Privacy Policy – Purple Wins™ & NAVETRA™

Last updated: January 8, 2026

This Privacy Policy explains how Jawaahar Talent Solutions Inc. (“JTS Inc.”, “Purple Wins”, “NAVETRA”, “we”, “us” or “our”) collects, uses, shares and protects personal information in connection with our website and services.

1. Who We Are

Purple Wins™ is the flagship brand of Jawaahar Talent Solutions Inc., a woman-owned Canadian company focused on measurable, people-driven performance. We operate purplewins.io, develop NAVETRA™ and provide related consulting, coaching and event services.

Privacy Officer (person in charge of personal information): Mina Johl, Founder

Email: admin@purplewins.io

Mailing address: Grimsby, ON, Canada (L3M 5S5)

Use the details above for privacy questions and access/correction requests.

This Policy applies when you:

  • Visit purplewins.io and any related pages or subdomains
  • Interact with NAVETRA™ mini-scans or diagnostics accessible via links on our site
  • Use our consulting, coaching or event services
  • Engage with us via email, contact forms, social media or events

If you do not agree with this Policy, please do not use our site or provide personal information.

2. Scope & Relationship With Other Terms

This Policy covers personal information we handle when we operate purplewins.io, manage NAVETRA™ scans and tools, deliver consulting and coaching engagements, and run events, webinars, roundtables and related programs.

It sits alongside, and does not override, any service agreements, NDAs, data processing addenda or statements of work we sign with clients. Where those documents conflict with this Policy, the signed documents will govern the specific engagement.

If you are located in Québec, additional requirements may apply to certain processing activities (including transparency for automated processing). We will address Québec-specific obligations in applicable engagement documents where relevant.

3. Our Role (Website vs Client Deployments)

In some contexts we decide how and why personal information is processed (often described as acting as a “controller” in certain jurisdictions). In other contexts, especially when NAVETRA™ or assessments are deployed for an organization, the client organization may control the purpose and means of processing, and we may act as a service provider under contract.

If a client organization sponsors a deployment, participants should generally direct privacy requests to the client sponsor unless instructed otherwise.

4. Information We Collect

4.1 Information you provide directly

You may choose to provide personal information, for example when you:

  • Fill out contact forms (name, job title, company, email, phone, message content)
  • Book or inquire about coaching, consulting or NAVETRA™ deployments (role, location, experience, organizational context, goals)
  • Participate in a NAVETRA™ mini-scan, survey, Lens session or diagnostic (structured responses and/or free-text inputs)
  • Purchase coaching or other offerings through our online store (name, contact details, billing information and order history)
  • Register for events, roundtables or newsletters
  • Comment on our blog or respond to communications
  • Communicate with us via email, LinkedIn, other social platforms or at events

Depending on context, this may include business contact details, role information and professional background, and any other information you choose to share.

We generally do not intend to collect sensitive personal information (such as health data, political opinions or union membership) through the website. If coaching or consulting conversations touch on more personal topics, we treat that information with additional care and limit sharing to what is necessary to support you.

4.2 Information collected automatically

When you visit our site, we and our providers may automatically collect:

  • Device and browser information (type, version, operating system, language)
  • IP address and approximate location
  • Pages visited, clicks, time on page, referrers and navigation paths
  • Cookie identifiers and similar tracking identifiers

We may use cookies and similar technologies for functionality, security, analytics and customization, as described in Section 8 and reflected in our cookie banner.

4.3 Information from third parties

We may receive information about you from:

  • Payment processors, scheduling tools and form platforms you choose to use
  • Sales engagement and CRM tools used to manage business communications (where applicable)
  • Social media platforms (for example, LinkedIn) when you interact with our content
  • Innovation partners, associations or co-hosts that invite you to a NAVETRA-related event
  • Public sources such as company websites, conference programs and professional profiles

We use this information only in line with this Policy and applicable law.

5. How We Use Your Information

We use personal information for the following purposes:

  1. To provide and improve our services
    • Responding to inquiries and contact requests
    • Running NAVETRA™ mini-scans, Lens sessions and diagnostics
    • Delivering consulting and coaching engagements
    • Providing event access, reminders and follow-up materials
    • Providing subscription access and administering purchases (where applicable)
  2. To operate and improve NAVETRA™ and related tools
    • Analysing aggregated and/or de-identified engagement data to refine ranges, archetypes and content
    • Monitoring performance, stability and security of our tools
  3. To communicate with you
    • Sending confirmations, administrative notices and updates
    • Sharing relevant insights, resources, event invitations or newsletters where permitted
    • Asking for feedback to improve our offerings

    We send marketing communications in accordance with applicable anti-spam laws (including Canada’s Anti-Spam Legislation, CASL). You can unsubscribe at any time using the link in our emails. We may still send non-marketing messages needed to provide services, administer accounts, or respond to requests.

