Welcome to Cosmos ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Platform"). Please read this policy carefully. If you disagree with any terms, please discontinue use of the Platform.
01 Information We Collect
Information You Provide Directly
- Account Information: Name, email address, password (stored encrypted), profile photo, headline, location, current role, company, and years of experience.
- Professional Details: Goals, tags, interests, bio, availability preferences, and goal statements you enter during onboarding or profile editing.
- LinkedIn Data: If you choose to link your LinkedIn account, we import your professional roles, experience, and display a "LinkedIn Linked" indicator on your profile. We do not post on your behalf or access your connections list without explicit permission.
- Communications: Messages, meeting notes, private labels, and other content you create within the Conversations workspace.
- Event Data: Event registrations, attendance, feedback, and ratings you provide after networking sessions.
- Payment Information: For paid events, payment details are processed by our third-party payment processor (Stripe). We do not store full card details.
Information We Collect Automatically
- Device Information: Device type, operating system, unique device identifiers, and mobile network information.
- Usage Data: Pages visited, features used, time spent, swipe interactions (anonymized), and click patterns.
- Log Data: IP address, browser type, referring/exit pages, and timestamps.
- Location Data: Approximate location based on IP address for event recommendations. We do not collect GPS location without explicit consent.
Information From Third Parties
- If you sign in via Google or LinkedIn OAuth, we receive your name, email, and profile picture from those providers.
- Analytics partners may provide aggregated, anonymized behavioral insights.
02 How We Use Your Information
We use the information we collect to:
Power our relevance algorithm to surface the most meaningful, goal-aligned connections for you.
Register you for events, send reminders, and generate post-event AI summaries.
Generate meeting summaries, suggest follow-up actions, and surface relevant next steps using your conversation data.
Send you transactional emails (account, security), product updates, and (with consent) marketing communications.
Detect and prevent fraud, enforce our community guidelines, and comply with legal obligations.
Understand how users interact with the Platform to improve features, performance, and user experience.
03 Sharing Your Information
We do not sell your personal data. We may share your information in the following limited circumstances:
- With Other Users: Your public profile information (name, photo, headline, tags, goal statement, and LinkedIn link status) is visible to other Cosmos members as part of the matchmaking experience. Private notes, labels, and CRM data are never shared with other users.
- Service Providers: We use trusted third-party vendors (e.g., Firebase/Google Cloud for infrastructure, Stripe for payments, OpenAI for AI features) under strict data processing agreements.
- Legal Requirements: We may disclose data if required by law, court order, or government authority.
- Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred. We will provide notice before your data is subject to a different privacy policy.
- With Your Consent: We will share your data in other circumstances with your explicit consent.
04 Data Retention
We retain your personal data for as long as your account is active or as needed to provide services. Specifically:
- Account data is retained until you delete your account.
- Conversation data (messages, AI summaries, notes) is stored for the duration of the connection relationship and deleted within 30 days of connection removal or account deletion.
- Payment transaction records are retained for 7 years as required by law.
- Anonymized analytics data may be retained indefinitely.
You may request deletion of your account and associated data at any time via privacy@cosmosapp.io. We will process deletion requests within 30 days.
05 Security
We implement industry-standard security measures to protect your data:
No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
06 Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Request a copy of the personal data we hold about you.
Correct inaccurate or incomplete data. You can update most information directly in your profile settings.
Request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements.
Request your data in a structured, machine-readable format.
Object to processing of your personal data for direct marketing or profiling purposes.
Request that we limit how we process your data in certain circumstances.
To exercise any of these rights, contact us at privacy@cosmosapp.io. We will respond within 30 days.
07 Cookies & Tracking
We use cookies and similar technologies on our website to:
- Essential Cookies: Required for the Platform to function (authentication sessions, security tokens). Cannot be disabled.
- Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics). Can be disabled via your browser settings or our cookie banner.
- Preference Cookies: Remember your settings and preferences for a better experience.
You can manage cookie preferences through your browser settings. Disabling essential cookies may impact Platform functionality.
08 LinkedIn Integration
When you choose to connect your LinkedIn account:
- We request read-only access to your public profile, work experience, and education data.
- We display a "LinkedIn Linked" indicator on your Cosmos profile as a trust signal.
- We import professional roles and experience to enrich your profile.
- We do not post, share, or modify any content on your LinkedIn account.
- You can disconnect LinkedIn at any time from your account settings.
- LinkedIn's own Privacy Policy governs their data practices.
09 Children's Privacy
Cosmos is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will promptly delete it. If you believe a minor has provided us with data, please contact us at privacy@cosmosapp.io.
10 International Data Transfers
Cosmos is operated from India and uses infrastructure (Google Cloud / Firebase) that may process data in the United States and other countries. By using our Platform, you consent to the transfer of your data to these countries, which may have different data protection laws than your jurisdiction.
For users in the European Economic Area (EEA), we ensure appropriate safeguards are in place through Standard Contractual Clauses (SCCs) when transferring data outside the EEA.
11 Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting a prominent notice on our Platform.
- Sending an email to the address associated with your account.
- Updating the "Last Updated" date at the top of this policy.
Continued use of the Platform after changes constitutes your acceptance of the updated policy.
12 Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: