Owner/Controller: Razmig Malkhassian, doing business as “The Inner Game Architect”
Contact: [email protected]
Address: 1438 Rue Mackay St, Montréal, QC H3G 2H8, Canada
Governing Law: Québec, Canada
Effective Date: September 13, 2025
1) Who we are
We provide coaching, training, and related digital products and services to entrepreneurs. This Privacy Policy explains what we collect, why we collect it, how we use and share it, the choices you have, and your rights in different countries.
2) Scope
This Policy applies to our website and subdomains, landing pages, forms, emails, and other channels we control (collectively, the “Services”). It does not apply to third‑party websites or services we do not control.
3) Plain‑English summary
We collect contact details and behavioral data to personalize content and offers.
We do not collect or store payment card numbers; payments are processed by Stripe.
We use automations and AI tools to segment communications and improve user experience.
We respect international privacy laws and honor user rights to access, correct, delete, and opt out.
We use cookies and similar technologies; you can control these via our consent banner and your browser.
4) What we collect
Information you provide: name, email, phone (optional), mailing address (optional), preferences, and messages.
Business interests/behavioral: pages viewed, links clicked, forms submitted, products or topics you’re interested in, approximate location/language (from IP or browser).
Technical: IP address, device/OS, browser, and diagnostics/analytics data.
Payments: Handled by Stripe. We do not collect or store payment card numbers.
We do not intentionally collect sensitive personal information (e.g., health, ethnicity, government IDs). Please do not submit such data.
5) Why we collect data (lawful bases)
We use your data to:
Provide and improve the Services;
Personalize content, emails, and offers;
Respond to inquiries and provide support;
Run analytics and measure performance;
Manage subscriptions and marketing preferences;
Comply with legal obligations and protect our rights.
Legal bases (GDPR/UK GDPR): consent, contract necessity, legitimate interests (e.g., service improvement, security, reasonable marketing), and legal compliance.
6) Automations, segmentation & AI
We use automations (e.g., in our CRM) and AI‑assisted tools to group users by interests/behavior and to tailor communications. These processes do not make decisions that produce legal or similarly significant effects without human oversight. You can opt out of profiling for direct marketing at any time (see §12).
7) Cookies & similar technologies
We use cookies, pixels, tags, and local storage for:
essential functions (e.g., security, form submissions);
analytics and performance;
marketing/remarketing (e.g., ad platforms).
You can manage non‑essential cookies in our cookie consent banner and adjust your browser settings. Some features may not work without certain cookies.
8) Third‑party services (examples)
We may work with:
Payments: Stripe;
CRM/automation: GoHighLevel (GHL);
Storage/collaboration: Nextcloud/Hetzner, Notion;
Video/meetings: Zoom;
Analytics/ads: platforms that measure and deliver ads or email performance.
Vendors may change over time. We require service providers to handle personal data appropriately and only for our purposes.
9) Data sharing
We share personal data with service providers under contract, professional advisors, authorities where legally required, and in connection with a business transaction (e.g., sale/transfer of assets). We do not sell personal information.
10) International transfers
We operate and store data in multiple jurisdictions. Where required (e.g., EU/UK), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent and implement additional measures as appropriate. You may contact us for a copy of relevant safeguards.
11) Security
We use administrative, technical, and physical measures appropriate to the nature of the data. No method is 100% secure. If we learn of a breach that poses a real risk of significant harm, we will notify affected individuals and regulators as required by law.
12) Your choices & rights
Marketing: Unsubscribe from emails via footer links or contact us.
Cookies: Use the cookie banner and your browser settings.
Access/rectify/delete/portability/object/restrict/withdraw consent: Where applicable, you can exercise these rights by contacting [email protected].
California/US state rights: Where applicable, you may request access, deletion, correction, and opt‑out of certain data uses.
Quebec/Canada: You have rights under Law 25/PIPEDA to access and correct personal information.
We may request information to verify your identity before responding. Some rights may be limited by law (e.g., our need to maintain records).
13) Children
We do not target or knowingly collect data from children. If you believe a child provided data, contact us to delete it. Minimum age depends on jurisdiction (usually 13–16+).
14) Retention
We keep data only as long as necessary for the purposes described or as required by law, and then delete or de‑identify it.
15) Data breach notification
If a breach occurs, we will notify affected individuals and regulators without undue delay and within timelines required by applicable law.
16) Limitation of liability (privacy)
To the maximum extent permitted by law, our aggregate liability for claims arising from or relating to this Privacy Policy or our processing of your data is limited to the total fees you paid to us for the Services that gave rise to the claim in the 12 months preceding the event. This clause does not limit non‑waivable rights.
17) Changes to this Policy
We may update this Policy from time to time. We will post the new version with an updated effective date. Material changes will be highlighted reasonably in advance where required.