PRIVACY POLICY

Effective Date: February 17, 2026
Last Updated: February 17, 2026

This Privacy Policy applies to services provided by Origen Tech, LLC ("Origen Tech," "we," "us," or "our"), including our AIMEE messaging platform (collectively, the "Services").

1. INFORMATION WE COLLECT

1.1 AIMEE Messaging Platform

When you interact with AIMEE's messaging infrastructure, we collect:

Message Data:

  • Content of messages sent and received through our platform

  • Message metadata (timestamps, delivery status, read receipts)

  • Conversation history and threading information

  • Media files (images, videos, documents) shared through messaging

User Profile Information:

  • Display name and contact information

  • User IDs from messaging platforms (LINE, iMessage)

  • Profile pictures and status messages

  • Language preferences

  • Device information (operating system, device type)

Behavioral and Preference Data:

  • Interaction patterns and engagement metrics

  • Visit frequency and appointment history

  • Purchase history and transaction data

  • Booking and reservation information

  • Product or service preferences

  • Customer segment classification (VIP status, loyalty tier)

  • Response patterns and communication preferences

Demographic Information:

  • Age range

  • Gender

  • Geographic location and region

  • Time zone

1.2 Origen Tech Marketing Services

For our marketing and technology services, we collect:

Business Information:

  • Company name and contact details

  • Business type and industry vertical

  • Operational hours and service offerings

  • Pricing and promotion information

  • Brand assets and marketing materials

Campaign Data:

  • Marketing campaign performance metrics

  • Engagement analytics

  • Conversion data

  • A/B test results

  • Customer acquisition data

Technical Information:

  • Website usage and analytics

  • Form submissions

  • Click-through rates

  • Traffic sources

1.3 Infrastructure Services

For clients using our dedicated infrastructure hosting:

Server and Network Data:

  • Infrastructure usage metrics

  • Network traffic patterns

  • Storage utilization

  • Compute resource consumption

  • Bandwidth usage

Security and Access Data:

  • Access logs and authentication records

  • Security event data

  • Camera footage of physical facilities (when applicable)

  • Entry and exit records from secured facilities

  • Network security monitoring data

System Performance Data:

  • Uptime and availability metrics

  • Performance benchmarks

  • Error logs and diagnostics

  • Temperature and environmental monitoring (for hardware)

1.4 Information Collected Automatically

Cookies and Tracking Technologies:

  • Session cookies for authentication

  • Analytics cookies for usage tracking

  • Performance cookies for optimization

  • Preference cookies for user settings

Device and Browser Information:

  • IP address

  • Browser type and version

  • Device identifiers

  • Operating system

  • Screen resolution

  • Referring URLs

2. HOW WE USE YOUR INFORMATION

2.1 Primary Uses

To Provide Services:

  • Deliver AI-powered messaging responses

  • Manage customer relationships on behalf of our clients

  • Process bookings, appointments, and reservations

  • Send automated reminders and follow-ups

  • Maintain customer profiles and preferences

  • Enable loyalty programs and rewards

  • Facilitate payment processing (through third-party processors)

To Improve Services:

  • Train and refine AI models

  • Analyze conversation patterns for better responses

  • Optimize message timing and delivery

  • Develop new features and capabilities

  • Conduct quality assurance and testing

  • Monitor system performance and reliability

To Communicate:

  • Send service updates and notifications

  • Provide customer support

  • Respond to inquiries and requests

  • Share important policy or terms changes

  • Deliver marketing communications (with consent)

2.2 Business Operations

Analytics and Research:

  • Aggregate usage statistics

  • Industry benchmarking

  • Product development research

  • Market analysis

Security and Compliance:

  • Fraud prevention and detection

  • Security monitoring and incident response

  • Compliance with legal obligations

  • Enforce our Terms of Service

  • Protect rights, property, and safety

3. AI TRAINING AND MODEL DEVELOPMENT

3.1 Model Training Practices

Standard AIMEE Deployment:

  • Conversation data is used to train AI models specific to each client's business

  • Models learn communication patterns, product knowledge, and customer preferences

  • Training data is aggregated and anonymized where possible

  • Client-specific models do not share training data across different businesses

Dedicated Infrastructure Deployment:

  • For clients using dedicated infrastructure, AI models are trained exclusively on that client's data

  • No data from dedicated deployments is shared with other clients or used in general model training

  • Models remain isolated within the client's dedicated infrastructure

  • Client maintains full control over model training data and parameters

3.2 Data Retention for Training

  • Active conversation data: Retained for the duration of the business relationship

  • Historical training data: Retained indefinitely to maintain model performance

  • Anonymized analytics data: May be retained permanently for research purposes

  • Client-specific data in dedicated deployments: Retained according to client specifications

