Solutions

About Us

Book A Demo

Solutions

About Us

Book A Demo

Privacy Policy

Last Updated: 20 April, 2026

1. Introduction

Welcome to One Lasso ("Company," "we," "us," or "our"). We respect your privacy and are committed to protecting the personal information you provide while using our platform. This Privacy Policy explains how we collect, use, disclose, and protect your information when you access One Lasso through our website (onelasso.com), admin dashboard, partner portal, embedded components, widgets, and related services (collectively, the "Services").

This Privacy Policy applies to all users of our Services, including:

Clients: Organizations that use One Lasso to manage their partnership and referral programs
Partners: Individuals and organizations who participate in referral and partnership programs managed through One Lasso
Website Visitors: Individuals who visit our website or interact with referral links

By using our Services, you agree to the terms outlined in this Privacy Policy. If you do not agree, please discontinue use of our Services.

2. Information We Collect

A. Information You Provide to Us

Account Information: Name, email address, phone number, job title, company name, and other details provided when creating an account or being invited to the platform.
Partner Profile Information: Name, email address, phone number, job title, company name, LinkedIn profile URL, and website URL.
Financial Information: Banking details, payment account information, and tax identification information (such as W-9 or W-8 forms) necessary for processing commission payouts.
Form Submissions: Information submitted through referral forms hosted on the platform, including name, email address, phone number, company name, and any additional fields configured by the Client.
Agreement and Consent Records: Records of partner agreements signed through the platform, marketing preferences, and terms acceptance.
Communications: Support inquiries, feedback, or other correspondence you send to us.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

B. Information We Collect Automatically

Technical Data: IP address, browser type and version, operating system, and device information.
Usage Data: Pages visited, features used, and interactions within the platform.
Referral Tracking Data: When you click a referral link, we collect click identifiers, campaign parameters, referring URL, browser user agent, and IP address for the purpose of attributing referrals.
Cookies and Similar Technologies: We use cookies and similar technologies to maintain sessions, remember preferences, and improve the user experience. See Section 10 for more detail.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

C. Information from Third-Party Integrations

When a Client connects a third-party integration, we may collect or receive data from that integration on the Client's behalf:

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

CRM Platforms: Contact, company, and deal data from platforms such as HubSpot, Salesforce, or Pipedrive, as authorized by the Client.
Revenue Platforms: Transaction and subscription data from platforms such as Stripe or Chargebee, as authorized by the Client, for the purpose of calculating commissions.
Communication Platforms: Workspace and channel information from platforms such as Slack, as authorized by the Client, for delivering notifications.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

These integrations are initiated and controlled by the Client. We only access data within the scope authorized by the Client's integration settings.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

3. How We Use Your Information

We use the information we collect for the following purposes:

Provide, operate, and maintain our Services
Manage partner referral programs on behalf of our Clients
Track and attribute referral activity
Calculate, process, and distribute commission payouts to Partners
Facilitate communications between Clients, Partners, and leads
Synchronize data with Client-authorized third-party integrations
Send service-related announcements and transactional communications
Send marketing communications where you have opted in or where otherwise permitted by law
Improve platform performance, security, and user experience
Comply with applicable legal, tax, and regulatory obligations
Detect and prevent fraud, abuse, or security incidents
Enforce our Terms of Service

4. How We Share Your Information

We do not sell, rent, or trade personal information. We may share information in the following circumstances:

Service Providers: We engage trusted third-party service providers who process data on our behalf to support our operations, including cloud hosting, email delivery, payment processing, payout distribution, tax verification, electronic signatures, error monitoring, and analytics. These providers are contractually obligated to use your data only as necessary to perform services for us and to maintain appropriate security measures.

Commission Payouts: When a Client approves a payout, we share Partner financial information with our payout providers (such as Wise, PayPal, or Tremendous) to process the payment. These accounts are held by One Lasso, and we act as the processor facilitating the transaction on behalf of the Client.
Client-Authorized Integrations: When a Client connects a third-party integration (such as a CRM or revenue platform), data may be exchanged with that integration at the Client's direction. One Lasso connects to the Client's own accounts with these providers and does not control how the Client uses those platforms.
Between Clients and Partners: Referral and lead information is shared between Clients and their Partners as part of the core functionality of the Services.
Legal and Compliance: We may disclose information to comply with applicable laws, regulations, court orders, or governmental requests, including to meet national security or law enforcement requirements.
Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
With Your Consent: When you authorize us to share your data with a specific third party.

