OrenGen Worldwide LLC ("Company," "we," "us") operates weshare.orengen.io ("Platform"). This Privacy Policy explains what personal information we collect, how we use it, and your rights regarding that information.
1. Information We Collect
1.1 Registration & Account Data
- Name, email address, phone number
- Password (stored as a cryptographic hash — we never store plaintext passwords)
- Tax identification information (collected by Stripe for 1099 purposes)
- Payment/banking information (collected and stored by Stripe; we do not store financial account numbers)
1.2 Activity & Performance Data
- Referral link clicks, lead submissions attributed to your link, and sales conversions
- Commission ledger entries, payout history, and statement data
- CRM activity logs (Sales Partners), including lead touch records
- Rank progression and program activity
1.3 Technical Data
- IP address, browser type, device identifiers
- Authentication tokens (session cookies, JWT) stored in encrypted browser cookies
- Server access logs retained for up to 90 days
1.4 Communications
Email and in-platform messages you send to us or receive from us regarding your program participation.
2. How We Use Your Information
- Program Operation: Tracking referrals, calculating commissions, managing leads, processing payouts, and administering your account.
- Compliance: Identity verification, fraud prevention, tax reporting (1099s via Stripe), and compliance with applicable law.
- Communications: Account notifications, payout statements, program updates, and support responses. You may opt out of non-essential communications.
- Security: Detecting, investigating, and preventing fraudulent activity, unauthorized access, and program abuse.
- Platform Improvement: Aggregated, de-identified analytics to improve the Platform's features and performance.
3. Information Sharing
We do not sell personal information. We share data only as follows:
- Stripe: Payment processing, Stripe Connect onboarding, and 1099 tax form issuance. Stripe's privacy policy governs data Stripe collects.
- GoHighLevel / LeadConnector (HighLevel): CRM platform used for lead management and the on-site chat widget. All leads captured through our forms — including name, email, phone, company, and message — are synced to GoHighLevel to operate the program, and the LeadConnector chat widget loaded on our pages transmits chat and visitor data to HighLevel.
- Service Providers: Hosting, email delivery (SMTP), and analytics providers under confidentiality obligations and with no right to use your data for their own purposes.
- Legal Requirements: When required by valid legal process (court order, subpoena) or to protect rights, property, or safety.
- Business Transfers: In connection with a merger, acquisition, or sale of substantially all assets, with notice to you.
4. Cookies & Tracking
We use first-party cookies to maintain authenticated sessions (a session cookie) and to attribute referral traffic to a referral partner link. The referral attribution cookie (ws_vid) persists for 90 days; a short-lived session-tracking cookie (ws_sid) lasts 24 hours. We also load the LeadConnector (HighLevel) chat widget, a third-party script that sets its own cookies/identifiers to provide live chat. Non-essential cookies (including the chat widget) load only after you accept them via our cookie banner; essential cookies (sign-in and referral attribution) are required for the service to function. You may disable cookies in your browser, but this will prevent login and accurate referral attribution.
5. Data Retention
- Active account data: retained for the life of your account.
- Commission ledger records: retained for 7 years (tax compliance).
- Server logs: 90 days.
- Closed accounts: data retained for 3 years after closure for legal and compliance purposes, then deleted or anonymized.
6. Security
We implement industry-standard security measures including: HTTPS/TLS for all data in transit; bcrypt password hashing with a work factor of 12; JWT authentication with expiring tokens stored in HttpOnly cookies; session invalidation on password reset; and infrastructure-level access controls. No security measure is perfect; we cannot guarantee absolute security.
7. Children's Privacy
The Platform is not directed to persons under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has registered, contact us immediately at partners@orengen.io.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of personal information we hold about you.
- Correction: Request correction of inaccurate data.
- Deletion: Request deletion of your data (subject to retention obligations).
- Portability: Receive your data in a machine-readable format.
- Opt-Out: Opt out of non-essential marketing communications.
To exercise any right, email partners@orengen.io with subject line "Privacy Request." We will respond within 30 days.
9. California Residents (CCPA)
California residents have specific rights under the California Consumer Privacy Act. We do not sell personal information. You may submit a verifiable consumer request to know, delete, or opt out by emailing partners@orengen.io. We will not discriminate against you for exercising CCPA rights.
10. Changes to This Policy
We may update this Policy periodically. We will notify you of material changes by email and by posting the updated Policy on the Platform with a new effective date. Continued use after notice constitutes acceptance.
11. Contact
Privacy inquiries: partners@orengen.io
OrenGen Worldwide LLC · Mansfield, TX