Privacy Policy

1. Introduction

AI Income Matrix Inc. (“AI Income Matrix,” “we,” “us,” or “our”) is a vocational training provider headquartered at 1000 de la Gauchetière Street West, Suite 2400, Montreal, Quebec H3B 4W5, Canada. We deliver AI income skills courses, corporate training programmes, and related educational services across Canada from our Montreal learning centre and through live online cohorts. Protecting your personal information is a core obligation of our business, not an afterthought appended to marketing materials.

This Privacy Policy explains how we collect, use, disclose, retain, and safeguard personal information when you visit aiincomematrix.pro, register for programmes, communicate with our team, attend classes, or otherwise interact with our services. It is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable guidance from the Office of the Privacy Commissioner of Canada, and Quebec privacy requirements including the Act respecting the protection of personal information in the private sector where they apply to our operations.

By using our website or services, you acknowledge that you have read this policy. Where consent is required for specific processing activities, we obtain it in a meaningful way and allow you to withdraw consent subject to legal or contractual restrictions. If you do not agree with this policy, please discontinue use of our website and contact us to discuss any active enrolment or account relationship.

We are accountable for personal information under our control. We have designated privacy oversight within our organisation and maintain procedures to honour access requests, complaints, and breach notification obligations. This document applies to information we control as an organisation; it does not govern third-party websites linked from our pages, which maintain their own privacy practices.

2. Personal Information We Collect

We collect only personal information that is reasonably necessary for identified purposes connected to education delivery, customer support, website operation, and legal compliance. The categories below describe what we may collect depending on how you interact with us.

Identity and contact information. When you enquire about programmes, complete our contact form, register for a cohort, or sign a training agreement, we may collect your full name, email address, telephone number, mailing address, employer or business name, job title, and preferred language of communication. Corporate clients may also provide billing contact details and purchase order references.

Enrolment and educational records. For participants in matrix cohorts and corporate engagements, we collect programme selections, pathway mapping worksheets, attendance records, assignment submissions, capstone project materials, instructor feedback, certification or completion status, and payment-related references such as invoice numbers. We do not require government-issued identification numbers for standard enrolment unless a specific corporate contract or regulatory context requires verification.

Payment information. Tuition and service fees are processed through payment service providers. We receive confirmation of payment, transaction identifiers, billing name, and partial card or banking metadata as supplied by the processor. We do not store full credit card numbers on our servers. Payment processors handle card data under their own privacy policies and PCI-DSS obligations.

Website and technical data. When you browse aiincomematrix.pro, our servers and essential cookies may record your IP address, browser type and version, device type, operating system, referring URL, pages viewed, session duration, and approximate geographic region derived from IP. If you accept analytics cookies, additional aggregated usage statistics may be collected as described in our Cookie Policy.

Communications. We retain content of emails, contact form messages, pathway call notes (where you consent to note-taking), support tickets, and cohort channel messages that you send to us or post in facilitated learning environments we administer. Recordings of live online sessions may be made for quality assurance and participant review where announced in advance and permitted by programme terms.

Marketing preferences. If you subscribe to programme announcements or alumni updates, we collect your email address and subscription preferences. You may unsubscribe at any time using the link in each message or by contacting us directly.

3. Lawful Basis and Purposes of Processing

Under PIPEDA, organisations must identify purposes for collection before or at the time of collection and must limit use and disclosure to those purposes or compatible purposes unless you consent or the law permits otherwise. We process personal information on the following bases.

Contractual necessity. We process enrolment data, contact details, and payment references to perform training agreements, deliver cell modules, issue invoices, and provide alumni resources you are entitled to receive under your programme.

Consent. We rely on consent for optional analytics cookies, certain marketing communications, session recordings beyond essential delivery, and any processing where consent is the appropriate legal basis under applicable law. Consent must be freely given and may be withdrawn, though withdrawal cannot retroactively affect processing already completed lawfully.

Legitimate interests. We process limited technical data to secure our website, prevent fraud, improve programme quality through aggregated analytics (where cookies are accepted), and respond to enquiries efficiently. We balance these interests against your privacy rights and offer opt-out mechanisms where required.

Legal obligation. We may process and retain records to comply with tax, consumer protection, vocational training, and privacy laws in Canada and Quebec; to respond to lawful requests from regulators or courts; and to establish, exercise, or defend legal claims.

We do not use personal information to make solely automated decisions that produce legal or similarly significant effects without meaningful human involvement. AI tools may assist internal workflow, but enrolment decisions, grading, and client-facing recommendations involve human review.

4. Retention of Personal Information

We retain personal information only as long as necessary to fulfil the purposes for which it was collected, meet legal and regulatory requirements, and resolve disputes. Retention periods vary by data category.

Active enrolment and educational records are retained for the duration of your programme plus a reasonable period to issue certificates, handle appeals, and provide alumni access. Completed cohort records are typically archived for seven years to support verification requests and comply with vocational training documentation norms, unless a shorter period is agreed in writing for a specific corporate engagement.

