PRIVACY POLICY
AI for Employee Owners
and related ownAI online courses
Last updated: April 16, 2026
Effective: April 15, 2026
1. Overview
This Privacy Policy explains how ownAI LLC (“ownAI,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you access or use our online courses, websites, and related services (the “Services”), including the course titled “AI for Employee Owners.”
This Privacy Policy applies to both individual learners and to employees or members of organizations that purchase Course access on their behalf. If you are an employee accessing the Course through a purchase made by your employer, your employer may also process your information under its own policies; this Policy describes only the processing performed by ownAI.
By using the Services, you acknowledge the practices described in this Policy. If you do not agree, please do not use the Services.
2. Quick Summary
For those who want the essentials:
- What we collect: Account details, course progress, device and usage data, payment information (via our payment processors), and any content you submit to us.
- Why we collect it: To deliver the Course, process payments, issue certificates, improve our offerings, and communicate with you.
- Who we share it with: Our hosting platform (Thinkific), payment processors, email provider, analytics provider, and professional advisors — each only as needed to run the business.
- What we don’t do: We do not sell your personal information. We do not use your personal information to train AI models.
- Your choices: You can access, correct, delete, export, or object to processing of your personal information. See Section 9 for details.
- Contact: [email protected] — for any privacy question or request.
3. Information We Collect
3.1 Information You Provide
- Account information: name, email address, password, and (optionally) job title, employer, and profile photo.
- Purchase information: billing name, billing address, and the last four digits of a payment card. Full card details are collected and processed by our payment processor, not by us.
- Organizational purchase information: if your employer or organization purchases seats, we receive the purchaser’s contact information and the list of Authorized Users (typically name and email).
- Course content: quiz answers, assignment submissions, exercise responses, and any feedback, messages, or discussion posts you submit.
- Support communications: information you provide when contacting support, including the content of emails and support tickets.
3.2 Information Collected Automatically
- Usage data: lessons viewed, time spent, completion status, quiz scores, and other engagement metrics.
- Device and technical data: IP address, browser type and version, operating system, device type, language settings, and approximate location (derived from IP).
- Cookies and similar technologies: see Section 7 (Cookies).
3.3 Information from Third Parties
- Hosting platform: our learning platform (Thinkific) provides us with account and usage data as described above.
- Payment processors: we receive transaction confirmations and limited cardholder information (not full card numbers).
- Referrals: if you reach us through a partner, referral program, or affiliate, we may receive your contact information from that source.
3.4 Sensitive Information
We do not intentionally collect sensitive personal information such as government identifiers, health information, precise geolocation, racial or ethnic origin, religious beliefs, sexual orientation, or biometric data. Please do not submit sensitive information through the Services.
4. How We Use Your Information
We use personal information for the following purposes:
Purpose | Examples | Legal basis (GDPR) |
Providing the Services | Creating your account, delivering course content, tracking progress, issuing certificates. | Performance of a contract |
Payment processing | Charging your card or processing invoices, issuing receipts, handling refunds. | Performance of a contract |
Customer support | Responding to inquiries, resolving issues, handling refund requests. | Performance of a contract; legitimate interests |
Service improvement | Analyzing usage to improve lessons, fix bugs, develop new content. | Legitimate interests |
Communications | Sending course-related emails (enrollment, progress, completion) and administrative notices. | Performance of a contract |
Marketing (with consent) | Sending newsletters or information about new courses, where you have opted in. | Consent; legitimate interests (where permitted) |
Legal and security | Preventing fraud, enforcing our Terms, responding to legal requests, protecting users. | Legal obligation; legitimate interests |
We do not use your personal information, course content, or submissions to train, fine-tune, evaluate, or develop any artificial intelligence or machine learning model operated by us or by any third party.
5. How We Share Information
We do not sell your personal information. We share it only as described below:
5.1 Service Providers
We share personal information with vendors who help us operate the Services, under contracts that restrict their use of the information. Our key service providers include:
Category | Provider (current) | Purpose |
Course hosting platform | Thinkific Labs Inc. | Hosting the Course; managing accounts, content, and progress tracking. |
Payment processing | Thinkific Payments | Processing card payments; managing invoices. |
Email / communications | Copper | Sending transactional and marketing emails. |
Analytics | Google Analytics | Measuring usage and engagement. |
Customer support | Managing support inquiries. | |
Cloud storage | Thinkific / Google | Storing course assets and documents. |
A current list of our key sub-processors is available on request from [email protected].
5.2 Organizational Customers
If your access was purchased by an organization (your employer, a cooperative you belong to, or similar), we share certain information with that organization, including: your enrollment status, course progress and completion, quiz scores, certificate issuance, and — where the organization has arranged for aggregated reporting — anonymized engagement metrics. We do not share your individual open-ended responses or feedback with the organization unless you submit them through a channel designed for that purpose.
5.3 Legal and Safety
We may disclose information when we reasonably believe it is required to: (a) comply with a law, subpoena, court order, or government request; (b) enforce our Terms or protect our rights, property, or safety; (c) investigate fraud or security issues; or (d) protect the rights, property, or safety of our users or the public.
5.4 Business Transfers
If ownAI is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and of any choices you may have regarding your information.
5.5 With Your Consent
We may share information with third parties for other purposes with your consent.
6. Data Retention
We retain personal information only as long as needed for the purposes described in this Policy, or as required by law. Typical retention periods:
- Account information: for the duration of your account, plus up to 36 months after your last activity, unless you request earlier deletion.
