Privacy Policy

AiAi Mastermind

Effective Date: September 29, 2025
Last Updated: September 29, 2025

1. INTRODUCTION

Insight to Impact LLC, doing business as AiAi Mastermind ("Company," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, and Mai Marketing Machine platform.

Contact Information:
Insight to Impact LLC DBA AiAi Mastermind
7131 Yorktown Ave. #1006
Huntington Beach, CA 92648
Email: [email protected]
Phone: 878 788 8855
Privacy Officer: Nathan Brodnax

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, business name, insurance license information, mailing address

  • Payment Information: Billing address, payment method details (processed securely through Stripe)

  • Professional Information: Agency details, marketing goals, target markets, service preferences

  • Communications: Messages, support tickets, feedback, survey responses

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent, click patterns, platform interactions

  • Device Information: IP address, browser type, operating system, device identifiers

  • Location Data: General geographic location based on IP address

  • Cookies and Tracking: Analytics cookies, marketing cookies, functional cookies (see Cookie Policy)

2.3 Information from Third-Party Sources

  • Social Media: Profile information if you connect social media accounts

  • Business Databases: Publicly available business information for verification purposes

  • Platform Integrations: Data from connected services (Google Workspace, GoHighLevel, social media platforms)

3. HOW WE USE YOUR INFORMATION

3.1 Service Delivery

  • Provide access to training programs, workshops, and Mai Marketing Machine platform

  • Process payments and manage subscriptions

  • Deliver customer support and technical assistance

  • Communicate about your account and services

3.2 Platform Operations

  • Maintain and improve our platform functionality

  • Troubleshoot technical issues

  • Monitor platform performance and security

  • Develop new features and services

3.3 Marketing and Communications

  • Send educational content, newsletters, and promotional materials

  • Provide updates about new programs and features

  • Share industry insights and best practices

  • Conduct market research and surveys

3.4 Legal and Compliance

  • Comply with legal obligations and regulatory requirements

  • Protect against fraud and unauthorized access

  • Enforce our terms of service and policies

  • Respond to legal requests and prevent harm

4. INFORMATION SHARING AND DISCLOSURE

4.1 Service Providers

We share information with trusted third-party service providers who assist in our operations:

GoHighLevel: Platform hosting and CRM functionality. GoHighLevel operates as a data processor under GDPR and CCPA frameworks with comprehensive Data Processing Agreements and Standard Contractual Clauses for international transfers.

Google Workspace: Document storage, email services, and collaboration tools.

Stripe: Payment processing and subscription management. Stripe maintains PCI-DSS Level 1 compliance.

Analytics and Marketing Tools: Google Analytics, Facebook Pixel, LinkedIn Insight Tag for performance tracking and advertising optimization.

International Virtual Assistants: Customer support and service delivery provided by team members located in the Philippines, with planned expansion to South America and Southeast Asia. Virtual assistants access email content, customer lists, and campaign performance data but do NOT have access to financial information. All international data transfers are protected by Standard Contractual Clauses and Data Processing Agreements.

4.2 Business Transfers

Information may be transferred in connection with mergers, acquisitions, asset sales, or bankruptcy proceedings. You will be notified of any change in ownership or use of your personal information.

4.3 Legal Requirements

We may disclose information to:

  • Comply with court orders, subpoenas, or legal processes

  • Protect our rights, property, or safety

  • Respond to lawful requests from government authorities

  • Investigate and prevent fraud or security threats

  • Enforce our terms of service and policies

4.4 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Under California law (CCPA), we have not sold personal information in the preceding 12 months.

5. INTERNATIONAL DATA TRANSFERS

5.1 Virtual Assistant Teams

Our international virtual assistant team (currently located in the Philippines, with planned expansion to South America and Southeast Asia) may access your information to provide customer support and service delivery. These team members access email content, customer lists, and campaign performance data but do NOT have access to financial information.

All international data transfers are protected by:

  • Standard Contractual Clauses approved by regulatory authorities

  • Data Processing Agreements with security and confidentiality requirements

  • Regular security audits and compliance monitoring

  • Multi-factor authentication and access controls

  • Encrypted communication channels

5.2 Cross-Border Safeguards

All international data transfers comply with GDPR, CCPA, and applicable privacy laws through appropriate safeguards including adequacy decisions, Standard Contractual Clauses, or other approved mechanisms.

