
RADSAM Academy of AI Sovereign Governance
Independent Forensic AI Audit for Litigation
Privacy Policy
Effective Date: July 3, 2026
Operating Entity: Radsam Academy of AI Sovereign Governance (Radsam Trade Inc.)
Corporate Registration: Ontario, Canada (Corporation No. 981214-8)
The Radsam Academy of AI Sovereign Governance (“Radsam,” “we,” “us,” or “our”) is fundamentally committed to the principles of data privacy, operational transparency, and data sovereignty. In an era of rapidly shifting technological paradigms, we routinely review this Privacy Policy alongside qualified counsel to ensure rigorous alignment with evolving regulatory frameworks across Ontario, New York, Canada, and the United States.
Preamble
This Privacy Policy outlines, in precise and definitive terms, the protocols governing how we collect, utilize, disclose, safeguard, and securely retire personal information across our website, digital infrastructures, and core advisory offerings, including:
-
The AI Governance (GRC) Gap Analysis;
-
The Independent Air-Gapped Forensic AI Verification; and
-
Our professional training programs (collectively, the “Course”).
1. Scope, Identity, and Legal Framework
1.1 Scope and Two Data Tiers
To ensure the highest standards of data security, Radsam maintains strict technical and operational separation between two distinct classes of information:
-
(a) Website and Marketing Data: This encompasses basic identifiers such as names, email addresses, corporate affiliations, professional roles, responses submitted through our risk-calculators, and Course-enrollment information.
-
(b) Client Matter Data: This comprises highly sensitive operational or engagement materials handled exclusively under a secure, offline, air-gapped protocol.
These two tiers are logically and physically isolated from one another throughout their entire lifecycle.
1.2 Identity, Controller, and Privacy Officer
Radsam Trade Inc., based in Toronto, Ontario, serves as the primary data controller for all Website and Marketing Data. All inquiries, privacy-related concerns, or data access requests should be directed to our designated Privacy Officer:
-
Privacy Officer: Mohammadreza (Pouya) Shafabakhsh Nezam, Principal Judicial Forensic AI Auditor
-
Contact Email: audit@radsamacademy.com
1.3 Applicable Legal Framework
Our data practices are structurally designed to comply with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), regulatory guidance issued by the Information and Privacy Commissioner of Ontario (IPC), the New York SHIELD Act, and applicable U.S. state privacy laws. Furthermore, Radsam mirrors the strict confidentiality benchmarks reflected in the Law Society of Ontario’s By-Laws, the Ontario Rules of Professional Conduct, and the New York Rules of Professional Conduct as they apply to non-licensee subject matter specialists.
2. Information We Collect
2.1 Website and Marketing Data
We may collect and process information actively provided by users during digital interactions, including: full name, email address, corporate or organizational affiliation, professional title, legal jurisdiction, website URL, institutional headcount, interactive responses from our diagnostic risk-calculators, and transaction confirmations transmitted via our verified payment processors.
2.2 Client Matter Data
Client Matter Data consists strictly of specific, proprietary documentation and forensic artifacts required to execute a formal client engagement. This information is collected solely under the strict data-handling protocols detailed in Section 5 and governed by a executed Engagement (Retainer) Agreement.
2.3 Cookies, Analytics, and Server Logs
Our digital platform utilizes standard server logs and fundamental optimization cookies to ensure website functionality and performance stability.
Operational Note: Our diagnostic risk-calculator tools are engineered to execute on the client-side. Where data transmission to our servers is omitted, clear notification is displayed on the user interface.
3. Purposes, Lawful Basis, and Ethical Constraints
3.1 Purposes of Processing
Radsam utilizes your personal information to:
-
Address formal inquiries and manage administrative scheduling;
-
Conduct initial diagnostic consultations and deploy our professional Services and Courses;
-
Facilitate secure electronic invoicing and payment capture through verified third-party processors; and
-
Comply with statutory legal and regulatory mandates.
3.2 Lawful Basis and Consent
Our processing activities are anchored upon your explicit consent and our legitimate institutional interest in executing requested services. Consent may be withdrawn at any time; however, please be advised that doing so may immediately terminate our capacity to administer certain services or course modules.
3.3 No Sale of Data and Absolute Prohibition on AI Training
-
No Sale: Radsam does not sell, lease, or rent personal information to any third party.
-
No AI Training: Client Matter Data is strictly insulated; it is never utilized to train, tune, or refine any artificial intelligence systems or large language models.
-
No Profiling: We do not employ automated decision-making processes that result in legal or similarly significant consequences for data subjects.
3.4 Operational Non-Intervention and Client-of-Client Confidentiality
Where Radsam is engaged by a law firm, corporate legal department, or institutional intermediary (the "Direct Client"), we establish a strict boundary of operational non-intervention:
-
Absolute Non-Contact: Radsam will never directly contact, solicit, or initiate communication with the ultimate clients, litigants, or beneficiaries of our Direct Clients under any circumstances, unless expressly mandated in writing by our Direct Client.
-
Purpose-Restricted Processing: All contact details, identifying metrics, and sensitive underlying case-law matters or trial data provided by our Direct Clients are held in absolute, inviolable confidence. This information is processed exclusively for the localized execution of the forensic AI audit or gap analysis and for no auxiliary purpose whatsoever.
4. Disclosure and Cross-Border Transfers
4.1 Restricted Third-Party Sharing
We disclose personal information exclusively to essential third-party service providers (e.g., calendar synchronizers, secure payment gateways, enterprise email architecture) strictly required to maintain basic business operations. All such providers are bound by rigorous confidentiality agreements.
