OneSky’s Privacy Policy

The following policy was created by OneSky (“we” or “us”) in order to protect the privacy of our online and offline donors and supporters, and the visitors to the website aws-test.onesky.org (the “Website”). OneSky knows you care how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly.

We have updated our Privacy Policy to take into account the new requirements of the General Data Protection Regulation (“GDPR”).

This Privacy Policy sets out OneSky’s approach to the following:

  • cookies and log data;
  • personal data that you provide to us and how we use it;
  • when we may share your personal data with third parties;
  • how we protect, and how long we store, your personal data;
  • your rights under data protection laws;
  • links to third party websites; and
  • how to contact us if you have a question about this Privacy Policy or wish to make a complaint.

By visiting the Website, you are accepting the practices described in this Privacy Policy.

Cookies and log data

Cookies

We use “cookies” (a small text file containing a string of alphanumeric characters we store for an extended period of time on your computer, mobile phone, or other device) to make the Website easier to use. A “cookie” is a small information file that a web browser places on the hard drive of a computer when users visit a website. Cookies cannot damage user files, nor can they read information from a user’s hard drive.

Cookies allow OneSky to gather audience data through Google Analytics such as age, gender, and interests. Cookies allow websites to “remember” users’ activities on a website as well as the number of users’ visits to a site. You may use Google Analytics’ currently available opt-outs for the web. At aws-test.onesky.org, cookies are used to determine the number of unique visitors to our Website over a given period and to recognize a browser so we can help users access information.

Users can disable cookies on their computer by indicating this in the preferences or options menus of their browsers. The “help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. While you can remove or block cookies using the settings in your browser, in some cases doing so will impact your ability to use the Website.

Log data

Log data collected on web servers within aws-test.onesky.org’s control supply us with aggregate information about the number of visits to different pages on our Website. We use such aggregate information to improve access to our content, including factoring in our visitors’ browsers and operating system types to make our content available to as many people as possible. We do not link log data collected to personal information.

We use this log data to improve the design and content of our Website and to enable us to personalize your Internet experience.

Personal data that you provide to us and how we use it

Donors and supporters

When you make a donation to OneSky (via forms on our Website, paper forms or in person), you may provide us with the following information: name; email address; postal address; country of residence; and credit card information. We will use this personal data in order to process the donation that you have made (and therefore to fulfil a contract between you and us).

When you sign up for our newsletter (via forms on our Website, paper forms or in person), you may provide us with the following information: name; email address; phone number; and country of residence. We will process your personal data in order to send you the newsletter that you have requested, on the basis of your consent. If you no longer wish to receive such newsletters, you may opt out at any time by contacting us at contact@aws-test.onesky.org or clicking on the “Unsubscribe” link located at the bottom on each mailing.

If you fail to provide the personal data set out above when requested by us, we may not be able to perform the service that you have requested (i.e. processing your donation or subscribing you to our newsletter).

We do not collect any sensitive personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Change of purpose

We will only use your personal data for the purposes for which we collected it, as described in this Privacy Policy, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent to the extent that this is required or permitted by law.

Children

OneSky follows the FTC guidelines for compliance with the Children’s Online Privacy Protection Act (COPPA). OneSky does not knowingly solicit or collect personally identifiable information online from children under the age of 13.

If you are under age 13, please do not attempt to provide any personal information about yourself to us, including your name, telephone number or email address.  If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible and take all reasonable measures to delete such information from our databases. If you believe that we might have any information from a child under age 13, please contact us directly at contact@aws-test.onesky.org.

Parental participation

We strongly recommend that minors 13 years of age or older ask their parents for permission before sending any information about themselves to anyone over the Internet, and we encourage parents to teach their children about safe Internet use practices.

When we may share your information with third parties

Information about our donors, supporters and Website visitors is an important part of our mission, and we never sell or rent it to others. We share donor, supporter and Website visitor information only with services that help us manage our operations, as described below:

  • Agents: We employ other companies and individuals to perform functions on our behalf. Examples include: delivering packages, sending postal mail and e-mail, and processing credit card payments. They have access to personal information needed to perform their functions, but may not use it for other purposes.
  • Protection of OneSky and others: We release account and other personal information when we believe release is appropriate to comply with law; or protect the rights, property, or safety of OneSky, aws-test.onesky.org users, or others.
  • With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to choose not to share the information.

If you are based in the UK or the European Economic Area (“EEA”), we may transfer your personal data to OneSky entities or third parties located outside the UK or EEA. Whenever we do so, we ensure a similar degree of protection is afforded to it by putting in place specific contracts approved by the European Commission which give personal data substantially the same protection it has in Europe. For more information, or to request a copy of these contracts, please contact us at contact@aws-test.onesky.org.

How we protect, and how long we store, your personal data

We work to protect the security of your credit card information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. We do not reveal your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate credit card company during order processing. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when you finish using a shared computer.

We have also put in place appropriate security measures to prevent your personal data from being accidentally lost, or used, accessed, altered or disclosed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Your rights under data protection laws

Under certain circumstances, you may have rights under data protection laws in relation to your personal data. These may include the rights to:

  • request access to your personal data;
  • request the correction of any incomplete or inaccurate personal data that we hold about you;
  • request that we erase your personal data where there is no good reason for us continuing to process it;
  • object to our processing of your personal data;
  • request that we place a restriction on our processing of your personal data; or
  • request that we transfer your personal data to you or to a third party.

Where we are relying on your consent to process your personal data, you may also be able to withdraw this consent. However, this will not affect the lawfulness of any processing carried out by us before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.

The rights that you have will vary depending on the data protection laws that apply to the processing that we are carrying out. In certain situations, OneSky may have a lawful reason for denying a request. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

For more information, or if you wish to exercise any of the rights set out above, please contact us at contact@aws-test.onesky.org.

Links to third party websites

When you click on links on aws-test.onesky.org, you may leave our Website. We are not responsible for the privacy practices of other sites, and we encourage you to read their privacy statements. We do not guarantee that they will follow our rules. If you find an application or website that violates our rules, you should report the violation to us and we will take action as necessary.

Updates to this Privacy Policy

Because our operations change constantly, this Privacy Policy may change as well. Any information we gather is subject to the Privacy Policy in effect at the time of collection. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our Website frequently to see recent changes.

Contacting us or making a complaint

OneSky is the controller of the personal data collected as described in this policy. OneSky comprises the following entities:

  • OneSky in California, US;

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, or if you wish to make a complaint about our processing of personal data, please contact us using the details set out below:

Email:  contact@aws-test.onesky.org
Phone:   +1.510.525.3377
Fax: +1.510.525.3611
Address: 1832 Second Street, Suite K, Berkeley, CA 94710, USA

If you are not satisfied with our response, you may be entitled to make a complaint to a data protection regulator. If you are in the UK, the relevant data protection regulator is the Information Commissioner’s Office (www.ico.org.uk).

OneSky’s Anti-Slavery and Human Trafficking Statement

The OneSky’s Anti-Slavery and Human Trafficking Policy was created by OneSky in order to:

  • Communicate our guiding principles with respect to combating modern slavery and human trafficking
  • Establish controls to ensure compliance with all applicable donor and other applicable laws, regulations, and policies prohibiting modern slavery and human trafficking

OneSky strongly supports the human rights of every individual and has adopted a zero‐tolerance policy on modern slavery and human trafficking. We are committed to acting ethically and with integrity in all our business dealings and relationships and to implementing and enforcing effective systems and controls to ensure modern slavery is not taking place anywhere in our Organization.

This policy applies to all persons working for OneSky or on our behalf in any capacity, including employees at all levels, board members, interns, volunteers, and Third-Party Representatives (including but not limited to agents, consultants, contractors, partners, project participants, and suppliers).

Prohibited Trafficking-related Activities

OneSky employees, board members, interns, or volunteers  are strictly prohibited from engaging in trafficking‐related activities as defined by the U.S. Government’s Department of Justice, including but not limited to:

  1. The recruitment, harboring, transportation, provision, or obtaining of a person for forced labor or service, debt bondage, involuntary servitude, sex trafficking or slavery
  2. Procurement of commercial sex acts, which means any sex act for which anything of value, such as money, food, or favors, is given or received by any person
  3. Sex trafficking in which a commercial sex act is induced by force, fraud, or coercion, or with a person under the age of 18
  4. Use of forced labor or service, which means any labor or service obtained using actual or threatened physical or other serious harm, actual or threatened abuse of the law or legal process, or by fraudulent or misleading recruitment practices

Consequences for Violations

Employees, board members, interns, or volunteers who engage in the prohibited categories of behavior and/or violate the Policy and Procedures will be subject to appropriate disciplinary actions, up to and including termination of employment, removal from the OneSky board (if applicable), and possible referral to the appropriate criminal or regulatory Authorities.

