Terms & Policies

Last updated: March 4, 2026

1. Acceptance of Terms

By creating an account, accessing, or using the Cognition platform in any way — including but not limited to browsing the website, registering an account, depositing cryptocurrency, using AI models, or interacting with any feature — you acknowledge that you have read, understood, and agree to be legally bound by these Terms of Service and the Privacy Policy below.

You represent and warrant that you are at least 18 years of age (or the age of majority in your jurisdiction) and have the legal capacity to enter into this agreement. If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization.

These terms constitute a legally binding agreement between you ("User," "you") and the operators of Cognition ("we," "us," "the Platform").

2. Service Description

Cognition is an experimental, open-source, self-hostable AI platform that provides:

• A web-based interface for interacting with AI language models
• Client-side encryption of user data (conversations, messages, API keys)
• Integration with third-party AI providers (OpenAI, Anthropic, OpenRouter, Ollama, and others)
• Cryptocurrency payment processing for AI API credits
• Docker-based development workspaces
• Telegram bot integration
• Agent and workflow automation tools

The Service is provided on an "as is" and "as available" basis. We make no guarantees regarding uptime, availability, accuracy, completeness, reliability, or fitness for any particular purpose.

3. Accounts & Security

You are solely responsible for:

• Maintaining the confidentiality of your password and encryption key
• All activity that occurs under your account
• Ensuring your password is strong and not reused from other services
• Logging out and locking your vault when not in use

You must not share your account credentials with any third party. We are not responsible for any loss or damage resulting from your failure to maintain the security of your account.

We reserve the right to suspend or terminate any account at any time, for any reason, without notice.

4. Cryptocurrency Payments

4.1 Deposit Risk

By depositing cryptocurrency to the Platform, you acknowledge and accept the following risks:

• Irreversibility. Blockchain transactions are final and cannot be reversed, cancelled, or refunded by us or anyone else.
• Wrong address or chain. Sending funds to an incorrect address or on an unsupported blockchain will result in permanent, irrecoverable loss of those funds. We are not responsible for user error.
• Unsupported tokens. Only ETH, USDC, and USDT on Ethereum and Base are supported. Sending any other token will result in permanent loss.
• Network delays. Blockchain congestion, reorganizations, or RPC provider outages may delay or prevent deposit detection.
• Price volatility. ETH deposits are converted to USD at the market rate at the time of detection. Price fluctuations between sending and detection are your risk.
• Minimum deposits. Deposits below the minimum threshold (0.001 ETH, $1 USDC, $1 USDT) will not be credited and may not be recoverable.
• Smart contract risk. Interactions with ERC-20 token contracts carry inherent smart contract risk.

4.2 No Refunds

All cryptocurrency deposits are final and non-refundable. Once funds are deposited, they cannot be withdrawn, returned, or refunded under any circumstances, including but not limited to: accidental deposits, service dissatisfaction, account termination, platform downtime, or changes to these terms.

4.3 No Financial Advice

Nothing on this platform constitutes financial, investment, tax, or legal advice. Cryptocurrency is a highly volatile and speculative asset class. You should consult qualified professionals before making any financial decisions.

4.4 Regulatory Compliance

You are solely responsible for determining whether your use of the Service, including depositing cryptocurrency, complies with all applicable laws and regulations in your jurisdiction. The Platform does not operate as a money transmitter, exchange, broker, or financial institution. We do not custody user funds beyond the technical operation of the deposit wallet system. You represent that you are not subject to sanctions or located in a jurisdiction where use of this service is prohibited.

4.5 Tax Obligations

You are solely responsible for reporting and paying any taxes arising from your use of the Service, including but not limited to taxes on cryptocurrency transactions. We do not provide tax forms, withholding, or reporting to any tax authority.

5. API Keys & Third-Party Services

The Platform integrates with third-party AI providers including but not limited to OpenAI, Anthropic, OpenRouter, and Ollama. By using these integrations, you acknowledge:

• Third-party terms apply. Your use of third-party AI models is subject to those providers' terms of service, acceptable use policies, and privacy policies. We are not responsible for the conduct, availability, or policies of third-party providers.
• API key responsibility. API keys provisioned through the Platform (including OpenRouter keys) are your responsibility. Keys are shown once and cannot be recovered if lost.
• Usage limits. API credits may expire, be revoked, or become invalid due to third-party policy changes. We are not responsible for changes to third-party pricing, availability, or terms.
• Content policies. AI providers may refuse to process requests that violate their content policies. We have no control over these decisions.
• Data processing. When you use cloud AI models, your prompts are sent to the AI provider's servers for processing. While encrypted at rest on our servers, prompts must be decrypted to send to AI providers. See the Privacy Policy for details.

