IMPORTANT: This document is an AI-generated starting point and has NOT been reviewed by a licensed attorney. Before going live with real customer transactions, WeMillionaires must have this document reviewed and adapted by qualified counsel in the relevant jurisdictions. The document is not legal advice.

WeMillionaires Privacy Policy

Effective Date: 2026-04-30

WeMillionaires (“WeMillionaires,” “we,” “us,” or “our”) operates an online membership platform offering business tools, an eDirectory marketplace, an LMS for paid courses, a 1:1 scheduler, AI video building, and AI-generated text content (the “Platform”). This Privacy Policy explains how we collect, use, share, and protect personal data when you use our websites, Platform, and related services (collectively, the “Services”).

WeMillionaires is based in the United States at:

WeMillionaires
3829 Pennsylvania Ave SE
Washington DC 20020, USA
Email: info@wemillionaires.com

We serve members worldwide except in jurisdictions where we do not offer the Services, including: Cuba, Iran, North Korea, Syria, Russia, Belarus, Myanmar, Venezuela, Sudan, South Sudan, Afghanistan, the Crimea region, the Donetsk and Luhansk regions, and any other jurisdiction subject to U.S. OFAC sanctions or where MLM models are restricted.

By using our Services, you acknowledge that you have read this Privacy Policy. If you do not agree with it, you should not use our Services.

1. Introduction

1.1 Scope

This Privacy Policy applies to personal data we process in connection with:

1. Your use of our websites and web applications;
2. Your registration for and use of any WeMillionaires membership tier (Ascend, Growth, Founder);
3. Use of our eDirectory listings marketplace, paid courses LMS, 1:1 scheduler, AI Video Builder, and AI text content features;
4. Our marketing, communications, and partner or affiliate programs, including the commission / residual income system.

1.2 Definitions

• Personal data / personal information: Any information that identifies or relates to an identified or identifiable individual.
• Processing: Any operation performed on personal data, such as collection, storage, use, disclosure, or deletion.
• Controller (GDPR): WeMillionaires is the “controller” of personal data for the purposes described in this policy.
• Consumer / Data subject: The individual whose personal data is processed.
• Services: Our SaaS membership platform and related products and services.

1.3 Regulatory Framework

This Privacy Policy is intended to address, among other laws:

• The EU and UK General Data Protection Regulation (GDPR/UK GDPR);
• The California Consumer Privacy Act, as amended by the CPRA (CCPA/CPRA);
• Other applicable data protection laws, where relevant.

Where local laws require stricter protections than this Policy, we will comply with those stricter requirements.

2. Data We Collect

We collect personal data either directly from you, automatically when you use the Services, or from third parties. Below are the main categories of data we collect.

2.1 Account and Profile Information

When you create or manage an account, we may collect:

1. Identifiers and contact details
   • Name
   • Username and password
   • Email address
   • Phone number (if provided)
   • Country, city, region, and time zone
2. Professional or business information
   • Business name, role, and industry
   • Public profile details you choose to share on the Platform
3. Membership and plan details
   • Subscription tier (Ascend, Growth, Founder)
   • Account status, preferences, and settings
   • Referral and upline/upline structure information, where relevant

2.2 Billing and Financial Information

We use Stripe for subscription billing and payments. We may collect:

1. Billing contact information
   • Billing name
   • Billing address
   • Tax or VAT details where applicable
2. Payment information (indirect)
   • Limited payment-related data from Stripe (e.g., last 4 digits of card, expiration month/year, payment method type, and transaction identifiers).
   • We do not store full credit card numbers or CVV codes. Those are processed directly by Stripe.

2.3 Device and Technical Information

When you access our Services, we may automatically collect:

1. Device identifiers
   • IP address
   • Device ID, browser type, and version
   • Operating system and device type
2. Connectivity and configuration
   • Language and locale settings
   • Referring URLs, domain names
3. Log data
   • Access times and dates
   • Pages and features used
   • Error logs, diagnostic data, crash reports

2.4 Usage Analytics and Interaction Data

We track how users interact with our Services to improve performance and usability:

1. Usage patterns
   • Pages visited and features used (e.g., LMS courses, eDirectory, scheduler)
   • Clickstream data and in-app navigation
   • Time spent on features or content
2. Engagement with communications
   • Whether you open our emails
   • Links you click within emails or in-app notifications
3. Marketing attribution
   • Referral URLs
   • Campaign identifiers and UTM parameters

We may use analytics tools and cookies or similar technologies to collect this information (see Section 6).

