Last Updated: Saturday, November 23, 2019
Effective: Sunday, December 1, 2019
Who we are
The Celestial Atlantis Treaty Organization. We are the data controllers for all CATO Directorates: Consortium of the Infinity Star, NortheBridge, Assembly of Concorde, Scientific and Advanced Research Labortories, and Ahtohallan. Our web address is https://northebridge.com/. Our mailing address is:
Celestial Atlantis Treaty Organization (CATO)
c/o Privacy & Trust Division
445 S. Figueroa St.,
Los Angeles, California 90071
United States of America
How do you handle my personal data
As Data Controller
The Celestial Atlantis Treaty Organization is the primary data controller of all personal data collected through CATO affiliated sites and web apps. As data controller, CATO determines how to use your personal data including how that data is read and transacted by and between the various CATO Directorates as well as any third-parties.
As Data Custodian
The Celestial Atlantis Treaty Orgaization is the primary data custodian of all personal data collected through CATO affiliated sites and web apps, specifically when this data is ‘at rest.’ While in custody of your data, in addition to any privacy controls we may offer you, we maintain custody of your personal data by only making known for transacting the least amount of personal data possible. We only provide enough data to any third-parties for the operations of sites, apps, and services as you would expect them. We do not sell your personal data to third-parties. For the ease of use and security of all sites, apps, and services, CATO makes available in full without any redactions, your personal data to its Directorates only. Different privacy policies may apply to your personal data after being used on a Directorates’ site, app, or service even though CATO remains the data controller. In the event of a conflict of “custodial policies” regarding personal data, always assume the policy containing more data collection is correct until otherwise noted.
What personal data we collect and why we collect it
When you register for a OneWorld Passport which is required for the use of certain portions of our sites as well as our apps and services, we ask your for personal details including name, location and the permission to use your GPS location while using our site, apps, and services, age, gender, and OAuth 2 compatible social network handles from Twitter and Instagram. We consider all of this to be personal information. At this time, this information has no controls available to it and will be displayed as intended within the OneWorld Passport as well as how the OneWorld Passport is used.
Passive Data Telemetry
The Celestial Atlantis Treaty Organization’s sites, services, and apps use “passive data telemetry” to acquire general information regarding users of the sites, services, and apps for analytical purposes and any resulting tasks thereof. Passive data telemetry is provided in the form of “becons” generated by Google Marketing Analytics, Microsoft Bing Webmaster Analytics, and Piwik Anyalytics. Passive data telemetry creates a “globally unique identifier” for you by using cookies and other data about your connect to our sites, apps, and services. We classify telemtry as “passive” when the data is not relayed to us in near-realtime. You cannot opt out of “passive data telemetry” but you may remove the cookies stored on your computer as described in a later section of this Policy.
Active Data Telemetry
The Celestial Atlantis Treaty Organization’s sites, services and apps use “active data telemetry” to acquire deep learning information regarding users of the sites, services, and apps for analytical purposes and any resulting tasks thereof. We consider telemetry to be “active” when it provides realtime or near-realtime updates about you as you use our sites, services, and apps. Active data telemetry is provided in the form of a globally unique “session” generated by Matomo and Microsoft Dynamics 365 for Enterprise and compared against the beacons generated in passive data telemetry.
Embedded content from other websites
Certain parts of our web apps, sites, and services may use “embedded content” from third parties. Embedded Content works the same way as if you visited the website from which the content is coming from. We do not maintain or otherwise control how data collected by embedded websites are used for any purposes including but not limited to marketing and analytics.
We limit the access and ability of embedded content strictly to the functionality it is intended for but we cannot guarntee the fitness for a particular privacy purpose of the embedded content.
Who we share your data with
The Celestial Atlantis Treaty Organization shares your data between its Directorates as well as any required third-party to transact the functionality of web apps, sites, and services. CATO may also share high level data regarding analytics collected with third party partners for the purposes of catalylizing the data or for universal analytical tracking.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
How we protect your data
What data breach procedures we have in place
What third parties we receive data from
What automated decision making and/or profiling we do with user data
Industry regulatory disclosure requirements