Privacy Policy

1. Who we are and accountability

Neural Vault Inc. is the organization responsible for personal information under this policy. We are a professional training provider headquartered at 550 Burrard Street, Suite 920, Vancouver, British Columbia V6C 2B5, Canada. Business Number: 827519846 RC0001.

Our Privacy Officer may be reached at [email protected] or by mail at the address above. We have designated an individual accountable for compliance with PIPEDA principles and for responding to access requests within statutory timeframes. Operating hours for privacy correspondence follow Pacific Time (America/Vancouver), Monday to Friday, 09:00–17:00.

2. When this policy applies

This policy applies to personal information collected through our website, contact forms, vault tier enrollment, corporate training contracts, email correspondence, and in-person interactions at our Burrard Street studio. It does not apply to third-party websites linked from our pages, nor to AI tools (ChatGPT, Copilot, Claude) that participants may use independently during or after training — those services are governed by their respective providers' policies.

If you interact with us on behalf of an organization, we may process business contact details of employees and contractors as part of delivering training services to that organization. In such cases, your organization may also have policies governing how your information is handled.

3. Categories of personal information

We collect only information reasonably necessary for the purposes identified below:

• Identity and contact: name, email address, telephone number, job title, and organization name when you submit an enquiry or register for a vault tier.
• Enrollment and logistics: billing address, purchase order references, dietary requirements, accessibility accommodations, and emergency contact where relevant to workshop delivery.
• Communications: messages you send via our contact form, email threads with our enrollment team, and notes from enterprise AI briefing calls.
• Technical visit data: IP address, browser type, pages visited, and referral source when you use our site — primarily through cookies described in our Cookie Policy.
• Payment records: transaction references processed by our payment processor; we do not store full credit card numbers on our servers.

We do not knowingly collect sensitive personal information such as government identifiers, health records, or financial account credentials through our website forms. Workshop exercises may involve anonymized sample scenarios only — participants are instructed not to submit live confidential client data through our systems.

4. Why we collect and how we use information

We collect personal information for identified purposes and do not use it for unrelated purposes without consent, except as permitted by law:

• Responding to vault curriculum enquiries, enterprise AI briefing requests, and corporate training registrations.
• Delivering vault tier programmes, sending schedules, materials, and post-workshop governance resources.
• Processing payments and issuing receipts in CAD.
• Improving our website and understanding aggregate traffic patterns (with consent for analytics cookies).
• Complying with legal obligations, including tax and corporate registry requirements in British Columbia and Canada.
• Protecting our rights and preventing fraud, including honeypot spam detection on contact forms.

We do not use personal information to train third-party artificial intelligence models, to sell cryptocurrency products, or to provide neuroscience clinical services. Our use of information is limited to operating a vocational AI training provider.

5. Consent and legal bases

Under PIPEDA, we rely primarily on meaningful consent. When you submit our contact form, you must actively check a consent box confirming you agree to our collection and use of your information to respond to your enquiry. Consent is not pre-selected. For enrollment contracts, consent is obtained through signed agreements or explicit email confirmation.

You may withdraw consent for non-essential communications at any time by emailing [email protected]. Withdrawal does not affect the lawfulness of processing before withdrawal, nor our ability to retain records required for legal or contractual purposes.

Where consent is not required, we may process information based on legitimate interests (e.g., network security logs) or legal obligation (e.g., tax record retention under the Income Tax Act).

6. Sharing with service providers

We do not sell or rent personal information. We may share data with:

• Service providers: email delivery, payment processing, cloud hosting, and enrollment management tools bound by confidentiality agreements.
• Professional advisers: accountants or legal counsel when necessary.
• Authorities: when required by law, court order, or to protect safety.

Service providers may store data in Canada or the United States. When information crosses borders, we ensure contractual protections consistent with PIPEDA accountability requirements and, where relevant, BC PIPA obligations for provincially regulated activities.