Links to third party websites

We’re committed to transparency in our approach and shall comply with all disclosure obligations, applicable laws, statues, and regulations, including but not limited to the:

Updates to this Anti-Slavery and Human Trafficking Policy

OneSky is committed to continuously improving our procedures and processes to mitigate human trafficking and modern slavery risks in our operation. This Policy and Procedures will be reviewed annually or as and when there are relevant new legislations by OneSky’ Global HR Team.

Contacting us or making a complaint

All OneSky employees, board members, interns and volunteers are required to exercise due diligence in monitoring Third-Party Representatives for signs of trafficking activities and must report any suspected trafficking activity or violations of applicable trafficking laws or contract provisions within 24 hours of becoming aware, via OneSky’s Whistleblower Policy in the Staff Handbook or hr@aws-test.onesky.org (in the case of  Third-Party Representatives report sub-contractors).

Any questions regarding this Policy should be referred to OneSky’s Global HR Team at hr@aws-test.onesky.org

The Statement was approved by OneSky’s Chief Executive Officer on 13 June 2023.

OneSky is committed to protecting children from harm and ensuring children’s right to protection. We take seriously our responsibility to promote child safe practices and protect children from harm, abuse (e.g. emotional/psychological, physical or sexual), neglect, and exploitation in any form and will take positive action to prevent neglect and exploitation in any form.

This policy operates on the following principles:

  • The best interest of the child is the top priority in all decisions and actions that affect children;
  • Every child has the right to equal protection from all types of harm and abuse;
  • All paid and unpaid staff, including interns, volunteers, guests, board members and associates, have the responsibility to report any concerns of harm and abuse to the Designated Person (specified staff member) with responsibility for child protection;
  • Any allegation of harm or abuse will be taken seriously.

Scope

This policy is applicable to all individuals associated with OneSky and applies to anyone working or volunteering on behalf of OneSky, including executive-and senior-level managers, the board of trustees, paid staff, guests, and volunteers.

Policy and Procedures 

OneSky is dedicated to children’s rights, as outlined in UNCRC, and strives to uphold these rights in our approach and honor this policy by:

  • Maintaining a zero-tolerance policy towards harm and abuse;
  • Taking positive action to prevent those who abuse children from becoming involved with OneSky;
  • Committing to the inclusion of child safeguarding training in initial orientations and ongoing staff training; 
  • Committing to provide necessary support, and resources to enable staff and associates to safeguard children effectively and in a time-efficient manner;
  • Committing to the prevention of child abuse and neglect while supporting children and their families toward positive change whenever possible;
  • Performing risk assessments in the designing and execution of programs;
  • Taking stringent measures against any staff members or associates who violate the Policy;
  • Informing anyone who works or engages with OneSky of the Child Protection and Safeguarding Policy and how to report any concerns;
  • Committing to preventing those with previous (criminal or sexual) convictions from becoming involved with OneSky;
  • Extracting an acknowledgment from staff and associates who are involved with OneSky programs.

Consequences for Violations

Employees, board members, interns, volunteers, associates or guests who engage in the prohibited categories of behavior and/or violate the Policy and Procedures will be subject to appropriate disciplinary actions, up to and including termination of employment, removal from the OneSky board (if applicable), and/or possible referral to the appropriate criminal or regulatory Authorities.

Updates to this Child Safeguarding and Protection Policy and Procedures

OneSky is committed to continuously improving our procedures and processes to protect our children from harm, abuse, neglect, and exploitation in any form in our operation. This Policy and Procedures will be reviewed annually or updated as needed by OneSky’s Global Operations and Programs Teams when there are relevant new legislations.

Contacting us or reporting a case

All OneSky employees, board members, interns, volunteers, associates and guests are required to report any matter or concern about child safeguarding, breaches of the Code of Conduct, or policy non-compliance by filing a Safeguarding Concern Report with the Designated Person(s) who are held by senior staff in each area responsible for managing cases and working with the Investigation Team in a professional, confidential, and expedient manner to address child safety concerns.

In fear of jeopardizing their position, fear of intimidation, or fear of retaliation if going through the standard reporting channel, reporting can be made via OneSky’s Whistleblower Policy as stated in the Employee Handbook via hr@aws-test.onesky.org.

Any questions regarding this Policy should be referred to OneSky’s Global HR Team at hr@aws-test.onesky.org.