Privacy Policy

Affirmaitive Inc. entity, (“Affirmaitive,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring that every founder’s idea remains secure and confidential within their own dedicated environment. This Privacy Policy explains what information we collect, how we use and protect that information, and the choices you have. By using Affirmaitive’s services, you agree to the practices described in this Privacy Policy.

SECTION 01

Information We Collect

We collect only the information necessary to deliver and improve our services. This includes:

Contact Details

Personal identifiers such as your name and email address, which you provide when registering an account or submitting support forms. We use this information to create your account, communicate with you about the Service, and provide customer support.

Startup Content

Any business ideas, project descriptions, prompts, or OPA (Our Proprietary Assistant) interactions that you input into the platform to generate deliverables. This content is used exclusively to provide you with the venture planning, strategy documents, prototypes, or other outputs you request. It remains stored in your private workspace and is not used for any purpose outside of generating your deliverables.

Payment Information

If you subscribe to paid features or plans, we (via our payment processor) collect payment-related information. Payments are securely processed through trusted third-party providers such as Stripe. For your security, we do not store your full credit card details on our servers. We retain basic transaction records (e.g. payment amounts, dates, and the last four digits of your card) for billing history and account management.

Usage Data

We automatically collect certain technical data through cookies, analytics tools, or similar technologies when you use our website or platform. This may include your IP address, browser type, device information, pages or features you access, and usage times. We collect this information to analyze usage trends, administer and secure the platform, personalize your experience, and improve overall performance.

See Section 13 — Cookies & Analytics
for more details on our use of cookies and tracking technologies.

SECTION 02

How We Use Collected Information

We use the above information to operate and enhance the Affirmaitive platform and to deliver the services you expect. For example:

We use your Contact Details to send you updates or respond to inquiries.

We use your Startup Content to generate custom business plans or prototypes for you.

We use your Payment Information to process subscription fees.

We use your Usage Data to troubleshoot issues and guide product improvements.

We do not use your personal information for any purposes incompatible with these objectives, and we do not sell or rent your personal information to third parties.

SECTION 03

Your Rights and Choices

Depending on your location, you may have certain rights regarding your Personal Data. These rights may include:

The right to access the Personal Data we hold about you and obtain information about how it is used.

The right to request correction of inaccurate or incomplete data.

The right to request deletion of your Personal Data, subject to legal or contractual retention obligations.

Where applicable, the right to receive a copy of your data in a structured, commonly used format and to request restriction of or objection to certain processing activities.

You may exercise your rights by contacting us at info@affirmaitive.com or through available in-app privacy controls, if provided. We may take reasonable steps to verify your identity before processing your request. We aim to respond within thirty (30) days, or within the timeframe required by applicable law.

Certain requests may be limited where retention is required for legal compliance, dispute resolution, fraud prevention, or the protection of the rights of others.

SECTION 04

International / Cross-Border Data Transfers

We are headquartered in Ontario, Canada. In order to operate our Services, your Personal Data may be transferred to, stored, or processed in Canada and in other jurisdictions where our service providers, cloud infrastructure providers, analytics vendors, or AI processing partners operate.

Where Personal Data is transferred across borders, we take reasonable steps to ensure it remains protected in accordance with this Privacy Policy and applicable law. Where required (including for users in the EEA or UK), we implement appropriate legal safeguards for international transfers, which may include Standard Contractual Clauses approved by the European Commission or the UK, or relying on other legally recognized transfer mechanisms..

By using our Services, you acknowledge that your Personal Data may be processed outside your jurisdiction, subject to applicable legal protections.

SECTION 05

AI Data Integrity & Restriction

Our platform is engineered to function as a world-class startup studio while protecting your sensitive data. We employ advanced AI systems and ensure strict data integrity so that your ideas remain yours alone. Key safeguards include:

No Training on Your Data

We do not use your business ideas, prompts, documents, or OPA interactions to train our foundational AI models. Likewise, if we utilize third-party AI models or services to assist in generating your deliverables, we do not allow your specific data to be used to improve or train those third-party public models. The creative and strategic content you provide is not fed back into any general AI training pipelines.

