Privacy and Security Policy
Parental participation. We strongly recommend that minors 13 years of age or older ask their parents for permission before sending any information about themselves to anyone over the Internet and we encourage parents to teach their children about safe internet use practices.
2. Information We Receive
Information you provide to us:
Information About Yourself. When you sign up for MYONECHAPEL you provide us with your name, email, and phone number. During the registration process we give you the opportunity to connect with your friends that are also utilizing the MYONECHAPEL tool. You will also be able to add a picture of yourself. In some cases we may ask for additional information for security reasons. Once you register you can provide other information about yourself by connecting with, for example, your current city, family and interests. You can also provide personal information about yourself, such as your spiritual giftings and salvation story.
Content. One of the primary reasons people use MYONECHAPEL is to share content with others. Examples include when you share a link, create an event or a group, make a comment or send someone a message. If you do not want us to store metadata associated with content you share on MYONECHAPEL (such as photos), please remove the metadata before uploading the content.
Transactional Information. We may retain the details of transactions or payments you make on MYONECHAPEL. If you do not want us to store your payment source account number, you can request it to be removed by emailing email@example.com.
Information we collect when you interact with MYONECHAPEL:
Site activity information. We keep track of some of the actions you take on MYONECHAPEL, such as adding connections (including joining a group or adding a friend), sending a financial gift or attending an event. In some cases you are also taking an action when you provide information or content to us. For example, if you share a photo, in addition to storing the actual content you uploaded, we might log the fact that you shared it.
Access Device and Browser Information. When you access MYONECHAPEL from a computer, mobile phone, or other device, we may collect information from that device about your browser type, location, and IP address, as well as the pages you visit.
Cookie Information. We use "cookies" (small pieces of data we store for an extended period of time on your computer, mobile phone, or other device) to make MYONECHAPEL easier to use, and to protect both you and MYONECHAPEL. For example, we use them to store your login ID (but never your password) to make it easier for you to login whenever you come back to MYONECHAPEL. We also use them to confirm that you are logged into MYONECHAPEL, and to know when you are interacting with MYONECHAPEL Platform applications and websites, our widgets and API’s. You can remove or block cookies using the settings in your browser, but in some cases that may impact your ability to use MYONECHAPEL.
Information from other users. We may collect information about you from other MYONECHAPEL users, such as when a friend mentions you in a message or indicates a relationship with you.
3. Sharing information on MYONECHAPEL.
This section explains how your privacy settings work, and how your information is shared on MYONECHAPEL. You should always consider your privacy settings before sharing information on MYONECHAPEL.
Name and Profile Picture. MYONECHAPEL is designed to make it easy for you to find and connect with others. For this reason, your name and profile picture do not have privacy settings. If you are uncomfortable with sharing your profile picture, you should delete it (or not add one).
Contact Information. Your contact information settings control (available when customizing your privacy settings) who can contact you on MYONECHAPEL, and who can see your contact information such as your email and phone number(s). Remember that none of this information is required except for your email address, and you do not have to share your email address with anyone.
Personal Information. Your privacy settings control who can see your personal information, such as your spiritual giftings, if you choose to add them.
Posts by Me. All posts that you make whether it be message interaction or forum posts will be publicly visible unless it is intended for a specific recipient.
Other. Here are some other things to remember:
· Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users.
· You understand that information might be reshared or copied by other users.
· Certain types of communications that you send to other users cannot be removed, such as messages.
· If you use an external source to publish information to MYONECHAPEL (such as a mobile application or a Connect site), you should check the privacy setting for that post, as it is set by that external source.
“Everyone” Information. Information set to “everyone” is publicly available information, just like your name and profile picture. The default privacy setting for certain types of information you post on MYONECHAPEL is set to “Friends Only.” You can review and change the default settings in your privacy settings. If you delete “everyone” content that you posted on MYONECHAPEL, we will remove it from your MYONECHAPEL profile, but have no control over its use outside of MYONECHAPEL.
Minors. We reserve the right to add special protections for minors (such as to provide them with an age-appropriate experience) and place restrictions on the ability of adults to share and connect with minors, recognizing this may provide minors a more limited experience on MYONECHAPEL.
4. How We Use Your Information
We use the information we collect to try to provide a safe, efficient, and customized experience. Here are some of the details on how we do that:
To manage the service. We use the information we collect to provide our services and features to you, to measure and improve those services and features, and to provide you with customer support. We use the information to prevent potentially illegal activities. These efforts may on occasion result in a temporary or permanent suspension or termination of some functions for some users.
To contact you. We use your email address contact you with announcements from time to time concerning activities related to ONEchapel and its Connect Groups. We may include content you see on MYONECHAPEL in the emails we send to you.
To supplement your profile. We may use information about you that we collect from other MYONECHAPEL users to supplement your profile (such as when you are mentioned in a message or post). In such cases we generally give you the ability to remove the content or limit its visibility on your profile.
To help your friends find you. We allow other users to use contact information they have about you, such as your email address, to find you, including through search.
5. How We Share Information
MYONECHAPEL is about allowing users to share information with others — friends and people in your communities — while providing you with privacy settings that you can use to restrict other users from accessing some of your information. We share your information with third parties when we believe the sharing is permitted by you, reasonably necessary to offer our services, or when legally required to do so. For example:
When you give online. When you enter into giving transactions on MYONECHAPEL, we will share transaction information with only those third parties necessary to complete the transaction. We will require those third parties to agree to respect the privacy of your information.