6. DATA RETENTION

6.1 Retention Periods

  • Active Account Information: Retained while your account is active

  • Closed Account Information: Retained for 1 year after service ends

  • Payment Records: 7 years for tax and accounting purposes

  • Marketing Communications: Until you unsubscribe

  • Usage Analytics: 2 years in aggregated form

  • Legal Compliance Records: As required by applicable law

6.2 Deletion Requests

You may request deletion of your personal information at any time by contacting Nathan Brodnax at [email protected]. We will delete your information within 30 days, subject to legal retention requirements.

6.3 Account Cancellation Data

When you cancel a monthly subscription, we retain your Mai Marketing Machine account and templates for 60 days, then permanently delete the account. Your business listings will remain live online but will not be actively monitored. Google Ad campaigns remain in your Google Ad account but will no longer receive AI optimization.

7. YOUR PRIVACY RIGHTS

7.1 Rights Under CCPA (California Residents)

  • Right to Know: Request disclosure of personal information collected, used, and shared

  • Right to Delete: Request deletion of your personal information

  • Right to Opt-Out: Opt-out of sale of personal information (though we don't sell data)

  • Right to Non-Discrimination: Equal service and pricing regardless of privacy rights exercise

To exercise these rights, contact Nathan Brodnax at [email protected] or call 878 788 8855.

7.2 Rights Under GDPR (EU/UK Residents)

  • Right to Access: Obtain confirmation of data processing and access to your data

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure: Request deletion under certain circumstances

  • Right to Restriction: Limit processing of your data

  • Right to Data Portability: Receive your data in structured, machine-readable format

  • Right to Object: Object to processing based on legitimate interests

  • Right to Withdraw Consent: Withdraw consent for processing at any time

7.3 Exercising Your Rights

To exercise any privacy rights, contact:
Privacy Officer: Nathan Brodnax
Email: [email protected]
Phone: 878 788 8855
Address: 7131 Yorktown Ave. #1006, Huntington Beach, CA 92648

We will respond to verified requests within 45 days (CCPA) or 30 days (GDPR).

8. DATA SECURITY

8.1 Security Measures

We implement industry-standard security measures to protect your information:

  • Encryption: TLS/SSL encryption for data transmission, encryption at rest for sensitive data

  • Access Controls: Multi-factor authentication, role-based access, regular access reviews

  • Authentication: Strong password requirements, session management

  • Monitoring: Continuous security monitoring, intrusion detection systems

  • Training: Regular security training for all team members and virtual assistants

  • Audits: Periodic security assessments and vulnerability testing

8.2 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by GDPR and applicable California law. Notification will include:

  • Description of the breach and types of information affected

  • Steps we are taking to investigate and mitigate the breach

  • Recommendations for protecting your information

  • Contact information for further assistance

8.3 Your Security Responsibilities

You are responsible for:

  • Maintaining confidentiality of your account credentials

  • Using strong, unique passwords

  • Enabling multi-factor authentication when available

  • Immediately reporting suspicious activity to [email protected]

9. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies for analytics, marketing, and functionality. For detailed information about our cookie practices and how to manage your preferences, see our Cookie Policy.

Types of Cookies We Use:

  • Essential Cookies: Required for platform functionality and security

  • Analytics Cookies: Google Analytics to understand usage patterns

  • Marketing Cookies: Google Ads, Facebook Pixel, LinkedIn Insight Tag for advertising

  • Functional Cookies: Remember your preferences and settings

You can manage cookie preferences through our Cookie Consent Banner or your browser settings.

10. CHILDREN'S PRIVACY

Our services are designed for business professionals and are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected].

11. THIRD-PARTY LINKS

Our website and platform may contain links to third-party websites and services not operated by us. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

Key Third-Party Services:

  • GoHighLevel: Review their privacy policy at gohighlevel.com/privacy

  • Google Workspace: Review Google's privacy policy

  • Stripe: Review Stripe's privacy policy

  • Social Media Platforms: Review respective platform privacy policies

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. We will notify you of material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date

  • Sending email notification to your registered email address

  • Displaying a prominent notice on our platform

Your continued use of our services after changes constitute acceptance of the updated Privacy Policy.

13. CONTACT INFORMATION

For privacy-related questions, concerns, or requests:

Privacy Officer: Nathan Brodnax
Email: [email protected]
Phone: 878 788 8855


Mailing Address:
Insight to Impact LLC DBA AiAi Mastermind
Attn: Privacy Officer
7131 Yorktown Ave. #1006
Huntington Beach, CA 92648

Response Time: We respond to privacy inquiries within 48 business hours.

© 2024 AIAI Mastermind. All Right Reserved