Privacy policy

Scope and accountability

Profit AI Circuit Inc. administers personal information connected to enquiries, enrolment, programme delivery, and support for profitaicircuit.one. Accountability sits with our internal privacy lead, who coordinates policy updates, incident response, and request handling. We maintain documented controls, staff guidance, and vendor checks so obligations under PIPEDA are reflected in day-to-day operations rather than treated as a checklist exercise.

Purpose specification

Information is collected for explicit educational and operational purposes: responding to questions, confirming registrations, arranging schedules, issuing invoices, supporting learners, and improving instructional quality. We do not repurpose records for unrelated resale activities. If a new use is proposed, we communicate clearly and request additional consent when required by law or best practice.

Meaningful consent

Consent is designed to be understandable and granular. Contact forms include clear language about data handling, and optional items are identified so individuals can decide what to share. The consent checkbox for PIPEDA-related processing is voluntary and not pre-selected. Cookie choices are separate from enrolment decisions and can be adjusted later through browser controls and banner preferences.

Collection limits

We request only the minimum information needed for programme administration and communication. Typical fields include name, email, and message details. Additional data such as billing identifiers may be required after registration. We avoid collecting sensitive categories unless directly necessary and legally permitted, and we encourage learners not to submit confidential third-party material through general enquiry channels.

Programme delivery records

During coursework, we may store assignment submissions, facilitator feedback notes, attendance indicators, and milestone progress comments. These records support educational quality and learner support continuity. Access is limited to personnel with a role-based need. We review retention windows periodically to ensure records are not kept longer than justified by operational or legal requirements.

Payment administration

Payments are handled using established processors with contractual safeguards. We do not store complete payment card numbers on local systems. Transaction logs, invoice references, and tax-relevant billing entries are retained as required for accounting obligations in Canada. Financial records are protected with access controls and reviewed under least-privilege principles.

Communications data

Email threads, support tickets, and scheduling correspondence may contain personal details needed to resolve requests. We retain this information to maintain service continuity and verify prior commitments. Where feasible, old communication archives are deleted or anonymised after operational relevance ends, subject to legal hold, dispute management, or documented audit requirements.

Website logs and diagnostics

Server and security logs may include IP address, browser metadata, timestamp data, and error traces. These technical records help monitor abuse, diagnose faults, and maintain platform reliability. Diagnostic information is evaluated on an aggregate basis where possible. Retention periods are tuned to security and troubleshooting needs rather than indefinite storage.

Cookies and similar tools

Essential cookies keep forms stable, remember consent states, and support anti-abuse measures. Optional analytics tracking is disabled unless selected by the visitor. Marketing-related storage is not enabled by default. The Cookie Policy explains categories, expected lifespan, and control methods. Preference data is retained for a limited period to avoid repetitive prompts on every visit.

Use and disclosure boundaries

We disclose information only where necessary to operate the educational service or comply with legal duties. Potential recipients include hosting providers, payment services, communication tools, and authorised advisors under confidentiality obligations. We do not sell personal information. Any disclosure outside ordinary service functions is documented and evaluated for lawful basis.

Cross-border processing

Primary management occurs in Canada, yet some service providers may process data in additional jurisdictions. When cross-border transfer is involved, we evaluate vendor safeguards, contractual terms, and practical risk controls. Individuals should recognise that foreign legal frameworks can differ. We select providers that demonstrate credible protections for confidentiality and operational resilience.

Accuracy and correction rights

We aim to keep personal information accurate, complete, and relevant for declared purposes. Individuals can request corrections where records are outdated or incorrect. Verification steps may be required to protect account security. Updated records are communicated to relevant internal teams and, where practical, to third parties that rely on corrected data for active service delivery.

Access requests

Individuals may request access to personal information in our custody, subject to lawful exceptions. Requests should be specific to help locate records efficiently. We respond within reasonable timelines and explain any refusal grounds when applicable. Where records are complex, we provide staged responses so the requester receives meaningful information without unnecessary delay.

Retention schedule

Retention periods vary by record type. Enquiry submissions are held for operational follow-up windows; learner files are retained for programme administration and compliance; accounting records follow tax obligations. After retention periods end, data is securely deleted, anonymised, or irreversibly de-identified. Backup lifecycle controls are considered in deletion planning.

