Privacy Policy

At Woje Inc. ("Woje," "we," "us," or "our"), we are committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your personal information. This Privacy Policy explains what data we collect, how we use it, your rights, and how to contact us.

1. Information You Provide to Us

We collect personal information you provide directly when you:

Sign up for a Woje account

Complete onboarding or verification steps

Subscribe to our services

Submit a support ticket or contact us

Use any tools, forms, or applications on the Woje platform

This may include:

Contact information: name, email address, phone number

Business information: company name, type of business, EIN, business address

Personal identification documents: uploaded photo ID (e.g., driver’s license, passport)

Banking information: account and routing numbers (via Plaid)

Login credentials: encrypted password, two-step verification code (sent to phone and/or email)

If you are a White Label licensee or affiliate, we may also collect business documents, territory preferences, and branding assets you voluntarily provide to support your deployment.

We collect this information to establish your account, provide services, and comply with legal and regulatory requirements.

2. Information We Collect Automatically

When you use our services, we may automatically collect certain technical and usage data, including:

Browser type, device type, operating system

IP address and time zone

Referral URL and page interaction information

Cookies and tracking technologies

This data is used to operate and improve the platform, ensure security, and understand user behavior. While we may know your business and/or personal address, we do not use geolocation trackers or GPS-based location finders.

3. Information from Third Parties

We may receive information about you from trusted third-party services we use to deliver functionality or verify identity:

Go High Level: our website and CRM platform

Plaid: verifies bank and account ownership details securely

Dwolla: facilitates ACH transfers directly from the consumer to the business (not via Woje)

These services are subject to their own privacy policies, and we use them solely to power your experience on Woje in a secure and compliant manner.

4. How We Use Your Information

We use your information to:

Create and manage accounts

Process payment plan requests

Verify identity and prevent fraud

Communicate important updates or changes

Offer support or respond to questions

Improve platform security, performance, and usability

Support and monitor activity under White Label or affiliate partnerships to ensure compliance and track referral performance

We may also use aggregated, de-identified data for research, benchmarking, or platform analytics.

Use of Automated Systems:
We may use AI-driven or automated systems to assist in risk scoring, fraud detection, and platform optimization. These systems do not replace human decision-making in financial approvals and are used only to improve accuracy, efficiency, and platform security.

5. How We Share Your Information

We do not sell your personal information. However, we may share it with:

Third-party service providers for payment processing, identity verification, hosting, or analytics

Regulatory or law enforcement agencies, if legally required

Successors in interest in case of a merger, acquisition, or sale of assets

In all cases, we ensure appropriate safeguards and contractual obligations are in place.

6. Advertising and Future Financial Offers

We do not share your information with advertisers. However, in the future, anonymized or aggregate data (e.g., performance of your payment plans) may be used to allow accredited financial institutions to offer to purchase your receivables, portfolio, or future revenue streams directly from you.

If this feature is launched, itAt WOJE™, Inc., also referred to as WOJE Money™ (“Woje,” “we,” “us,” or “our”), we are committed to protecting your privacy and being transparent about how we handle your information. This Privacy Policy explains what information we collect, how we use it, with whom we share it, your rights regarding your information, and how to contact us with questions or requests.

This Privacy Policy applies to all visitors, registered users, Business Users, and Consumers who access or use any of our platforms, including WojeMoney.com, WojeInc.com, MyWoje.com, and MyWojeMoney.com (collectively, the “Platform”). By accessing or using the Platform in any manner, you acknowledge that you have read and understood this Privacy Policy. No signature is required for this Policy to take effect.

This is the single, authoritative Privacy Policy governing all Woje™ platforms. Any prior privacy policies previously published at any Woje™ web address are superseded by this document.

1. How Woje Works — Our Role in Payment Processing

1.1  Woje is a Service Assisted Contract (SAC) software platform. We provide Business Users with tools to create, manage, and track financing agreements with their customers. We do not hold, move, store, or take custody of money at any point in a transaction.

1.2  When a payment is processed through the Platform, Woje transmits an encrypted electronic authorization code to our licensed third-party payment processor, Dwolla, Inc. (“Dwolla”). Dwolla then communicates directly with both the Consumer’s bank and the Business User’s bank to facilitate an ACH (Automated Clearing House) transfer. Money flows directly from the Consumer’s bank account to the Business User’s bank account. It does not pass through Dwolla’s accounts, Woje’s accounts, or any intermediary account controlled by Woje.

1.3  For bank account verification, Woje uses Plaid Inc. (“Plaid”), a licensed financial data network. Plaid verifies that a bank account exists and is in good standing by communicating directly with the user’s financial institution. Woje receives only a confirmation of verification status — we do not store full bank account credentials.