To help your friends find you. By default, we make certain information you have posted to your profile available in search results on MYONECHAPEL to help your friends find you. However, you can control who can see some of this information, as well as who can find you in searches, through your privacy settings.
6. How You Can Change or Remove Information
Editing your profile. You may change or remove your profile information at any time by going to your profile page and clicking “Edit Profile.” Information will be updated immediately.
Deactivating your account. If you want to stop using your account you may request that it be deactivated by emailing firstname.lastname@example.org. When you deactivate an account, no user will be able to see it, but it will not be deleted. We save your profile information in case you later decide to reactivate your account. Many users deactivate their accounts for temporary reasons and in doing so are asking us to maintain their information until they return to MYONECHAPEL. You will still have the ability to reactivate your account and restore your profile in its entirety.
Limitations on removal. Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users. However, your name will no longer be associated with that information on MYONECHAPEL. (For example, if you post something to a connect group profile and then you deactivate your account, that post may remain, but be attributed to an “Anonymous MYONECHAPEL User.”) Additionally, we may retain certain information to prevent identity theft and other misconduct even if deletion has been requested.
Backup copies. Removed and deleted information may persist in backup copies for up to 90 days, but will not be available to others.
7. How We Protect Information
Security. MYONECHAPEL is committed to providing you with the best practices for security for your data. Our main goal is to make feel that we have done everything we can do to protect your information.
Network Operations Center. Your data is the most important aspect of the MYONECHAPEL application and we treat it as such. The following are specifics for our network operations center where the MYONECHAPEL application is maintained and where your live data is stored. Backups are stored onsite and more importantly, offsite. You can learn more about backups later in this document.
• Network backbone - multiple OC12 and OC48 connections.
• BGP4 - automatic failover through Level3, Time Warner, and Cogent providers
• Triple Door Access - through two keycard doors & one physical key door for access
• Locked Server Rack Access
• 24/7 Video Surveillance
• Two fully separate city power grids with automatic transfer switch
• Facility wide UPS (battery uninterruptible power supply)
• 500KvA Onan Diesel Generator for continuous back-up power
• Dry pipe fire suppression system
• 365/24/7 Emergency Support for the Facility
• Raised and vented flooring for superior environment management
Application Security. We recognize that you are entrusting your data to MYONECHAPEL and that it is critical for the staff, volunteer ministry leaders and members to have access that provides technological security and enforces human security.
Data Encryption. MYONECHAPEL uses the highest grade 128 bit SSL encryption certificates for access to all user data, user logins, and processing financial transaction data. These enterprise level certificates through Comodo Enterprise SSL provide assurance that your data is completely protected between our servers and your computer.
Login Security. On the user end, we require that all individual logins require at least one numeric and one alpha character, and that their password must be at least 6 characters long to further ensure security of the data. In addition, after 5 unsuccessful attempts at login, the user's account is locked for a 60 minute period and an email is sent to the MYONECHAPEL administrator so the incident can be investigated. Appropriate measures can be taken if necessary.
User Authentication. MYONECHAPEL was designed from the ground up to give you control over how each person is able to access your data. Users can vary from no login access, to Limited Access Users that cannot see any people in your database, to Basic Users with the ability to see other listed individuals, small Group leaders with access to individuals and data in their groups, all the way up to granular control over 16 different areas of access for administrators. Each level of access is granted upon careful consideration by the leadership of ONEchapel.
Hardware & Software. Security and reliability start with great equipment. MYONECHAPEL uses only genuine Dell Poweredge servers, most running with redundant SCSI hard drives, redundant power supplies, error correcting memory, and dual to quad processors. Network connectivity is provided through Cisco and Dell Powerconnect switches, as well as use of specialized hardware for SSL acceleration, load
balancing, and firewalls.
Our servers run Red Hat Enterprise Linux, have the latest stable kernel and services running, and are updated with the latest security patches. Every server has its own firewall installed and configured with minimal access. Non-essential ports and services are disabled, to further harden the servers. The web and application servers are then placed behind load balancers and firewalls to further limit access to the data and provide reliable services.
Finally, the actual data is stored on database servers, which sit behind the webservers, which run on their own dedicated private network. Further, access to the network is limited to qualified MYONECHAPEL staff only through secure methods such as SSH and Secure FTP.
Backups. Backups of all data are done nightly and stored for 7 days on local network storage and then archived for a period of 2 weeks via tape backup. Offsite backups are done once a week through a licensed data storage company, to a secure location in the unlikely event that catastrophic events occur at the data center.
Programing Architecture. We use the LAMP stack to power our software solution. LAMP stands for:
•Linux servers (operating system)
•Apache web server to power the websites
•MySQL database servers for data engine
•PHP programming language for the application
Risks inherent in sharing information. Although we allow you to set privacy options that limit access to your information, please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users with whom you share your information. We cannot guarantee that only authorized persons will view your information. We cannot ensure that information you share on MYONECHAPEL will not become publicly available. We are not responsible for third party circumvention of any privacy setting or security measures on MYONECHAPEL. You can reduce these risks by using common sense security practices such as choosing a strong password, using different passwords for different services, and using up to date antivirus software.
Report Violations. You should report any security violations to us by emailing email@example.com.