No Cross-Pollination of Ideas

Our proprietary multi-agent architecture is designed to keep each user’s venture data completely isolated. AI-generated responses for your venture never draw upon, reference, or infer information from any other user’s concepts. Every startup idea is treated as confidential and handled in a silo — there is no sharing or mixing of data between different users’ projects.

This means that insights or plans generated for you are unique to your inputs and context, and another user’s inputs cannot influence your results (and vice versa).

These measures ensure that your innovative business ideas and prompts are used only for your benefit and are not inadvertently exposed to or utilized by others through our AI systems.

SECTION 06

Use of AI and Customer Content

We may use AI systems and third-party AI service providers (“AI Providers”) to help deliver and improve the functionality of our Services.

We do not use Customer Content to train public or shared foundation models.

We do not permit third-party AI Providers to use Customer Content to train their publicly available models.

Customer Content is processed in a manner that prevents cross-pollination use of data between users.

We do not combine identifiable Customer Content from one user with another user’s content for the purpose of generating outputs.

Where AI systems are used to improve service performance, any such improvement activities are conducted using anonymized or aggregated information that does not identify individual users.

SECTION 07

Service Providers and Subprocessors

We engage trusted third-party service providers, including cloud infrastructure providers, hosting providers, analytics providers, payment processors, customer support tools, and AI Providers (collectively, “Subprocessors”), to process Personal Data on our behalf in order to provide the Services

Where Personal Data is processed by Subprocessors, it is done under written agreements requiring them to:

Process Personal Data only on our documented instructions.

Maintain appropriate technical and organizational security measures.

Keep Personal Data confidential.

Not use Personal Data for their own independent marketing or commercial purposes.

Delete or return Personal Data upon termination of services, subject to applicable legal requirements.

We remain responsible for ensuring that Personal Data processed by our Subprocessors is handled in accordance with applicable data protection laws.

We maintain an up-to-date list of our material Subprocessors at ________.This list may be updated from time to time as we add or replace service providers in the ordinary course of business. Where required by applicable law, we will provide appropriate notice of material changes to our Subprocessors.

In providing the Services, we generally act as a data processor with respect to Customer Content and Personal Data submitted by users, and as a data controller with respect to Personal Data collected for account management, billing, security, and operational purposes. Processing activities are carried out in accordance with applicable law and our contractual obligations.

SECTION 08

Human Review of Content

In limited circumstances, certain outputs or Customer Content may be subject to human review by authorized personnel, including our employees or contracted service providers (such as development or technical support partners), for purposes including

Quality assurance

Troubleshooting

Security review

Fraud prevention

Customer support

Any such review is conducted under strict confidentiality obligations and access controls. Human reviewers are authorized to access Customer Content only as necessary to perform their assigned responsibilities and in accordance with applicable data protection laws.

SECTION 09

Private Workspace & Database Isolation

Affirmaitive is built on a foundation of trust, using strict technical segmentation to protect each user’s data. We maintain a private workspace for every user (or organizational team) and isolate data at the database level:

Isolated Architecture

Each user account or organization has its own segregated data store within our system. Your venture’s data including ideas, plans, prompts, and generated outputs is saved in a dedicated environment that is logically separated from all other users’ data. This isolation is enforced in our application and database design, preventing other users from ever accessing your content.

Access Control

We implement robust access controls to ensure that sensitive early-stage concepts from one founder, consultant, or innovation team cannot be accessed, seen, or inferred by any other party on the platform. Only you and those you explicitly authorize (such as members of your team if you are using a collaborative workspace feature) can access your project data. Even within Affirmaitive, internal access to user workspaces is tightly restricted (see Section 5 below).

Even within Affirmaitive, internal access to user workspaces is tightly restricted (see Section 5 below).

Through this isolated architecture and permission structure, Affirmaitive ensures that each founder’s ideas remain contained and confidential within their own workspace. You can confidently develop your startup plans knowing they are walled off from prying eyes.

