Alpha MD Pvt Ltd  (“Coggi”) – Privacy Notice 

Please read this privacy notice carefully as it contains important information on who we are and how and why we collect, uses, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint. By using the Service, you agree with Coggi’s collection, use, and sharing of your personal information in accordance with the terms of this Privacy Policy. 

 It reflects our compliance obligations under applicable data protection laws, including but not limited to the:  

  • General Data Protection Regulation (GDPR) – European Union
  • Digital Personal Data Protection (DPDP) Rules 2025 – India 

We recognize the importance of individual privacy and believe that transparency in our data practices builds trust with our customers, employees, partners, and users. We are committed to processing personal data responsibly, lawfully, and in a manner that respects individual rights 

KEY TERMS 

It would be helpful to start by explaining some key terms used in this policy: 

  • “We”, “us”, “our” refer to Alpha MD Pvt Ltd , incorporated and registered in India company number 12341150, whose registered office is at 315, 1st floor, Bal Govind wadi, New Prabhadevi Road,  Prabhadevi , Mumbai 400025 
  • “You”, “Your” , “Yourself” refer to users of Coggi app 

  • Personal data: Any information relating to an identified or identifiable natural person 
  • Special category personal data: Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership 
  • Genetic and biometric data: Data concerning health, sex life or sexual orientation 
  • Consent: A clear, affirmative act that signifies a data subject’s agreement to the processing of their personal data for specific purposes. Consent must be freely given, informed, specific, unconditional and unambiguous with a clear affirmative action. 
  • Personal Identifiable Data : Any data that relates to an identified or identifiable natural person (data subject). This includes names, contact details, identification numbers, IP addresses, or any factor specific to that person’s identity. 
  • Sensitive personal data: A special category of personal data that may include financial information, health data, biometric identifiers, sexual orientation, or any information classified as sensitive under applicable law. 
  • Data Subject / Data Principal: The individual whose personal data is being collected, held, or processed. 
  • Data Processing: Any operation performed on personal data, whether automated or manual, including collection, storage, use, alteration, sharing, or deletion. 
  • Data Controller/ Data Fiduciary: The natural or legal person who determines the purposes and means of processing personal data. 
  • Data Processor: Any person or organisation other than the data subject, data controller, or processor, authorized to access or process personal data. A third party or service provider that processes personal data on behalf of the Data Controller/ Data Fiduciary 
    • Cross Border Transfer: Transmission of personal data outside the jurisdiction in which it was originally collected, especially to countries without equivalent data protection laws. 
    • Immersive Augmented Reality: Technology used within the Coggi application to deliver interactive experiences. 

     

    APPLICABILITY  

    This policy applies to all personal data processed in:  

    • India, in accordance withthe DPDP Act  
    • European Union, in accordance withthe GDPR 

    PERSONAL DATA WE COLLECT 

    In the course of your interaction with us and your use of our services in the delivery of positive psychology tools to children through a mobile App using immersive Augmented Reality technology we will collect from you the following personal data: 

    • The email address, Date of birth , time zone which you provide when registering on the Coggi website. 

    This personal data (and where appropriate, special category personal data) is required to enable us to provide our services. If we are not provided with the personal data we ask for, it may delay or prevent us from providing the services which you are requesting. 

    HOW PERSONAL DATA IS COLLECTED 

    We collect your personal data directly when you interact with the App or our Website to engage us to provide our services. 

    HOW AND WHY WE USE PERSONAL DATA 

    Under Data Protection legislation, we can only use personal data if we have a legal basis for doing so. These are mandated by the legislation and include: 

    • your consent; 
    • for the performance of our contract with you or to take steps before entering into a contract; 
    • to comply with our legal and regulatory obligations; or 
    • for our legitimate interests or those of a third party. 
    • To protect the life or safety of an individual (in exceptional situation) 

    A legitimate interest is when we have a business or commercial reason to use personal data, so long as this is not overridden by the data subject’s own rights and freedoms. 

    The table below explains what we use (process) personal data for (our purpose) and our legal basis for doing so: 

    The above table does not apply to special category personal data, which we do not anticipate that we will process. Should this situation change, we will update this Privacy Notice. 

    PROMOTIONAL COMMUNICATIONS 

    We will always treat personal data with the utmost respect and never sell it to other organisations for marketing purposes. 

