Effective Date
9th day of December 2023
Website And APP
Onenergy.Institute and Onenergyqigong.com and all sub-domains as well as Onenergy APP
Onenergy.institute and Onenergyqigong.com (the “Site”) and Onenergy APP (the “APP”) are owned and operated by Onenergy Institute Society. Onenergy Institute Society is the data controller and can be contacted at:
contact-at-onenergy.institute
Purpose
The purpose of this privacy policy (this “Privacy Policy”) is to inform users of our Site of the following:
- The personal data we will collect;
- Use of collected data;
- Who has access to the data collected;
- The rights of Site users; and
- The Site’s cookie policy.
This Privacy Policy applies in addition to the terms and conditions of our Site.
GDPR
For users in the European Union, we adhere to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (the “GDPR”). For users in the United Kingdom, we adhere to the GDPR as enshrined in the Data Protection Act 2018.
We have not appointed a Data Protection Officer as we do not fall within the categories of controllers and processors required to appoint a Data Protection Officer under Article 37 of the GDPR.
Consent
By using our Site users agree that they consent to:
- The conditions set out in this Privacy Policy.
Legal Basis for Processing
We collect and process personal data about users in the EU only when we have a legal basis for doing so under Article 6 of the GDPR.
We rely on the following legal basis to collect and process the personal data of users in the EU:
- Processing of user personal data is necessary for us or a third party to pursue a legitimate interest. Our legitimate interest is not overridden by the interests or fundamental rights and freedoms of users. Our legitimate interest(s) are: To recommend the right course and program according to user’s age and location and then send notifications through email, SMS, and APP.
Personal Data We Collect
We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.
Data Collected in APP in a Non-Automatic Way
We may collect the following data for product personalization, App functionality, in-app marketing:
- Name
- Email address
- Photo (if you upload to your profile)
- User ID
- Device ID
- Coarse Location
- Purchase history
- Usage data (how you interact/use the APP)
This data may be collected when you:
- Creating an account
- Fill up your profile
- Make an in-app purchase
- Send support request
Payment
We accept payments through the Apple APP store (for iPhone, iPad users), the Google Play Store (for Android device users), and Stripe. Apple, Google, and Stripe are responsible for collecting data and information required to process or support the payment, such as but not limited to your Apple and Google account, the purchase total, and billing information.
This site is not a part of Apple website or Google website or Stripe website.
This site is NOT endorsed by Apple, Google, or Stripe in any way. Apple and App Store are the trademarks of Apple, Inc. Google and Play Store are the trademarks of Google LLC. Stripe is the trademark of Stripe, Inc.
Comments
When visitors leave comments on the Site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the Site, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on the Site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded contents
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
The analytics tool that the Site and APP use is to collect user data i.e. traffic, visiting page, exiting page, keyword search, time of average visits, etc to understand and improve our website performance. No private data will be collected or revealed as to that purpose.
How We Use Personal Data
Data collected on the Site and APP will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our Site. We will not use your data beyond what we disclose in this Privacy Policy.
The data we collect when the user performs certain functions may be used for the following purposes:
- Product personalization
- APP functionality
- Customer support
- Internal marketing
- Customer support
Who We Share Personal Data With
If you request a password reset, your IP address will be included in the reset email.
We may disclose user data to any member of our organization who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.
Other Disclosures
We will not sell or share your data with other third parties, except in the following cases:
- If the law requires it;
- If it is required for any legal proceeding;
- To prove or protect our legal rights; and
- To the board of the new organization in the event that we seek to transfer the ownership.
If you follow hyperlinks from our Site to another Site, please note that we are not responsible for and have no control over their privacy policies and practices.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our Site and APP (if any), we also store the personal information they provide in their user profiles. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your Rights as a User
If you have an account on this Site and APP, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Under the GDPR, you have the following rights:
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to erasure;
- Right to restrict processing;
- Right to data portability; and
- Right to object.
Children
Our content is safe for any age 4 and above. However, the minimum age we recommend to use our website and APP is 16 years of age. We do not knowingly collect or use personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16 years of age, the personal data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data their parent or guardian may contact our privacy officer.
How to Access, Modify, Delete, or Challenge the Data Collected
If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data, and to whom we disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any of your other rights under the GDPR, please contact our privacy officer here:
Delphine Zhu
contact-at-onenergy.institute
Additional information
Do Not Track Notice
Do Not Track (“DNT”) is a privacy preference that you can set in certain web browsers. We respond to browser-initiated DNT signals. If we receive a DNT signal that indicates a user does not wish to be tracked, we will not track that user.
Cookie Policy
A cookie is a small file, stored on a user’s hard drive by a website. Its purpose is to collect data relating to the user’s browsing habits. You can choose to be notified each time a cookie is transmitted. You can also choose to disable cookies entirely in your internet browser, but this may decrease the quality of your user experience.
We use the following types of cookies on our Site:
- Functional cookies
Functional cookies are used to remember the selections you make on our Site so that your selections are saved for your next visits; and - Third-Party Cookies
Third-party cookies are created by a website other than ours. We may use third-party cookies to achieve the following purposes:- Monitor user preferences to tailor advertisements around their interests.
How We Protect Your Personal Data
In order to protect your security, we use the strongest available browser encryption and store all of our data on servers in secure facilities. All data is only accessible to our employees. Our employees are bound by strict confidentiality agreements, and a breach of this agreement would result in the employee’s termination.
While we take all reasonable precautions to ensure that user data is secure and that users are protected, there always remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.
What data breach procedures we have in place
In case of a data breach incident, we will inform users immediately by email and any other available contact methods. Meanwhile, we will conduct a complete security fix and upgrade.
What third parties we receive data from
Our website may contain links to other third-party sites that are not governed by this privacy policy. Although we endeavor to only link to sites with high privacy standards, our privacy policy will no longer apply once you leave our website. Additionally, we are not responsible for the privacy practices employed by third-party websites. Therefore, we suggest that you examine the privacy statements of those sites to learn how your information may be collected, used, shared, and disclosed.
What automated decision making and/or profiling we do with user data
The data we collected will help us to decide what member privilege and what information is accessible to you.
Modifications
This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. When we amend this Privacy Policy we will update the “Effective Date” at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this Privacy Policy.
Complaints
If you have any complaints about how we process your personal data, please contact us through the contact methods listed in the Contact Information section so that we can, where possible, resolve the issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the _____________________________________________________________________.
Contact Information
If you have any questions, concerns, or complaints, you can contact our privacy officer, Delphine Zhu, at:
contact-at-onenergy.institute
Disclaimer
We are committed to maintaining the accuracy, confidentiality, and security of your personally identifiable information (“Personal Information”). As part of this commitment, our privacy policy governs our actions as they relate to the collection, use and disclosure of Personal Information. Our privacy policy is based upon the values set by the Canadian Standards Association’s Model Code for the Protection of Personal Information and Canada’s Personal Information Protection and Electronic Documents Act.