Privacy Policy

TOF Data System(the “System”) is an internal enterprise resource planning application operated by The OpenTree Foundation, accessible at askjay.opentree.org. It is intended solely for authorised OTF staff and approved collaborators. This policy explains what personal information we collect from the people who sign in to and use the System, how we use it, and the choices available to them. It is not directed to the general public, and the System is not available to children as users.

We collect the following categories of information:

• Google account information. When you sign in with Google, we receive your name, email address, profile picture, and Google account identifier from the basic profile scopes you authorise. We do not request access to your Gmail, Drive, Calendar, contacts, or any other Google service data.
• Account and profile data. Your assigned role, organisation membership, activation status, and related access-control settings within the System.
• Operational data you enter. Records you create or edit as part of OTF’s programmes and administration (for example partners, centres, team members, and programme entries).
• Technical and activity data. Sign-in events, session activity timestamps, and an audit log of changes you make (including the action, the affected record, and your user identifier), together with technical details such as IP address and browser user-agent for security and troubleshooting.

We use the information above only to operate the System, specifically to:

• authenticate you and confirm you are an authorised user;
• determine your role and apply the appropriate access permissions to data and features;
• provide, maintain, and improve the System’s functionality;
• keep an audit trail of changes for accountability, security, and data integrity;
• send essential service communications (for example account-approval or security notices); and
• comply with our legal and regulatory obligations.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.

We use Google sign-in data exclusively to authenticate you and to identify your account within the System. We do not sell this data, do not use it for advertising, and do not transfer it to third parties except as necessary to provide the System (see “How we share information” below) or where required by law. We do not use Google user data to train generalised artificial-intelligence or machine-learning models.

We do not sell your personal information. We share it only with the service providers that host and operate the System on our behalf, each acting under contract and only as needed to provide their service:

• Google — authentication (sign-in with Google).
• Supabase — database, user authentication records, and file storage.
• Vercel — application hosting and delivery.
• Resend — transactional email delivery.
• Zoho People — synchronisation of staff records (where applicable).

We may also disclose information if required to do so by law, or to protect the rights, safety, or property of The OpenTree Foundation, our users, or the public.

Data is stored in managed cloud infrastructure (Supabase, hosted in the Asia-Pacific region). We protect it with industry-standard measures, including encryption in transit, role-based access controls, restricted administrative access, and a complete audit log of data changes. Access to the System is limited to approved accounts on permitted email domains.

We retain personal information for as long as your account is active and as necessary to operate the System, meet our legal and audit obligations, and resolve disputes. Audit-log entries and historical records may be retained after an account is deactivated to preserve the integrity of the record.

Depending on applicable law, you may have the right to access, correct, or request deletion of your personal information. To exercise these rights, or to ask a question about this policy, contact us using the details below. You can also revoke this application’s access to your Google account at any time from your Google account permissions page; doing so will prevent future sign-ins with Google.

The System and its service providers may process and store information in countries other than your own. Where information is transferred across borders, we take steps to ensure it remains protected in accordance with this policy.

We may update this policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be communicated to users through the System or by email where appropriate.

If you have questions or requests regarding this policy or your personal information, contact The OpenTree Foundation at privacy@opentree.org.