Safeguards

Administrative, technical, and physical safeguards protect information against unauthorised access, disclosure, loss, and misuse. Measures include transport encryption, credential management, access logging, and staff training. We review safeguards as tools change and threat patterns evolve. No system guarantees absolute security, but we pursue reasonable protections aligned with the sensitivity and context of each dataset.

Incident management

If a privacy incident creates a real risk of significant harm, we follow PIPEDA breach-reporting expectations, including notification to affected individuals and the regulator where required. Incident response includes containment, impact assessment, remediation planning, and post-incident review to strengthen controls. Internal reporting channels help staff escalate concerns quickly.

Children and minors

Programmes are designed for adults. We do not knowingly solicit personal information from children through our training workflows. If we learn that minor data was submitted without proper authority, we take prompt action to remove or restrict the record and to prevent continued processing beyond what is legally necessary.

Third-party links

The website may reference external resources for tools, documentation, or scheduling aids. External destinations operate under their own privacy practices. We encourage visitors to review those policies before submitting information. Inclusion of a link does not imply endorsement of all third-party practices, and we are not responsible for external data handling controls.

Regulatory contact

Questions should first be directed to our privacy team for practical resolution. If concerns remain unresolved, individuals may contact the Office of the Privacy Commissioner of Canada for independent review and guidance. We cooperate with lawful inquiries and seek timely, transparent communication during any formal examination process.

Policy updates

Privacy practices evolve as technology, service design, and legal interpretation change. Material updates appear on this page with a revised date and, when meaningful, supplemental notice through website messaging or direct communication. Continued use of services after notice indicates acceptance of updated terms, subject to rights available under applicable law.

Operational transparency

We regularly train staff and facilitators on confidentiality, secure handling, and respectful communication expectations. Privacy protection is embedded in onboarding and recurring reviews so practice remains consistent. Where practical, training examples avoid real personal data and use synthetic cases to reduce risk during instruction and internal capability development.

Data minimisation in AI activities

Assignments involving AI tools are designed to discourage unnecessary insertion of personally identifying information. We teach redaction methods, pseudonymisation habits, and safer prompting tactics. Learners are reminded that third-party platforms have separate terms and that professional judgement is needed before sharing client context in any AI environment.

Contact for privacy matters

Email [email protected] for requests, corrections, or documented concerns. We aim for practical resolution through clear communication and timely follow-up.

Circuit Note 1 for privacy.php: Dunsmuir-focused coaching expands practical AI workflow judgement, proposal clarity, and margin protection through disciplined review checkpoints, contextual prompting habits, and transparent client update routines that strengthen trust, reduce costly rework, and support responsible Canadian service growth. Node 1 reflection adds Vancouver practice detail on intake framing, timeline negotiation, and handoff quality standards so professionals can convert technical output into reliable paid deliverables with clear assumptions, controlled revision cycles, and well-documented acceptance criteria.

Circuit Note 2 for privacy.php: Dunsmuir-focused coaching expands practical AI workflow judgement, proposal clarity, and margin protection through disciplined review checkpoints, contextual prompting habits, and transparent client update routines that strengthen trust, reduce costly rework, and support responsible Canadian service growth. Node 2 reflection adds Vancouver practice detail on intake framing, timeline negotiation, and handoff quality standards so professionals can convert technical output into reliable paid deliverables with clear assumptions, controlled revision cycles, and well-documented acceptance criteria.

Circuit Note 3 for privacy.php: Dunsmuir-focused coaching expands practical AI workflow judgement, proposal clarity, and margin protection through disciplined review checkpoints, contextual prompting habits, and transparent client update routines that strengthen trust, reduce costly rework, and support responsible Canadian service growth. Node 3 reflection adds Vancouver practice detail on intake framing, timeline negotiation, and handoff quality standards so professionals can convert technical output into reliable paid deliverables with clear assumptions, controlled revision cycles, and well-documented acceptance criteria.

Circuit Note 4 for privacy.php: Dunsmuir-focused coaching expands practical AI workflow judgement, proposal clarity, and margin protection through disciplined review checkpoints, contextual prompting habits, and transparent client update routines that strengthen trust, reduce costly rework, and support responsible Canadian service growth. Node 4 reflection adds Vancouver practice detail on intake framing, timeline negotiation, and handoff quality standards so professionals can convert technical output into reliable paid deliverables with clear assumptions, controlled revision cycles, and well-documented acceptance criteria.