1.4  Because Woje does not take custody of funds, we do not operate as a money transmitter or payment processor in the traditional regulatory sense. However, because we handle nonpublic financial information in connection with facilitating financial transactions, we treat ourselves as subject to the privacy and security standards applicable to financial technology companies, including the principles of the Gramm-Leach-Bliley Act (GLBA) and the FTC Safeguards Rule.

2. Information We Collect

2.1  Information You Provide Directly. We collect personal information you provide when you create an account, set up a payment plan, or contact us, including:

Full name, business name, and contact information (email address, phone number, mailing address);

Date of birth and government-issued identification information, as required for identity verification;

Bank account and routing numbers, transmitted to Dwolla for payment processing (see Section 1);

Business and financial details necessary to establish your account and comply with legal and regulatory requirements;

Communications you send to us, including support requests and feedback.

2.2  Information Collected Automatically. When you use the Platform, we may automatically collect certain technical and usage data, including:

IP address, browser type, operating system, and device identifiers;

Pages visited, features used, and actions taken within the Platform;

Date and time of access, session duration, and referring URLs;

Log data and error reports used to diagnose technical issues.

This data is used solely to operate and improve the Platform, ensure security, and understand how users interact with our services. We do not use geolocation trackers or GPS-based location finders.

2.3  Information from Third Parties. We may receive limited information about you from trusted third-party services we use to operate the Platform:

Dwolla — payment authorization status and ACH transaction results;

Plaid — bank account verification status (not full account credentials);

Identity verification providers — confirmation of identity verification outcomes.

3. How We Use Your Information

We use the information we collect for the following purposes:

To establish and manage your account and provide the services you request;

To facilitate payment plan creation, management, and ACH transaction processing through Dwolla;

To verify your identity and comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) legal obligations;

To detect, investigate, and prevent fraud, security incidents, and unauthorized access;

To communicate with you about your account, transactions, and Platform updates;

To respond to your support requests and questions;

To comply with applicable laws, regulations, court orders, and legal processes;

To operate, maintain, improve, and analyze the performance of the Platform.

We do not use your personal information for advertising purposes. We do not serve ads to users of the Platform. We do not share your personal information with advertising networks, ad exchanges, or marketing data brokers. No such sharing will occur without your explicit written consent.

4. How We Share Your Information

4.1  We do not sell your personal information. We share your information only in the following limited circumstances:

4.2  Service Providers and Technology Partners. We share data with third-party companies that help us operate the Platform, under contractual obligations requiring them to protect your data and use it only for the purposes we specify:

Service Provider

Purpose / Data Shared

Privacy Policy

Dwolla, Inc.

ACH payment processing — transmits encrypted authorization codes to banks; receives transaction status. Does not receive full banking credentials.

dwolla.com/legal/privacy

Plaid Inc.

Bank account verification — confirms account existence and good standing. Woje receives verification status only, not full credentials.

plaid.com/legal/privacy-statement

GoHighLevel

CRM and e-commerce platform operations — manages customer communications and platform delivery. Receives contact and account information.

gohighlevel.com/privacy-policy

Identity Verification Provider(s)

KYC/AML compliance — verifies user identity as required by law. Receives identity documents and confirmation.

Provided at account setup

Analytics / Platform Monitoring

Platform performance and error monitoring — receives anonymized usage and technical data only.

Provided at account setup

4.3  Legal and Regulatory Disclosure. We may disclose your information to law enforcement agencies, regulators, courts, or other government authorities when required by law, court order, warrant, or other legal process, or to protect the rights, property, or safety of Woje, our users, or the public.

4.4  Business Transfers. In the event of a merger, acquisition, or sale of substantially all of our assets, your personal information may be transferred to the acquiring entity. We will notify affected users by email at least thirty (30) days prior to any such transfer, and the acquiring entity must agree in writing to privacy obligations no less protective than those in this Policy.

4.5  With Your Consent. We may share your information with third parties not described above only with your explicit written consent, which you may withdraw at any time.

4.6  No Advertising Data Sharing. We do not share your personal information with advertising networks, data brokers, co-branded marketing partners, or any entity for advertising or marketing purposes. No such sharing will take place without explicit written consent from the user.

5. Financial Privacy Notice (Gramm-Leach-Bliley Act)

5.1  Because Woje facilitates financial transactions and handles nonpublic personal financial information — including bank account information and payment histories — we apply the privacy principles of the Gramm-Leach-Bliley Act (GLBA) and its implementing Regulation P to our handling of your data, regardless of whether we are formally determined to be a “financial institution” under GLBA.

5.2  What We Collect and Why. The table below summarizes the nonpublic personal financial information we collect and how it is used:

Category of Information

How We Use It

Do We Share It?

