Skip to main content
May 2026:Mission Multiplier Program →

Privacy Policy

Last Updated: February 2026

We do not believe in generic clouds. We prioritize Infrastructure Sovereignty and the rigorous protection of your mission's data.

1. Identity of the Controller

Entity: Purpose Forward Technical Solutions Inc. (PF TECH)
Privacy Officer: Greg Zatulovsky, CEO (CPA, CMA)
Contact: privacy@purposeforwardtech.com

2. Data Sovereignty & Regional Residency

We adhere to a strict Standard of Infrastructure Sovereignty. Your data resides where you choose, never in an opaque global mesh.

  • Primary Residency (Default): Canada. Grounded in PIPEDA/PHIPA for maximum domestic privacy protection. This is the default for all Partners unless otherwise requested.
  • Secondary Residency: European Union (EU). Grounded in GDPR for organizations seeking the world's most rigorous data protections.
  • Bespoke Residency: Through our PostgreSQL/Supabase stack, we can host client data in nearly any global jurisdiction upon specific request.

3. Data Collection & Purpose

We collect data directly via our "Smart Router" (Contact), MMP Application, and Co-Creation Lab forms. This data is used solely to qualify leads, provide service information, and communicate strategic insights.

3.1 Sub-processors & 2026 Transparency

  • Cal.com: Embedded scheduling (integration in progress — active within days of this policy). Will collect name, email, and meeting metadata to facilitate bookings.
  • Helcim: Secure payment processing for MMP and custom builds (integration in progress — active within days of this policy). No payment card data will be stored on PF TECH servers (PCI-DSS compliant).
  • Google Analytics 4 (GA4) / Tag Manager (GTM): Anonymized usage analytics and tag management. GTM also manages LinkedIn and Google Ads tracking pixels when advertising is active. All analytics cookies are consent-gated via our cookie banner.
  • Shlink: Internal link shortening and attribution, self-hosted on a PF TECH-controlled virtual machine in Canada (Microsoft Azure, Canada Central region). No data leaves Canada.
  • Cloudflare / Vercel: Edge delivery, security headers, performance optimization, and DDoS protection.
  • Supabase (AWS Canada East): Database and file storage for site content, form submissions, blog posts, and newsletter subscriptions. Data resides in AWS ca-central-1.
  • n8n (self-hosted, Azure Canada Central): Workflow automation. Manages form routing, notification triggers, and integrations between services. Hosted on PF TECH-controlled infrastructure in Canada.
  • AI Models — Anthropic (Claude), OpenAI, Google Gemini: Used via enterprise API endpoints to power the interactive AI agent ("coming soon") and internal workflow intelligence. Queries may include information you voluntarily submit. Interaction logs are stored in Supabase and n8n for performance monitoring and error resolution. No user data is used to train public AI models. See Section 4.
  • YouTube & Spotify: Embedded content players may appear on certain pages. These services may set their own cookies when you interact with embedded players. Please refer to their respective privacy policies.
  • SMTP2Go: Transactional email delivery for form confirmations, newsletter subscriptions, and system notifications. See Section 3.2 for SMS use.

3.2 Transactional SMS

PF TECH may use SMTP2Go to send transactional SMS notifications — for example, appointment reminders or form submission confirmations — where you have provided a mobile number and expressly opted in to receive SMS communications. Message frequency varies. Standard message and data rates may apply. You may opt out at any time by replying STOP to any message or by contacting us at privacy@purposeforwardtech.com. We do not use SMS for marketing purposes without separate consent.

4. The AI Transparency Clause (Human-in-the-Loop)

NO Training on Client Data

We use Enterprise API endpoints for all AI interactions. No user or organization data submitted via this site is ever used to train public AI models. We maintain a strict "Privacy by Design" stance where AI coordinates logic but never "learns" from your sensitive context without explicit, written consent.

5. Your Rights Under PIPEDA

As a Canadian organization subject to the Personal Information Protection and Electronic Documents Act (PIPEDA), PF TECH upholds the following rights for individuals whose personal information we hold:

  • Access: You have the right to request access to the personal information we hold about you and to receive an explanation of how it has been used or disclosed.
  • Correction: You may request that we correct inaccurate or incomplete personal information.
  • Withdrawal of Consent: You may withdraw consent to our collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawal may affect our ability to provide services to you.
  • Complaint: You have the right to challenge PF TECH's compliance with PIPEDA by contacting our Privacy Officer. If not resolved to your satisfaction, you may file a complaint with the Office of the Privacy Commissioner of Canada.

To exercise any of these rights, contact our Privacy Officer at privacy@purposeforwardtech.com.

Verified ProfessionalLicensed CPA / Strategic Advisor

FAQ — Knowledge Base

Browse frequently asked questions about Knowledge Base

Apply for the Founding Cohort

Spots are limited. Applications are accepted globally and reviewed the week of April 6 — apply early for priority consideration. If selected, you'll receive a secure payment link to confirm your spot. Sessions begin May 1, 2026.