Compliance posture

Because we never see your data, Cognocient simplifies — rather than complicates — your compliance posture for regulated industries.

GDPR

We process only cost metadata — no PII from your end users. Your account data is processed under standard contractual clauses for EU customers.

HIPAA

Because we never read or store PHI contained in prompts, routing healthcare AI traffic through the proxy does not introduce new HIPAA obligations. We execute BAAs for Business plan customers on request.

SOC 2 Type II

SOC 2 audit in progress. Current controls cover logical access, change management, and incident response. Report available to enterprise customers under NDA.

CCPA

We do not sell or share your data with third parties for advertising or marketing purposes. Data subject requests are handled within 30 days.

Call log retention

90 days on Growth and Business plans. 30 days on Base. Logs are immutable during the retention window and auto-deleted at expiry. Manual deletion available on demand.

Data residency

US accounts store data in AWS us-east-1. EU accounts store data in AWS eu-west-1. No cross-region transfer. Region is set at account creation and cannot be changed retroactively.

Account deletion

Closing your account triggers immediate deletion of all call logs, spend data, and configuration. Provider keys are wiped from the encrypted vault within 24 hours.

Questions or security disclosures?

For security vulnerability reports, compliance documentation requests, or BAA execution, contact our security team directly.

security@cognocient.com

We respond to all security reports within 24 hours.