2.5 Uploaded Content and Media

You may choose to upload or provide content to our Services, including:

1. Business and listing content
   • eDirectory listing details (e.g., business descriptions, categories, images, videos, location data you provide)
2. Course and educational content
   • Course materials you publish or upload to the LMS
   • Assignments, comments, and messages
3. Scheduler content
   • Calendar connection metadata (if you connect a calendar)
   • Booking details (e.g., meeting topic, preferred times, notes you provide)
4. Profile media
   • Profile photos, logos, promotional images, and any other media or files you upload

Uploaded content may contain personal data about you or others. You are responsible for ensuring that you have the legal right to upload and share such content.

2.6 AI Prompts, Inputs, and Generated Content

Our Platform includes AI-related features, such as an AI Video Builder (powered by third-party machine learning providers) and AI-generated text content (e.g., powered by Emergent LLM or similar providers). We may collect:

1. AI prompts and inputs
   • Text prompts you enter
   • Images, audio, or video you upload for use with AI tools
   • Context or reference information you provide for content generation
2. Generated outputs
   • AI-generated videos, scripts, drafts, and other media
   • AI-generated text content associated with your account
3. Metadata and logs
   • Prompt history and usage logs
   • Parameters or settings used for generation
   • Feedback on AI outputs, including quality ratings or edits

We share AI prompts and related content with third-party providers solely as necessary to provide the AI features (see Section 5).

2.7 Commission and MLM Program Data

We operate a commission and residual income system (75% member / 10% upline / 15% platform on qualifying sales). For these purposes, we may process:

1. Referral and relationship data
   • IDs of your referrers/upline and downline
   • Commission eligibility and qualification details
2. Transaction and payout data
   • Sales volumes, commission calculations, and payout history
   • Payment details relating to your chosen payout method (processed via third parties where applicable)
3. Compliance information
   • Records required for tax reporting and regulatory compliance
   • KYC or identity verification information where required by payment providers or law

2.8 Communications and Support

If you contact us or interact with us outside of the Platform:

1. Customer support
   • Support requests, emails, chat transcripts, and call logs (if any)
   • Screenshots or files you send to us
2. Marketing and surveys
   • Your marketing preferences
   • Survey responses, feedback, reviews, and testimonials

2.9 Information from Third Parties

We may receive information about you from:

1. Payment providers (e.g., Stripe)
   • Confirmation of payment status
   • Limited payment method details
2. Analytics and advertising partners
   • Aggregated or de-identified audience information
3. Social or integration partners (if enabled)
   • If you connect third-party accounts (e.g., calendar tools or identity providers), we may receive data such as your email address or calendar metadata, as authorized by you.

3. How We Use Your Data

We use personal data for the following purposes:

3.1 To Provide and Maintain the Services

1. Create, verify, and manage user accounts and profiles;
2. Process subscriptions, payments, and renewals via Stripe;
3. Provide the eDirectory marketplace, LMS, scheduler, AI tools, and other core features;
4. Operate the commission and residual income system, including tracking, calculating, and distributing commissions.

3.2 To Personalize and Improve the Services

1. Customize content, recommendations, and features based on your use;
2. Analyze usage analytics to improve performance, design, and user experience;
3. Develop new features and services.

3.3 To Communicate with You

1. Send transactional messages, such as account notifications, billing updates, and service announcements;
2. Respond to your questions, support requests, and feedback;
3. Send marketing communications (where permitted by law and your preferences), such as newsletters and special offers, from which you can unsubscribe at any time.

3.4 To Operate AI Features

1. Process your prompts, inputs, and uploaded content to generate AI outputs;
2. Improve AI models and features (where permitted by provider terms and applicable law), often through aggregated or de-identified usage data;
3. Provide customer support for issues related to AI-generated content.

3.5 For Security, Fraud Prevention, and Legal Compliance

1. Authenticate users and prevent unauthorized access;
2. Detect and investigate fraudulent or abusive activities, including misuse of the MLM compensation system;
3. Enforce our Terms of Use and other policies;
4. Comply with legal obligations, law enforcement requests, tax laws, and regulatory requirements.

3.6 For Business Operations

1. Maintain internal records, accounting, and audits;
2. Engage in business transfers, such as mergers, acquisitions, or reorganization (subject to appropriate safeguards);
3. Produce anonymous or aggregated analytics and insights that do not identify you.