Bank account & routing numbers

Transmitted (encrypted) to Dwolla to initiate ACH authorization only

Yes — Dwolla only, for processing

Payment history & balances

Manage payment plans; provide account records to users on request

No, except as required by law

Identity verification data

KYC/AML compliance; fraud prevention

Yes — identity verification provider only

Transaction amounts & dates

Contract management; account records; legal compliance

No, except as required by law

Business financial information

Account setup and service delivery

No, except as required by law

5.3  Opt-Out Right. To the extent GLBA applies to our operations, you have the right to opt out of our sharing of your nonpublic personal financial information with non-affiliated third parties outside the service-provider exceptions described above. To exercise this right, contact us at [email protected]. We will process opt-out requests within thirty (30) days.

5.4  FTC Safeguards Rule. Woje maintains a written information security program consistent with the FTC Safeguards Rule (16 C.F.R. Part 314), which includes administrative, technical, and physical safeguards appropriate to the nature and scope of our activities and the sensitivity of the customer information we handle.

6. Cookies and Tracking Technologies

6.1  We use the following types of cookies and similar technologies on the Platform:

Essential cookies — required for the Platform to function (e.g., session authentication, security tokens). These cannot be disabled without impairing Platform functionality.

Functional cookies — remember your preferences and settings to improve your experience.

Analytics cookies — collect anonymized data about how users interact with the Platform to help us improve performance and usability. We do not use this data to identify individual users.

6.2  We do not use advertising cookies, tracking pixels, web beacons for ad delivery, or any tracking technologies that share your data with advertising networks or data brokers.

6.3  You may control or disable non-essential cookies through your browser settings. Note that disabling certain cookies may affect Platform functionality. A cookie preference tool is available on the Platform for managing non-essential cookies.

6.4  We honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal indicating a preference to opt out of data sharing or sale, we will treat this as a valid opt-out request consistent with applicable state privacy laws.

7. Data Retention

7.1  We retain personal information only as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. The following retention schedule applies:

Data Category

Retention Period

Basis

Transaction records & payment histories

7 years from transaction date

IRS / financial recordkeeping requirements

Identity verification data

Duration of account + 5 years after closure

KYC/AML legal obligations

Account information (name, contact, banking details)

Duration of account + 5 years after closure

Legal compliance and dispute resolution

Support communications

3 years from last interaction

Dispute resolution

Technical / log data

90 days

Security monitoring and debugging

Marketing / opt-out preferences

7 years

Compliance with opt-out obligations

7.2  Upon expiration of the applicable retention period, personal data will be securely deleted or irreversibly anonymized using industry-standard methods. Anonymized data that can no longer be linked to an individual may be retained indefinitely for aggregate analytics and platform improvement.

8. Security

8.1  Woje maintains a written information security program that includes administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, use, disclosure, alteration, or destruction. Our security measures include:

Encryption of sensitive data in transit (TLS/SSL) and at rest;

Access controls limiting data access to authorized personnel on a need-to-know basis;

Secure data centers operated by our infrastructure providers;

Regular security monitoring, testing, and vulnerability assessments;

Employee training on data handling and security practices.

8.2  A designated security officer is responsible for overseeing our information security program, conducting periodic risk assessments, and ensuring service providers who handle your data are contractually required to maintain equivalent security standards.

8.3  While no system is 100% secure, we continuously monitor and improve our defenses. If you believe your account has been compromised, contact us immediately at [email protected].

9. Data Breach Notification

9.1  In the event of a security incident that results in unauthorized access to or disclosure of your personal information, Woje will:

Notify affected users by email within thirty (30) calendar days of confirming that a breach has occurred, consistent with Utah Code § 13-44 and the most common standard across U.S. state breach notification laws;

Describe in the notification: what personal information was affected, how the incident occurred (to the extent known), what steps we have taken to address it, and what steps you can take to protect yourself;

Notify applicable state regulators and law enforcement as required by the laws of the affected users’ states;

Maintain an internal incident response plan that is reviewed and tested at least annually.

9.2  If a breach affects your financial account information, we will also notify Dwolla and, where appropriate, recommend that you contact your financial institution.

10. Your Privacy Rights

10.1  Depending on your state of residence, you may have some or all of the following rights regarding your personal information:

Right to know — request disclosure of the categories and specific pieces of personal information we have collected about you;

Right to access — obtain a copy of your personal information in a portable format;

Right to correct — request correction of inaccurate personal information;

Right to delete — request deletion of your personal information, subject to our legal retention obligations;

Right to opt out — opt out of the sale or sharing of your personal information (Woje does not sell personal information, but we honor opt-out requests as described in this Policy);

Right to limit use of sensitive information — direct us to limit the use of sensitive personal information (such as financial account data) to the purposes for which it was collected;

Right to non-discrimination — we will not discriminate against you for exercising any privacy right.

10.2  State-Specific Rights. The following users have all rights listed above under their respective state laws: California residents (CCPA/CPRA); Virginia residents (VCDPA); Colorado residents (CPA); Utah residents (UCPA); Connecticut, Texas, Oregon, Montana, Delaware, Nebraska, New Hampshire, New Jersey residents (respective state privacy laws). Users in other states retain all rights provided under applicable federal and state law.

