Privacy Policy
Cognis Group Limited ("Cognis", "we", "us", "our") is committed to protecting the personal data of every visitor, prospective client, and engagement participant. This policy explains what we collect, why we collect it, how we use it, how long we keep it, and the rights you hold over it. It applies to cognis.group and to any direct engagement you have with us.
1. Who we are
Cognis Group Limited is registered with the Corporate Affairs Commission of Nigeria and operates from Lagos, serving organisations across Africa, Europe, and the Americas. For any privacy question, write to [email protected] or call +234 908 000 1101.
2. What we collect
We collect only the personal data we need to answer an enquiry, deliver an engagement, or run our website.
- Contact data — name, business email, phone number, company, and any context you share when you submit a form, subscribe to our newsletter, or email us.
- Engagement data — documents, notes, credentials, and workshop outputs shared with us during a live engagement. Handled under a separate signed engagement contract with confidentiality terms.
- Usage data — basic request logs (IP address, user agent, referrer, page path, timestamp) retained short-term for security and abuse detection by our hosting and CDN providers.
We do not knowingly collect data from children under 16, and we do not process sensitive categories of personal data through the website.
3. Why we collect it (legal bases)
- Consent — newsletter subscription, optional marketing follow-ups.
- Legitimate interest — responding to enquiries, protecting the website and our systems, measuring site health.
- Contract — delivering an engagement you have signed with us.
- Legal obligation — retaining records required by Nigerian tax, corporate, or regulatory authorities.
4. Cookies and analytics
This site runs a minimal-cookie approach. We use only strictly necessary cookies for routing, session handling, and security. We do not run advertising or cross-site tracking pixels. Where we measure aggregate site health, we use privacy-respecting, server-side analytics with no personal identifiers.
5. Who we share it with
We share personal data with a small set of vetted service providers strictly to run the business:
- Infrastructure and CDN (Cloudflare) for hosting and delivery.
- Form processing (Web3Forms) for routing contact and newsletter submissions.
- Business email and document platforms for internal collaboration.
- Advisers and processors covered by confidentiality and data-processing agreements.
We do not sell personal data. Ever.
6. International transfers
Because our clients and infrastructure span Africa, Europe, and the Americas, personal data may be transferred across borders. Where transfers leave Nigeria or the European Economic Area, we rely on standard contractual clauses and equivalent safeguards to protect your data.
7. How long we keep it
- Contact enquiries — up to 24 months from last interaction, then deleted.
- Newsletter subscribers — until you unsubscribe (every email contains a one-click unsubscribe link).
- Engagement records — for the duration of the contract plus the minimum statutory retention period that applies to the engagement type.
- Server logs — no more than 90 days unless needed for an active security investigation.
8. Your rights
Under the NDPA and GDPR where applicable, you have the right to access, correct, erase, restrict, port, and object to the processing of your personal data, and the right to withdraw consent at any time. To exercise any of these rights, email [email protected]. We will respond within 30 days.
You may also lodge a complaint with the Nigeria Data Protection Commission (NDPC) or, if you are in the EU, your local supervisory authority.
9. Security
We apply role-based access, least-privilege principles, encryption in transit, and vendor due diligence to every system that holds personal data. Where an engagement requires stronger controls — for example under ISO 42001 or a client's compliance regime — we align to those controls under the engagement contract.
10. Changes to this policy
When we update this policy, we change the "Last updated" date at the top. Material changes are announced on the website and, where you are a subscriber or active client, notified directly.
11. Contact
Questions, requests, or concerns: [email protected] · +234 908 000 1101 · Lagos, Nigeria.