  4. For analytics, research and business operations
    • Understanding how visitors use our site and content
    • Evaluating the effectiveness of programs and campaigns
    • Planning strategy, budgeting and growth
  5. For security, compliance and legal purposes
    • Protecting our systems and intellectual property
    • Detecting, investigating and preventing fraud or misuse
    • Complying with legal obligations and responding to lawful requests
    • Establishing, exercising or defending legal claims

We may combine information collected from different sources for these purposes.

6. Automated Analysis (NAVETRA™ Outputs)

NAVETRA™ may use structured responses and engagement signals to generate insight outputs (for example, themes, ranges, risk bands, or archetypes) designed to support organizational decisions and conversations.

We do not use NAVETRA™ to make solely automated decisions that produce legal or similarly significant effects about an individual. If you believe personal information used in a diagnostic is inaccurate, you may request access/correction as described in Section 15.

6A. NAVETRA™ Lens & AI-Assisted Features

Some features (including NAVETRA™ Lens) use AI-assisted processing to help structure your question, identify likely execution-risk patterns, and suggest practical next steps. These outputs are designed for decision support.

  • No uploads (current version): NAVETRA™ Lens does not currently support file uploads.
  • Do not include sensitive information: Please avoid entering employee-by-employee data, health data, or other sensitive personal information in free-text prompts unless we have agreed otherwise in writing.
  • Service providers: We may rely on third-party technology providers to operate AI-assisted features (for example, hosting, analytics, and model infrastructure), under contractual safeguards.
  • Not solely automated decisions: We do not use these features to make decisions that produce legal or similarly significant effects about an individual without appropriate human review.

For enterprise deployments, data processing terms (including retention, access controls, and additional safeguards) are set out in the applicable contract and/or data processing addendum.

7. Legal Bases for Processing (Where Applicable)

Where data protection laws require a legal basis (for example, in the UK/EU/EEA), we rely on:

  • Contract – when processing is necessary to perform a contract with you or your organisation.
  • Legitimate interests – for reasonable business purposes not overridden by your rights (e.g., improving services, securing systems, communicating with business contacts).
  • Consent – for certain marketing communications, use of non-essential cookies, and some event or diagnostic activities. You may withdraw consent at any time.
  • Legal obligation – where we must comply with applicable laws.

8. Cookies & Similar Technologies

We use cookies and similar technologies to:

  • Keep the site functioning (for example, navigation, forms and security)
  • Understand aggregate usage and performance (analytics)
  • Remember preferences and improve your experience
  • Enable embedded media (for example, YouTube), where used

Some cookies are strictly necessary; others (like analytics, embedded media, and customization cookies) are optional and may be controlled via your browser settings and, where available, our cookie preference tools.

Where required, our cookie banner provides options to Accept all, Reject non-essential, and Manage cookies. Optional cookies should not run unless enabled through your choices.

You can usually configure your browser to block or delete cookies; doing so may affect some site functionality.

9. How We Share Information

We do not sell or rent your personal information.

We may share information with:

  1. Service providers and vendors – for website hosting, email, CRM, sales engagement, marketing, payment processing, scheduling, analytics and security, under appropriate contracts.
  2. Partners and co-hosts – including innovation agencies, associations, co-presenters and sponsors of NAVETRA-related events or programs, only as needed to deliver the event/program (for example, registration management). If a partner wishes to market to you independently, they must rely on their own lawful basis and notices, and/or we will seek consent where required.
  3. Professional advisors – such as lawyers, accountants and insurers, under confidentiality obligations.
  4. Corporate transactions – in connection with a potential or actual merger, acquisition, asset sale, financing or similar transaction involving JTS Inc., subject to appropriate safeguards.
  5. Legal and safety – when required by law or legal process, to protect our rights, privacy, safety or property (or that of others), and to detect and respond to fraud, security or technical issues.

We may share aggregated or de-identified information that does not identify individuals, such as general statistics about engagement with NAVETRA™ or our content.