10.3  How to Exercise Your Rights. To exercise any of the rights described above, submit a request by:

Email: [email protected] (subject line: “Privacy Rights Request”);

Web form: available at WojeMoney.com/privacy-rights (or the current equivalent URL).

10.4  Response Timeline. We will acknowledge your request within five (5) business days and provide a substantive response within forty-five (45) calendar days. If we need additional time, we will notify you and may extend the response period by up to an additional forty-five (45) days (90 days total), consistent with applicable state law.

10.5  Identity Verification. To protect your privacy, we will verify your identity before processing access, correction, or deletion requests. We will only use the information you provide for verification purposes.

10.6  Right of Appeal. If we deny your request, we will explain the reason in writing. You may appeal a denial by emailing [email protected] with the subject line “Privacy Rights Appeal.” We will respond to appeals within sixty (60) calendar days. If your appeal is denied, we will provide information about how to contact your state’s Attorney General or applicable privacy regulator.

10.7  Do Not Sell or Share. Woje does not sell personal information. We honor all “Do Not Sell or Share My Personal Information” requests. A link for submitting such a request is available in the footer of WojeMoney.com. We will process such requests within fifteen (15) business days as required by California law and within forty-five (45) days as required by other applicable state laws.

11. Children’s Privacy

11.1  The Platform is intended for use by adults (18 years of age or older) and businesses. We do not knowingly collect personal information from children under the age of 13.

11.2  Age Gate. Users are required to confirm they are 18 years of age or older during account registration. If we discover or are notified that we have inadvertently collected personal information from a child under 13, we will delete that information within five (5) business days of confirmation.

11.3  Parental Notification. If a parent or guardian believes their child under 13 has provided personal information to Woje, they may contact us at [email protected] to request deletion. We will respond within five (5) business days.

11.4  Minors Aged 13–17. Consistent with 2025 state privacy law requirements, Woje does not: (a) process the personal information of known minors aged 13–17 for targeted advertising; (b) sell the personal information of known minors aged 13–17; or (c) use the personal information of known minors aged 13–17 for profiling in furtherance of decisions that produce legal or similarly significant effects. If a user is identified as being between 13 and 17 years of age, their data will be treated as sensitive and processed only with affirmative consent where required by applicable law.

12. Future Data Features — Receivables Marketplace

12.1  In the future, Woje may offer an optional feature that would allow banks or financial institutions to view anonymized or aggregate data about the performance of payment plans (e.g., repayment rates, average balances) and offer to purchase receivables directly from Business Users.

12.2  This feature will not be activated without:

Affirmative opt-in consent from each Business User whose data would be included — not opt-out;

A clear explanation of exactly what data is shared, with whom, and for what purpose;

A determination that the data shared meets the legal standard for de-identification or anonymization under applicable law (including NIST SP 800-188 or equivalent guidance), such that it cannot reasonably be re-linked to an individual;

A separate, dedicated consent flow and privacy notice specific to this feature.

12.3  Until this feature is formally launched with the consent mechanisms described above, no user data will be shared with banks or financial institutions for receivables purchasing purposes.

13. Third-Party Platforms and Links

13.1  The Platform may contain links to or integrations with third-party websites, applications, or services. This Privacy Policy does not apply to third-party platforms. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party service before providing your personal information.

13.2  Key third-party platforms whose privacy policies you should review include:

Dwolla, Inc. — dwolla.com/legal/privacy

Plaid Inc. — plaid.com/legal/privacy-statement

GoHighLevel — gohighlevel.com/privacy-policy

14. Changes to This Privacy Policy

14.1  We may update this Privacy Policy periodically to reflect changes in our services, technology, legal requirements, or business operations. When we make material changes — changes that affect your rights or how your data is used — we will:

Provide at least thirty (30) days’ advance notice by email to the address on file;

Post a notice on the Platform identifying the changes and their effective date;

Update the “Last Updated” date at the top of this Policy.

14.2  Non-material changes (such as clarifications, formatting, or contact information updates) may take effect immediately. Your continued use of the Platform after the effective date of any update constitutes acceptance of the revised Policy.

14.3  This is the single, authoritative Privacy Policy for all Woje™ platforms. Any previous privacy policies published at any Woje™ web address are superseded by this document.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: [email protected]

Support: [email protected]

Mail: WOJE™, Inc., 242 E. Skipper Lane, Saratoga Springs, Utah 84045

Website: www.WojeMoney.com

We will respond to all privacy inquiries within five (5) business days.

By accessing or using WojeMoney.com, WojeInc.com, MyWoje.com, or MyWojeMoney.com, you acknowledge that you have read and understood this Privacy Policy.