Legal
Privacy Policy
Last updated: 3 July 2026
MindVortex ("we," "us," or "our") is committed to protecting the privacy and personal information of individuals who interact with our website at mindvortex.life and who use our cognitive AI platform services. This Privacy Policy describes how we collect, use, disclose, retain, and safeguard personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation in Canada.
1. Accountability
MindVortex is responsible for personal information under our control. We have designated a privacy officer accountable for our compliance with this policy. You may contact our privacy officer at [email protected] or by mail at 330 3rd Avenue North, Suite 208, Saskatoon, SK S7K 2M2, Canada. Our Business Number is BN 852047391SK0001.
We ensure that third parties processing personal information on our behalf maintain comparable privacy protections through contractual agreements and regular compliance reviews. When we engage subprocessors for cloud infrastructure, model training, or analytics, we conduct due diligence assessments and require data processing agreements that limit use to specified purposes.
2. Identifying Purposes
We collect personal information only for purposes that a reasonable person would consider appropriate in the circumstances. The primary purposes for which we collect personal information include:
- Responding to inquiries submitted through our contact form or email correspondence
- Delivering cognitive AI platform services under contractual agreements with clients
- Operating, maintaining, and improving our website and platform infrastructure
- Complying with legal obligations, including tax reporting and regulatory requirements
- Protecting against fraud, abuse, and security threats to our systems
- Conducting internal analytics to improve service quality, subject to consent where required
We will identify the purposes for collection at or before the time personal information is collected. If we intend to use personal information for a new purpose not previously identified, we will obtain your consent before such use, unless otherwise permitted by law.
3. Consent
Knowledge and consent are required for the collection, use, and disclosure of personal information, except where inappropriate or permitted by law. Consent may be express or implied, depending on the sensitivity of the information and the reasonable expectations of the individual.
Our contact form requires express consent via a PIPEDA consent checkbox before submission. This checkbox is not pre-checked. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawal of consent may affect our ability to provide certain services.
For platform deployments involving health information or other sensitive categories, we obtain separate written consent aligned with applicable provincial health privacy legislation, including but not limited to Saskatchewan's Health Information Protection Act where applicable.
4. Limiting Collection
We limit the collection of personal information to that which is necessary for the identified purposes. Information collected through our website contact form includes your name, email address, subject line, and message content. We do not collect payment card information through the website contact form.
Platform service engagements may require additional information necessary for deployment, integration, and support. The scope of collection for each engagement is defined in the applicable statement of work or service agreement. We apply data minimisation principles to cognitive model training, preferring federated learning and on-premises processing to reduce unnecessary data centralisation.
5. Limiting Use, Disclosure, and Retention
We do not use or disclose personal information for purposes other than those for which it was collected, except with your consent or as required by law. Personal information is retained only as long as necessary to fulfil the identified purposes or as required by applicable retention schedules.
Contact form submissions are retained for twenty-four months unless a business relationship is established, in which case records are retained for the duration of the relationship plus seven years for regulatory compliance. Platform deployment data retention is governed by the client agreement and may be configured for shorter periods.
We may disclose personal information to service providers who assist with hosting, email delivery, analytics, and platform operations. These providers are contractually bound to use information only for the specified purposes and to maintain appropriate security measures. We do not sell personal information to third parties.
6. Accuracy
We make reasonable efforts to ensure that personal information is accurate, complete, and up-to-date for the purposes for which it is to be used. You may request correction of inaccurate personal information by contacting [email protected]. We will respond to correction requests within thirty days.
7. Safeguards
We protect personal information with security safeguards appropriate to the sensitivity of the information. These safeguards include encryption in transit using TLS 1.2 or higher, encryption at rest for stored data, role-based access controls, multi-factor authentication for administrative systems, regular security assessments, and employee privacy training.
Platform deployments support on-premises and private cloud configurations where sensitive data never transits public networks. Our cognitive architecture implements attention-scope controls that limit which data modules can access specific information categories. Audit logs record all access to personal information within platform environments.
8. Openness
We make readily available specific information about our policies and practices relating to the management of personal information. This Privacy Policy is published at mindvortex.life/privacy.php and is accessible from every page of our website through the footer navigation. We will provide additional information about our privacy practices upon request.
9. Individual Access
Upon written request, we will inform you of the existence, use, and disclosure of your personal information and provide access to that information, subject to limited exceptions permitted by law. Access requests should be directed to [email protected] with sufficient detail to locate the relevant records.
We will respond to access requests within thirty days. If we cannot provide access, we will explain the reasons and inform you of available complaint mechanisms. A nominal fee may be charged for providing access where permitted by PIPEDA, but we will inform you of any fee in advance.
10. Challenging Compliance
You may challenge our compliance with this Privacy Policy by contacting our privacy officer. We will investigate all complaints and respond within a reasonable timeframe. If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.
11. Website-Specific Practices
Contact Form
When you submit our contact form, your information is transmitted to send.php for processing and forwarded to our team via email. The form includes a honeypot field to deter automated submissions. Submissions without PIPEDA consent are rejected. All form processing timestamps use the America/Regina timezone.
Cookies and Analytics
Our website uses cookies as described in our Cookie Policy. Essential cookies are necessary for website functionality. Analytics cookies, if enabled with your consent, help us understand how visitors interact with our site. You may manage cookie preferences through our cookie banner or browser settings.
Log Files
Our web servers automatically collect standard log information including IP address, browser type, referring URL, pages visited, and timestamps. This information is used for security monitoring, troubleshooting, and aggregate analytics. Log files are retained for ninety days unless required for security investigations.
12. International Transfers
MindVortex is a Canadian company and our default practice is to process and store personal information within Canada. If international transfer is necessary for a specific service engagement, we will inform you in advance, obtain appropriate consent, and implement safeguards such as contractual clauses ensuring comparable protection levels.
13. Children's Privacy
Our website and services are not directed at individuals under the age of eighteen. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The "Last updated" date at the top of this page indicates when the policy was most recently revised. Material changes will be communicated through a notice on our website. Continued use of our website after changes constitutes acceptance of the updated policy.
15. Contact Information
For privacy-related inquiries, access requests, or complaints, please contact:
MindVortex Privacy Officer
330 3rd Avenue North, Suite 208
Saskatoon, SK S7K 2M2, Canada
Email: [email protected]
Phone: +1 (306) 555-6479