6. Acceptable Use

You agree not to use the Service to:

• Violate any applicable law, regulation, or third-party rights
• Generate, store, or distribute illegal content
• Attempt to circumvent the encryption, security measures, or access controls of the Platform
• Interfere with, disrupt, or overload the Service or its infrastructure
• Use the Service for money laundering, terrorist financing, sanctions evasion, or any other financial crime
• Reverse engineer, decompile, or disassemble any part of the Service (except as permitted by open-source licenses)
• Use automated systems to abuse, scrape, or excessively burden the Service
• Impersonate any person or entity
• Use the Service to harm, harass, threaten, or defraud any person

We reserve the right to determine, in our sole discretion, what constitutes a violation of these terms and to take appropriate action including account termination.

7. Encryption & Data Loss

You acknowledge and accept:

• Password loss is permanent data loss. Your encryption key is derived from your password. If you forget your password, all encrypted data (conversations, messages, API keys, agent configurations) is permanently and irrecoverably lost. We cannot help you recover it.
• No password reset. There is no "forgot password" feature. There is no recovery email, no security questions, no backup codes, and no customer support that can restore access. This is a fundamental consequence of zero-knowledge encryption.
• No server-side decryption. We do not possess your encryption key and cannot decrypt your data under any circumstances — including law enforcement requests, court orders, or your own request.
• Encryption is not infallible. While we use industry-standard AES-256-GCM encryption, no security system is perfect. Browser vulnerabilities, malware, compromised devices, or future cryptographic breakthroughs could theoretically compromise your data.
• No backup guarantee. We do not guarantee the persistence, backup, or recoverability of your data. You are responsible for maintaining your own backups.
• Data loss. Hardware failure, software bugs, database corruption, or service discontinuation could result in data loss. We are not liable for any data loss regardless of cause.

8. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. We expressly disclaim all warranties, including but not limited to:

• Implied warranties of merchantability, fitness for a particular purpose, and non-infringement
• Any warranty that the Service will be uninterrupted, timely, secure, error-free, or free of viruses or other harmful components
• Any warranty regarding the accuracy, reliability, or completeness of any content, information, or results obtained through the Service
• Any warranty regarding the security or integrity of the encryption implementation
• Any warranty that AI model outputs will be accurate, truthful, unbiased, safe, or suitable for any purpose
• Any warranty regarding the availability or continued operation of third-party services

AI language models may produce outputs that are inaccurate, misleading, biased, offensive, or harmful. You are solely responsible for evaluating and using AI outputs. Do not rely on AI outputs for medical, legal, financial, or safety-critical decisions.

9. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE PLATFORM, ITS OPERATORS, AFFILIATES, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY:

• Indirect, incidental, special, consequential, punitive, or exemplary damages
• Loss of profits, revenue, data, goodwill, or other intangible losses
• Damages resulting from unauthorized access to or alteration of your data
• Damages resulting from any interruption or cessation of the Service
• Damages resulting from loss of cryptocurrency, API credits, or other digital assets
• Damages resulting from the conduct of any third party on the Service
• Damages resulting from AI model outputs or actions taken based on such outputs
• Damages resulting from your failure to maintain the security of your account or password

IN NO EVENT SHALL OUR TOTAL AGGREGATE LIABILITY EXCEED THE AMOUNT YOU HAVE PAID TO US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR ONE HUNDRED US DOLLARS ($100), WHICHEVER IS LESS.

Some jurisdictions do not allow the exclusion of certain warranties or the limitation of liability for certain damages. In such jurisdictions, our liability shall be limited to the maximum extent permitted by law.

10. Indemnification

You agree to indemnify, defend, and hold harmless the Platform, its operators, affiliates, directors, employees, agents, and licensors from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including reasonable attorney's fees) arising from:

• Your use of the Service
• Your violation of these Terms
• Your violation of any third-party rights, including intellectual property rights
• Your violation of any applicable law or regulation
• Any content you create, store, or transmit through the Service
• Your cryptocurrency transactions, including tax obligations
• Any dispute between you and a third-party AI provider

11. Termination

We may terminate or suspend your access to the Service at any time, for any reason, without prior notice or liability. Upon termination:

• Your right to use the Service ceases immediately
• We may delete your account and all associated data
• Any unused cryptocurrency credits or API key balances are forfeited and non-refundable
• Sections regarding Disclaimer, Limitation of Liability, Indemnification, and Governing Law survive termination

You may terminate your account at any time by ceasing use of the Service. Due to zero-knowledge encryption, we cannot verify account ownership for deletion requests — if you want your data gone, simply stop using the Service and allow it to be purged during routine maintenance.

