To request a copy of OneCause’s PCI Attestation of Compliance please visit: https://www.onecause.com/general/pci-attestation-of-compliance/pci-attestation-download/
OneCause follows international PCI (payment card industry) standards for data security. All OneCause applications, network components, critical servers, and wireless access points are consistent with industry-accepted hardening standards. OneCause uses 2048 bit RSA encryption when storing sensitive card information. All pages that capture sensitive card data on-site use secure HTTP over SSL (128 bit encryption). In addition, the OneCause handhelds connect to our private wireless network with WPA2 security, which encrypts all the packets that are sent via the air.
OneCause’s payment processor is First American Payment Systems (https://www.first-american.net) and 1stPayGateway LLC (https://www.1stpaygateway.com) . During the card authorization process, a 16 character token is generated by First American and passed back to OneCause. OneCause stores the token in place of the Primary Account Number (PAN), while First American stores the PAN.
First American and 1stPayGateway, LLC have been certified as a Level 1 Service Providers of Payment Card Industry (PCI) Data Security Standards (DSS), which is the highest possible level. For verification, please see Visa’s Global Registry of PCI Validated Service Providers: https://www.visa.com/splisting/searchGrsp.do. Service providers on this list were validated as PCI DSS compliant by a QSA and are required to re-validate their compliance on an annual basis.
While we employ commercially reasonable standards and exercise great care in collecting and protecting your information, no safeguards or processes can be guaranteed to be 100% secure. We cannot ensure or warrant the security of any of such information, and you provide such information at your own risk.
Personal Information. When you visit and navigate the WebSite or Mobile Application, we will not collect any sensitive personal data. We will not collect any identifying information, like name, address, email address, or telephone number (collectively, “Personal Information”), about you unless you provide us that information voluntarily. Individuals who register for any services or features on the WebSite or Mobile Application will be required to provide to us Personal Information, like email address, first name, and last name, in addition to selecting a username and password. During the registration process, you may, at your discretion, provide additional Personal Information to us, like telephone number, address, city, state, zip code, and country.
Giving History. OneCause keeps a record of each user’s transaction history. This information is kept on file for individuals to reference for personal record keeping and/or IRS tax return purposes. The history is also used by OneCause to analyze overall giving patterns in order to produce benchmark data.
Financial Information. If you register for any service under which OneCause will process payments made by you, then we may require certain financial information, like the name on a credit card, the credit card number, and the credit card expiration date (collectively, “Financial Information”).
User-Generated Content. Forums, live chat, bulletin boards, and other features of the WebSite or Mobile Application may allow you to submit user-generated content (collectively, the “User Forums”). User-generated content submitted by you through the User Forums may be stored in our systems.
Cookies. OneCause may collect information through the use of common locally stored tracking objects such as cookies. Cookies are small strings of text placed onto your computer by a website to improve your visit to the website by tracking which parts of the website you visit most often. No Personal Information is stored in a cookie. You have the option to delete or decline cookies by changing your browser’s settings.
Server Logging. Our server logs may store information you provide to us through your web browser when you visit the WebSite or Mobile Application, like your IP address, web browser type, referring URL, and other HTTP Header information. We use this information to troubleshoot issues with the WebSite or Mobile Application and in an aggregated form for statistics purposes. We also may, from time to time, attempt to personally identify individuals using this information who may be maliciously using the Website or Mobile Application, threatening our users, or violating state or federal laws.
GPS Information. When browsing the WebSite through a mobile phone or accessing the Mobile Application, we will attempt to collect your location through GPS for giving opportunities near you. You may remove this location sharing authorization.
Google Analytics. OneCause has implemented the event tracking feature of Google Analytics Advertising offering, including Remarketing with Google Analytics, Google Display Network Impression Reporting, DoubleClick Platform integrations and Google Analytics Demographics and Interest Reporting. You have the ability to opt out by visiting: https://tools.google.com/dlpage/gaoptout/
Improving Your Experience. We use non-identifiable, aggregated information to improve the products and services we offer, to conduct market research, to generate profiles and reports, and to improve your overall experience of the WebSite or Mobile Application. We also may share this anonymous, aggregated information with partners, advertisers or other third parties.
Direct Marketing. By providing Personal Information on the WebSite or Mobile Application you consent to OneCause’s use to contact you via Email or Mobile Application Notifications. If you do not wish to receive marketing communications from OneCause, you may unsubscribe by following instructions provided within or disable notifications in the Mobile Application settings.
Purchases. When you make purchases or otherwise pay for services on the WebSite or Mobile Application, we will share your Personal Information and Financial Information with our third-party payment processors. We will only share the information necessary to complete the transaction.
“Contact Us” or Troubleshooting. Information provided by you as part of a request that we follow up or contact you as part of the “Contact Us” feature on the WebSite or Mobile Application will be used by us to contact you and discuss your concerns or interest in our products and services. We may use your information to provide customer support or troubleshooting in the connection with your use of such products and services.
Combination. We may, on occasion, combine information we collect through the WebSite or Mobile Application with information that we collect from other sources.
Information Sharing. We may disclose your information to our affiliates, as well as third party partners as follows below:
a) Service Providers. Your Personal Information may be shared with third party service providers that assist OneCause in fulfilling orders from customers, delivering packages, sending mail, providing search results and links, or similar customer services.
b) Law Enforcement. Your Personal Information and Financial Information may be shared with law enforcement officials if it relates to a criminal investigation or alleged illegal activity.
c) Necessary or for Safety Reasons. We may disclose your Personal Information or Financial Information if required or permitted to do so by law, for fraud protection and credit risk reduction purposes, or in the good-faith belief that such action is necessary to protect and defend the rights or property of OneCause or the users of the WebSite or Mobile Application, to act under urgent circumstances to protect the safety of OneCause or its employees or a member of the public, or to comply with a judicial proceeding, court order, or legal process.
You may check your information to verify, update or correct it, and to have any obsolete information removed. If you created and account, you can access and change your profile yourself. You can also ask to review any of the information we have retained, how we have used it, and whom we disclosed. It is our policy to not disclose your information to anyone else. You may contact us at email@example.com with the subject “Personal Data Request” and provided we can authenticate your identity, based on your email address, you will be given reasonable access to your personal information, and will be entitled to challenge it and or request it’s deletion.
OneCause does not participate in bulk email solicitations that you have not consented to receiving. We do not sell or disclose client lists or email address lists to unrelated third parties. If you no longer wish to receive email communications from OneCause, you may email us at firstname.lastname@example.org or click on the “unsubscribe” link at the bottom of any email sent to you by OneCause.
Please be aware that User Forums are open to the public so others using these areas on the WebSite or Mobile Application can read information you submit. Any information you submit when participating in the User Forums may be publicly available.
We do not knowingly collect Personal Information from persons under the age of 13. If we learn that we have inadvertently collected Personal Information from a child under 13 years of age, we will promptly take all reasonable measures to delete that information from our systems. Our web site is designed for adults and is not intentionally targeted to children under the age of 13. Children under the age of 13 should not use our web site without obtaining prior parental consent.
If you would like to access, update or modify your Personal Information, or to have us delete your Personal Information, you may do so by contacting us by email at email@example.com or clicking the “My Account” link at the top of each auction page. We will process any request to access, update, modify, or delete information within thirty (30) days. Opting-out, unsubscribing, modify, updating, or requesting to delete your Personal Information will not delete any information that may reside on backup or disaster-recovery files.
OneCause, Inc. PO Box 80548 Indianapolis, IN 46280 tel: 888.729.0399 fax: 888.265.4495 email: firstname.lastname@example.org