Security Policy

Last updated: June 19, 2026

1. Data Encryption

All network communication in Cognitone is encrypted in transit using TLS 1.3. Data at rest is encrypted using AES-256 standard encryption on our databases and S3 storage instances.

2. Authentication

User authentication is managed securely using Supabase Auth with OAuth providers (Google, GitHub) or secure email-based sign-in. Password hashing uses robust bcrypt-like key derivation functions.

3. AI Privacy

Your uploaded documents are processed only to build context maps and Socratic reflections. We do not use user documents to pre-train public base models.