Trust Center
Security & trust at Cossmic
Cossmic is built for hiring teams in India, and your data stays in India. This is where we document how we protect it — the security measures, the vendors we rely on, and how to reach us.
Your data is stored and processed in India.
Database, application compute and email all run in Indian regions. Error monitoring carries no personal data. See the residency table on the Security Overview.
Security Overview
Encryption, tenant isolation, access control, reliability and how Cossmic staff access is governed.
Subprocessors
The vendors that help run Cossmic, what each does, and our 30-day change-notice commitment.
Responsible Disclosure
How to report a security issue, our safe-harbour commitment, and security.txt.
Privacy Policy
What data we handle, why, where it lives, and your rights over it.
Data Processing Agreement
The DPA available to paying customers, with roles and safeguards defined.
Data Retention
How long each type of data is kept, and when it is erased or anonymised.
Contact
Security reports: security@cossmic.in. Privacy & data-rights requests: privacy@cossmic.in.