Privacy POLICY

This Privacy Policy supplements but does not supersede nor replace any other consents you may have previously provided to Amplify Training Ltd. (formerly known as AMC Governance Solutions, collectively referred to herein as “AMC”, “we”, “us”, or “our”), nor does it affect any rights which AMC may have at law in connection with the collection, use, or disclosure of your Personal Data.

When and How We Collect Your Information

We collect personal and organizational data when you voluntarily interact with our brand. This includes when you:

• Complete custom qualification form modules.
• Register to receive email alerts, newsletters, or corporate governance insights.
• Request detailed information regarding our board governance training services, strategic planning, bylaws review, or corporate workshops.
• Purchase training programs, books, guides, or download free digital resources (such as templates, ebooks, whitepapers, or checklists).
• Provide your contact details to our representatives at live events, conferences, or webinars.
• Register for and engage with our E-Learning Portal: When you enroll in a training program, we create a student profile and track your account login credentials, course enrollment history, video consumption metrics, quiz scores, assignment submissions, and certificate achievements to fulfill our training obligations.

Data Provided to Us via Clients

When a client or nonprofit organization engages our services to deliver team training, e-learning access, or board governance advisory, the client acts as the primary data controller and may provide us with employee contact metrics (names, corporate emails, job roles). In such arrangements, AMC acts as the data processor. We process this information strictly to fulfill our contractual training obligations with the employer.

What We Collect & Why

• Zapier: To safely transmit and route form data and system tags from our front-end web elements to our database backends.
• Keap / Infusionsoft: To maintain our primary Customer Relationship Management (CRM) system where lead details are archived, segmented, and processed for automated marketing or training follow-up campaigns.
• Calendly: To manage automated calendar bookings and consultations directly within our online interfaces.
• Google Workspace: To host our internal business infrastructure, manage standard email communications, and store operational documentation or spreadsheets.
• WhatsApp & SMS Messaging Providers: To deliver conversational follow-up communications, booking reminders, or direct support text messaging as requested by the user.
• Dropbox: To provide secure cloud storage, archival management, and file sharing for internal sales documentation, proposals, and corporate client training assets.
• QuickBooks: To manage corporate accounting, generate invoices, track payment transactions, and securely process billing profiles for our training products and services.
• LearnDash (WordPress Plugin Architecture): To power our native e-learning portal, manage student enrollment profiles, deliver instructional video modules, track course completion progress, and issue professional training certifications.
• ThriveCart & Stripe: To securely process e-commerce checkout transactions, manage subscription billing, and process payment card details. All financial transactions are encrypted via Secure Socket Layer (SSL) technology and processed directly through these PCI-DSS compliant gateways; we do not store raw credit or debit card numbers on our internal servers.

Sharing Data with Third-Party Partners

From time to time, where a corporate inquiry matches a highly specialized training requirement, language preference, or geographic territory better handled by an authorized provider in our network, we may share your contact credentials and business parameters with trusted strategic training partners. This is done strictly to fulfill your request for services, and our partners operate under strict confidentiality expectations.

Media Consent and Recording of Training Sessions

If you participate in live virtual training workshops (via platforms such as Zoom or Microsoft Teams) or utilize video/audio assignment submission tools within our LearnDash e-learning portal, your voice, image, and performance interactions may be recorded.

• Primary Purpose: These recordings are processed strictly for internal educational evaluation, trainer feedback, corporate attendance validation, and quality assurance.
• Marketing and Promotional Materials: From time to time, we may utilize select photography, screenshots, or video clips from our training sessions for promotional, social media, or marketing purposes. To fiercely protect the privacy of our individual participants, we strictly enforce a policy of anonymization for public marketing assets. This means we either capture imagery that excludes participants’ faces entirely, blur out identifying facial features, or alter individual likenesses so that no participant remains personally identifiable.
• Retention & Security: We implement strict access controls to ensure raw, unedited media files are only accessible to authorized instructors and relevant client representatives, and they are purged after the contract’s training evaluation lifecycle concludes.
• Data Storage & Access Control: Unedited session recordings and media submissions are hosted within our secure cloud infrastructure, primarily via our encrypted corporate Dropbox repositories or protected folders within our WordPress/LearnDash environment. Access to these raw files is strictly restricted under a least-privilege model. We only provide data access to:
     – Authorized AMC Personnel & Freelance Trainers: Our internal staff and vetted, contractually bound training professionals who are engaged to deliver, evaluate, and fulfill specific training jobs.
     – Your Employer’s Designated Stakeholders: The specific corporate HR managers, procurement officers, board chairs, or leadership teams who authorized the training contract.
     – Data Isolation: We maintain strict data isolation protocols; unedited recordings from your organization’s training sessions are never made accessible to other corporate clients, public users, or unauthorized third-party platforms.