10. Key Service Providers (Summary)

Depending on your interaction with us, we may use the following providers to support website operations, communications, sales workflows, payments, recordings, development workflows, and assessments:

  • Squarespace (website hosting and site operations)
  • Google (analytics and related tools, where enabled) and YouTube (embedded video playback, where used)
  • Stripe (payment processing)
  • Apollo.io (sales engagement and lead/contact management workflows, where used)
  • GitHub (development collaboration workflows)
  • Riverside.fm (podcast recording/production workflows when you participate as a guest)
  • Harrison Assessments (assessment delivery when used as part of an engagement)

These providers may process information in other jurisdictions (including the United States). See Section 11.

11. International Transfers

We are based in Canada and may use service providers or partners located in other countries (for example, the United States or other jurisdictions). This means your information may be transferred to, stored in or accessed from countries with different data protection laws than where you live.

Where required by law, we implement appropriate safeguards (such as contractual clauses) to protect information transferred internationally.

Where information is processed outside Canada, it may be subject to the laws of that jurisdiction and may be accessible to law enforcement or national security authorities in accordance with those laws. We remain accountable for personal information transferred to service providers for processing and use contractual and organisational measures to protect it.

12. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Policy, unless a longer or shorter period is required by law or agreed in writing. For example:

  • Inquiries and business communications: typically retained for up to 24 months after last interaction.
  • Client engagement records: retained for the duration of the engagement and a reasonable period after, subject to contract terms.
  • Billing and tax records: retained as required by applicable law (often multiple years).

We may anonymize information so it no longer identifies you and use it for analytics, research and product improvement for longer periods.

13. Security

We use reasonable technical, organisational and administrative measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. These may include:

  • Role-based access controls
  • Use of reputable hosting and security partners
  • Encryption and secure transfer methods where appropriate
  • Internal policies and training for people who handle data

No system is perfectly secure. If you believe your interaction with us is no longer secure, please contact us immediately.

14. Privacy Incidents

If we become aware of a confidentiality incident involving personal information, we take reasonable steps to reduce risk and prevent recurrence. Where required, we will notify affected individuals and relevant regulators. We maintain an internal incident record where required by law.

15. Your Rights & Choices

Your privacy rights depend on where you live, but may include the right to:

  • Request access to the personal information we hold about you
  • Ask us to correct inaccurate or incomplete information
  • Ask us to delete certain information (subject to legal and contractual limits)
  • Object to or request restriction of certain processing
  • Withdraw consent where we rely on it (for example, marketing and optional cookies)
  • Receive your information in a portable format where applicable

You can also:

  • Opt out of marketing emails by using the unsubscribe link in those emails
  • Adjust your browser settings to manage cookies and tracking

To exercise any rights or make a privacy request, please contact our Privacy Officer using the details in Section 1. We may need to verify your identity before completing your request and may be unable to fully comply where legal or contractual obligations require continued processing.

Depending on your location, you may also have the right to lodge a complaint with a privacy regulator (for example, the Office of the Privacy Commissioner of Canada, or Québec’s Commission d’accès à l’information).

16. Children’s Privacy

Our website, NAVETRA™, consulting and coaching services are not directed to children and are primarily intended for adult professionals and organizations. We do not knowingly collect personal information from children under the age of 16 (or a higher age where required by local law).

If you believe we have collected information from a child, please contact us and we will take appropriate steps to delete it.

17. Third-Party Sites & Resources

Our site and resources may link to third-party websites, tools or content, such as assessment platforms, videos or event tools. We are not responsible for the privacy practices or content of those third parties. Their use of your information is governed by their own privacy policies and terms. We encourage you to review those policies before interacting with them.

18. No Waiver; Errors & Omissions

We try to keep this Privacy Policy accurate and up to date. However, it may occasionally contain typographical errors, formatting issues, or inadvertent omissions.

This Policy is provided for transparency and does not create contractual rights beyond what is required by applicable law or any written agreement we sign with you or your organisation.

To the extent permitted by law, we are not responsible for any loss arising solely from minor or inadvertent errors in the presentation of this Policy. Nothing in this section limits any rights you may have under applicable privacy laws, or limits any liability that cannot be excluded under law.

19. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology or our practices. When we do, we will revise the “Last updated” date at the top of this page and, where appropriate, provide additional notice (for example, by posting a prominent notice on the site or emailing key contacts).

20. How to Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us by:

  • Using the contact form on purplewins.io, or
  • Contacting our Privacy Officer using the details listed in Section 1.

We will do our best to respond promptly and address your questions.