Cogitae Privacy Policy
Summary
Cogitae is designed to keep your data under your control.
- Your conversations, files, prompts, and API keys are not sent to BitArts.
- Content you send to an AI provider goes only to the provider you configured.
- Most app data is stored locally on your devices.
- BitArts stores limited licensing data so trials and purchases can work.
- For macOS ↔ iPhone relay, encrypted data passes through BitArts servers, but BitArts does not have the keys needed to read it.
What Cogitae stores locally
Cogitae stores most working data on your Mac or iPhone, not on BitArts servers. Depending on the features you use, this may include:
- conversations and message history
- summaries, branches, and conversation metadata
- workspace references and file access permissions granted through macOS
- app settings and preferences
- AI provider configuration, including API keys you enter
- token usage or cost information shown to you inside the app
This local data is used to make the app work for you. It is not uploaded to BitArts as part of normal use.
What is sent to AI providers you configure
When you use Cogitae with OpenAI, Anthropic, Google, or any other provider you choose, the content needed to fulfill your request is sent to that provider on your behalf.
This can include:
- prompts and chat messages
- conversation history needed for context
- files or extracted file content you choose to provide
- tool outputs or other context included in a request
Those providers process your data under their own terms and privacy policies, not BitArts’. If you use local models, your data may remain entirely on your own device, depending on your setup.
What BitArts stores for licensing
When you start a trial, purchase a license, or activate Cogitae, BitArts stores limited information required to manage licensing.
This includes:
- your license key and related metadata, such as license type, creation date, and expiration date if applicable
- a cryptographic hash of your email address, not the email address itself
- device information used for activation management, such as a hardware identifier, device name, model, and OS version
- IP addresses used during license creation and verification, to help prevent fraud and troubleshoot licensing problems
BitArts does not store your actual email address, name, conversations, prompts, files, or AI provider API keys as part of the licensing system.
Because BitArts does not store your actual email address, you should keep track of the email you used when obtaining a trial or license. If you need license recovery, you may be asked to enter that same email address so its cryptographic hash can be matched.
macOS ↔ iPhone relay
Cogitae can relay conversation data between your Mac and iPhone.
For this feature, encrypted data passes through BitArts servers so your devices can exchange information. The data is encrypted on your device before transmission and decrypted on your device after receipt. BitArts does not have the keys required to decrypt that relay content.
What BitArts does not collect in normal app use
BitArts does not receive, store, or review the following as part of normal use of Cogitae:
- your conversations or prompts
- your files or workspace content
- your AI provider API keys
- your message history
- your model responses
The main exceptions are limited licensing data and encrypted relay traffic used for device-to-device features.
Data retention
Licensing data may be retained for as long as needed to support license verification, recovery, fraud prevention, and related business records.
If you ask for deletion of your licensing data, BitArts can delete the associated records, but doing so may invalidate your license or prevent future recovery.
To request deletion of licensing data, contact privacy@bitarts.us.
Security
BitArts aims to minimize the amount of data it receives in the first place.
- Most application data stays local to your devices.
- AI requests are sent directly to the providers you configure.
- Licensing uses a cryptographic hash of your email address instead of storing the email address itself.
- Relay content between devices is encrypted before it passes through BitArts servers.
No system can promise perfect security, but Cogitae is designed to reduce central collection wherever possible.
Children’s privacy
Cogitae is not directed to children under 13, and BitArts does not knowingly collect personal information from children through the app.
If you believe a child has provided personal information to BitArts in connection with Cogitae, contact privacy@bitarts.us.
Changes to this policy
This policy may be updated from time to time. When it changes, the updated version will be posted on this page and the lastmod date will be updated.
Contact
If you have privacy questions about Cogitae or BitArts’ data practices, contact: