OneSky’s Privacy Policy

The following policy was created by OneSky (“we” or “us”) in order to protect the privacy of our online and offline donors and supporters, and the visitors to the website onesky.org (the “Website”). OneSky knows you care how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly.

This Privacy Policy sets out OneSky’s approach to the following:

  • cookies and log data;
  • personal data that you provide to us and how we use it;
  • when we may share your personal data with third parties;
  • how we protect, and how long we store, your personal data;
  • your rights under data protection laws;
  • links to third party websites; and
  • how to contact us if you have a question about this Privacy Policy or wish to make a complaint.

By visiting the Website, you are accepting the practices described in this Privacy Policy.

Cookies and log data

Cookies

We use “cookies” (a small text file containing a string of alphanumeric characters we store for an extended period of time on your computer, mobile phone, or other device) to make the Website easier to use. A “cookie” is a small information file that a web browser places on the hard drive of a computer when users visit a website. Cookies cannot damage user files, nor can they read information from a user’s hard drive.

Cookies allow OneSky to gather audience data through Google Analytics such as age, gender, and interests. Cookies allow websites to “remember” users’ activities on a website as well as the number of users’ visits to a site. You may use Google Analytics’ currently available opt-outs for the web. At onesky.org, cookies are used to determine the number of unique visitors to our Website over a given period and to recognize a browser so we can help users access information.

Users can disable cookies on their computer by indicating this in the preferences or options menus of their browsers. The “help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. While you can remove or block cookies using the settings in your browser, in some cases doing so will impact your ability to use the Website.

Log data

Log data collected on web servers within onesky.org’s control supply us with aggregate information about the number of visits to different pages on our Website. We use such aggregate information to improve access to our content, including factoring in our visitors’ browsers and operating system types to make our content available to as many people as possible. We do not link log data collected to personal information.

We use this log data to improve the design and content of our Website and to enable us to personalize your Internet experience.

Personal data that you provide to us and how we use it

Donors and supporters

When you make a donation to OneSky (via forms on our Website, paper forms or in person), you may provide us with the following information: name; email address; postal address; country of residence; and credit card information. We will use this personal data in order to process the donation that you have made (and therefore to fulfil a contract between you and us).

When you sign up for our newsletter (via forms on our Website, paper forms or in person), you may provide us with the following information: name; email address; phone number; and country of residence. We will process your personal data in order to send you the newsletter that you have requested, on the basis of your consent. If you no longer wish to receive such newsletters, you may opt out at any time by contacting us at contact@onesky.org or clicking on the “Unsubscribe” link located at the bottom on each mailing.

If you fail to provide the personal data set out above when requested by us, we may not be able to perform the service that you have requested (i.e. processing your donation or subscribing you to our newsletter).

We do not collect any sensitive personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Change of purpose

We will only use your personal data for the purposes for which we collected it, as described in this Privacy Policy, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent to the extent that this is required or permitted by law.

Children

OneSky follows the FTC guidelines for compliance with the Children’s Online Privacy Protection Act (COPPA). OneSky does not knowingly solicit or collect personally identifiable information online from children under the age of 13.

If you are under age 13, please do not attempt to provide any personal information about yourself to us, including your name, telephone number or email address.  If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible and take all reasonable measures to delete such information from our databases. If you believe that we might have any information from a child under age 13, please contact us directly at contact@onesky.org.

Parental participation

We strongly recommend that minors 13 years of age or older ask their parents for permission before sending any information about themselves to anyone over the Internet, and we encourage parents to teach their children about safe Internet use practices.

When we may share your information with third parties

Information about our donors, supporters and Website visitors is an important part of our mission, and we never sell or rent it to others. We share donor, supporter and Website visitor information only with services that help us manage our operations, as described below:

  • Agents: We employ other companies and individuals to perform functions on our behalf. Examples include: delivering packages, sending postal mail and e-mail, and processing credit card payments. They have access to personal information needed to perform their functions, but may not use it for other purposes.
  • Protection of OneSky and others: We release account and other personal information when we believe release is appropriate to comply with law; or protect the rights, property, or safety of OneSky, onesky.org users, or others.
  • With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to choose not to share the information.

If you are based in the UK or the European Economic Area (“EEA”), we may transfer your personal data to OneSky entities or third parties located outside the UK or EEA. Whenever we do so, we ensure a similar degree of protection is afforded to it by putting in place specific contracts approved by the European Commission which give personal data substantially the same protection it has in Europe. For more information, or to request a copy of these contracts, please contact us at contact@onesky.org.

How we protect, and how long we store, your personal data

We work to protect the security of your credit card information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. We do not reveal your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate credit card company during order processing. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when you finish using a shared computer.

We have also put in place appropriate security measures to prevent your personal data from being accidentally lost, or used, accessed, altered or disclosed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Your rights under data protection laws

Under certain circumstances, you may have rights under data protection laws in relation to your personal data. These may include the rights to:

  • request access to your personal data;
  • request the correction of any incomplete or inaccurate personal data that we hold about you;
  • request that we erase your personal data where there is no good reason for us continuing to process it;
  • object to our processing of your personal data;
  • request that we place a restriction on our processing of your personal data; or
  • request that we transfer your personal data to you or to a third party.

Where we are relying on your consent to process your personal data, you may also be able to withdraw this consent. However, this will not affect the lawfulness of any processing carried out by us before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.

The rights that you have will vary depending on the data protection laws that apply to the processing that we are carrying out. In certain situations, OneSky may have a lawful reason for denying a request. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

For more information, or if you wish to exercise any of the rights set out above, please contact us at contact@onesky.org.

Links to third party websites

When you click on links on onesky.org, you may leave our Website. We are not responsible for the privacy practices of other sites, and we encourage you to read their privacy statements. We do not guarantee that they will follow our rules. If you find an application or website that violates our rules, you should report the violation to us and we will take action as necessary.

Updates to this Privacy Policy

Because our operations change constantly, this Privacy Policy may change as well. Any information we gather is subject to the Privacy Policy in effect at the time of collection. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our Website frequently to see recent changes.

Contacting us or making a complaint

OneSky is the controller of the personal data collected as described in this policy. OneSky comprises the following entities:

  • OneSky in California, US;

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, or if you wish to make a complaint about our processing of personal data, please contact us using the details set out below:

Email:  contact@onesky.org
Phone:   +1.510.525.3377
Fax: +1.510.525.3611
Address: 715 Hearst Ave, Ste 200, Berkeley, CA 94710, USA

If you are not satisfied with our response, you may be entitled to make a complaint to a data protection regulator. If you are in the UK, the relevant data protection regulator is the Information Commissioner’s Office (www.ico.org.uk).