SECTION 10

Third-Party AI "Helpers"

Affirmaitive coordinates specialized AI agents or “Helpers” to work in concert when producing your deliverables. In some cases, these Helpers include third-party, enterprise-tier AI models or services that excel at particular tasks (for example, one might be specialized in market research, another in financial modeling, etc.). We sequence their interactions in a defined, citation-mandated process to produce professional-grade outputs for you.

When we send portions of your data (such as a prompt or a piece of content) to these third-party AI Helpers to generate a specific result, we do so under strict security protocols:

We only provide the minimum data necessary for the Helper to perform its function, and only for the duration needed to get the result.

All data exchanged with third-party AI models is transmitted securely (encrypted in transit) and handled in accordance with this Privacy Policy.

We contractually ensure (or rely on enterprise service terms) that these AI providers do not store or use your data beyond the immediate need to generate your result. They are forbidden from using your content to train their public models or to improve their services outside your specific session.

Each AI Helper’s output is then combined and curated within our system to form the final deliverable (for example, a detailed business plan with citations). No Helper ever receives your full dataset, only the relevant slice needed for its task, and each operates within its specialized domain to prevent any unnecessary data exposure.

Aside from AI Helpers, we may also use other trusted third-party services integrated into our platform (for example, cloud hosting providers, email communication tools, or analytics services). All third-party providers we engage as part of delivering the Service are bound by strict data protection obligations. We do not share your personal information with any third party for their own marketing or purposes unrelated to providing the Affirmaitive service. We never sell your personal data. Any third parties we utilize act as service providers (or “processors”) on our behalf, using your data only under our instructions and in compliance with this Privacy Policy and applicable laws.

SECTION 11

Technical Oversight & Support

To ensure the quality, reliability, and logical accuracy of some of our more complex deliverables (such as the Functional Prototype or other highly technical outputs), there are instances where authorized human oversight is involved. This means certain Affirmaitive employees or contracted experts (for example, specialists from our development partner Troon Technologies) may assist in reviewing and refining the AI-generated output for technical soundness before it is delivered to you.
We limit such involvement as follows:

Limited Access

These authorized personnel have access only to the specific data and prompts necessary to fulfill your particular request. For instance, if an engineer needs to review the architecture of a generated prototype, they will only see the information relevant to that prototype, not your entire account or other private ideas.

Confidentiality and Training

All staff and contractors with this level of access are under strict confidentiality agreements and are trained in our privacy and security protocols. They understand the sensitive nature of early-stage venture ideas and are committed to maintaining your privacy.

Purpose Restriction

Any human oversight or assistance is solely to improve the service deliverable you receive (e.g., ensuring a generated business model is logically coherent or a software prototype meets the requested specifications). These individuals will not use your data for any purpose other than quality assurance and support for your project.

Our technical oversight process is in place to enhance the end product you receive, while still upholding the privacy and integrity of your data.

If you prefer not to have human oversight on a particular project, please contact us to discuss alternative arrangements – we aim to be flexible and transparent about how your data is handled.

SECTION 12

Standard Data Protection

Encryption

All communications between your device and our platform are encrypted in transit using Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocols. This means that when you enter data into Affirmaitive, it is encoded so that it cannot be intercepted or read by unauthorized parties as it travels over the internet. We also employ encryption or other appropriate safeguards for data at rest in our databases and backups, adding an extra layer of protection in the unlikely event of unauthorized access to stored data.

Internal Access Restrictions

Access to user data within Affirmaitive is strictly limited to a small number of authorized team members who require it to maintain or develop the Service (for example, for debugging a user-reported issue or performing system maintenance). These team members are vetted and trained to handle data securely and are bound by confidentiality obligations. Every access to production systems is logged and monitored. We enforce the principle of least privilege meaning even authorized staff can only access the minimum amount of data necessary for their task.

Network & Application Security

We regularly update and patch our software and infrastructure to address security vulnerabilities. Our platform is hosted on secure cloud servers with strong firewall protection. We utilize tools and practices such as intrusion detection systems, access logging, and periodic security audits to identify and mitigate risks.

