Tech Jacks Solutions LLC provides AI Governance, AI Security, IT Compliance, and IT Education resources. This policy covers all websites and services we operate, including techjacksolutions.com.

Business address: 405 W. Greenlawn Ave. #G11 #1635, Lansing, MI 48910, USA

We collect personal information only when you voluntarily provide it:

• Comments: Name and email you provide to post comments
• Newsletter / free downloads: Email address to deliver requested content
• Template purchases: Name, email, billing address for fulfillment and receipts
• Quizzes: Inputs you provide to generate results; email if you request delivery
• Website analytics: IP address, browser type, pages visited (via Google Analytics)
• Technical data: Device information, operating system, referral sources

• Contract performance: Processing purchase data to fulfill template deliveries and provide support
• Legitimate interests: Website analytics and security monitoring
• Consent: Marketing communications (withdraw anytime via unsubscribe)
• Legal compliance: Maintaining purchase records for tax, accounting, and legal requirements

• Service delivery: Deliver templates, quiz results, newsletters
• Customer support: Respond to inquiries and provide assistance
• Order fulfillment: Process purchases and send receipts
• Service improvement: Analyze usage to enhance user experience
• Security: Detect and prevent fraud, abuse, and technical issues

With your consent, we may email you about new templates, educational content, early access, or discounts. You can opt out at any time via unsubscribe links or by contacting privacy@techjacksolutions.com.

• No AI training on user data: We do not use your personal information, comments, or quiz responses to train AI systems
• Human oversight: AI-assisted workflows are reviewed by humans before delivery
• Framework alignment: Our practices align with NIST AI RMF, ISO/IEC 42001, and EU AI Act
• Transparency: We disclose AI-assisted features and provide plain-language explanations

• Encryption: TLS 1.3 in transit; AES-256 at rest where applicable
• Access controls: Multi-factor authentication and least-privilege access
• Infrastructure: CDN/WAF protection, DDoS mitigation
• Monitoring: Continuous security monitoring and logging
• Incident response: Documented procedures for breach detection and response

• Customer notification: Within 72 hours of discovery
• Breach details: What happened, what data was involved, protective measures taken
• Authority reporting: Relevant supervisory authorities notified as required
• Protective guidance: Specific actions you can take for protection

Your data may be transferred to the United States and other countries where our service providers operate. Transfers are protected through:

• Stripe: PCI-DSS Level 1 compliance and Standard Contractual Clauses
• Google Analytics: EU-US Data Privacy Framework
• Email services: Standard Contractual Clauses and appropriate safeguards
• Hosting/CDN: Data processing agreements with security commitments

• Essential cookies: Required for site functionality (no consent needed)
• Analytics cookies: Require your consent via our cookie banner
• Preferences: Accept, reject, or customize via our consent manager at any time

We share data only with trusted service providers to deliver requested services:

• Stripe: Payment processing (PCI-DSS Level 1 certified)
• Mailchimp (Intuit Inc.): Newsletter and marketing emails
• Google: Analytics and search visibility
• Hosting/CDN: Website security, performance, and reliability

Deletion requests: Email privacy@techjacksolutions.com. We verify your identity, respond within 30 days (GDPR) or 45 days (CCPA), and confirm completion.

• Access: Know what personal data we hold about you
• Correction: Update incorrect or incomplete information
• Deletion: Request removal of your personal data
• Portability: Obtain a copy in structured format
• Marketing opt-out: Withdraw consent for promotional communications

• Restriction and objection to processing
• Protection from solely automated decisions
• Lodge complaints with your data protection authority
• Withdraw consent at any time

• Know categories of data collected and business purposes
• Request deletion of personal information
• Opt-out of sale or sharing (we don't sell data)
• Non-discrimination regardless of privacy choices

• 18+: Required for purchases and account creation
• 13–17: With verifiable parental consent for free resources
• Under 13: Our services are not directed to children under 13

If you believe a child under 13 has provided personal information, contact us immediately at privacy@techjacksolutions.com.

• Major changes announced via email to registered users
• Updated policy posted with revision date
• EU users receive additional consent for material changes
• Changes take effect 30 days after posting (unless urgent security updates)
• Previous versions available upon request

• GDPR: EU General Data Protection Regulation
• CCPA/CPRA: California Consumer Privacy Act / Rights Act
• PIPEDA: Personal Information Protection (Canada)
• CAN-SPAM: Email marketing compliance
• COPPA: Children's Online Privacy Protection Act

Our privacy practices align with NIST Privacy Framework, ISO/IEC 27001, ISO/IEC 27701, and AICPA SOC 2 principles.