CohesionX logo White CohesionX
CONTACT US

Privacy Policy

1. Introduction

This Privacy Policy outlines how CohesionX (“we”, “our”, “us”) collects, uses, shares, and protects information when you interact with the Vectormind AI platform, websites (e.g., https://cohesionx.co.za), and related services. We are committed to responsible data practices in compliance with POPIA, GDPR, ISO/IEC 27001, and NIST CSF standards.


2. Who We Are

CohesionX (Pty) Ltd is the data controller responsible for Vectormind.

Contact: info@cohesionx.co.za

Address: 13 Dely Rd, Hazelwood, Pretoria, 0081


3. Data We Collect

We collect the following types of information:

  • Personal Information: Name, email, job title, organizational affiliation.
  • Usage Data: IP addresses, browser type, session logs, telemetry, device identifiers.
  • Content Data: Prompts, documents, and interactions provided to the platform.
  • Cookies and Tracking: We use cookies to enhance user experience and analyse usage.

We do not knowingly collect information from children under the age of 8.


4. Purpose of Data Collection

Data is processed strictly for:

  • Delivering and improving Vectormind’s AI services
  • Contextual AI assistance, content drafting, and task automation
  • Securing the platform (e.g., anomaly detection, telemetry)
  • Complying with legal and contractual obligations
  • Internal analytics and service optimization

We apply purpose limitation as defined in POPIA and GDPR—data is only used for explicitly stated and consented reasons.


5. Legal Basis for Processing

We process your data under:

  • Consent
  • Contractual necessity
  • Legal obligations
  • Legitimate interests (e.g., fraud prevention, platform improvement)


6. Data Access and Role-Based Controls

  • Access is governed by least privilege and RBAC.
  • All personnel must complete training and follow secure usage protocols.
  • Developers use anonymized data unless explicitly authorized.
  • Third-party access is limited by Data Processing Agreements (DPAs).


7. Data Retention and Deletion

  • Data is retained only for as long as necessary.
  • On termination, data is securely deleted per NIST SP 800-88.
  • Clients may request deletion or export of data at any time.


8. Data Security Measures

  • Hosted on cloud with encryption (TLS 1.2+, AES-256)
  • Isolated Kubernetes clusters and storage for tenant data
  • Entra ID (Azure AD) SSO, MFA, Conditional Access
  • Monitored via OpenTelemetry; auditable logs retained for 12 months
  • AI guardrails for hallucination filtering, toxicity control, prompt injection defense


9. International Transfers

Data may be processed outside your jurisdiction. Where applicable, we use Standard Contractual Clauses (SCCs) and cloud infrastructure compliant with GDPR adequacy requirements.

 

10. Your Rights

Depending on jurisdiction, you may:

  • Access, correct, or delete your data
  • Object to processing or request restriction
  • Receive your data in portable format
  • Lodge a complaint with the Information Regulator (South Africa) or your national authority


11. Cookies and Embedded Content

  • Cookies are used for site functionality and usage analysis.
  • Embedded third-party content behaves as if visited directly.
  • Users can manage cookies via browser settings.

12. Children’s Privacy

Our platform is not intended for use by children under 8 years old. We do not knowingly collect data from minors without parental consent.


13. Changes to This Policy

We may update this policy periodically. Changes are posted and, where material, may be communicated via email or platform notifications.


14. Contact

CohesionX (Pty) Ltd

Email: info@cohesionx.co.za

© Copyright 2023 - 2024 | Cohesion X Pty Ltd | All Rights Reserved

CohesionX logo White CohesionX

Let’s Make Things Happen

info-4