Privacy
Privacy Policy
Last updated: 7 July 2026
NeuralPulseAI Inc. ("NeuralPulseAI," "we," "us" or "our") is committed to protecting the privacy of individuals whose personal information we collect. This Privacy Policy describes how we collect, use, disclose, retain and safeguard personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable British Columbia privacy legislation.
By using our website at neuralpulseai.life, submitting our contact form, enrolling in programmes or engaging our professional services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services or provide personal information to us.
1. Accountability
NeuralPulseAI Inc. is responsible for personal information under our control. We have designated a privacy officer who oversees compliance with this policy and PIPEDA. You may contact our privacy officer at [email protected] or by mail at 901 Front Street, Suite 215, Nelson, BC V1L 4B9, Canada.
We implement policies and procedures to ensure personal information is protected throughout its lifecycle — from collection through use, disclosure, retention and destruction. Staff and contractors with access to personal information receive orientation on privacy obligations relevant to their roles.
2. Identifying purposes
We identify the purposes for which personal information is collected before or at the time of collection. Primary purposes include:
- Responding to enquiries submitted through our contact form or email
- Scheduling and delivering research briefings, programmes and professional services
- Processing programme enrolments and service agreements
- Issuing invoices, processing payments and maintaining financial records
- Communicating about engagements, deliverables and follow-up consultations
- Improving our website, services and research methodology through aggregated analytics
- Complying with legal obligations, including tax reporting and regulatory requests
- Protecting the security and integrity of our systems and preventing fraud
We will not use personal information for purposes other than those identified without obtaining additional consent, except where permitted or required by law.
3. Consent
We obtain meaningful consent before collecting, using or disclosing personal information, except where the law permits collection without consent. Our contact form requires explicit consent via the consent_pipeda checkbox before submission. This checkbox is not pre-selected.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawal of consent may limit our ability to provide services. To withdraw consent, contact our privacy officer using the details above.
For research engagements involving client datasets that may contain personal information, separate data processing agreements define consent, minimisation and retention requirements specific to each project.
4. Limiting collection
We collect only personal information that is necessary for the identified purposes. Contact form fields are limited to name, email address, subject selection and message content. We do not collect sensitive categories of personal information (such as health records or financial account numbers) through our public website forms.
During professional engagements, additional information may be collected as required to deliver services — for example, job titles, organisational affiliations and technical system details. Such collection is scoped to engagement requirements and documented in statements of work.
5. Limiting use, disclosure and retention
Personal information is used and disclosed only for the purposes for which it was collected, unless you provide additional consent or the use or disclosure is required or authorised by law. We do not sell personal information to third parties.
We may disclose personal information to:
- Service providers who assist with hosting, email delivery, payment processing and analytics — bound by contractual confidentiality and data protection obligations
- Professional advisors (legal, accounting) when necessary for business operations
- Government authorities when required by law, court order or regulatory demand
- Successors in the event of a merger, acquisition or asset sale, with continued protection of personal information
Personal information is retained only as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations and resolve disputes. Contact form submissions are retained for twenty-four months unless a business relationship is established, in which case records are retained for seven years following the end of the engagement for tax and legal compliance.
6. Accuracy
We take reasonable steps to ensure personal information is accurate, complete and up to date for the purposes for which it is used. You may request correction of inaccurate information by contacting our privacy officer. We will amend records promptly upon verification of the requested correction.
7. Safeguards
We implement administrative, technical and physical safeguards appropriate to the sensitivity of personal information. These include encryption in transit (TLS), access controls limiting staff access to need-to-know basis, secure hosting on Canadian and North American infrastructure, regular security reviews and incident response procedures.
While we take reasonable precautions, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and the Privacy Commissioner of Canada of significant breaches as required by law.
8. Openness
We make information about our privacy practices readily available through this Privacy Policy, our Cookie Policy and Legal page. Questions about our privacy practices may be directed to our privacy officer at any time.
9. Individual access
Upon written request, we will inform you of the existence, use and disclosure of your personal information and provide access to that information, subject to limited exceptions permitted by law (for example, where disclosure would reveal personal information about another individual or where information is protected by solicitor-client privilege).
Access requests should be sent to our privacy officer. We will respond within thirty days. If we deny access, we will provide reasons and information about the complaint process available through the Office of the Privacy Commissioner of Canada.
10. Challenging compliance
You may challenge our compliance with this Privacy Policy by contacting our privacy officer. We will investigate all complaints and respond with our findings and any corrective action taken. If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.
11. International transfers
Some service providers may process personal information in the United States or other jurisdictions. When personal information is transferred outside Canada, we ensure comparable protection through contractual safeguards and due diligence on provider security practices.
12. Children's privacy
Our services are directed at business and professional audiences. We do not knowingly collect personal information from individuals under the age of eighteen. If we become aware that we have collected such information, we will delete it promptly.
13. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last updated" date. Continued use of our services after changes constitutes acceptance of the revised policy.
14. Data breach notification
In the event of a security incident involving personal information under our control, we will investigate promptly, take reasonable steps to contain the breach and notify affected individuals and the Privacy Commissioner of Canada where required by PIPEDA. Notification will include a description of the circumstances, the personal information involved and steps we are taking to address the breach.
15. Research engagement data
During professional services and programme engagements, clients may provide datasets, system access credentials and technical documentation. Such materials are handled under separate data processing terms defined in statements of work. Client data is not used to train third-party AI models, shared with other clients or retained beyond the engagement period unless explicitly agreed in writing.
16. Automated decision-making
NeuralPulseAI does not make automated decisions producing legal or similarly significant effects about individuals based solely on automated processing of personal information collected through this website. Contact form submissions are reviewed by human staff before any response is sent.
18. Third-party links
Our website may contain links to third-party websites, including government resources, research publications and technology documentation. We are not responsible for the privacy practices or content of external sites. We encourage you to review the privacy policies of any third-party sites you visit.
20. Language
This Privacy Policy is written in Canadian English. In the event of any discrepancy between translated versions, the English version shall prevail.
21. Contacting the privacy officer
For privacy-related requests, complaints or questions, contact our privacy officer at [email protected] with the subject line "Privacy Request." We aim to acknowledge all privacy correspondence within five business days and resolve access or correction requests within thirty days as required by PIPEDA. Written correspondence may also be sent to NeuralPulseAI Inc., 901 Front Street, Suite 215, Nelson, BC V1L 4B9, Canada.