7. How long we keep information

We retain personal information only as long as necessary for the purposes collected:

• Contact form submissions: up to twenty-four months unless an enrollment relationship continues.
• Enrollment and billing records: seven years from the end of the fiscal year, per Canadian tax requirements.
• Cookie consent preferences: six months, then re-prompted.
• Analytics data: aggregated reports retained up to twenty-six months.
• Corporate training contracts and signed agreements: duration of contract plus seven years for audit purposes.
• Alumni vault briefing accounts: active for the subscribed period plus twelve months after expiry, then deleted unless you request earlier removal.

When retention periods expire, we securely delete or anonymize information. Anonymized aggregate statistics may be retained indefinitely for programme improvement reporting.

8. Cross-border processing

Some service providers may process data in the United States or other jurisdictions. When personal information is transferred outside Canada, Neural Vault Inc. remains accountable under PIPEDA and uses contractual clauses requiring comparable protection. You may request details of cross-border subprocessors by contacting [email protected].

9. Your access and correction rights

Under PIPEDA, you have the right to:

• Request access to personal information we hold about you.
• Request correction of inaccurate or incomplete information.
• Withdraw consent where applicable.
• Challenge our compliance with PIPEDA principles.

Submit requests to [email protected]. We respond within thirty days unless an extension is permitted. We may verify identity before releasing information. Access may be limited where disclosure would reveal third-party personal information or privileged records.

British Columbia residents may also have rights under PIPA regarding personal information we collect, use, or disclose in the course of our commercial activities within the province. Contact our Privacy Officer for guidance on applicable remedies.

10. Privacy Commissioner contact

If you believe we have not addressed your privacy concern satisfactorily, you may contact:

Office of the Privacy Commissioner of Canada
30 Victoria Street, Gatineau, QC K1A 1H3
Toll-free: 1-800-282-1376
Website: www.priv.gc.ca

British Columbia residents may also contact the Office of the Information and Privacy Commissioner for British Columbia regarding matters within provincial jurisdiction.

11. Cookies and similar technologies

Our website uses essential and optional analytics cookies. Details including categories, durations, and opt-out instructions are in our Cookie Policy. You may manage preferences through our cookie banner (Accept all, Reject all, or Customise). Cookie consent is stored in a first-party cookie named nv_cookie_consent.

12. Security measures

We implement administrative, technical, and physical safeguards appropriate to the sensitivity of information: HTTPS encryption on neuralvault.one, access controls for enrollment systems, staff training on confidentiality, and secure disposal of paper records. No method of transmission over the Internet is completely secure; we encourage strong passwords on any alumni briefing accounts we provide.

Specific measures include: role-based access to enrollment databases, encrypted backups stored in Canadian data centres where available, periodic review of vendor security practices, and incident response procedures. In the event of a breach posing real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required by law.

13. Automated decision-making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals. Spam detection on contact forms uses simple honeypot fields reviewed manually if triggered — not algorithmic scoring of individuals.

14. Minors

Our services target adult professionals and Canadian business teams. We do not knowingly collect personal information from individuals under sixteen. If you believe a minor has submitted information, contact us for deletion.

15. Marketing communications

We may send vault tier announcements or alumni resource updates to individuals who have enrolled or explicitly opted in. You may unsubscribe from marketing emails at any time using the link in each message or by emailing [email protected]. Transactional messages related to bookings you have made — confirmations, schedule changes, receipts — are not marketing and may still be sent.

16. Complaints handling

We take privacy complaints seriously. Contact our Privacy Officer first with a written description of your concern. We acknowledge receipt within five business days and aim to resolve matters within thirty days. If you remain unsatisfied, you may escalate to the Office of the Privacy Commissioner of Canada as described in Section 10.

17. Policy updates

We may update this Privacy Policy to reflect legal, technical, or operational changes. Material updates will be posted on this page with a revised "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy where permitted by law.

18. Change log

• 27 June 2026 — Initial publication of privacy policy for neuralvault.one.

19. Contact the Privacy Officer

Privacy Officer, Neural Vault Inc.
550 Burrard Street, Suite 920, Vancouver, BC V6C 2B5
[email protected]