The following Privacy and Security Policy sets forth OneCause’s privacy and security practices and the possible uses of the information that OneCause gathers via its websites.
To request a copy of OneCause’s PCI Attestation of Compliance please visit: https://www.onecause.com/pci-attestation-of-compliance/
OneCause follows international PCI (payment card industry) standards for data security. All OneCause applications, network components, critical servers, and wireless access points are consistent with industry-accepted hardening standards. OneCause uses 2048 bit AES encryption when storing sensitive Personally Identifiable Information (PII). All pages that capture sensitive card data on-site or mobile app use a secure iFrame provided by our card payment processors over SSL (256 bit encryption) using the TLS 1.2 or above protocol. In addition, the OneCause mobile devices connect to wireless networks with WPA2 security, which encrypts all the packets that are sent via the air or connect to the cellular network.
OneCause’s primary payment processor is First American Payment Systems (https://www.first-american.net). During the card authorization process, a 16 character token is generated by First American and passed back to OneCause. OneCause stores the token in place of the Primary Account Number (PAN), while First American stores the PAN.
First American have been certified as a Level 1 Service Providers of Payment Card Industry (PCI) Data Security Standards (DSS), which is the highest possible level. For verification, please see Visa’s Global Registry of PCI Validated Service Providers: https://www.visa.com/splisting/searchGrsp.do. Service providers on this list were validated as PCI DSS compliant by a QSA and are required to re-validate their compliance on an annual basis.
While we employ commercially reasonable standards and exercise great care in collecting and protecting your information, no safeguards or processes can be guaranteed to be 100% secure. We cannot ensure or warrant the security of any of such information, and you provide such information at your own risk.
Please review our User Terms here: https://www.onecause.com/general/user-terms/
Personal Information: When you visit and navigate the Website or Mobile Applications, we will not collect any sensitive personal data. We will not collect any identifying information, like name, address, email address, or phone number (collectively, “Personally Identifiable Information”, or “Personal Information”), about you unless you provide us that information voluntarily. Individual organizations using our software may require more or less information such as requiring a credit card to participate, address, email, phone number or social media information. Individuals who register for any services or features on the Website or Mobile Applications will be required to provide to us Personal Information, like email address, first name, and last name, in addition to selecting a username and password. During the registration process, you may, at your discretion, provide additional to us, like telephone number, address, city, state, zip code, and country.
Giving History: OneCause keeps a record of each user’s transaction history. This information is kept on file for individuals to reference for personal record keeping and/or IRS tax return purposes. The history is also used by OneCause to analyze overall giving patterns in order to produce benchmark data.
Financial Information: If you register for any service under which OneCause will request the processing of payments made by you, then the processor may require certain financial information, like the name on a credit card, the credit card number, and the credit card expiration date (collectively, “Financial Information”).
User-Generated Content: Forums, live chat, and other features of the Website or Mobile Applications may allow you to submit user-generated content (collectively, the “User Forums”). User-generated content submitted by you through the User Forums may be stored in our system’s databases encrypted at rest and in transit.
Cookies: OneCause may collect information through the use of common locally stored tracking objects such as cookies. Cookies are small strings of text placed onto your computer by a website to improve your visit to the website by tracking which parts of the website you visit most often. No Personal Information is stored in a cookie. You have the option to delete or decline cookies by changing your browser’s settings.
Server Logging: Our server logs may store information you provide to us through your web browser when you visit the website or Mobile Applications, like your IP address, web browser type, referring URL, and other HTTP Header information. We use this information to troubleshoot issues with the website or Mobile Applications and in an aggregated form for statistical purposes. We also may, from time to time, attempt to personally identify individuals using this information who may be maliciously using the Website or Mobile Applications, threatening our users, or violating state or federal laws.
GPS Information: When browsing the website through a mobile phone or accessing the Mobile Applications, we will attempt to collect your location through GPS for social activities and giving opportunities near you. You may remove this location sharing authorization in your mobile device.
Google Analytics: OneCause has implemented the event tracking feature of Google Analytics Advertising offering, including Remarketing with Google Analytics, Google Display Network Impression Reporting, DoubleClick Platform integrations and Google Analytics Demographics and Interest Reporting. You have the ability to opt out by visiting: https://tools.google.com/dlpage/gaoptout/
Improving Your Experience: We use non-identifiable, aggregated information to improve the products and services we offer, to conduct market research, to generate profiles and reports, and to improve your overall experience of the website or Mobile Applications. We also may share this anonymous, aggregated information with partners, advertisers or other third parties.
Direct Marketing: By providing Personal Information on the website or Mobile Applications you consent to OneCause’s use to contact you via Email or Mobile Application Notifications. If you do not wish to receive marketing communications from OneCause, you may unsubscribe by following instructions provided within or disable notifications in the Mobile Application settings.
Purchases: When you make purchases or otherwise pay for services on the website or Mobile Applications, we will share your Personal Information and Financial Information with our third-party payment processors. We will only share the information necessary to complete the transaction.
“Contact Us” or Troubleshooting: Information provided by you as part of a request that we follow up or contact you as part of the “Contact Us” feature on the website or Mobile Applications will be used by us to contact you and discuss your concerns or interest in our products and services. We may use your information to provide customer support or troubleshooting in the connection with your use of such products and services.
Combination: We may, on occasion, combine information we collect through the website or Mobile Applications with information that we collect from other sources.
Information Sharing: We may disclose your information to our affiliates, as well as third party partners as follows below:
You may check your information to verify, update or correct it, and to have any obsolete information removed. If you created an account, you can access and change your profile yourself. You can also ask to review any of the information we have retained, how we have used it, and whom we disclosed. It is our policy to not disclose your information to anyone else. You may contact us at email@example.com with the subject “Personal Data Request” and provided we can authenticate your identity, based on your email address, you will be given reasonable access to your personal information, and will be entitled to challenge it and or request it’s deletion.
OneCause does not participate in bulk email solicitations that you have not consented to receiving. We do not sell or disclose client lists or email address lists to unrelated third parties. If you no longer wish to receive email communications from OneCause, you may email us at firstname.lastname@example.org or click on the “unsubscribe” link at the bottom of any email sent to you by OneCause.
Please be aware that User Forums are open to the public so others using these areas on the website or Mobile Applications can read information you submit. Any information you submit when participating in the User Forums may be publicly available.
We do not knowingly collect Personal Information from persons under the age of 13. If we learn that we have inadvertently collected Personal Information from a child under 13 years of age, we will promptly take all reasonable measures to delete that information from our systems. Our web site is designed for adults and is not intentionally targeted to children under the age of 13. Children under the age of 13 should not use our web site without obtaining prior parental consent.
OneCause may, from time to time, link to third-party websites whose information practices may be different from the practices described in this Privacy and Security Policy. OneCause does not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on such third-party websites, even if one or more pages of such third-party website is framed within a page of this website or Mobile Applications. Your use of such third-party websites is governed by and subject to the terms and guidelines of those website(s). As such, you should consult the privacy policies of such third-party websites.
If you would like to access, update or modify your Personal Information, or to have us delete your Personal Information, you may do so by contacting us by email at email@example.com or clicking the “My Account” link at the top of each auction page. We will process any request to access, update, modify, or delete information within thirty (30) days. Opting-out, unsubscribing, modify, updating, or requesting to delete your Personal Information will not delete any information that may reside on backup or disaster-recovery files.
PO Box 80548
Indianapolis, IN 46280