Privacy Policy

1. Introduction and Scope

This Privacy Policy describes how OrenGen Worldwide LLC ("OrenGen," "we," "us," or "our") collects, uses, discloses, and protects personal information when you:

• Visit our website at https://orengen.io
• Use our AI-powered automation systems and services
• Interact with our AI agents, chatbots, or communication systems
• Engage with our marketing, sales, or support teams
• Subscribe to our newsletters or communications
• Participate in webinars, events, or training sessions

This Privacy Policy applies to all personal information collected through our services, websites, applications, and communications, regardless of how you access them.

2. Data Controller Information

Legal Entity: OrenGen Worldwide LLC
Address: 1812 Open Range Drive, Mansfield, Texas 76063
Email: support@orengen.io
Data Protection Officer: Available upon request at support@orengen.io

For residents of the European Economic Area (EEA), United Kingdom, or Switzerland, OrenGen acts as the data controller for personal information collected through our services.

3. Information We Collect

3.1 Information You Provide Directly

We collect information you voluntarily provide when you:

• Create an Account: Name, email address, company name, job title, phone number, billing address, payment information
• Use Our Services: Communications content, customer data, contact lists, files uploaded to our systems
• Contact Us: Support inquiries, feedback, survey responses, event registrations
• Subscribe: Email address and communication preferences
• Make Purchases: Billing information, payment method details (processed by secure third-party providers)

3.2 Information Collected Automatically

When you access our services, we automatically collect:

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages viewed, features accessed, time spent on pages, click patterns, navigation paths
• Location Data: General geographic location based on IP address (not precise GPS coordinates)
• Cookies and Tracking: Session cookies, persistent cookies, web beacons, analytics data (see Section 9)
• Log Data: Server logs, error reports, system diagnostics, API calls

3.3 Information from Third Parties

We may receive information about you from:

• Business Partners: Referral partners, affiliate marketers, integration partners
• Data Providers: Business intelligence services, contact verification services, lead enrichment tools
• Public Sources: Publicly available business information, social media profiles (when relevant to business relationships)
• Social Media Platforms: If you choose to connect your social accounts or interact with our social media

3.4 AI System Interactions

When you interact with our AI agents and automated systems, we collect:

• Conversation transcripts and chat logs
• Voice recordings (if using voice-enabled AI services)
• User preferences and interaction patterns
• Feedback on AI responses and performance metrics

4. How We Use Your Information

We use collected information for the following purposes:

4.1 Service Delivery and Operations

• Provide, maintain, and improve our AI-powered services
• Process transactions and manage subscriptions
• Authenticate users and prevent unauthorized access
• Deliver customer support and respond to inquiries
• Train and optimize AI models for better performance

4.2 Communication

• Send service notifications, updates, and important announcements
• Provide technical support and troubleshooting assistance
• Send marketing communications (with your consent where required)
• Conduct surveys and gather feedback

4.3 Business Operations

• Analyze usage patterns to improve service quality
• Develop new features and services
• Conduct internal research and analytics
• Ensure security and prevent fraud
• Comply with legal obligations and enforce our terms

4.4 Marketing and Personalization

• Personalize your experience and content
• Recommend relevant features or services
• Deliver targeted advertising (where permitted)
• Measure marketing campaign effectiveness

4.5 Legal Basis for Processing (GDPR)

For EEA, UK, and Swiss residents, we process personal data based on:

• Contract Performance: Processing necessary to provide services you've requested
• Legitimate Interests: Business operations, fraud prevention, service improvement
• Legal Obligations: Compliance with applicable laws and regulations
• Consent: Marketing communications and optional data processing (you may withdraw consent anytime)

5. How We Share Your Information

We do not sell your personal information. We may share information with:

5.1 Service Providers

Third-party vendors who perform services on our behalf:

• Cloud hosting and infrastructure providers (AWS, Google Cloud, Cloudflare)
• Payment processors (Stripe, PayPal)
• Email delivery services (SendGrid, Amazon SES)
• Analytics platforms (Google Analytics, Mixpanel)
• Customer support tools (Zendesk, Intercom)
• CRM and marketing automation platforms

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Business Partners

• Integration partners when you connect third-party services
• Affiliate or referral partners (with your consent)
• White-label resellers (for their client service delivery)

5.3 Legal and Compliance

We may disclose information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Enforce our Terms and Conditions
• Protect our rights, property, or safety
• Detect, prevent, or address fraud and security issues
• Protect the rights and safety of our users or the public

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. You will be notified of any such change.

5.5 With Your Consent

We may share information with third parties when you provide explicit consent or direct us to do so.

5.6 Mobile Information and SMS Data

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Phone numbers and SMS opt-in data collected by OrenGen are used exclusively to deliver the AI communications, notifications, and services you have authorized, and are disclosed only to the subcontracted service providers (e.g., telecommunications carriers, messaging platforms such as Twilio) strictly necessary to send those messages on our behalf. These providers are contractually prohibited from using your mobile information for their own marketing.