4. DATA SHARING AND DISCLOSURE

4.1 We Share Information With:

Our Clients:

  • Businesses using AIMEE receive access to conversations with their customers

  • Full CRM data including customer profiles, preferences, and interaction history

  • Analytics and performance metrics

  • Segment classifications and behavioral insights

Service Providers:

  • Cloud infrastructure providers (for standard deployments)

  • Payment processors

  • Analytics platforms

  • Customer support tools

  • Security and monitoring services

Messaging Platform Providers:

  • LINE Corporation (for LINE Official Account integrations)

  • Apple Inc. (for iMessage infrastructure, subject to our proprietary access methods)

Business Partners:

  • Venue operators at partner locations

  • Local operating entities in international jurisdictions

  • Integration partners for connected services

4.2 Legal Disclosures

We may disclose information when required to:

  • Comply with applicable laws, regulations, or legal processes

  • Respond to government requests or court orders

  • Enforce our agreements and policies

  • Protect rights, property, or safety of Origen Tech, our clients, or others

  • Prevent fraud or security threats

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, user information may be transferred to the acquiring entity. We will notify affected users of any such change in ownership or control.

4.4 We Do NOT Sell Personal Information

Origen Tech does not sell, rent, or trade personal information to third parties for their marketing purposes.

5. DATA INFRASTRUCTURE OPTIONS

5.1 Standard Deployment

  • Data is processed using cloud infrastructure from reputable providers

  • Data may be stored and processed in multiple jurisdictions

  • Standard security protocols and encryption apply

5.2 Dedicated Infrastructure Option

Origen Tech offers dedicated infrastructure hosting for clients with data isolation requirements:

Physical Isolation:

  • Dedicated hardware in Origen Tech-controlled facilities

  • Physical security including surveillance, access controls, and monitoring

  • Client-viewable camera feeds of server infrastructure

  • Geographic isolation in Nevada, USA

Data Isolation:

  • No data sharing with other clients

  • No third-party cloud dependencies

  • Client data never leaves dedicated infrastructure

  • AI models trained exclusively on client data

  • No contribution to shared model training

Visual Verification:

  • Live camera access to client's dedicated server racks

  • Physical proof of data isolation

  • Documented chain of custody

  • Regular security audits and reporting

6. INTERNATIONAL DATA TRANSFERS

6.1 Japan Operations (LINE Platform)

For AIMEE services operating in Japan:

  • User data is collected through LINE Official Accounts

  • Data processing may occur in Japan and the United States

  • We comply with applicable Japanese data protection laws

  • Cross-border transfers are conducted with appropriate safeguards

6.2 International Locations

For operations in Bangkok and other international locations:

  • Local data protection laws apply to locally collected data

  • Data may be transferred to Origen Tech facilities in Nevada

  • Appropriate cross-border transfer mechanisms are implemented

  • Users in these jurisdictions have rights under local privacy laws

7. DATA SECURITY

7.1 Security Measures

We implement comprehensive security measures including:

Technical Safeguards:

  • End-to-end encryption for data in transit

  • Encryption at rest for stored data

  • Multi-factor authentication

  • Regular security audits and penetration testing

  • Intrusion detection and prevention systems

  • AI-powered threat monitoring

Physical Safeguards:

  • Secured data center facilities

  • 24/7 surveillance and monitoring

  • Biometric access controls

  • Environmental controls for equipment

  • Redundant power and cooling systems

Organizational Safeguards:

  • Employee background checks

  • Security awareness training

  • Strict access control policies

  • Incident response procedures

  • Regular security policy reviews

7.2 Limitations

No security system is impenetrable. While we employ industry-standard protections, we cannot guarantee absolute security. Users acknowledge and accept the inherent risks of transmitting information electronically.

8. DATA RETENTION

8.1 Retention Periods

Active Service Data:

  • Retained for the duration of the business relationship plus 90 days

  • CRM and customer profiles: Retained as long as business relationship continues

  • Message history: Retained for up to 2 years or as specified by client contract

Training Data:

  • AI model training data: Retained indefinitely to maintain model performance

  • Anonymized analytics: May be retained permanently

Infrastructure Logs:

  • Security logs: 1 year minimum

  • Access logs: 90 days minimum

  • Performance metrics: Aggregated and retained indefinitely

8.2 Deletion Requests

Users may request deletion of their data subject to:

  • Legal retention requirements

  • Contractual obligations

  • Operational necessity for service delivery

  • AI model integrity considerations

Deletion requests are processed within 30 days where technically feasible.