4. Legal Bases for Processing (GDPR Article 6)

For individuals in the European Economic Area (EEA), the United Kingdom, and other regions with similar laws, we rely on one or more of the following legal bases for processing your personal data:

4.1 Contract Performance (Art. 6(1)(b))

We process your data where necessary to:

1. Create and manage your account;
2. Provide and maintain the Platform and Services you request;
3. Process payments and commissions;
4. Communicate with you about your account, subscriptions, and usage.

4.2 Legitimate Interests (Art. 6(1)(f))

We process your data based on our legitimate interests, where these are not overridden by your data protection interests or fundamental rights, including to:

1. Improve and develop our Services;
2. Prevent fraud and abuse;
3. Secure our systems and protect our business;
4. Market and promote our Services to existing customers (subject to local law and your rights to opt-out).

You can object to processing based on legitimate interests at any time (see Section 8).

4.3 Consent (Art. 6(1)(a))

We may rely on your consent for:

1. Certain types of marketing communications;
2. Non-essential cookies or similar tracking technologies;
3. Processing sensitive categories of data, where applicable;
4. Using your testimonials, endorsements, or certain uploaded content for promotional purposes, when expressly agreed.

You can withdraw your consent at any time (see Section 8), but this will not affect processing already carried out before withdrawal.

4.4 Legal Obligations (Art. 6(1)(c))

We may process your data where necessary to:

1. Comply with tax, accounting, AML/KYC, and other legal obligations;
2. Respond to lawful requests from courts, regulators, or law enforcement agencies.

4.5 Vital Interests (Art. 6(1)(d))

In rare cases, we may process data to protect your vital interests or those of another person, such as in an emergency.

5. Sharing & Third Parties

We do not sell your personal information for money. We do share data with certain third parties to operate, secure, and improve our Services. These recipients act as processors or service providers, or in some cases, independent controllers.

5.1 Core Infrastructure and Hosting

1. MongoDB Atlas
   We use MongoDB Atlas as a managed database service to store and manage data related to user accounts, content, and service functionality.

2. Cloudflare
   We use Cloudflare for content delivery, DDoS protection, and performance optimization. Cloudflare may process IP addresses and related traffic data as it routes web traffic.

5.2 Payments and Billing

1. Stripe
   We use Stripe to process payments and manage subscription billing. Stripe receives payment card information and related billing data you provide. Stripe’s use of your data is governed by its own privacy policy.

We may share:

• Your name, email, and billing address;
• Subscription details and transaction information.

5.3 AI and Machine Learning Providers

1. fal.ai and related ML infrastructure
   We use fal.ai and similar infrastructure to power parts of the AI Video Builder and related processing. Your prompts, media inputs, and certain metadata may be transmitted to these providers solely to generate outputs and maintain the service.

2. Emergent LLM (or similar large language model providers)
   For AI-generated text features, we send your prompts, contextual data, and usage metadata to providers like Emergent LLM. These providers process data to generate responses and may log usage information per their terms.

We contractually require such providers (where feasible) to handle input and output data only as needed to provide the service, subject to appropriate security and confidentiality obligations.

5.4 Analytics, Marketing, and Communications

We may use third-party tools for:

1. Usage analytics and performance monitoring;
2. Email delivery, marketing automation, and notifications;
3. A/B testing and engagement analytics.

These providers may receive:

• Device and usage data;
• Email addresses and identifiers;
• Cookie or similar identifiers (see Section 6).

We strive to limit personal data shared where possible and use aggregated or de-identified data when feasible.

5.5 Commission, Payout, and Affiliate Tools

To operate our commission system and process payouts:

1. We may work with third-party payout platforms or financial intermediaries;
2. We may process or share identification and tax-related details where required for compliance.

5.6 Legal, Compliance, and Business Transfers

We may disclose personal data:

1. To comply with law or protect rights
   • To courts, regulators, law enforcement, or other authorities when we believe disclosure is necessary to comply with applicable law or protect our rights, safety, or property, or those of others.
2. In corporate transactions
   • To actual or potential buyers, investors, or merger partners, subject to confidentiality, as part of a business transaction, restructuring, or bankruptcy.

6. Cookies

We use cookies and similar technologies (such as pixels, web beacons, and local storage) to:

1. Operate essential features and maintain security;
2. Remember your preferences and improve user experience;
3. Analyze usage and performance;
4. Support marketing, attribution, and measurement.

Where required by law, we will request your consent for non-essential cookies and give you the choice to manage your cookie preferences.

For more detailed information about specific cookies and how to manage them, please refer to our Cookie Policy, which forms part of this Privacy Policy by reference.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

1. Providing the Services and operating your account;
2. Meeting legal, accounting, or reporting obligations;
3. Resolving disputes and enforcing our agreements.