4.2 Legal Disclosures and Protection of Privilege
While Radsam will comply with lawful subpoenas, court orders, or statutory mandates, we fiercely protect professional confidentiality. Where a production demand targets Client Matter Data that is subject to professional privilege, we will, to the extent legally permissible, immediately notify the engaging client to allow them the opportunity to assert legal privilege.
4.3 Cross-Border Transfers and Sovereign Considerations
Certain cloud-based infrastructure providers may process data across provincial or federal boundaries, subjecting that metadata to foreign legal frameworks (such as the U.S. CLOUD Act). To mitigate this jurisdictional risk, all core Client Matter Data is isolated entirely offline and completely withheld from public cloud architectures.
5. Client Matter Data: Chain of Custody and Safeguards
5.1 Air-Gap Engineering Architecture
Client Matter Data is evaluated and processed on physically isolated, air-gapped hardware configurations. These systems feature no outbound internet connectivity, rendering transmission to public cloud AI applications technically impossible.
Security Disclaimer: While we deploy rigorous, specialized forensic controls, Radsam outlines these measures factually. No computational environment is completely infallible, and our protocols do not constitute an absolute guarantee against sophisticated or state-sponsored vulnerabilities.
5.2 Documented Chain of Custody
Physical or hardware-based media delivered to Radsam is governed by a meticulous, audit-ready chain-of-custody log. Encrypted storage media must be transmitted via tracked, signature-required courier systems, with access credentials conveyed through separate, secure channels.
5.3 Retention and Verifiable Erasure
-
Marketing Data: Maintained only for the duration required to satisfy operational or legal frameworks before undergoing standard deletion.
-
Client Matter Data: Upon completion or formal termination of an engagement, all Client Matter Data is completely destroyed using recognized sanitization standards (such as NIST SP 800-88). This process eliminates shadow copies or latent fragments, and a formal Certificate of Destruction is available upon client request.
6. Scope of Practice and Liability Limitations
6.1 Delineation of Professional Services
Radsam provides advanced technical Forensic AI Auditing and AI Gap Analysis services tailored exclusively for top-tier legal practitioners, corporate general counsel, and elite institutions across Ontario, New York, and the wider Canadian and United States jurisdictions.
-
No Legal Counsel: Radsam is a highly specialized technical entity, not a law firm or a licensed attorney. We do not provide, nor do our technical findings constitute, legal advice or formal legal opinions.
-
No Criminal Investigations: Radsam operates strictly within the domain of technical verification, internal governance, and civil risk analysis. We do not function as a law enforcement agency, licensed private investigative body, or state-sanctioned criminal investigative unit.
6.2 Insulation Against Judicial and Adverse Outcomes
Our audits, gap analyses, reports, and professional training modules are independent, specialized technical evaluations provided solely for informational, risk-mitigation, and compliance-structuring purposes.
Limitation of Liability: Decisions made by courts of law, administrative tribunals, regulators, or arbitral bodies are inherently independent and subject to complex legal interpretations beyond our operational control. Consequently, Radsam accepts no responsibility or legal liability for any adverse judicial rulings, legal losses, regulatory penalties, or unfavorable litigation outcomes experienced by our clients or their respective counterparties. The retention of our services implies an explicit acknowledgement that our findings are highly localized technical assessments and do not dictate or guarantee a specific outcome in any legal proceeding.
7. Individual Rights, Security Safeguards, and Breach Response
7.1 Rights of the Individual
Subject to applicable jurisdictional statutory exemptions, you hold the right to request access to, correction of, portability of, or the complete erasure of your personal data. You additionally retain the right to lodge a formal complaint regarding our data handling with the Information and Privacy Commissioner of Ontario (IPC), the Office of the Privacy Commissioner of Canada (OPC), or corresponding regulatory authorities within the State of New York.
7.2 Security Infrastructure
Radsam implements a defense-in-depth model containing administrative, physical, and technical safeguards calibrated to the sensitivity of the data handled. This includes logged, access-restricted facilities alongside our signature offline isolation architecture.
7.3 Incident Response and Breach Notification
In the highly unlikely event of a security anomaly that presents a real risk of significant harm, Radsam will initiate its incident response framework. Affected individuals and corresponding regulatory supervisors (including the IPC, OPC, and New York authorities under the SHIELD Act guidance) will be formally notified without undue delay.
8. Institutional Commitments and Miscellaneous Provisions
8.1 Mutual Obligations
Radsam commits to the continuous, responsible management of all data entrusted to us. In return, clients and website users warrant that all information provided to our institution is accurate, that necessary third-party consents have been secured, and that any materials or reports generated by Radsam are utilized solely for their intended purposes.
8.2 Accessibility, Non-Discrimination, and Child Privacy
We strive to make this policy and our final reports accessible in formats that reflect the spirit of the Accessibility for Ontarians with Disabilities Act (AODA). Furthermore, Radsam operates equitably and does not discriminate, mirroring the principles of the Ontario Human Rights Code and New York Human Rights Laws. Our academic and advisory services are strictly engineered for adult professionals; we do not knowingly interact with or collect data belonging to minors.
8.3 Policy Iterations
Radsam reserves the right to amend this Privacy Policy prospectively to address shifting statutory landscapes. The revised effective date will be modified at the top of this document upon publication.
Authorized Execution and Corporate Attestation
Issued for and on behalf of Radsam Academy of AI Sovereign Governance (Radsam Trade Inc.).