Privacy Policy

i AM Transformation Trust ("we," "us," or "our") operates the i AM Transformation platform at www.iamtransformation.com. We are a business trust organized under the laws of Alaska. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our platform, which includes community features, a digital marketplace, messaging, affiliate programs, and related services.

2.1 Information You Give Us

2.2 Information We Do NOT Collect

2.3 Information Collected Automatically

When you use our platform, we automatically collect limited technical information such as your IP address, browser type, device type, operating system, pages visited, and the dates and times of your visits. We use this to keep the platform running smoothly, prevent abuse, and improve your experience.

We use your information for the following purposes and no others:

• Providing the platform — running communities, processing purchases, delivering content, and enabling messaging
• Processing payments — completing transactions, subscriptions, refunds, and affiliate payouts
• Tax compliance — generating required tax documents (1099s, etc.) for affiliates
• Platform safety — preventing fraud, enforcing our Terms of Use, and responding to legal requests
• Communicating with you — sending transaction confirmations, security alerts, and (with your consent) product updates
• Improving the platform — analyzing usage patterns in aggregate to fix bugs and build better features

We share your information only in these specific situations:

We take security exceptionally seriously. Our platform uses quantum-safe, military-grade encryption that goes significantly beyond industry standards. Here's what that means in practical terms:

5.1 Quantum-Safe Encryption

Most platforms today use encryption that could potentially be broken by future quantum computers. We've designed our security to protect you even against that threat. Our platform uses a hybrid approach that combines proven classical encryption with next-generation post-quantum cryptography standardized by NIST (the U.S. National Institute of Standards and Technology).

5.2 End-to-End Encryption

Your private messages and private posts are encrypted on your device before they ever leave it. Our servers store only the encrypted version. We cannot read your private content, and neither can anyone else — not our staff, not hackers, not governments.

5.3 Sensitive Data Vault

Financial and tax information (SSN, bank details, tax forms) is stored in a segregated, AES-256-GCM encrypted vault with strict access controls. Only authorized compliance and finance personnel can access this data, and all access is logged and audited.

5.4 Password Protection

Your password is hashed using Argon2id, the algorithm recommended by OWASP (the leading web security authority). We never store your actual password — only a mathematical fingerprint that cannot be reversed.

5.5 Payment Security

All payment card data is processed directly by Stripe, a PCI DSS Level 1 certified payment processor. Your card numbers never pass through or are stored on our servers.

No matter where you live, we provide every user with the following rights:

• Access — Request a copy of all personal data we hold about you
• Correction — Update or fix inaccurate information
• Deletion — Request we delete your account and personal data
• Data Portability — Receive your data in a common, machine-readable format
• Withdraw Consent — Opt out of optional data processing at any time
• Object — Object to specific uses of your data

To exercise any of these rights, email us at legal@iamtransformation.com. We will respond within 30 days (or sooner if required by your local law).

6.1 Additional Rights for EU/EEA/UK Residents (GDPR)

If you are located in the European Union, European Economic Area, or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR). Our legal bases for processing your data are: performance of our contract with you (providing the platform), your consent (where we ask for it), compliance with legal obligations (tax reporting), and our legitimate interests (platform security and improvement). You also have the right to lodge a complaint with your local data protection authority.

6.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, request deletion, opt out of the sale of personal information (we do not sell personal information), and not be discriminated against for exercising your rights.

6.3 Cookie Choices

We use essential cookies to keep the platform working (like keeping you logged in). You can control non-essential cookies through your browser settings. The platform will continue to function with only essential cookies enabled.

Our servers are located in the United States. If you are accessing the platform from outside the U.S., your data will be transferred to and processed in the United States. We protect international data transfers using encryption, contractual safeguards, and the security measures described in Section 5. For EU/EEA/UK users, we rely on Standard Contractual Clauses approved by the European Commission as a legal basis for these transfers.

Our platform is available to users aged 13 and older. Users under 13 are not permitted to create accounts or use the platform.

Users aged 13 to 17 may access community content and participate in communities, but may not make purchases, sell products, or participate in the affiliate program. These features require users to be at least 18 years old.

We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it promptly. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at legal@iamtransformation.com.

We keep your data only as long as needed:

• Account data — as long as your account is active, plus 30 days after deletion (to allow you to reactivate if it was a mistake)
• Transaction records — 7 years after the transaction (required by tax and financial regulations)
• Tax documents (W-9, 1099, etc.) — 7 years (required by IRS regulations)
• Server logs — 90 days (for security and troubleshooting)
• Encrypted private messages — deleted when both parties delete them (we cannot read them regardless)

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email and/or by placing a prominent notice on the platform at least 30 days before the changes take effect. Minor clarifications or formatting changes may be made without notice. The "Effective Date" at the top always reflects the latest version.

If you have questions about this Privacy Policy, want to exercise your rights, or have a concern about how we handle your data:

We aim to respond to all inquiries within 30 days. For urgent security matters, please include "URGENT" in your subject line.