-
BSI Mark of Trust
-
ISO/IEC 27001
-
GDPR
-
DPF
-
SCCs GDPR
-
NIST
-
EU AI Act
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
ISO/IEC 27001:2022
Certified Information Security Management System (ISMS), externally audited annually by an accredited certification body. Covers the full Cognincian platform and supporting operations.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
GDPR Compliance
Full compliance with the EU General Data Protection Regulation. The Cognician platform supports data subject rights including, access, erasure, and portability.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
EU-US Data Privacy Framework (DPF)
Cognician supports international data transfers from the EU to the US under the EU-US Data Privacy Framework, established in 2023 as the successor to Privacy Shield following the Schrems II ruling. This ensures lawful transfer of personal data in accordance with EU adequacy requirements.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Standard Contractual Clauses (SCCs)
Where the DPF does not apply, Cognician relies on the European Commission's Standard Contractual Clauses as a lawful mechanism for transferring data outside the EEA.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
NIST Cybersecurity Framework
Our security programme is risk-based and aligned with both ISO and NIST frameworks, covering Identify, Protect, Detect, Respond, and Recover functions with continuous monitoring and improvement cycles.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
EU Artificial Intelligence Act (EU AI Act)
Cognician has proactively aligned its AI governance framework with the principles of the EU AI Act, not simply because it may apply to us, but because we believe it represents the right foundation for responsible AI. The Act's risk-based methodology reinforces the same values that underpin our broader approach to security and privacy: that trust must be earned through deliberate practice, not compliance minimums.
This alignment reflects who we are and how we work. Cognician operates at the intersection of human behavior and technology; our clients trust us with their people and their data. Embedding the EU AI Act's principles into our governance gives our clients, and their own stakeholders, confidence that the AI practices running through our platform are held to a rigorous, globally recognized standard today and as regulation continues to evolve.
Certifications and Compliance
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
SOC 2 – Inherited via Microsoft Azure
Cognician does not hold a standalone SOC 2 report. Our platform is hosted entirely on Microsoft Azure, which maintains SOC 2 Type II certification across its infrastructure. Cognician's security controls are designed to operate within and complement Azure's environment. Microsoft's compliance document is available via the Azure Trust Center.
MFA & SSO
Least Privilege
Audit & Visibility
See Our values
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Continuous Threat Monitoring
Real-time alerting and centralized logging provide continuous visibility across our environment. Anomalous activity is detected and escalated automatically, with structured investigation and rapid containment processes in place.
Vulnerability Management
Ongoing vulnerability identification, prioritization, and remediation runs continuously between scheduled assessments. All findings are formally tracked and resolved through structured governance processes.
Incident Response
A formal incident response capability ensures rapid containment, structured investigation, and timely communication with affected parties in line with regulatory obligations.
Risk Management
Risk assessment and management are core to our ISMS. Our risk-based approach – aligned to ISO and NIST – ensures cybersecurity investments are directed where they matter most and reviewed on a continuous basis.
.png?width=400&height=400&name=wired-outline-2512-artificial-intelligence-ai-alt-hover-pinch%20(1).png)
Our AI Approach
Responsible AI Principles
Microsoft
Azure
Datomic
Database
Clojure
Application Stack
See Our values
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Annual ISO/IEC 27001 External Certification Audit
Conducted by an accredited certification body. Validates ingoing ISMS effectiveness and full control coverage.
See Our values
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Annual Internal Independant ISMS Audit
Internal audit function validates continuous control effectiveness and drives improvement between external cycles.
See Our values
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Annual Independent Penetration Testing
Aligned to industry standards. All findings formally tracked, prioritized, and remediated through structured governance.
See Our values
We build revenue-driving systems on HubSpot for businesses that are ready to grow - and keep on growing.
Ongoing Vulnerability Identification and Remediation
Continuous scanning and real-time alerting ensure emerging threats are identified and addressed between scheduled assessments.
Explore Cognician!