Retention periods may vary depending on data type:

1. Account data
   • Retained for the life of your account and a reasonable period after closure (e.g., for backup, fraud prevention, or legal claims).
2. Billing and transaction data
   • Retained as required by tax and financial laws (often 7–10 years, depending on jurisdiction).
3. AI prompt and output data
   • May be retained for service provision, troubleshooting, improving features, and security monitoring, often in log form and subject to provider policies.
4. Commission and payout records
   • Retained for regulatory and tax compliance purposes.
5. Marketing data
   • Retained while you remain subscribed to communications, and for a limited time thereafter, unless you opt out or request deletion.

When we no longer need personal data, we will delete or anonymize it, unless we are required by law to retain it longer.

8. Your Rights: Access, Correction, Deletion, Portability, Opt-Out

Depending on where you live, you may have certain rights regarding your personal data. We will honor these rights in accordance with applicable law.

8.1 GDPR / EEA / UK Rights

If you are in the EEA, UK, or a similar jurisdiction, you generally have the right to:

1. Access
   • Request confirmation whether we process personal data about you and obtain a copy of that data.
2. Rectification (Correction)
   • Request that we correct inaccurate or incomplete personal data.
3. Erasure (Deletion)
   • Request deletion of your personal data, subject to certain exceptions (e.g., legal obligations).
4. Restriction
   • Request we restrict the processing of your data under certain conditions.
5. Portability
   • Receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
6. Object
   • Object to processing based on our legitimate interests or for direct marketing, including profiling related to direct marketing.
7. Withdraw Consent
   • Where processing is based on consent, withdraw that consent at any time.

8.2 CCPA / CPRA – California Consumer Rights

If you are a California resident, you may have the following rights, subject to exceptions:

1. Right to Know / Access
   • Request that we disclose the categories and specific pieces of personal information we have collected, used, disclosed, or “sold”/“shared” (as defined by California law) about you in the past 12 months.
2. Right to Delete
   • Request that we delete personal information we have collected about you, subject to legal exemptions.
3. Right to Correct
   • Request correction of inaccurate personal information.
4. Right to Opt-Out of “Sale” or “Sharing”
   • We do not sell personal information in exchange for money. Where our use of certain cookies or marketing tools may be treated as a “sale” or “sharing” of personal information under California law, you may have the right to opt out of such activities.
5. Right to Non-Discrimination
   • We will not discriminate against you for exercising your CCPA/CPRA rights, such as by denying services, charging different prices, or providing a different level or quality of service, subject to permissible financial incentive programs that might reasonably relate to the value of your data.

8.3 How to Exercise Your Rights

To exercise any of the above rights:

• Email us at info@wemillionaires.com with:
  • Your name,
  • Your account email address,
  • The country or state where you reside,
  • A clear description of your request.

We may need to verify your identity before processing your request, which may include asking you to log into your account or provide specific information. You can also authorize an agent to make requests on your behalf where permitted by law; in such cases we may require proof of your authorization and verification of your identity.

8.4 Marketing and Communications Preferences

You can manage your marketing preferences by:

1. Clicking the “unsubscribe” or “manage preferences” link in our emails;
2. Adjusting notification settings in your account (where available);
3. Contacting us at info@wemillionaires.com.

Even if you opt out of marketing communications, we may still send you non-promotional messages related to your account or transactions.

9. International Transfers (SCCs)

WeMillionaires is based in the United States, and many of our service providers also operate in the U.S. and other countries. This means your personal data may be transferred to and processed in jurisdictions that may not offer the same level of data protection as your home country.

For users in the EEA, UK, and other regions with cross-border transfer restrictions:

1. We rely on one or more of the following mechanisms:
   • Standard Contractual Clauses (SCCs) approved by the European Commission;
   • UK-approved International Data Transfer Addendum (IDTA) or similar clauses;
   • Other appropriate safeguards permitted by applicable law.
2. In some limited cases, we may rely on derogations, such as:
   • Your explicit consent;
   • The necessity of the transfer for the performance of a contract with you.

You can contact us for more information or to request a copy of the SCCs or other transfer mechanisms we use, subject to redactions for confidentiality.

10. Security Measures

We take reasonable and appropriate technical and organizational measures to safeguard personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

1. Encryption of data in transit (e.g., HTTPS/TLS) and, where applicable, at rest;
2. Access controls and authentication mechanisms for staff and systems;
3. Use of reputable hosting, database, and CDN providers (such as MongoDB Atlas and Cloudflare) with strong security practices;
4. Regular monitoring, logging, and vulnerability management;
5. Policies and training to promote data protection awareness within our team.

