Privacy Policy

Effective Date: January 1, 2025
Last Updated: January 1, 2025

1. INTRODUCTION

Welcome to The AI Executive Brief (“we,” “our,” “us”).
We are committed to protecting your personal information in accordance with Law 25 (Quebec), the GDPR (EU), PIPEDA (Canada), and other applicable privacy laws.

This policy explains how we collect, use, store, and disclose personal information, as well as the rights you have regarding your data.

By subscribing to or interacting with our services, you consent to the practices described herein.

2. IDENTITY OF THE ORGANIZATION AND RESPONSIBLE PERSON

Organization: The AI Executive Brief
Email: info@aiexecutive.media
Country: Canada

The Privacy Officer is responsible for ensuring compliance with Law 25 and all other privacy obligations.

3. PERSONAL INFORMATION COLLECTED

We collect only what is necessary to deliver and improve our newsletter service:

• Identification data: Name, email address
• Payment data: Billing address and transaction information (handled by Stripe)
• Professional data (optional): Title, company, industry
• Usage data: Engagement metrics, IP address, device type, cookies
• Preferences: Topic selections and reading frequency

We do not collect sensitive information (health, biometric, religious, political, etc.) or data from individuals under 18 years old.

4. CONSENT UNDER LAW 25

We obtain express, free, and informed consent before collecting or using personal information.

You may withdraw your consent at any time by emailing info@aiexecutive.media. Withdrawal may affect your access to certain services (e.g., newsletter delivery).

5. PURPOSES OF DATA USE

We do not use your information for automated decision-making that produces legal or significant effects.

6. COMMUNICATION TO THIRD PARTIES

We share personal information only with trusted service providers required to operate the service:

These providers are contractually bound to:

• Use data only for the stated purpose
• Protect data under Law 25 standards
• Delete data upon termination of service

We do not sell, rent, or disclose personal information to any third party, including consulting firms cited in our content (McKinsey, BCG, PwC, etc.).

7. INTERNATIONAL DATA TRANSFERS

If data is transferred outside Quebec (e.g., to cloud servers in the U.S. or EU), we apply Law 25 requirements:

• Transfers only to jurisdictions with adequate protection laws
• Execution of Standard Contractual Clauses (SCCs) and Data Transfer Agreements
• Encryption of data in transit and at rest

By subscribing, you consent to these secured international transfers.

8. DATA RETENTION AND DESTRUCTION

• Subscriber accounts: maintained for the duration of your subscription + 30 days
• Financial records: retained for 7 years (legal requirement)
• Backups: purged within 90 days after cancellation
• Analytics: anonymized after 24 months

Upon request or at end of retention periods, data is securely destroyed or anonymized in compliance with Law 25.

9. SECURITY MEASURES

We use technical and organizational safeguards appropriate to the sensitivity of the data:

• Encryption (AES-256 at rest, TLS in transit)
• Access controls and role-based permissions
• Multi-factor authentication for administrators
• Regular security audits and backups

10. PRIVACY INCIDENT MANAGEMENT (LAW 25)

Any incident involving a breach of confidentiality is treated as a “confidentiality incident” under Law 25.

• We will immediately assess the risk of serious injury
• If required, notify the Commission d’accès à l’information (CAI) within 72 hours
• Notify affected individuals without delay
• Maintain an incident register for 5 years

11. YOUR RIGHTS UNDER LAW 25

You have the following rights regarding your personal information:

• Access and Portability: Obtain a copy of your data in structured format
• Rectification: Correct inaccurate or incomplete information
• Deletion: Request permanent erasure of data (no unjustified retention)
• Consent Withdrawal: Stop receiving communications or processing
• Restriction and Objection: Limit certain processing activities
• Automated Decision Disclosure: Be informed if automated profiling occurs (we do not use any)

To exercise these rights, contact our Privacy Officer at info@aiexecutive.media.
We respond within 30 days (extendable once for complex requests).

12. COOKIES AND TRACKING

We use cookies only to support essential functions and anonymized analytics.
Consent for non-essential cookies is requested on your first visit (Compliant with Law 25 Art. 8).

You can modify preferences at any time via the cookie banner or browser settings.

13. CONFIDENTIALITY AND EXECUTIVE ANONYMITY

Because our subscribers are senior executives and public figures, we commit to:

• Maintaining strict confidentiality of subscriber identities
• Never sharing individual data with any consulting firm or external entity
• Disclosing only aggregated and anonymized demographic insights (publicly or commercially)

14. CHANGES TO THIS POLICY

We may update this policy to reflect regulatory or operational changes. You will be notified of significant updates by email and via our website.
The effective date and revision history are displayed at the top of this page.

15. CONTACT AND COMPLAINTS

Privacy Officer – Quebec
The AI Executive Brief
Email: info@aiexecutive.media
Address: CP 31, 37 Rue Saint-Laurent, Beauharnois, J6N 3P1, Québec, Canada

16. SUMMARY COMMITMENTS

Your data belongs to you.
No data is sold, shared, or transferred without your consent.
You can access, correct, or delete your data any time.
All transfers outside Quebec are subject to adequacy and security assessments.
Incidents are reported to the CAI and affected users within 72 hours.

By subscribing to the AI Executive Brief, you confirm that you have read, understood, and agree to this Privacy Policy & Confidentiality Statement.