    DATA COLLECTION METHODS  

    Coggi collects personal data through various means – direct, automated, and third party; to support its business operations, comply with legal obligations, and enhance user experience. We apply the principles of data minimization, accuracy, and fairness at every stage of the data collection process. 

    WHO WE SHARE PERSONAL DATA WITH 

    We currently do not share personal data with third parties but our intention in the future is only to share personal data with our retained external third party service providers. 

    1. twilio – sms service 
    2. firebase – notification service 
    3. nodemailer – email service 
    4. aws – s3 storage (saving profile image) 
    5. MongoDB –  data storage 
    6. redis – caching 
    7. opentelemetry – console logging 
    8. swagger – api documentation 
    9. sonarqube configuration 

      We only allow our external third parties to handle personal data if we are satisfied they take all appropriate measures to protect all personal data and only on our written instructions. 

      We may very occasionally disclose and exchange information with regulatory bodies to comply with our legal and regulatory obligations. 

      WHERE PERSONAL DATA IS HELD 

      Personal data is kept in securely in a password protected environment. estore the data in MongoDB storage in a secured cloud server hosted on AWS in India region, which cannot be accessed by external networks. 

      KEEPING PERSONAL DATA SECURE 

      The privacy and the security of personal data is our utmost priority, and we recognise our obligation to keep it secure and private. We have put in place industry-standard security practices to prevent personal data from being accidentally lost or used or accessed unlawfully. 

      HOW LONG PERSONAL DATA WILL BE KEPT 

      We will retain billing information of customers for the duration of our contractual relationship with those customers. 

      We will retain the personal data of customers for only so long as they subscribe for our services. 

      When it is no longer necessary to retain personal data, we will delete it. 

      TRANSFERRING PERSONAL DATA  

      We do not intend to transfer any personal data outside the respective territory . If that situation changes, we will update this Privacy Notice. 

      RIGHTS 

      All data subjects/ Data principal have the following rights, which can be exercised free of charge: 

      • Know what personal information we have collected about you. 
      • Access a copy of the personal information that we hold about you. 
      • Know what personal information about you we have shared with third parties. 
      • Opt out of the sharing of your personal information with third parties. 
      • Object to our processing of your personal information. 
      • Request that we limit our use of your sensitive personal information to what is necessary to perform the services you requested. 
      • Not be discriminated against for exercising your data subject/ principal rights. 
      • Request that we delete any personal information we have collected from you. 
      • Request that we correct any inaccurate personal information about you. 
      • Export the personal information you have provided to Coggi  in a format that can be transferred electronically to a third party. 
      • Withdraw any consent you previously gave us to process your personal information. 
      • Request the identities of other data controller / Data fiduciaries with whom personal data is shared . 
      • Nominate any other individual in the event of death or incapacity of Data subject/ Data Principal. 

      For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation. 

      To exercise any of those rights, please contact us – see below: ‘How to contact us’. 

      COOKIES 

      A cookie is a text file containing a small amount of data which is downloaded to your computer when you first visit our website. Some cookies are essential to enable you to move around our website and use its features. They also help us arrange the content and layout of our website and recognise those computers that have been to our website before. These are known as Analytical or Functionality cookies. They do not “push” advertising to your computer. 

      You may choose to remove or to block cookies at any time by adjusting your browser settings. To learn more about cookies including how to manage or delete them, visit www.allaboutcookies.org 

      HOW TO COMPLAIN 

      We hope that we can resolve any query or concern raised about our use of personal information. 

      The General Data Protection Regulation also gives the right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113. 

      The DIGITAL DATA PROTECTION RULES 2025 also provides the Data subject / Data principal to lodge a complaint and inform of any personal data breach to the Data protection Board of India . 

      COGGI takes your data protection questions and concerns seriously, and we are committed to resolving complaints about our collection or use of your data in a time bound manner. If you believe your data protection rights have been infringed, we encourage you to contact us by sending an email to info@alphamd.com. The Grievance Officer shall redress grievances   expeditiously and within 7 days from the date of receipt of grievance. 

      CHANGES TO THIS PRIVACY POLICY 

      We may change this privacy policy from time to time, when we do we will inform data subjects via our website. 

      HOW TO CONTACT US 

      We can be contacted by post, email or telephone. 

      For all data subject/ principal rights, please contact info@alphamd.com.  

      Last updated: 04 March 2026