No system can be guaranteed to be 100% secure. You are responsible for keeping your password and account credentials confidential and for notifying us promptly if you suspect unauthorized use of your account.

11. Children’s Privacy (Under 18 Prohibited)

Our Services are not intended for and may not be used by anyone under the age of 18. We do not knowingly collect personal data from children under 18.

If we become aware that we have collected personal data from a child under 18 without appropriate consent or verification, we will take steps to delete that information promptly.

If you believe that we might have any information from or about a child under 18, please contact us at info@wemillionaires.com.

12. California-Specific Disclosures (CCPA/CPRA — Do Not Sell, Shine the Light)

12.1 Categories of Personal Information Collected (Last 12 Months)

Over the past 12 months, we may have collected the following categories of personal information as defined by California law:

1. Identifiers (e.g., name, email address, IP address, account identifiers);
2. Customer records (e.g., billing address, payment-related information via Stripe);
3. Commercial information (e.g., subscriptions, transaction history, commissions);
4. Internet or other electronic network activity (e.g., browsing history on our Services, usage data, cookie data);
5. Geolocation data (general location inferred from IP address or profile);
6. Professional or employment-related information (e.g., role, business details you provide);
7. Inferences drawn from other personal information (e.g., preferences based on use of the Services).

12.2 Sources of Personal Information

We collect personal information from:

1. You directly (registration, use of the Services, communications);
2. Your devices and browsers (automated collection via cookies or similar technologies);
3. Service providers and partners (e.g., Stripe, analytics tools, AI providers).

12.3 Purposes for Collection and Use

We use these categories of personal information for the business and commercial purposes described in Section 3.

12.4 Disclosure of Personal Information

In the last 12 months, we may have disclosed categories of personal information listed above to:

1. Service providers and contractors (e.g., Stripe, MongoDB Atlas, Cloudflare, fal.ai, Emergent LLM, analytics and email service providers);
2. Legal and regulatory authorities (when required by law);
3. Business partners or successors in the event of corporate transactions.

These disclosures are made for business purposes such as providing services, securing our systems, processing payments, and operating our business.

12.5 “Sale” or “Sharing” of Personal Information

We do not sell your personal information in exchange for money.

Some of our use of cookies and third-party analytics or advertising tools may be interpreted as a “sale” or “sharing” of personal information under the CCPA/CPRA. To the extent our use of such tools constitutes a “sale” or “sharing”:

• You may have the right to opt out of such sale/sharing.
• We will provide mechanisms (such as a “Do Not Sell or Share My Personal Information” link or cookie preference tools) where required by law.

You can also contact us at info@wemillionaires.com for assistance.

12.6 California “Shine the Light” Law

California Civil Code Section 1798.83 (the “Shine the Light” law) allows California residents to request certain information about our disclosure of personal information to third parties for their own direct marketing purposes.

We do not share personal information with third parties for their own direct marketing purposes without your consent.

If you have questions regarding this practice, you may contact us at info@wemillionaires.com with “California Shine the Light Request” in the subject line.

13. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.

1. When we make material changes, we will:
   • Update the “Effective Date” at the top of this policy; and
   • Provide additional notice as required by law, which may include notice within the Platform, by email, or via other appropriate channels.
2. Your continued use of the Services after any changes become effective means you accept the updated Privacy Policy.

We encourage you to review this Policy periodically to stay informed about our privacy practices.

14. Data Protection Officer / Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, you can contact us at:

WeMillionaires
3829 Pennsylvania Ave SE
Washington DC 20020, USA
Email: info@wemillionaires.com

If we appoint a Data Protection Officer (DPO), we will update this section with their contact details.

If you are in the EEA, UK, or another jurisdiction with a supervisory authority, you also have the right to lodge a complaint with your local data protection authority. We would, however, appreciate the chance to address your concerns before you approach an authority, so please contact us first if possible.

Governing Law and Dispute Resolution

This Privacy Policy, and any dispute arising out of or relating to it or our processing of personal data, is governed by the laws of the District of Columbia, United States of America, without regard to its conflict-of-law principles.

You agree that any legal action or proceeding related to this Privacy Policy or your use of our Services shall be brought exclusively in the state or federal courts located in the District of Columbia, and you hereby consent to the personal jurisdiction and venue of such courts.