You can stop receiving SMS messages at any time by replying STOP to any message, or by emailing support@orengen.io. See our AI Communications Opt-In page for full program details, message frequency, and rate disclosures.

6. Data Retention

We retain personal information for as long as necessary to:

• Provide services and maintain your account
• Comply with legal, tax, and accounting obligations (typically 7 years)
• Resolve disputes and enforce agreements
• Maintain business records and analytics

Retention Periods by Data Type:

Upon account deletion, we will delete or anonymize your personal data within 90 days, except where longer retention is required by law.

7. Data Security Measures

We implement industry-standard security measures to protect your information:

7.1 Technical Safeguards

• Encryption of data in transit (TLS/SSL) and at rest (AES-256)
• Secure authentication and password hashing (bcrypt)
• Regular security audits and penetration testing
• Intrusion detection and prevention systems
• Firewall protection and DDoS mitigation

7.2 Administrative Safeguards

• Employee background checks and security training
• Strict access controls and principle of least privilege
• Confidentiality agreements with all personnel
• Incident response and data breach notification procedures

7.3 Physical Safeguards

• Data centers with 24/7 security monitoring
• Redundant infrastructure and backup systems
• Environmental controls and disaster recovery plans

7.4 Limitations

While we take reasonable measures to protect your data, no system is completely secure. We cannot guarantee absolute security against unauthorized access, hardware/software failures, or other factors beyond our control.

8. Your Privacy Rights

8.1 Rights for All Users

• Access: Request a copy of personal information we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Opt-Out: Unsubscribe from marketing communications
• Data Portability: Receive your data in a structured, machine-readable format

8.2 GDPR Rights (EEA, UK, Switzerland Residents)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights:

• Right to Object: Object to processing based on legitimate interests
• Right to Restriction: Request limitation of processing in certain circumstances
• Right to Withdraw Consent: Withdraw consent for processing at any time
• Right to Lodge Complaint: File a complaint with your local data protection authority

8.3 CCPA/CPRA Rights (California Residents)

California residents have the right to:

• Know what personal information is collected, used, shared, or sold
• Delete personal information (subject to exceptions)
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising privacy rights
• Correct inaccurate personal information
• Limit use and disclosure of sensitive personal information

8.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: support@orengen.io with subject line "Privacy Rights Request"
• Include: Your name, email address, specific request, and verification information

We will respond to verified requests within 30 days (45 days for complex requests). We may require additional information to verify your identity before processing requests.

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files stored on your device that help us recognize your browser and remember information about your visit.

9.2 Types of Cookies We Use

9.3 Third-Party Tracking

We use third-party analytics and advertising services:

• Google Analytics: Website usage analytics (Privacy Policy)
• Google Ads: Advertising and remarketing (Opt-Out)
• Facebook Pixel: Social media advertising (Privacy Policy)
• LinkedIn Insight Tag: B2B advertising (Privacy Policy)

9.4 Managing Cookies

You can control cookies through:

• Browser Settings: Most browsers allow you to refuse or delete cookies
• Opt-Out Tools: DAA Opt-Out | NAI Opt-Out
• Do Not Track: We honor DNT browser signals where technically feasible

Note: Disabling essential cookies may limit website functionality.

10. International Data Transfers

OrenGen is based in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

10.1 Safeguards for International Transfers

For transfers from the EEA, UK, or Switzerland, we rely on:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for certain jurisdictions
• Your explicit consent where required

10.2 Data Protection Standards

We ensure that data transferred internationally receives protections comparable to those required under GDPR and other applicable laws.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

If you believe we have inadvertently collected information from a child under 18, please contact us immediately at support@orengen.io, and we will promptly delete such information.

COPPA Compliance: We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect data from children under 13.

12. Do Not Sell My Personal Information (CCPA/CPRA)

We do not sell your personal information.

OrenGen does not sell, rent, or trade personal information to third parties for monetary or other valuable consideration. We only share data with service providers, as described in Section 5, under strict contractual obligations.

California residents: If you have questions about how we handle your information, contact us at support@orengen.io.

13. Third-Party Websites and Services

Our website and services may contain links to third-party websites, applications, or services that are not operated by OrenGen. This Privacy Policy does not apply to third-party sites.

We are not responsible for the privacy practices or content of external sites. We encourage you to review the privacy policies of any third-party services you access.

14. California "Shine the Light" Law

California Civil Code Section 1798.83 allows California residents to request information about disclosure of personal information to third parties for direct marketing purposes.

Because we do not share personal information with third parties for their direct marketing purposes, we are exempt from this requirement. However, you may still contact us with questions at support@orengen.io.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.1 Notification of Changes

Material changes will be communicated via:

• Email notification to registered users
• Prominent notice on our website
• In-app notifications

15.2 Effective Date

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

15.3 Previous Versions

Previous versions of this Privacy Policy are available upon request at support@orengen.io.