Beta Security Policy

Scope

This policy applies to the beta window (2026-02-20 -> 2026-05-20) for CSGA Courtroom.

Trust boundary summary

  • Deployment boundary: local, connected cloud, and air-gap semantics are policy-governed.
  • Telemetry boundary: essential operational telemetry is separated from non-essential telemetry controls.
  • Operator governance: tenant RBAC, approvals, and audit controls define operational authority.
  • Customer boundary: source code and raw payload content remain customer-boundary data unless explicitly authorized by policy and deployment mode.

Data handling

  • Scans analyze the content you provide and store findings, evidence, and reports under your tenant.
  • Access is tenant-scoped and enforced by RBAC permissions.
  • Audit logs capture critical actions for accountability.

Retention defaults

Retention is governed by tenant policy defaults unless overridden:

  • Scans: 90 days
  • Audits: 365 days
  • Snapshots: 180 days

Telemetry

  • Product telemetry is used to measure adoption, scan performance, and reliability.
  • Telemetry is tied to your tenant and is used for operational and product quality purposes.

Opt-out

To opt out of non-essential telemetry, contact support at support@cognitia-ai.ai. We will coordinate policy updates and confirm the change in writing.

Data deletion requests

If you need data purged earlier than the default retention, contact support with the tenant ID and the scope of the request.

Support and escalation

  • Support email: support@cognitia-ai.ai
  • Status page coming soon; for incidents, use the support email above.