5. Data Security

We implement industry-standard technical and organizational security measures to protect personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit using transport layer security

Encryption of sensitive data at rest, including financial and tax information
Role-based access controls and multi-factor authentication for administrative access
Regular security assessments and vulnerability management
Audit logging of data access and modifications
Incident response procedures

One Lasso maintains SOC 2 Type II certification, which is independently audited. While we take reasonable precautions to protect your information, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

6. Data Retention

We retain personal information for as long as necessary to provide our Services, fulfill the purposes described in this Privacy Policy, and comply with our legal obligations.

Financial and tax records are retained for the period required by applicable law (typically seven years).
Referral tracking data (such as IP addresses and browser information) is retained for a limited period and may be anonymized after that period expires.
Account information is retained for the duration of your relationship with us and for a reasonable period thereafter.

When personal information is no longer required, we delete or anonymize it. Where deletion is not feasible due to technical constraints such as referential integrity requirements, we anonymize the data so that it no longer identifies an individual.

7. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights regarding your personal information:

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

Access: Request a copy of the personal data we hold about you.

Correction: Request that we correct inaccurate or incomplete data.
Deletion: Request that we delete your personal information, subject to legal exceptions and retention obligations.
Restriction: Request that we limit certain processing of your data.
Data Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
Objection: Object to processing of your data based on legitimate interests or for direct marketing purposes.
Withdrawal of Consent: Where processing is based on consent, you may withdraw your consent at any time.
Opt-Out of Marketing: Unsubscribe from marketing communications at any time using the link provided in the communication or by contacting us.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within the timeframe required by applicable law.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

If you are a Partner in a Client's referral program, certain data may be controlled by the Client. In such cases, we may direct your request to the relevant Client or work with them to fulfill it.

Account Information: Name, email address, phone number, company details, and other relevant information provided when signing up.
Partner Data: Information related to partner referrals, including referral submissions, payout details, and activity tracking.
Payment Information: Banking or payment processing details used for commissions and payouts.
Support Inquiries: Any communication, feedback, or inquiries sent to us.

8. Additional Rights for California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following additional rights:

Right to Know: Request details about the categories and specific pieces of personal information we collect, use, and share.

Right to Delete: Request deletion of your personal information, subject to exceptions.
Right to Opt-Out: Opt out of the sale or sharing of personal data. We do not sell personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at [email protected].

9. International Data Transfers and the Data Privacy Framework

One Lasso is based in the United States. If you are located outside the United States, your personal information will be transferred to and processed in the United States.

EU-U.S. Data Privacy Framework and UK Extension

One Lasso complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. One Lasso has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern.

To learn more about the Data Privacy Framework program and to view our certification, please visit dataprivacyframework.gov.

One Lasso is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

One Lasso's accountability for personal data that it receives under the DPF and subsequently transfers to a third party is described in the DPF Principles. In particular, One Lasso remains responsible and liable under the DPF Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless One Lasso proves that it is not responsible for the event giving rise to the damage.

Complaints and Dispute Resolution

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, One Lasso commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union or United Kingdom with inquiries or complaints regarding our handling of personal data received in reliance on the DPF should first contact us at [email protected].

One Lasso has further committed to refer unresolved DPF complaints to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.

If your complaint cannot be resolved through the above channels, under certain conditions you may invoke binding arbitration before a Data Privacy Framework Panel. For more information, visit dataprivacyframework.gov.

10. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

Essential Cookies: Required for the operation of our Services, including authentication and session management.

Analytics: To understand how our Services are used and to improve the user experience.
Referral Attribution: To track referral link clicks and attribute referral activity. This tracking is based on click-level identifiers passed via URL parameters and does not use cross-site tracking cookies.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our Services.

11. Third-Party Links and Integrations

Our Services may contain links to third-party websites or integrate with third-party platforms. These services operate independently and have their own privacy policies. We are not responsible for the privacy practices of third-party services and encourage you to review their policies before engaging with them.

12. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

13. Sub-processors

A list of third-party sub-processors that One Lasso engages to process personal data is available at onelasso.com/legal/sub-processors. This list is updated when sub-processors are added or changed.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. If changes are material, we will notify you by email or by posting a prominent notice on our website prior to the change becoming effective. We encourage you to review this Privacy Policy periodically.