Contact form submissions and general enquiries are retained for up to twenty-four months unless they convert to an active client relationship, in which case relevant data is transferred to enrolment records. Marketing subscription data is retained until you unsubscribe plus a short suppression log to honour your opt-out.

Website server logs and security records are generally retained for ninety days unless extended for incident investigation. Cookie consent preferences are stored for six months as described in our Cookie Policy. Payment transaction records follow retention schedules required by tax and accounting law, typically seven years from the fiscal year of the transaction.

When retention periods expire, we securely delete or anonymise personal information so it can no longer identify you, except where archival copies are required by law and appropriately restricted.

5. Your Rights Under PIPEDA

Canadian privacy law grants individuals meaningful rights over personal information held by organisations. Subject to limited exceptions, you have the right to access personal information we hold about you and to receive an account of how it has been used and disclosed.

Right of access. You may request a copy of your personal information in a comprehensible format. We will respond within thirty days unless an extension is permitted under PIPEDA, in which case we will notify you. We may require reasonable identity verification before releasing records.

Right to challenge accuracy. If you believe information we hold is inaccurate or incomplete, you may request correction. We will amend records as appropriate and, where relevant, disclose corrections to third parties who received inaccurate data.

Right to withdraw consent. Where processing is based on consent, you may withdraw it at any time. Withdrawal may affect our ability to deliver certain services, such as optional marketing or analytics, but will not invalidate processing performed before withdrawal.

Right to complain. If you are dissatisfied with our response to a privacy request or believe we have handled your information improperly, you may contact us using the details below. You also have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada or, where applicable, the Commission d’accès à l’information du Québec.

We do not charge a fee for access requests unless permitted under law for manifestly unfounded or excessive requests. We will explain any fee before processing.

6. Cross-Border Transfers

Our primary hosting and core business systems are located in Canada. However, certain service providers we use—such as email delivery platforms, video conferencing tools for online cohorts, cloud document collaboration, and optional analytics vendors—may process personal information on servers in the United States or other jurisdictions.

When personal information is transferred outside Canada, it may become subject to lawful access requests by foreign courts, law enforcement, or national security authorities under the laws of that jurisdiction. PIPEDA requires organisations to protect transferred information through contractual or other means comparable to Canadian standards.

We assess vendors for appropriate safeguards, including data processing agreements, standard contractual clauses where applicable, and configuration options that minimise data residency risk. We disclose cross-border processing in this policy so you can make informed choices, particularly when participating in online programmes that rely on international tooling.

By submitting personal information through our website or enrolling in services that use such providers, you acknowledge that cross-border processing may occur as described. If you require Canada-only processing for a corporate engagement, contact us to discuss enterprise arrangements before contract execution.

7. Security Safeguards

We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the personal information we hold. Measures include access controls limited to personnel with a legitimate business need, encrypted transport for website traffic (HTTPS), secure authentication for administrative systems, regular software updates, and staff training on privacy and data handling in educational contexts.

Learning platforms and cohort channels are configured to reduce unauthorised access. Payment data is handled by PCI-compliant processors rather than stored in our internal databases. Physical records, where they exist for signed agreements or archival purposes, are kept in secured office facilities in Montreal.

No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a breach of security safeguards involving real risk of significant harm, we will notify affected individuals and the Privacy Commissioner of Canada as required by PIPEDA breach notification provisions, and we will take steps to contain harm and prevent recurrence.

You play a role in security by using strong passwords where accounts are provided, not sharing login credentials, and notifying us promptly if you suspect unauthorised access to your information.

8. Children and Minors

Our programmes are designed for adults and working professionals. We do not knowingly collect personal information from children under the age of fourteen without verifiable parental or guardian consent and a programme structure explicitly intended for minors. Our website and marketing are not directed at children.

If you are a parent or guardian and believe we have collected information from a child without appropriate consent, please contact us at [email protected]. We will investigate promptly and delete information where required. Participants aged fourteen to seventeen may enrol only with documented guardian consent and subject to programme eligibility rules stated at registration.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or programme offerings. When we make material changes, we will post the revised policy on this page with an updated “Last updated” date and, where appropriate, notify registered participants or subscribers by email.

We encourage you to review this policy periodically. Continued use of our website or services after the effective date of changes constitutes acknowledgment of the updated policy, except where further consent is required by law.

Previous versions may be available upon request for a reasonable period following material amendments.

10. Contact Us

For privacy enquiries, access requests, corrections, complaints, or questions about this policy, contact our privacy team:

AI Income Matrix Inc.
Privacy Office
1000 de la Gauchetière Street West, Suite 2400
Montreal, QC H3B 4W5, Canada
Email: [email protected]
Phone: +1 (514) 555-4267

We aim to acknowledge privacy correspondence within five business days and to resolve straightforward requests within thirty days as required under PIPEDA.

Related documents: Cookie Policy · Terms of Use · Legal Notice