Privacy Policy

Last updated: March 30, 2026

1. Data controller

GODOFCONTRACTING SRL
CUI: RO34728093
Romania
Email: privacy@coherence-solutions.com

GODOFCONTRACTING SRL ("the Company," "we," "us") is the data controller for personal data collected through the Coherence platform and the coherence-solutions.com website. We process your data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Romanian data protection law.

2. Legal basis for processing

We process personal data under the following legal bases as defined by GDPR Article 6:

  • Consent (Art. 6(1)(a)): Analytics cookies, marketing communications, and newsletter subscriptions. You may withdraw consent at any time.
  • Contract performance (Art. 6(1)(b)): Account creation, service delivery, billing, and support. Processing is necessary to provide the Coherence platform to you.
  • Legitimate interest (Art. 6(1)(f)): Security monitoring, fraud prevention, service improvement, and aggregated analytics. We balance our interests against your rights and freedoms.
  • Legal obligation (Art. 6(1)(c)): Tax records, regulatory compliance, and responding to lawful government requests.

3. What data we collect

Data you provide directly:

  • Name, email address, company name, job title (account registration, contact forms, demo requests).
  • Company size and industry (access request forms).
  • Communications content (emails, support requests, feedback).

Data collected automatically:

  • IP address (anonymized in analytics, full IP in server logs for security).
  • Browser type, operating system, device type.
  • Pages visited, session duration, referral source, interaction events.
  • Authentication tokens (Firebase Authentication).

Platform data (when using Coherence):

  • Source code repositories, database schemas, documentation, and other organizational assets you ingest.
  • Business concepts, ontology definitions, and knowledge graph data you create.
  • Queries, simulations, and analytics outputs.

4. Data ownership

Your organizational data belongs to you. All data you ingest, all ontologies you create, all knowledge graphs you build, and all outputs generated from your data are your intellectual property. We do not claim any ownership rights over your data. We process it solely to provide the service.

We do not sell your data. We do not share your organizational data with third parties. We do not use your data to train AI models. Your data is isolated in your own workspace and is never accessible to other customers.

5. How we use your data

  • To create and maintain your account and provide the Coherence platform.
  • To process your organizational data into a unified knowledge model (the core service).
  • To respond to support requests and communications.
  • To send product updates and service notifications (required for service delivery).
  • To send marketing communications (only with your explicit consent, revocable at any time).
  • To analyze website usage in aggregate to improve the experience (only with cookie consent).
  • To detect and prevent security threats, fraud, and abuse.
  • To comply with legal obligations.

6. Cookies and tracking

Essential cookies: Required for authentication, session management, and security. These cannot be disabled as they are necessary for the service to function.

Analytics cookies (consent required): Google Analytics (GA4) is used to understand website usage patterns. Analytics cookies are blocked by default and only activated after you explicitly accept them via the cookie banner. You can revoke consent at any time by clearing your browser cookies.

No cross-site tracking: We do not use advertising cookies, retargeting pixels, or any form of cross-site tracking.

7. Data processing and storage

  • Website data: Stored in Firebase (Google Cloud) with encryption at rest and in transit (TLS 1.3).
  • Platform data: Stored on Google Cloud Platform (GCP) infrastructure in secured, encrypted databases. Neo4j graph database with encryption at rest. All API communications encrypted with TLS 1.3.
  • Backups: Encrypted and retained for disaster recovery only. Not accessible for any other purpose.
  • Data location: Processed primarily on GCP infrastructure. EU data residency available on request for enterprise customers.

8. Third-party processors

We use the following sub-processors to deliver the service. Each processes data under strict contractual obligations compliant with GDPR Article 28:

  • Google Cloud Platform: Infrastructure hosting, database services, authentication (Firebase).
  • Google Analytics (GA4): Website usage analytics (consent-based only). IP anonymization enabled.
  • Anthropic: AI model provider for platform intelligence features. Data sent for processing only, not used for model training. Subject to Anthropic's enterprise data processing agreement.
  • Mux: Video streaming for website content only. No personal data shared.

9. Your rights under GDPR

As a data subject in the European Economic Area, you have the following rights under GDPR Articles 15-22:

  • Right of access (Art. 15): Request a copy of all personal data we hold about you.
  • Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
  • Right to restrict processing (Art. 18): Request that we limit how we use your data.
  • Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interest or for direct marketing.
  • Right to withdraw consent (Art. 7): Withdraw consent at any time for consent-based processing. Withdrawal does not affect the lawfulness of processing before withdrawal.
  • Right to lodge a complaint: You have the right to file a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) or your local supervisory authority.

To exercise any of these rights, contact privacy@coherence-solutions.com. We will respond within 30 days as required by GDPR.

10. Data retention

  • Account data: Retained for as long as your account is active. Deleted within 30 days of account closure or deletion request.
  • Platform data: Retained for as long as your account is active. Upon account closure, you have 30 days to export your data before it is permanently deleted.
  • Analytics data: Retained in anonymized, aggregated form. Individual session data is not retained beyond 14 months (GA4 default).
  • Server logs: Retained for 90 days for security purposes, then automatically deleted.
  • Contact form submissions: Retained for the duration of the business relationship plus 3 years for legitimate interest (follow-up, legal compliance).

11. Data security

  • Encryption in transit: TLS 1.3 on all connections.
  • Encryption at rest: AES-256 for all stored data.
  • Authentication: Firebase Authentication with Google OAuth 2.0.
  • Access control: Role-based access within the platform. Internal access strictly limited and logged.
  • Infrastructure: Google Cloud Platform with SOC 2 Type II, ISO 27001, and GDPR compliance certifications.
  • Monitoring: Automated security monitoring and alerting.

12. International data transfers

Your data may be processed outside the EEA when using AI model providers (Anthropic, US-based). Such transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical measures (encryption in transit and at rest).

13. Children

Coherence is not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.

14. Changes to this policy

We may update this policy from time to time. We will notify you of material changes via email or through the platform at least 30 days before they take effect. Continued use of the service after changes take effect constitutes acceptance.

15. Contact and complaints

Data Controller:
GODOFCONTRACTING SRL
CUI: RO34728093
Romania
Email: privacy@coherence-solutions.com

Supervisory Authority:
Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal (ANSPDCP)
B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, Romania
Website: dataprotection.ro

See the whole machine.

The Banking Playground is live. Explore a pre-loaded digital twin with 285 concepts and 630 technical assets. Ready to go deeper? Apply for a Discovery Sprint on your own data.

No commitment required. Playground access is instant.

This site uses cookies

We use essential cookies for the site to function and analytics cookies (Google Analytics) to understand how you use it. Analytics cookies are only activated with your consent. We do not track you across other websites. Your data is stored in the EU and processed in accordance with GDPR. Read our Privacy Policy

CoherenceCoherence