9. YOUR RIGHTS AND CHOICES

9.1 Access and Correction

You have the right to:

  • Access your personal information

  • Request corrections to inaccurate data

  • Receive copies of data we hold about you

  • Request portable copies in machine-readable format

9.2 Opt-Out Rights

You may opt out of:

  • Marketing communications (while maintaining service messages)

  • Certain data collection practices (may limit service functionality)

  • Specific AI training uses (subject to operational requirements)

9.3 Deletion and Restriction

You may request:

  • Deletion of your personal information

  • Restriction of certain processing activities

  • Objection to specific data uses

9.4 Exercising Rights

To exercise privacy rights:

  • Email: privacy@origen-tech.com

  • Include: Full name, contact information, specific request

  • Response time: 30 days maximum

  • Verification may be required to prevent fraud

10. REGIONAL PRIVACY RIGHTS

10.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

Right to Know:

  • Categories of personal information collected

  • Sources of information

  • Business purposes for collection

  • Categories of third parties receiving information

Right to Delete:

  • Request deletion of personal information (subject to exceptions)

Right to Opt-Out:

  • Opt out of the sale of personal information (Note: We do not sell personal information)

Right to Non-Discrimination:

  • Equal service and pricing regardless of privacy rights exercise

Shine the Light:

  • Annual disclosure of information sharing for direct marketing purposes

10.2 Nevada Residents

Nevada residents may opt out of the sale of personal information. We do not currently sell personal information as defined under Nevada law.

10.3 European Economic Area (EEA) and UK

For users in the EEA or UK, GDPR provides:

Legal Basis for Processing:

  • Contractual necessity

  • Legitimate interests

  • Legal compliance

  • Consent (where applicable)

Additional Rights:

  • Right to portability

  • Right to restriction

  • Right to object

  • Right to withdraw consent

  • Right to lodge complaints with supervisory authorities

10.4 Japan

For users in Japan under the Act on the Protection of Personal Information (APPI):

  • Right to request disclosure of personal data

  • Right to request correction or deletion

  • Right to request suspension of use

  • Right to file complaints with the Personal Information Protection Commission

11. CHILDREN'S PRIVACY

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we discover we have collected information from a minor, we will delete it promptly.

Businesses using our Services must ensure compliance with age restrictions for their industries (e.g., 21+ for nightlife venues).

12. THIRD-PARTY SERVICES

12.1 Integrated Platforms

Our Services integrate with third-party platforms including:

  • LINE Corporation

  • Apple iMessage

  • Payment processors

  • Analytics providers

These third parties have their own privacy policies. We are not responsible for their practices.

12.2 Links to External Sites

Our Services may contain links to external websites. We do not control these sites and are not responsible for their privacy practices.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices

  • Legal or regulatory requirements

  • New features or services

  • User feedback

Notice of Changes:

  • Material changes: 30 days advance notice

  • Non-material changes: Posted immediately with updated "Last Updated" date

  • Users are encouraged to review periodically

Continued use of Services after changes constitutes acceptance of the updated policy.

14. CONTACT INFORMATION

Privacy Inquiries: Email: privacy@origen-tech.com
Phone: +1 (725) 275-1913
Mail: Origen Tech, LLC, Attn: Privacy Officer, [Nevada Address]

Data Protection Officer (DPO): For GDPR-related inquiries: dpo@origen-tech.com

Service-Specific Contact:

  • AIMEE Platform: support@aimee.ai

  • Origen Tech Services: contact@origen-tech.com

Response Time: We respond to privacy inquiries within 30 days. Complex requests may require up to 60 days with notification of the extension.

15. GLOSSARY

AI Model: Artificial intelligence system trained to generate responses in messaging conversations

AIMEE: Artificial Intelligence Messaging Engagement Engine - our messaging platform

CRM: Customer Relationship Management system containing customer profiles and interaction history

LINE Official Account: Business account on the LINE messaging platform used in Japan and other Asian markets

Dedicated Infrastructure: Isolated hardware infrastructure with no shared resources or data commingling

User ID: Unique identifier assigned by messaging platforms to individual users

16. COMPLIANCE AND CERTIFICATIONS

Origen Tech maintains compliance with:

  • Payment Card Industry Data Security Standard (PCI DSS) - where applicable

  • SOC 2 Type II certification - in progress

  • ISO 27001 Information Security Management - targeted 2026

  • GDPR compliance framework

  • CCPA/CPRA compliance framework

  • APPI compliance for Japan operations

Acknowledgment

By using our Services, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms of Service.

Version History:

  • v1.0 - February 17, 2026: Initial policy

Origen Tech, LLC
Powering AIMEE - Where intelligence meets engagement