Data Retention & Disposal

We retain your personal information and project data only as long as necessary to fulfill the purposes outlined in this policy (or as required by law). If you choose to delete certain content or cancel your account, we will delete or anonymize the associated data within a reasonable timeframe, except to the extent we are required to retain it for legal, regulatory, or legitimate business purposes (such as record-keeping).

By implementing these standard protections, we aim to minimize the risk of data breaches, unauthorized access, or disclosure of your information.

Please Note: that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security. In the unlikely event of a data breach that affects your personal information, we will notify you as required by applicable law.

SECTION 13

Cookies & Analytics

We use cookies and similar tracking technologies to enhance website functionality, personalize your experience, and gather analytical data about how users interact with our platform. A “cookie” is a small text file placed on your device that helps us recognize you on subsequent visits and understand usage patterns.

Cookie Type	Purpose
Functional Cookies	Some cookies are essential for the site to function (for example, keeping you logged in to your account or remembering your preferences). These improve your experience by providing a more seamless and personalized service.
Analytics Cookies	We also use cookies or third-party analytics tools to collect information about how users navigate our site. This Usage Data helps us identify popular features, understand errors, and inform decisions about new features or improvements. Any third-party analytics providers are not allowed to use the data for purposes outside our instructions.

You have choices when it comes to cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to notify you when a cookie is being set or to refuse cookies altogether. Please note that if you disable or reject certain cookies, some features of the Service may become inaccessible or not function properly (for instance, you might be unable to log in or certain personalization features may not remember your settings).

For more information on how to manage cookies and tracking technologies, refer to your browser’s help documentation. By continuing to use our site with cookies enabled, you consent to our use of cookies as described in this section.

SECTION 14

Legal Entity and Jurisdiction

Affirmaitive is a standalone software platform dedicated to venture creation and strategic planning, and it is operated by Affirmaitive Inc. All services, tools, and digital deliverables provided through the platform are offered under the direct legal and regulatory framework of Affirmaitive Inc.
What this means for you as a user is that Affirmaitive Inc. is the legal entity responsible for your data under this Privacy Policy. We operate in accordance with the laws and regulations applicable to our company. In practice, this includes adhering to relevant data protection and privacy laws in the jurisdictions where we operate. (For example, if Affirmaitive Inc. is incorporated in a certain country or state, we comply with that region’s data protection regulations. Additionally, if we offer services to residents of other regions with specific privacy requirements such as the European Union’s GDPR or California’s CCPA we aim to address those requirements accordingly in how we handle your data.
By using the Affirmaitive platform, you acknowledge that any disputes or issues arising from this Privacy Policy or our handling of personal data are subject to the jurisdiction and laws under which Affirmaitive Inc. is established, unless otherwise required by local law.

We affirm: that we are independent your data is not governed or accessible by any parent company or external venture; it remains under Affirmaitive Inc.’s control. In summary, Affirmaitive Inc. is fully accountable for protecting your privacy as described in this Policy.

SECTION 15

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes, we will provide prominent notice, such as by emailing registered users or by posting a notice on our website or within the platform. The “Last Updated” date at the top of this Policy will indicate when the latest changes were made.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting the information we collect. If you continue to use Affirmaitive’s services after a revised Privacy Policy has been posted, it means you accept the updated terms. If you do not agree with any updates to the Policy, you should discontinue use of the Service and, if you wish, contact us to request deletion of your data.

SECTION 16

Contact Us

Affirmaitive is committed to safeguarding your privacy. If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. We are here to help and will respond to inquiries in a timely manner.

Get in Touch

Email us directly or use the contact form on our website.

info@affirmaitive.com

You can reach us by submitting a request through the contact/support form on our website. If you prefer to contact us by mail, please send correspondence to Affirmaitive Inc. at our registered business address (please see our website for the most current address information).

By using the Affirmaitive platform, you acknowledge that you have read and understood this Privacy Policy. We value your trust and are dedicated to protecting your personal information and business ideas.

Thank you for choosing Affirmaitive as your venture creation partner.