Privacy Policy

Readiness AI (“we,” “our,” or “us”) is committed to protecting the privacy and personal information of our clients, users, and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation, including Alberta’s Personal Information Protection Act (PIPA).

1. Who We Are

Readiness AI is a Canadian cybersecurity and GRC (Governance, Risk, and Compliance) platform provider headquartered in Alberta, Canada. Our website is https://thereadiness.ca.

2. Information We Collect

We may collect the following categories of personal information:

a) Information You Provide Directly

  • Name, job title, and company name
  • Email address and phone number
  • Billing and payment information (processed securely through third-party payment processors)
  • Information submitted through contact forms, demo requests, or support tickets

b) Information Collected Automatically

  • IP address and browser/device information
  • Pages visited, time spent, and clickstream data
  • Cookies and similar tracking technologies (see Section 7)

c) Platform Usage Data

  • Compliance assessment inputs and responses
  • Control configurations, task completions, and audit logs within your organization’s workspace
  • Integration metadata (e.g., connected tools, API usage logs)

3. How We Use Your Information

We use your personal information to:

  • Provide, operate, and improve our platform and services
  • Process transactions and send billing-related communications
  • Respond to inquiries and provide customer support
  • Send service updates, security alerts, and administrative messages
  • Send marketing communications (where you have opted in)
  • Conduct analytics to understand how our platform is used
  • Comply with legal obligations and enforce our agreements

4. Legal Basis and Consent

Under PIPEDA and PIPA, we collect, use, and disclose personal information only with your knowledge and consent, except where otherwise permitted or required by law. Consent may be express (e.g., signing up for a service) or implied (e.g., providing a business card at an event). You may withdraw consent at any time, subject to legal or contractual restrictions, by contacting us at the address below.

5. Disclosure of Your Information

We do not sell your personal information. We may share your information with:

  • Service Providers: Trusted third parties who assist us in operating our platform (e.g., cloud hosting on AWS, payment processors, analytics providers), bound by confidentiality obligations
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where permitted by law
  • Legal Requirements: When required by applicable law, court order, or governmental authority
  • With Your Consent: In any other circumstances where you have given explicit consent

6. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When information is no longer needed, it is securely deleted or anonymized.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience, analyze site traffic, and support marketing activities. You can control cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain parts of our website.

8. Data Security

We implement industry-standard technical and organizational safeguards to protect your personal information against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit and at rest, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure.

9. Your Rights

Subject to applicable law, you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Withdraw consent to the collection, use, or disclosure of your information
  • Request deletion of your personal information, subject to legal retention obligations
  • Lodge a complaint with the Office of the Privacy Commissioner of Canada or the applicable provincial privacy authority

To exercise any of these rights, please contact our Privacy Officer using the contact details in Section 11.

10. Cross-Border Data Transfers

Our platform is hosted on Amazon Web Services (AWS) infrastructure, which may be located in Canada or the United States. When personal information is transferred outside Canada, we ensure appropriate safeguards are in place consistent with PIPEDA requirements.

11. Contact Our Privacy Officer

If you have questions, concerns, or requests regarding your personal information or this Privacy Policy, please contact:

Privacy Officer – Readiness AI
Email: privacy@thereadiness.ca
Website: https://thereadiness.ca
Alberta, Canada

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a revised effective date. We encourage you to review this policy periodically.

Effective Date: January 20, 2026