Cross-Border Data Transfers & International Partnerships

Amplify Training Ltd. operates an international network of strategic training partners and global freelance professionals. Depending on your geographical location and the specific services you require, your personal and corporate information may be transferred across international borders as follows:

• Inter-Company Operations: In instances where training leads are generated or managed in coordination with our global affiliate network but contractually fulfilled, executed, or billed via AMC, personal data, transaction records, and training metrics may be shared securely between entities. This data sharing is executed strictly to handle client routing, manage accounts, fulfill training operations, and track internal financial metrics.
• Global Training Fulfillment: Regardless of where your organization is located, we engage vetted independent freelance trainers and consultants located globally to deliver workshops, evaluate participant performance, and fulfill training contracts. Consequently, customer personal data, metrics, and training session recordings may be accessed by or transferred to these authorized professionals as needed to complete the contract.
• Data Protection Standards: When transferring personal data or sharing workflow information within our network across borders, we implement operational and contractual safeguards (including non-disclosure and data processing parameters with all international freelancers). This ensures your information receives a standard of protection fully compliant with Canadian privacy regulations (PIPEDA), United States data frameworks, and applicable international data protection laws.
• Prohibition of Sensitive Information: We do not require, nor do we intentionally collect, highly sensitive personal details (such as national identification numbers, medical background, or financial account passwords). We explicitly request that you do not submit such sensitive information through open text blocks or general contact forms.

• Data Retention: We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, compliance, or tax reporting requirements under Canadian and applicable US tax filing rules.

Global Rights to Opt-Out of Data Sharing and Transfers

Under various international data protection frameworks (including Canada’s PIPEDA and applicable United States federal and state regulations), transferring personal or corporate information to a corporate affiliate, strategic third-party partner, or independent professional in exchange for monetary consideration, revenue-sharing, or a referral commission may be classified as a “sharing” or “commercial disclosure” of data.

• Our Practice: Because we coordinate with our global affiliate network and strategic third-party partners to deliver localized training, customize instructional material to your local regulations, and provide regional ongoing support (and seamlessly manage internal administrative referral or revenue-share metrics between those partners), this practice falls under those broad regulatory definitions.
• How to Exercise Your Global Opt-Out: We only share your data to directly fulfill your localized training and advisory requests. However, you have the absolute right to opt out of this third-party routing at any time. If you do not want your corporate business inquiry or contact details shared outside of our core entity with our global partner network, please email our Data Protection Officer at [email protected] with the subject line “Global Data Sharing Opt-Out.” In such cases, your data will be handled strictly by internal AMC personnel.

  Please note: If you choose to opt-out, your data will be handled strictly by internal AMC personnel. However, this may limit our ability to fulfill localized, regional, or in-person training programs in certain international territories.

Regional Privacy Rights (PIPEDA & US State Laws)

Whether you are a resident of Canada, the United States, or an international organization accessing our services globally, AMC respects your data rights and provides clear avenues to manage your information.

For Canadian Residents (PIPEDA & Provincial Privacy Laws):

• Consent for Third-Party Disclosures: In compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws, we do not disclose or transfer your contact profiles to external strategic partners for commercial referral or revenue-share purposes without your consent.
• Your Rights: Canadian users have the right to access the personal information we hold about them, challenge the accuracy and completeness of that data, or withdraw consent for data sharing at any time by contacting our Data Protection Officer (DPO) at [email protected].

For United States Residents

• Non-Discrimination: We will not discriminate against you (such as by charging different prices or denying services) for exercising any of your privacy rights.
• Right to Know and Access: You have the right to request a disclosure of the specific categories of personal information we have collected, used, or shared within our network over the past 12 months.
• Right to Delete: You have the right to request the deletion of personal information collected from you, subject to certain legal exceptions (such as maintaining an active training contract).
• Right to Opt-Out of Data Sharing: You have the absolute right to opt-out of the sharing or cross-border transfer of your personal data to external strategic partners. Please refer to our Global Rights to Opt-Out of Data Sharing and Transfers section above for full details on how we protect your information within our partner network, as well as instructions on how to submit your request.

DATA PROTECTION NOTICE FOR CUSTOMERS

This Data Protection Notice (“Notice”) sets out the basis upon which Amplify Training Ltd. (“we”, “us”, or “our”) may collect, use, disclose, or otherwise process personal data of our customers. This Notice applies to personal data in our possession or under our control, including personal data in the possession of organisations that we have engaged to collect, use, disclose, or process it for our purposes.

PERSONAL DATA

1. As used in this Notice:

• “customer” means an individual or organizational representative who (a) has contacted us through any means (including our website forms and digital channels) to find out more about any goods or services we provide, or (b) may, or has, entered into a contract with us for the supply of any board training, strategic planning, or advisory services by us; and
• “personal data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

2. Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name, corporate email address, telephone number, job title, geographical location, organizational board or team size parameters, and estimated professional training or advisory budgets.

COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

3. We generally do not collect your personal data unless:

• It is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after you (or your authorised representative) have been notified of the purposes for which the data is collected, and have provided written or digital consent (such as checking a box or submitting a form) to the collection and usage of your personal data for those purposes, or
• Collection and use of personal data without consent is permitted or required by applicable regional data laws.

We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorized by law).