- Course progress and certificates: for as long as certificates should remain verifiable, typically 5 years from completion.
- Payment and tax records: for the period required by applicable tax and accounting law, typically 7 years.
- Marketing preferences: until you unsubscribe or withdraw consent, plus a short suppression period so we don’t accidentally re-contact you.
- Support communications: up to 24 months after the issue is closed.
- Backups: backups are overwritten on a rolling cycle of up to 90 days.
After the retention period, we delete or anonymize personal information so that it can no longer be associated with you.
7. Cookies and Tracking
We and our service providers use cookies and similar technologies (pixels, local storage, SDKs) to operate the Services, remember your preferences, measure engagement, and — with your consent where required — deliver marketing communications.
7.1 Categories of Cookies
- Strictly necessary: required for the Services to function (e.g., authentication, session management). These cannot be disabled.
- Performance and analytics: help us understand how the Services are used (e.g., which lessons are completed).
- Preferences: remember your settings and choices.
- Marketing: used to deliver relevant communications. Set only with your consent where required.
7.2 Your Choices
You can control cookies through your browser settings and, where we offer one, through our cookie preference tool. We honor Global Privacy Control (GPC) signals where technically feasible as a request to opt out of sale or sharing of personal information, consistent with applicable law.
8. International Data Transfers
We operate in the United States, and our service providers may be located in the United States, Canada, the European Union, and other jurisdictions. If you access the Services from a country with different data protection laws, please be aware that your information may be transferred to, stored, and processed in countries other than your own.
When we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we use appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum. You may request a copy of the relevant transfer mechanism by contacting [PRIVACY EMAIL].
9. Your Rights and Choices
Depending on where you live, you may have some or all of the following rights regarding your personal information:
- Access: request a copy of the personal information we hold about you.
- Correction: request correction of inaccurate or incomplete information.
- Deletion: request deletion of your personal information, subject to legal retention obligations.
- Portability: receive your information in a structured, commonly used, machine-readable format.
- Objection and restriction: object to or restrict certain processing, including processing based on legitimate interests and direct marketing.
- Withdraw consent: where processing is based on consent, withdraw it at any time (this does not affect the lawfulness of processing before withdrawal).
- Opt out of sale or sharing: we do not sell or share (as those terms are defined under US state privacy laws) your personal information for cross-context behavioral advertising. You may still submit an opt-out request at [email protected].
- Non-discrimination: we will not discriminate against you for exercising any of these rights.
- Complaint: if you are in the EU, EEA, or UK, you may lodge a complaint with your local data protection authority. In the US, you may contact your state attorney general.
9.1 How to Exercise Your Rights
Send requests to [email protected]. We will verify your identity before responding (typically by confirming access to the email address associated with your account). We will respond within the timeframes required by applicable law (generally 30 days for GDPR and 45 days for US state privacy laws), with possible extensions where permitted.
You may authorize an agent to make a request on your behalf; we may ask for written authorization and verification.
10. California Privacy Rights
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”), provides you with additional rights. In the 12 months preceding the effective date of this Policy, we have collected the following categories of personal information as defined under the CCPA:
- Identifiers (name, email, IP address).
- Commercial information (purchase history).
- Internet or other electronic network activity (usage data, device data).
- Geolocation data (approximate, derived from IP).
- Inferences drawn from the above (learning preferences, engagement patterns).
- Professional or employment-related information (if voluntarily provided).
We do not sell personal information and we do not share it for cross-context behavioral advertising as those terms are defined under the CCPA. We do not knowingly collect personal information from minors under 16 and do not sell or share personal information of any minors.
You have the right to know, to delete, to correct, to opt out of sale/sharing, to limit the use of sensitive personal information (we do not collect such information), and to non-discrimination. Submit requests to [email protected].
11. Security
We use reasonable technical and organizational measures to protect personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit (TLS), encryption at rest through our platform providers, access controls, and regular review of our practices.
No system is completely secure. You are responsible for keeping your password confidential and for notifying us promptly of any suspected unauthorized access to your account.
11.1 Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify affected users and, where required, the relevant data protection authorities without undue delay and in accordance with applicable law (including within 72 hours under GDPR where required).
12. Third-Party AI Tools
The Course includes demonstrations of third-party AI products (such as Anthropic Claude, OpenAI ChatGPT, Google Gemini, and others). When you use those tools directly:
- Any information you submit to a third-party AI tool is subject to that provider’s terms and privacy policy, not ours.
- Depending on the tool and your settings, your inputs and outputs may be used by the provider to improve their models.
- We recommend you do not submit confidential, regulated, or personal information to a third-party AI tool unless you have reviewed the provider’s terms and confirmed with your organization that it is appropriate.
- ownAI is not a processor or controller of data you submit directly to a third-party AI tool.
13. Children
The Services are intended for working adults. We do not knowingly collect personal information from children under the age of 18. If we learn that we have collected personal information from a child, we will delete it. If you believe a child has provided us with personal information, please contact [email protected].
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date above. For material changes, we will provide additional notice (such as an email to active users or a banner on the Course site) at least 14 days before the changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the revised Policy.
15. Contact Us
For privacy questions, requests, or complaints, contact:
ownAI — Privacy
ownAI LLC
805 Greenwood Street
Evanston, IL 60201
Email: [email protected]