COAG AI – Privacy Policy

Last updated: February 2025

1. Introduction

This Privacy Policy explains how AiCOAG Limited (“we”, “us”, “the Company”), acting as the Data Controller, collects, uses, stores, and protects personal data processed through the COAG AI website (coag.ai) and through the provision of our AI Voice Assistant services.

AiCOAG Limited is a company incorporated in England and Wales, with registered address:

71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

We also maintain an operational presence in the EU at the following non-legal, secondary office:

Jacques Veltmanstraat, 1065 DZ Amsterdam, The Netherlands

This policy complies with the UK GDPR, EU GDPR, and applicable data protection laws. By using coag.ai or interacting with us (e.g., submitting the contact form, booking a call, or activating a COAG AI service), you consent to the practices described in this Policy.

2. Personal Data We Collect

We may collect the following categories of personal data:

2.1 Contact & Identification Data

• Full name
• Email address
• Phone number
• Company name (if provided)

2.2 Telephony & Voice Data

When interacting with the COAG AI voice assistant (inbound or outbound calls):

• Call audio recordings (only if enabled)
• Transcripts generated from calls
• Call logs (caller number, duration, timestamps, metadata)

2.3 Technical & Usage Data

• IP address
• Browser type
• Device identifiers
• Cookies and analytics events (only with user consent where required)

3. How We Collect Data

We collect data in the following ways:

• When you submit a form on the website
• When you contact us by email or phone
• When you use the COAG AI voice assistant
• Through automated technologies such as cookies (see Cookie Policy)
• Through analytics tools used to improve the service

4. Legal Basis for Processing

We process your personal data under the following legal bases:

• Contract performance (Art. 6(1)(b) GDPR): To provide the COAG AI service, schedule appointments, send confirmations, or respond to inquiries.
• Legitimate interest (Art. 6(1)(f) GDPR): Service stability, fraud prevention, troubleshooting, platform improvement.
• Legal obligation (Art. 6(1)(c) GDPR): Tax, accounting, or regulatory requirements.
• Consent (Art. 6(1)(a) GDPR): For optional activities such as newsletters, analytics cookies, and marketing communications.

5. Purpose of Processing

Your data is used for the following purposes:

• To provide and operate the COAG AI voice assistant
• To schedule appointments and send notifications
• To improve AI accuracy, quality assurance, and troubleshooting
• To maintain platform security and system performance
• To communicate with you regarding demos, onboarding, or support
• To send updates or marketing messages (only with consent)

6. Data Sharing

We may share personal data with:

• Trusted service providers supporting our operations (e.g., hosting, analytics, communication infrastructure)
• Professional advisors (e.g., accountants, legal consultants)
• Supervisory authorities, courts, or law enforcement when legally required

All third-party service providers are bound by strict data processing agreements and GDPR-compliant safeguards. We do not sell or rent personal data.

7. International Data Transfers

If personal data is transferred outside the UK or EEA, we ensure appropriate safeguards under GDPR, such as:

• Adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• The EU–US Data Privacy Framework

Your data is always protected by equivalent standards regardless of transfer location.

8. Retention Periods

We retain personal data only as long as necessary:

• Call recordings: up to 90 days
• Transcripts and call logs: up to 180 days
• Account and billing data: as required by law (up to 6 years under UK regulations)
• Analytics cookies: per the user’s consent settings

Upon expiration, data is securely deleted or anonymized.

9. Data Security

We implement technical and organizational measures to protect your data, including:

• Encryption in transit (TLS)
• Encryption at rest
• Access controls and authentication
• Activity logging
• Network and infrastructure security
• Regular monitoring and security reviews

Despite these measures, no electronic transfer is entirely risk-free, but we maintain industry-standard safeguards.

10. Your Rights

You have the following rights under UK GDPR and EU GDPR:

• Access your data
• Rectify inaccurate or incomplete data
• Request deletion (where legally permissible)
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

To exercise your rights, contact us at: info@aicoag.com.

Supervisory authority: Information Commissioner’s Office (ICO), UK, or your local EU Data Protection Authority.

11. Cookies and Tracking Technologies

We use:

• Strictly necessary cookies (essential for the website to function)
• Analytics cookies (only with consent)
• No advertising cookies unless specifically activated later

For more details, see our Cookie Policy. You may modify or withdraw consent at any time using the cookie banner.

12. Automated Processing & AI Features

The COAG AI voice assistant uses machine-learning models to generate conversational responses and perform appointment-scheduling actions.

Automated responses do not create legal or significant effects on users.

Human review is always available upon request.

You may request correction, review, or deletion of AI-generated data.

13. Changes to this Policy

We may update this Privacy Policy periodically. If substantial changes occur, we will notify you by email or through an in-platform notice. The latest version is always available on coag.ai.

14. Contact

Data Controller:

AiCOAG Limited
71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

Operational EU Address (non-legal):

Jacques Veltmanstraat, 1065 DZ Amsterdam, The Netherlands

Email: info@aicoag.com