4. We may collect and use your personal data for any or all of the following purposes:

• a. Verifying your identity and evaluating organizational profiles;

• b. Responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;

• c. Processing data through automated communication pipelines to pre-qualify and route inquiries to the correct advisory specialist;

• d. Managing your ongoing client relationship with us;

• e. Processing payment or credit transactions via our accounting frameworks;

• f. Complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;

• g. Delivering digital training services, managing user accounts on our e-learning platform, tracking educational progress, and validating board governance course completion certifications; and

• h. Any other incidental business purposes related to or in connection with the above.

5. We may disclose your personal data:

• a. Where such disclosure is required for performing obligations in the course of or in connection with our provision of the training and advisory services requested by you (including securely transmitting data to our cloud infrastructure sub-processors such as customer relationship management (CRM) tools, secure accounting platforms, interactive AI systems, and workflow automation databases); and

• b. To trusted advisory and training partners within our network when an inbound inquiry is better fulfilled by their specialized regional or structural expertise to provide you with the services requested.

The purposes listed in the above clauses may continue to apply even in situations where your relationship with us has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).

WITHDRAWING YOUR CONSENT

6. The consent that you provide for the collection, use, and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using, and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

7. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our professional relationship with you) for your request to be processed and for us to notify you of the consequences of our acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.

8. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our training or advisory services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 6 above.

9. Please note that withdrawing consent does not affect our right to continue to collect, use, and disclose personal data where such collection, use, and disclosure without consent is permitted or required under applicable privacy laws.

ACCESS TO AND CORRECTION OF PERSONAL DATA

10. If you wish to make (a) an access request for a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request via email to our Data Protection Officer at the contact details provided below.

11. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request. 

12. We will respond to your request as soon as reasonably possible. In general, our response will be within ten (10) business days. Should we not be able to respond within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so.

PROTECTION OF PERSONAL DATA

13. To safeguard your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, we have introduced appropriate administrative, physical, and technical measures. This includes disclosing personal data both internally and to our authorized third-party service providers, and our advisory and training partners, strictly on a need-to-know basis.

14. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our digital security measures.

ACCURACY OF PERSONAL DATA

15. We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete, and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.

RETENTION OF PERSONAL DATA

16. We may retain your personal data for as long as it is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws.

17. We will cease to retain your personal data or remove the means by which the data can be associated with you as soon as it is reasonable to assume that such retention no longer serves the purpose for which it was collected, and is no longer necessary for legal or business purposes.

EFFECT OF NOTICE AND CHANGES TO NOTICE

18. This Notice applies in conjunction with any other privacy notices, contractual clauses, and consent clauses that apply in relation to the collection, use, and disclosure of your personal data by us.

19. We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgment and acceptance of such changes.

WEBSITE TRAFFIC AND DIGITAL LOGS

System Tracking (Cookies): AMC utilizes standard analytics cookies and server log files strictly to analyze overall website traffic trends and improve user experience. These cookies do not store or collect your direct personal identification or financial records. You are fully welcome to disable cookies in your web browser settings at any time, though doing so may slightly limit the functionality of certain dynamic online submission forms. For more information on managing your browser preferences, you can visit https://www.allaboutcookies.org.

Platform Security Logs: For user authentication, diagnostic troubleshooting, and platform infrastructure protection, our digital systems automatically maintain secure records of basic technical access parameters. This includes logging successful user events, security authorization tokens, diagnostic system errors, and account management requests (such as password reset submissions).

AGE REQUIREMENTS AND ELIGIBILITY

Our digital resources, advisory services, and board training programs are strictly designed and intended for adult professionals, corporate directors, and organizational teams. AMC does not knowingly request, collect, or maintain personal or organizational information from individuals under the age of 16. If we become aware that an individual under 16 has inadvertently provided personal information through our web forms, we will immediately purge that data from our active storage infrastructure and databases.

CALL AND VIDEO CONFERENCES RECORDINGS

Select telephonic communications or video advisory conferences with our internal team may be securely recorded strictly for quality assurance, instructional verification, or internal training purposes.

If you prefer not to have your consultation session or introductory call recorded, please inform your AMC team representative at the start of the interaction. We will accommodate your preference immediately by conducting the communication through an unrecorded method. Any recordings collected are utilized exclusively for internal organizational purposes, are restricted solely to our direct staff and consultants on a need-to-know basis, and are permanently erased once they no longer serve their business training or contractual purpose.

DATA PROTECTION OFFICER

If you have any specific inquiries relating to your statutory rights, wish to submit an official data access request, or would like to request the erasure of your personal records from our networks, please contact our designated Data Protection Officer:

Designated DPO: Elaine Brindamour

Contact Email: [email protected]

Contact No. : +1 (604) 923-1578

We review all inquiries with top priority and will respond to your request within a reasonable corporate timeframe (typically within 10 to 30 days) in full accordance with cross-border privacy standards.

CONTACT US

If you have any general questions about our privacy practices, wish to update your organizational training profile, or feel that your data integrity has been compromised in any way, please contact us at [email protected] or complete our digital inquiry form below: