RAFA Energetics

Privacy Policy

Last Updated: July 1, 2026

This Privacy Policy explains how Rafael Lopez, operating as RAFA Energetics (“RAFA Energetics,” “we,” “us,” or “our”) collects, uses, discloses, retains, and safeguards personal information.

RAFA Energetics is based in Alberta, Canada. We handle personal information in accordance with Alberta’s Personal Information Protection Act (“PIPA”), the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) where applicable, and other privacy laws that apply to our activities.

This Policy applies to our websites, landing pages, funnels, quizzes, forms, appointment calendars, digital products, courses, workshops, memberships, individual and group sessions, email and text communications, communities, and other services that link to this Policy (collectively, the “Services”).

This Policy is a privacy notice. Where applicable law requires your consent, we will request it through an appropriate form, checkbox, agreement, recording notice, or other clear method.

Privacy at a Glance

This summary is provided for convenience and does not replace the complete Policy.

  • We collect only information reasonably related to our Services and business operations.
  • We do not directly store complete payment-card numbers.
  • We do not sell personal information for monetary consideration.
  • We may use service providers located outside Canada.
  • You may request access to or correction of your personal information.
  • You may unsubscribe from promotional emails at any time.
  • Session or call recordings require a separate notice or consent where required.

1. Who Is Responsible for Your Information?

[LEGAL NAME], operating as RAFA Energetics, is responsible for personal information under its control.

The owner or an authorized representative of RAFA Energetics serves as the Privacy Officer and is responsible for overseeing this Policy, responding to privacy inquiries, and addressing access, correction, consent, and complaint requests.

Privacy Officer contact information appears in Section 22 below.

2. Personal Information We May Collect

“Personal information” generally means information about an identifiable individual. The information we collect depends on how you interact with us and which Services you use.

A. Identification and contact information

  • Name
  • Email address
  • Telephone number
  • City, province, state, or country
  • Preferred language
  • Age range or confirmation that you are an adult
  • Social-media name or account information when you contact us through social media

B. Transaction and purchase information

  • Products, programs, sessions, or services purchased
  • Purchase date and amount
  • Currency, payment status, and transaction identifiers
  • Billing contact information
  • Refund, chargeback, dispute, and customer-support history
  • Limited payment details supplied by the payment processor, such as card brand and last four digits

C. Appointment, application, and participation information

  • Appointment dates and scheduling preferences
  • Application or intake-form responses
  • Program goals and reasons for seeking a Service
  • Attendance, participation, and completion information
  • Customer-support messages
  • Survey, quiz, feedback, and testimonial responses
  • Communications exchanged before, during, or after a program

D. Voluntary wellness and personal-development information

Some Services allow you to voluntarily provide information concerning stress, sleep, emotions, personal experiences, perceived discomfort, habits, goals, relationships, personal history, or other wellness and self-development topics.

You control what information you provide. Please do not submit unnecessary medical records, government identification numbers, financial passwords, or other highly sensitive information that we have not specifically requested.

Important: RAFA Energetics is not a hospital, medical clinic, psychotherapy practice, or emergency service. Information you voluntarily share is not collected for medical diagnosis and is not maintained as a medical or psychotherapy record.

E. Technical and usage information

  • Internet Protocol address
  • Browser and device type
  • Operating system
  • Approximate location derived from an IP address
  • Pages viewed and links selected
  • Date, time, duration, and referral source
  • Login, access, download, and email-delivery events
  • Cookie and analytics identifiers
  • Information used to detect fraud, abuse, or unauthorized access

3. How We Collect Personal Information

We may collect personal information:

  • Directly from you when you complete a form, make a purchase, book an appointment, respond to a quiz, participate in a Service, or contact us
  • Automatically through cookies, pixels, analytics, log files, and similar technologies
  • From payment processors after you complete or attempt a transaction
  • From scheduling, customer-relationship, email, membership, video-conferencing, and course platforms
  • From social-media platforms when you contact or interact with us through those services
  • From a referral source where you have authorized the referral or the disclosure is otherwise permitted by law
  • From publicly available sources where collection is permitted by law

4. Why We Collect and Use Personal Information

We may collect and use personal information for the following reasonable business purposes:

  • Providing and delivering purchased products, sessions, workshops, programs, and digital access
  • Processing payments, refunds, billing corrections, and transaction records
  • Creating and administering customer accounts
  • Scheduling appointments and sending reminders
  • Reviewing applications and determining program eligibility
  • Preparing for and administering individual or group sessions
  • Responding to questions, requests, complaints, and access problems
  • Sending receipts, access instructions, security notices, and other transactional communications
  • Sending educational or promotional communications where we have consent or another lawful basis
  • Scoring quizzes and delivering requested quiz results or recommendations
  • Managing communities, memberships, events, and participant communications
  • Personalizing the experience and content presented to you
  • Requesting and managing feedback, reviews, or testimonials
  • Improving our Services, website design, messaging, and customer experience
  • Measuring website, email, funnel, and advertising performance
  • Detecting unauthorized sharing, fraud, security events, or misuse
  • Establishing, exercising, or defending legal rights
  • Complying with tax, accounting, legal, regulatory, and contractual requirements

We will not use personal information for a materially different purpose without providing appropriate notice or obtaining consent where required.

5. Consent and Other Permitted Uses

Depending on the circumstances, consent may be express, implied, or otherwise permitted by applicable law.

Express consent may be obtained through:

  • A checkbox or online form
  • A written or electronic agreement
  • An email or text confirmation
  • A verbal confirmation documented by us
  • A separate recording authorization
  • Your voluntary submission of information for an identified purpose

You may withdraw consent to future collection, use, or disclosure, subject to legal, contractual, safety, and reasonable notice restrictions. Withdrawing consent may affect our ability to provide a requested Service.

We may also collect, use, or disclose information without consent where permitted or required by law, including for fraud prevention, debt collection, legal proceedings, emergencies, or compliance with a lawful order.

6. Payment Information

Payments are processed by third-party payment providers, such as Stripe or another processor identified at checkout.

RAFA Energetics does not directly receive or store your complete payment-card number or security code. Payment processors may provide us with limited transaction information, including:

  • Name and billing contact information
  • Transaction amount and currency
  • Payment status
  • Transaction identifier
  • Card type, brand, and last four digits
  • Refund, dispute, or chargeback information

Payment processors handle payment information under their own privacy policies, security standards, and terms.

7. Quizzes and Automated Results

Certain quizzes or assessments may automatically calculate a category, pattern, score, or suggested next step based on the answers you submit.

These automated results are intended for education, self-reflection, marketing personalization, or directing you to relevant content. They are not used to make medical, employment, insurance, credit, housing, or other legally significant decisions.

Quiz results are not medical or psychological diagnoses.

8. Cookies, Analytics, and Similar Technologies

Our websites and service providers may use cookies, pixels, tags, scripts, local storage, and similar technologies.

Category Purpose Examples
Essential Enable core website, checkout, account, security, and session functions. Login sessions, checkout operation, fraud prevention, form submission.
Functional Remember choices and provide enhanced website features. Language, form progress, appointment preferences.
Analytics Help us understand how visitors use our websites and improve performance. Page visits, traffic sources, device information, conversion events.
Advertising Measure campaigns and, where enabled, present or retarget relevant advertising. Advertising pixels, campaign identifiers, conversion tracking.

Technologies used on a particular page may be provided by GoHighLevel, Google Analytics, advertising platforms, payment providers, embedded media services, scheduling platforms, or similar providers.

You may control many cookies through your browser settings or through any cookie-consent tool made available on our website. Blocking essential cookies may prevent parts of the website, checkout, or customer portal from functioning correctly.

We do not represent that all analytics information is completely anonymous. We seek to limit or aggregate information where reasonably possible and appropriate.

9. Email, SMS, and Other Electronic Communications

Transactional communications

We may send communications reasonably necessary to:

  • Confirm a purchase or appointment
  • Deliver access links or purchased materials
  • Send session or event reminders
  • Provide security, billing, or account notices
  • Respond to a question or support request
  • Communicate important changes affecting an active purchase or Service

Promotional communications

We may send newsletters, educational content, offers, program updates, or promotional messages where you have provided consent or where another lawful basis permits the communication.

Promotional emails contain an unsubscribe mechanism. You may also request removal by contacting us. Unsubscribing from promotional communications will not prevent us from sending essential transactional or administrative messages.

Consent to receive marketing is not a condition of purchasing a product unless clearly permitted by law.

10. Session, Call, and Event Recordings

We do not intentionally record private calls, sessions, interviews, or meetings without providing a recording notice and obtaining consent where required.

Where a recording is proposed, we may explain:

  • That recording will occur
  • The purpose of the recording
  • Who may have access
  • How the recording may be used
  • How long it is expected to be retained
  • Whether participation without recording is available

Group events may include other participants. Participants must not independently record, copy, photograph, or distribute another person’s participation unless they have express permission.

11. Testimonials, Reviews, and Success Stories

We will request permission before intentionally publishing an identifiable testimonial, photograph, video, recording, or success story.

Permission may specify:

  • The name, initials, image, or description that may be displayed
  • The wording or content authorized for publication
  • The websites, emails, advertisements, or social platforms where it may appear
  • Whether compensation, a discount, or free access was provided

You may contact us to withdraw permission for future use. Withdrawal may not require us to recall materials already lawfully printed, distributed, published, or incorporated into completed campaigns before the withdrawal was received.

12. When We Disclose Personal Information

We may disclose personal information only for identified business purposes, with consent, or where permitted or required by law.

A. Service providers

We may use service providers for:

  • Website and funnel hosting
  • Customer-relationship management and automation
  • Email and text-message delivery
  • Payment processing
  • Appointment scheduling
  • Video conferencing and online events
  • Course, membership, and digital-content delivery
  • Cloud storage and document management
  • Analytics, advertising, and conversion measurement
  • Accounting, legal, technical, or administrative support

Providers may include GoHighLevel, Stripe, Google, Zoom, Meetn, MeetHour, social-media platforms, and other providers used for the relevant Service.

B. Legal and safety disclosures

We may disclose information where reasonably necessary to:

  • Comply with a law, subpoena, court order, or lawful government request
  • Investigate fraud, security incidents, or unauthorized access
  • Protect our rights, property, systems, customers, or other persons
  • Establish, exercise, or defend legal claims
  • Respond to an emergency involving a risk of serious harm

C. Business changes

Information may be reviewed or transferred in connection with a proposed or completed sale, merger, financing, restructuring, or transfer of all or part of the business, subject to appropriate confidentiality and legal requirements.

D. With your direction or consent

We may disclose information to another person or organization when you direct us to do so or provide appropriate consent.

We do not sell personal information for monetary consideration.

13. International and Cross-Border Processing

RAFA Energetics is based in Canada, but some service providers may store, access, or process personal information in the United States or other countries.

Information processed outside Canada may be subject to the laws of the country in which it is stored or accessed and may be available to courts, law-enforcement authorities, or government agencies under those laws.

We use reasonable measures appropriate to the circumstances when selecting and working with service providers. These may include contractual protections, access controls, provider security reviews, confidentiality obligations, and limiting information to what is reasonably necessary for the service.

You may contact the Privacy Officer for general information about service providers that may process personal information outside Canada.

14. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Policy or to meet legal, accounting, tax, contractual, security, dispute-resolution, and recordkeeping obligations.

Retention periods may vary based on:

  • The nature and sensitivity of the information
  • The product, program, or Service involved
  • Whether an account or customer relationship remains active
  • Legal limitation periods
  • Tax, accounting, and transaction-record obligations
  • Fraud, chargeback, security, or dispute considerations
  • Any retention period disclosed when a recording or special collection occurs

When information is no longer reasonably required, we may securely delete it, anonymize it, de-identify it, or permit it to be deleted through ordinary backup and system-retention cycles.

We may retain limited information necessary to document consent, opt-out requests, transactions, legal compliance, or the resolution of a dispute even after other information has been deleted.

15. Security Safeguards

We use reasonable administrative, technical, and physical safeguards appropriate to the sensitivity and amount of personal information under our control.

Safeguards may include:

  • Password and account-access controls
  • Multi-factor authentication where available and appropriate
  • Encryption and security controls supplied by service providers
  • Limited access based on business need
  • Confidentiality expectations for contractors and service providers
  • Software, device, and account-security practices
  • Backup, recovery, and incident-response procedures
  • Deletion or de-identification when information is no longer required

No internet transmission, electronic system, or storage method can be guaranteed to be completely secure. We therefore cannot promise that unauthorized access, loss, misuse, or disclosure will never occur.

You are responsible for protecting your passwords, private links, devices, and account credentials and for notifying us promptly if you suspect unauthorized access.

16. Privacy and Security Incidents

If we become aware of a suspected loss, unauthorized access, unauthorized use, or unauthorized disclosure of personal information, we may:

  • Investigate and contain the incident
  • Take reasonable steps to reduce potential harm
  • Preserve relevant records
  • Review and improve safeguards
  • Notify service providers, insurers, professional advisors, payment processors, or authorities where appropriate
  • Notify affected individuals and privacy regulators where required by applicable law

17. Your Privacy Rights and Choices

Subject to applicable law and reasonable exceptions, you may request:

  • Information about whether we hold personal information about you
  • Access to personal information under our control
  • Correction of inaccurate or incomplete information
  • Withdrawal of consent for future use where processing depends on consent
  • Deletion of information that we are not legally or reasonably required to retain
  • Information about the purposes for which information has been used or disclosed
  • Removal from promotional email or text-message lists

To protect privacy, we may need to verify your identity before responding to a request. We will not provide access to information where doing so would improperly reveal another person’s information, violate legal privilege, create a serious safety concern, or where another lawful exception applies.

We may retain information where reasonably necessary for legal, accounting, tax, fraud-prevention, contractual, dispute-resolution, or security purposes.

Residents of certain jurisdictions may have additional privacy rights where the relevant law applies to RAFA Energetics and the particular processing activity. We will respond to valid requests as required by applicable law.

18. Children and Minors

Our websites and directly purchased digital wellness programs are intended for adults and are not directed to children under 18.

We do not knowingly collect personal information from a child without the consent, authorization, or other legal basis required by applicable law.

If you believe that a minor has provided personal information without appropriate authorization, contact the Privacy Officer so that we can review the situation.

A separately arranged service involving a minor may be subject to additional parental or guardian consents, intake requirements, and privacy notices.

19. Third-Party Websites and Services

Our websites and communications may contain links to websites, applications, payment processors, social-media platforms, video services, or other services operated by third parties.

We do not control the privacy, security, content, or data practices of independent third parties. Their collection and use of information are governed by their own privacy policies and terms.

You should review the privacy information of a third-party service before submitting personal information to it.

20. Complaints and Challenging Compliance

If you have a concern about our privacy practices, contact our Privacy Officer first. Please describe:

  • The nature of your concern
  • The information or interaction involved
  • The outcome you are requesting
  • Any relevant dates, emails, receipts, or supporting details

We will review reasonable privacy complaints, investigate where appropriate, and communicate the outcome or next steps.

If a concern is not resolved, you may have the right to contact the Office of the Information and Privacy Commissioner of Alberta or another privacy authority with jurisdiction over the matter.

21. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our Services, technology, service providers, legal obligations, or privacy practices.

The updated version will display a revised “Last Updated” date. Where required by law, we will provide additional notice or request consent before using previously collected information for a materially new purpose.

We encourage you to review this Policy periodically.

22. Contact the Privacy Officer

For privacy questions, access or correction requests, consent withdrawals, deletion requests, or complaints, contact:

[LEGAL NAME], operating as RAFA Energetics
Attention: Privacy Officer
Alberta, Canada
Email: [email protected]

Please include “Privacy Request” in the subject line and do not send sensitive personal information by ordinary email unless specifically requested through a secure method.