If you use Smartlead or Instantly for your sending infrastructure, you have good reasons to be skeptical of a new AI platform touching your Gmail and sequences. This page addresses every concern directly — no corporate vagueness.
Cognlay is not a sending infrastructure platform.
Cognlay does not have its own IP pools. It does not warm up inboxes. It does not route your email through shared servers. It uses your own Gmail or Google Workspace mailbox, authenticated via OAuth. Your emails go out from your domain, your IP, your reputation — Cognlay writes the content and decides when to send it.
Cognlay does not replace your sending infrastructure. It uses your own connected Gmail or Google Workspace mailbox — the same one you already control. There are no shared Cognlay IP pools. There are no shared warm-up accounts. Your emails go out from your domain, your mailbox, your reputation. Cognlay only decides what to write in the next email and when to send it.
Cognlay sends through your authenticated Gmail account via the Gmail API. It does not route your email through any Cognlay-owned sending servers or IP addresses. Your deliverability depends on your domain and mailbox health — not on whether another Cognlay user was spammy.
Queued emails are sent at the scheduled time. If Cognlay's service experiences downtime, sends may be delayed — not lost. You can also pause any sequence manually at any time. Cognlay does not send emails from sequences you have not explicitly activated, so there is no risk of uncontrolled sends.
Cognlay does not do inbox warm-up. We focus on what happens after your mailbox is already healthy — specifically, writing better follow-ups that don't get ignored. If you need warm-up, keep using Smartlead or Instantly for that. You can still use Cognlay for the follow-up layer on top.
Your data lives in your Gmail account. If Cognlay ceased to exist, your emails, your replies, your leads — none of that disappears. You can revoke Gmail OAuth access at any time from your Google account settings, which immediately removes Cognlay's access. You are never locked in at the infrastructure level.
Cognlay requests three Gmail scopes: gmail.send for configured outbound emails, gmail.readonly for reply detection and thread context, and gmail.modify for thread labels and message state. The product uses those scopes for connected outbound workflows, not general inbox browsing. The OAuth token is stored encrypted and can be revoked from your Google account at any time.
OAuth tokens are stored encrypted. In the event of a security incident, Cognlay would notify affected users. You can revoke Cognlay's Gmail access instantly from your Google account under Connected Apps — this works even if Cognlay's own systems are unavailable. Google's OAuth is designed so that revoking the token immediately terminates all access.
Cognlay is built for signal-driven outbound, not mass volume blasting. If you're sending 2,000 identical emails per day, Cognlay's adaptive follow-up engine is complementary — it handles the follow-up layer intelligently while you manage top-of-funnel volume with your existing tool. The two approaches work best together, not instead of each other.
Never send email from shared Cognlay IP pools
Never sell or share your lead data with third parties
Never read Gmail content outside your configured sequences
Never train AI models on your email content
Never request Drive, Calendar, or unrelated Google scopes
Never send from domains or mailboxes you haven't connected
Never store your Google password — authentication is token-based
Never continue sending if you revoke OAuth access
You are the data controller for your lead data. Cognlay acts as a data processor under your instructions.
Lead data is not sold, rented, or shared with third parties for marketing purposes.
Email content processed by AI for follow-up rewriting is not retained beyond the immediate task.
You can request deletion of your account and all associated data at any time via hello@cognlay.com.
Unsubscribe handling is built in — opted-out leads are automatically suppressed from all future sequences.
Sequences send from your own domain and mailbox — Cognlay does not use shared sending infrastructure.
Cognlay does not spoof sender identities or forge message headers.
You remain responsible for ensuring your lead list was lawfully obtained.
CASL requires express or implied consent before sending commercial email to Canadian recipients — this is your responsibility as sender.
Cognlay's built-in opt-out handling satisfies CASL's unsubscribe requirements automatically.
We recommend maintaining a consent record for Canadian contacts before adding them to sequences.
Cognlay does not sell California residents' personal information.
Your lead data and Gmail content are not shared with third-party advertisers.
California users can request data deletion by contacting hello@cognlay.com.
The AI receives the context needed for the specific outbound action: the email subject and body, lead behavior, reply text if present, sequence configuration, and sender profile. It is not given unrelated inbox threads for general analysis.
No. Cognlay does not use your email content, lead data, Gmail threads, or sequence replies to train AI models. Email content processed for follow-up rewriting is used only for that specific task.
Cognlay uses large language models from leading AI providers (including Google's Gemini family). These providers do not retain your data for training under their enterprise API terms.
Cognlay operates autonomously within the sequence parameters you configure. Pre-send guardrails check each email before it goes out. You can pause or stop any sequence at any time from your dashboard.
Still skeptical? Good. Email hello@cognlay.com — Jay responds to every compliance question personally.