Privacy Policy
Last updated: January 2026 Β· CogniDetectAI v1.0
1. Overview
CogniDetectAI is designed with privacy as a core principle. This policy explains what data we collect, how it is used, and what protections are in place. We collect only what is strictly necessary to provide the screening service.
2. Data We Collect
We collect the following anonymised information during a screening session: (a) Demographic data β age range, gender (self-reported), country, and education level. (b) Questionnaire responses β 27 frequency-scale answers (0β4). (c) NLP interview text β typed or transcribed spoken responses to AI-generated questions. (d) Screening results β probabilistic disorder indicators and severity ratings.
3. Data We Do NOT Collect
We do NOT collect: your name, email address, phone number, IP address, device identifiers, location beyond country-level, facial data, video, or any other personally identifiable information. CogniDetectAI is designed to be fully anonymous.
4. Audio Data
If you choose the voice input mode, your audio is processed locally on the server by OpenAI Whisper. The audio file is automatically and permanently deleted within 5 minutes of transcription. Audio is not transmitted to any third-party ASR service. Only the resulting text transcript is retained as part of your session record.
5. How Data Is Used
Session data is used for: (a) Producing your screening result within the current session. (b) Research and system improvement by the development team. (c) Aggregate statistical analysis to evaluate model performance. No data is sold, licensed, or shared with third parties for commercial purposes.
6. Data Storage
Session records are stored in an SQLite database on the server infrastructure hosting the CogniDetectAI backend. Data is stored without personally identifiable fields and is accessible only to authorised administrators via the 2FA-protected admin panel.
7. Data Retention
Session records are retained for the duration of the research project. Users may request deletion of their session by contacting the administrator. Since sessions are anonymous, deletion requests should include the approximate date and time of the session.
8. Third-Party Services
CogniDetectAI uses Google Translate API for multilingual UI translation. Text sent to Google Translate may be subject to Google's Privacy Policy. This applies only to UI labels and question text, not to your personal responses. We do not transmit your NLP answers to Google Translate.
9. Cookies & Tracking
CogniDetectAI does not use cookies for tracking or advertising. The application may use browser session storage to maintain state during your active screening session. This data is cleared when you close your browser tab.
10. Security
Access to the admin panel and raw session data is protected by two-factor authentication (password + TOTP). The backend API uses HTTPS in production. Audio files are auto-deleted. We follow reasonable security practices appropriate for an academic final-year project.
11. Your Rights
You have the right to: know what data is held about you, request deletion of your data, and withdraw from the screening at any time. Since all data is anonymised, we cannot directly identify your specific records without additional information from you.
12. Children's Privacy
CogniDetectAI is not designed for or directed at children under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has used this tool without supervision, please contact us.
13. Changes to This Policy
This privacy policy may be updated as the project evolves. We will note the effective date at the top of this page. Continued use constitutes acceptance of the updated policy.
14. Contact
For privacy-related enquiries, please contact the lead developer via LinkedIn: linkedin.com/in/sankalp-indish/