INTRODUCTION

We are committed to protecting the privacy and security of key stakeholders, business partners, influencers, and any other business contact. You are reading this because you received information from an employee at (RED).  This Privacy Policy (the “Policy”) is designed to inform you about our obligations to you. Please note, this Policy is meant to cover: key stakeholders, business partners, influencers, and any other contacts any employee at (RED) has and continues to maintain. If you have questions about this Policy, or if you would like to exercise any rights that you may have in relation to your personal data, please contact us.

(RED) is a division of The ONE Campaign, a nonprofit, public charity, organized according to Section 501(c)(3) of the US Internal Revenue Code (“IRC”). ONE is made up of the following separate entities:

• Canada: ONE Global (Canada);
• Nigeria: ONE Campaign Nigeria LTD/ GTE
• South Africa: ONE Campaign Africa NPC.
• United Kingdom: ONE Against Poverty (UK), registered with the Charity Commission under number 1170855.
• US: In addition to The ONE Campaign, ONE also operates ONE Action, a nonprofit, social welfare organization organized according to Section 501(c)(4) of the IRC.

While ONE operates multiple corporate entities, those entities share offices, staff, and a common mission.  As such, data received and processed by us may be shared across the corporate entities and geographies described above.

(RED) is located in the United States and maintains its primary website servers there. As such, any information you provide or have provided will be transferred from your country of residence to (RED)’s servers in the US.

PRIVACY POLICY

Information (RED) collects and how we use it

Personal Information

To fulfill its mission, (RED) depends on the participation of people just like you.  (RED)’s communications are designed to facilitate that participation through interaction, which often means asking people for their personal information and retaining that information on our systems. What follows is an explanation of the ways in which we ask for your personal information.

GDPR Compliance

Where applicable, (RED) complies with EU data protection law when collecting, using, storing and otherwise processing your personal data (as defined in the EU General Data Protection Regulation  ((EU) 2016/679) (“GDPR”)) and below is an overview of how (RED) complies with EU data protection law.   

• Lawful Basis: (RED) has a legitimate interest in processing your personal information and your interests and fundamental rights do not override those interests.
• Categories of User: Key stakeholders, business partners, influencers, and other business contacts.
• Legitimate Interest: Examples of the legitimate interest we have in processing your personal data include growing our business, interacting with key stakeholders, partners, and and managing our business communications.  
• Other Lawful Basis: We may also process the personal data you provide where:
  • We have lawful grounds to do so, including to comply with our legal and regulatory obligations;
  • Such processing is necessary for the purposes of performing a contract between us.
• Data Controllers: The data controllers for the purposes of EU data protection law are ONE and its network of global affiliates.  Those organizations include: The ONE Campaign, ONE Action, ONE Global Canada, ONE Campaign Nigeria LTD/GTE, ONE Campaign Africa NPC, and ONE Against Poverty UK.  We hope to continue to grow, so we will keep this Policy updated with any new entities incorporated in the future.
• Third Parties: We will never disclose your personal data except to (RED) staff and (RED)’s authorized agents.  If we disclose your data to third party authorized agents, we will execute non-disclosure agreements to ensure your personal data is never shared, sold, or disclosed by the third party agent.
• Reason for Processing: The reason we process your personal data–keeping it on our systems and servers and contacting you–is to fulfill our mission to raise money and awareness for the fight against AIDS.  We will never sell or profit from your personal data.
• You can unsubscribe at any time.  Further, you have the right of erasure, so if you wish to have your personal data erased from our systems, please contact us.
• Your Rights: If you are an EU citizen and reside in the EU, or are non-EU national residing in the EU, you may have the following rights with respect to the personal data you provide to us, to the extent permitted by applicable data protection laws:
  • To withdraw any consent that you have provided to us to process your personal data.
  • To access or rectify your personal data.
  • To have your personal data erased if it is no longer necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it or you consider it has been unlawfully processed.
  • To have the processing of your personal data restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it.
  • To have your personal data transferred to another company under certain circumstances.

You also have the right to complain to your national data protection regulator if you feel that your personal data has been unlawfully processed.

Children’s privacy

We do not knowingly contact or collect personal information from minors. Our website and communications are not intended to solicit information of any kind from children under 13 (or if being a ‘minor’ is defined as a higher or younger age in your relevant jurisdiction, that relevant age), and we have designed the site to block our knowing acceptance of information from minors whenever age-related information is requested.

It is possible that by fraud or deception we may receive information pertaining to minors. If we are notified of this, as soon as we verify the notification, we will immediately obtain parental consent or otherwise delete the information from our servers. If you want to notify us of our receipt of information by minors, please contact us.

Last Updated: May 2018