12. Modifications to Terms

We reserve the right to modify these Terms at any time. Changes take effect immediately upon posting. Your continued use of the Service after any modification constitutes acceptance of the updated Terms. It is your responsibility to review these Terms periodically.

We are not obligated to notify you of changes, though we may choose to do so via the Platform or website.

13. Governing Law & Disputes

These Terms shall be governed by and construed in accordance with applicable laws, without regard to conflict of law principles. Any disputes arising from or relating to these Terms or the Service shall be resolved through binding arbitration, except where prohibited by law.

You agree to waive any right to a jury trial and any right to participate in a class action lawsuit or class-wide arbitration.

14. Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.

Privacy Policy

This Privacy Policy describes how Cognition collects, uses, and handles your information. Due to our zero-knowledge encryption architecture, our data practices are fundamentally different from most platforms.

What we can see

Due to client-side encryption, the server stores only ciphertext for most user data. However, the following information is not encrypted and is visible to the server:

• Email address — used for authentication (login/register)
• Password hash — SHA-256 hash of your password (not the password itself)
• Session tokens — JWT tokens for maintaining login state
• Account metadata — account creation timestamps, session timestamps
• Deposit addresses — blockchain addresses generated for your account
• Credit balances and transaction records — amounts, timestamps, chain, token type
• Blockchain transaction hashes — public on-chain identifiers
• Workspace metadata — container IDs, status, port numbers (not workspace contents)
• Server access logs — IP address, request path, timestamp, HTTP status code

What we cannot see

The following data is encrypted client-side with your personal AES-256-GCM key before reaching the server. We cannot read, access, or decrypt this data:

• Conversation titles and metadata
• Message contents (prompts and AI responses)
• AI provider API keys and configurations
• Agent configurations and system prompts
• Workflow configurations
• Memory entries
• Knowledge graph contents
• App configurations

AI provider data sharing

When you use cloud AI models (OpenAI, Anthropic, OpenRouter, etc.), your prompts and messages are decrypted in your browser and sent to the AI provider through our server as a proxy. During this transit:

• Your decrypted API key and message content exist briefly in server memory during the request
• They are not logged, stored, or persisted beyond the duration of the HTTP request
• The AI provider receives your prompts and processes them according to their own privacy policy
• We have no control over how third-party AI providers handle your data

For maximum privacy, use Ollama with local models or WebLLM (browser-native AI). These options keep all data on your device.

Cryptocurrency data

Blockchain transactions are inherently public. When you deposit cryptocurrency:

• Your deposit address is derived from a platform-controlled HD wallet and is visible on-chain
• Transaction amounts, sender addresses, and timestamps are publicly visible on the blockchain
• We store deposit records (chain, token, amount, transaction hash) in our database
• We do not perform KYC (Know Your Customer) or identity verification
• We do not link your blockchain identity to your Cognition account beyond what is technically necessary

Cookies & local storage

• Session cookie — cognition_session JWT token for authentication
• localStorage — WebLLM toggle preference, memory extraction toggle. No encryption keys are stored in localStorage.
• No third-party cookies — we do not use analytics, tracking, or advertising cookies
• No telemetry — we do not collect usage analytics or behavioral data

Data retention

• Your encrypted data is stored indefinitely until you delete it or your account is terminated
• Server access logs may be retained for operational purposes
• Cryptocurrency transaction records are retained permanently for accounting purposes
• We do not have a data retention schedule for encrypted data because we cannot read it

Data deletion

You can delete individual conversations, messages, agents, workflows, and memories from within the app. Due to zero-knowledge encryption, we cannot verify account ownership for deletion requests submitted outside the app. If you lose access to your account, there is no mechanism for us to identify or delete your data on your behalf.

Law enforcement

If compelled by valid legal process, we can only provide what we have access to: encrypted ciphertext, email addresses, password hashes, account metadata, deposit records, and server logs. We cannot provide decrypted conversations, messages, or API keys because we do not possess the decryption key. Only your password can decrypt your data, and we do not have your password.

Data breach notification

In the event of a data breach affecting our servers, the encrypted data would be useless to an attacker without individual users' passwords. We will make reasonable efforts to notify affected users through available channels, but due to our minimal data collection, notification may be limited.

Children's privacy

The Service is not intended for use by anyone under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us.

International users

The Service may be accessed from various jurisdictions. You are responsible for compliance with your local laws. We make no representation that the Service is appropriate or available for use in any particular jurisdiction.

Contact

For questions about these Terms or the Privacy Policy, contact us on X (@CognitionAI_).

By using Cognition, you acknowledge that you have read and understood these Terms of Service and Privacy Policy and agree to be bound by them.