Privacy Policy

PGME Medical Education LLP ("PGME," "we," "our," or "us") operates the PGME platform, including our mobile application and website (collectively, the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. Please read this Privacy Policy carefully. By using the Platform, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Personal Information

When you register for an account or use our services, we may collect the following personal information:

• Identity Information: Full name, date of birth, gender
• Contact Information: Phone number, email address
• Educational Background: Undergraduate college/university, postgraduate college/university, current professional designation, current affiliated organisation
• Address Information: Residential address, billing address, shipping address (for book orders)
• Profile Information: Profile photograph
• Payment Information: Transaction details processed through our payment partner (Zoho Payments). We do not store your credit/debit card numbers directly.

1.2 Device Information

We automatically collect certain device information when you use the Platform:

• Device Identifiers: Android ID or iOS Vendor Identifier
• Device Details: Device brand, model, and operating system type
• Network Information: Network connection status

1.3 Location Information

With your explicit consent, we collect:

• Precise Location: GPS coordinates (latitude and longitude) used for address auto-fill during profile setup and address selection
• Address Data: Structured address components obtained through reverse geocoding via OpenStreetMap

You can disable location access at any time through your device settings.

1.4 Usage Information

We collect information about how you interact with the Platform:

• Learning Activity: Video watch progress, document reading progress, module and course completion status, time spent on content
• Session Activity: Live session attendance, meeting participation records
• Purchase History: Subscription purchases, session purchases, book orders, payment status
• Notification Activity: Notification delivery status, read/unread status

1.5 Locally Stored Data

The following data is stored locally on your device:

• Authentication Tokens: Encrypted access tokens and session identifiers stored in secure device storage
• Downloaded Content: Video lectures and PDF documents downloaded for offline access, stored in a dedicated app directory
• User Preferences: Theme settings, notification preferences, subject selections

2. How We Use Your Information

We use the information we collect for the following purposes:

• Account Management: To create, maintain, and authenticate your account using phone-based OTP verification
• Service Delivery: To provide access to courses, live sessions, study materials, and other educational content
• Progress Tracking: To track and synchronise your learning progress across devices
• Payment Processing: To process subscription payments, session purchases, and book orders through our payment partner
• Order Fulfillment: To deliver physical books to your shipping address and provide order tracking
• Communication: To send push notifications about class reminders, new content, purchase confirmations, and important announcements
• Personalisation: To recommend content and send notifications based on your selected subjects and preferences
• Device Management: To manage active sessions across multiple devices and provide secure access
• Customer Support: To respond to your inquiries and provide technical assistance
• Platform Improvement: To analyse usage patterns and improve our services

3. Third-Party Services

We integrate the following third-party services that may collect or process your data:

3.1 Firebase (Google)

• Purpose: Push notification delivery (Firebase Cloud Messaging), app infrastructure
• Data Shared: FCM device token, notification delivery data
• Privacy Policy: https://firebase.google.com/support/privacy

3.2 Zoho Payments

• Purpose: Secure payment processing for subscriptions, sessions, and book orders
• Data Shared: Transaction amount, payment session identifiers
• Privacy Policy: https://www.zoho.com/privacy.html

3.3 Zoom Video Communications

• Purpose: Live interactive video sessions and classes
• Data Shared: Meeting access credentials, participant information during sessions
• Privacy Policy: https://zoom.us/privacy

3.4 MSG91

• Purpose: OTP delivery for phone-based authentication
• Data Shared: Phone number for OTP delivery
• Privacy Policy: https://msg91.com/privacy-policy

3.5 OpenStreetMap (Nominatim)

• Purpose: Reverse geocoding for address auto-fill
• Data Shared: GPS coordinates for address lookup
• Privacy Policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

3.6 Amazon CloudFront (AWS)

• Purpose: Content delivery network for streaming video lectures and serving media content
• Data Shared: Standard web request data (IP address, user agent)
• Privacy Policy: https://aws.amazon.com/privacy/

4. Data Storage and Security

4.1 Data Storage

• Your personal information is stored on secure cloud servers
• Authentication tokens are stored in encrypted device storage (Android EncryptedSharedPreferences / iOS Keychain)
• Downloaded content is stored locally on your device in a private application directory
• All data transmission between the Platform and our servers is encrypted using HTTPS/TLS

4.2 Security Measures

We implement appropriate technical and organisational measures to protect your personal information, including:

• Encrypted data transmission (HTTPS/TLS)
• Encrypted local storage for sensitive data (tokens, credentials)
• JWT-based authentication with token refresh mechanism
• Session management with device-level access control
• Secure payment processing through PCI-compliant payment partners

4.3 Data Retention

• We retain your personal information for as long as your account is active or as needed to provide services
• Learning progress data is retained to enable continued access to your course history
• Payment records are retained as required by applicable financial regulations
• You may request deletion of your account and associated data at any time (see Section 7)

5. Sharing of Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With third-party service providers who assist us in operating the Platform (as listed in Section 3), strictly for the purposes described
• Payment Processing: With Zoho Payments to process your transactions securely
• Legal Requirements: When required by law, regulation, legal process, or governmental request
• Safety and Security: To protect the rights, property, or safety of PGME, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to users

6. Permissions

The Platform requests the following device permissions:

All permissions are requested at the time of use and can be managed through your device settings.

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Update

You can view and update your profile information at any time through the Edit Profile section in the Platform.

7.2 Device Session Management

You can view all active sessions and remotely logout from any device through the Platform settings.

7.3 Notification Preferences

• You can manage notification preferences within the Platform settings
• You can disable push notifications through your device settings

7.4 Location Access

You can enable or disable location access through your device settings at any time.

7.5 Data Deletion

• You may request complete deletion of your account and all associated personal data by contacting us at the email address provided below
• Upon receiving a valid deletion request, we will delete your personal data within 30 days, except where retention is required by law

7.6 Data Download

You may request a copy of your personal data in a portable format by contacting us.

8. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated Privacy Policy within the Platform
• Sending a push notification about the update
• Updating the "Last Updated" date at the top of this policy

Your continued use of the Platform after any changes constitutes your acceptance of the updated Privacy Policy.

10. Data Transfer

Your information may be transferred to and processed on servers located outside your country of residence. By using the Platform, you consent to the transfer of your information to facilities maintained by us or our third-party service providers, where applicable data protection laws may differ from those in your jurisdiction.

11. Cookies and Tracking

The Platform itself does not use browser cookies. However, our integrated WebView-based payment gateway (Zoho Payments) may use cookies or similar technologies as necessary for secure payment processing.

12. Governing Law & Jurisdiction

This policy shall be governed by the laws of India.

All disputes shall be subject to the exclusive jurisdiction of courts located in Jalandhar, Punjab.

13. Contact Us

14. Grievance Officer

In accordance with applicable regulations, the details of the Grievance Officer are as follows:

Response time: We will acknowledge your grievance within 24 hours and resolve it within 15 days from the date of receipt.