top of page

About Universe One

Universe One is a research and publishing organization focused on strengthening community resilience, advancing ethical technology, and improving health and equity outcomes through evidence-based knowledge. Our primary function is the production, synthesis, and dissemination of applied research that informs real-world programs, policy development, and organizational decision-making. We bridge academic research, community knowledge, and operational practice to ensure that evidence is translated into practical, scalable solutions.

Our Mission

Our mission is to strengthen community resilience, advance ethical technology, provide transformative education, and preserve life by empowering individuals and organizations to collaboratively address health, equity, and sustainability challenges. We fulfill this mission by conducting and publishing rigorous research, supporting collaborative problem-solving, and advocating for participatory, transparent, and ethical governance across all initiatives.

Our Vision

We envision a world where every community is resilient, every young person has equitable access to health and opportunity, and technology consistently serves the common good. This vision recognizes that resilience, equity, and ethical innovation are essential to addressing the interconnected social, environmental, and technological challenges of our time.

Our Purpose: Research & Publishing

Research and publishing are the foundation of Universe One. We conduct applied and community-informed research, publish open-access reports and frameworks, and translate scientific evidence into actionable insights. Our work supports program design, policy development, and long-term systems change by ensuring that decisions are grounded in credible data and ethical standards.

Values & Ethical Framework

Universe One is guided by community empowerment, integrity, equity, ethical technology, evidence-based action, and sustainability. We believe solutions are strongest when co-created with those most affected, and we commit to transparency, inclusion, and long-term stewardship of both social and environmental systems. All initiatives are grounded in peer-reviewed research and continuous evaluation.

Funding Model: Ghost Agents

Our primary source of funding is the Ghost Agents subscription model, which provides stable, recurring support for research, publishing, and core operations. Ghost Agents enable Universe One to maintain independence, plan long-term research agendas, and respond quickly to emerging needs while remaining accountable through transparent reporting and open access to findings.

Collaboration & Partnerships

Universe One works with organizations across sectors to support research, shared learning, and aligned action. These collaborations help extend the reach of our publications, inform practical application, and ensure that research is responsive to real-world needs.

Community-Driven Systems

Community participation is central to how Universe One operates. We use participatory governance and budgeting practices to ensure that research priorities and resource allocation reflect lived experience. This approach strengthens trust, improves outcomes, and supports equitable, locally relevant solutions.

Health-Focused Research

Health equity and youth well-being are key research areas for Universe One. Our initiatives include evidence-based work on youth nutrition, vitamin access, safe use of over-the-counter medicines, and health literacy. These efforts are designed to generate measurable outcomes, inform policy, and contribute to scalable, sustainable health systems.

Why Universe One

Universe One exists to close the gap between research and real-world impact. By centering our work on research and publishing, funding it through Ghost Agents, and grounding decisions in participatory systems, we are building the knowledge infrastructure needed for healthier, more resilient, and more equitable communities.

PRIVACY POLICY
 
Last updated: January 18, 2026

Universe One (“we,” “us,” “our”) is an early‑stage nonprofit startup focused on community resilience, ethical technology, education, and the preservation of life. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and the rights and choices available to you. We design our services with privacy in mind and update this policy as our organization and services evolve.

Scope and Applicability

This policy applies to personal data collected or processed in connection with:

  • universeone.org and related websites and microsites;

  • donation, subscription, volunteer, and voting platforms;

  • email communications, newsletters, surveys, and forms;

  • events, outreach activities, and partner programs;

  • mobile or web applications we operate;

  • any other services that link to this policy.

It covers supporters, donors, volunteers, subscribed members (Ghost Agents / Peace Protectors), partners, vendors, and visitors worldwide.

Key Definitions and Roles

  • Personal Data: Any information that identifies you or can reasonably identify you.

  • Sensitive Data: Special categories of personal data (e.g., health information) that require extra protections.

  • Processing: Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.

  • Controller: Universe One determines the purposes and means of processing personal data.

  • Processor: Third parties that process data on our behalf (e.g., payment processors, hosting providers).

  • Data Protection Officer: The privacy lead responsible for oversight and compliance.

Principles We Follow

We adhere to the following privacy principles:

  • Lawfulness and Transparency — We process data for lawful purposes and explain how we use it.

  • Purpose Limitation — We collect data only for specified, explicit, and legitimate purposes.

  • Data Minimization — We collect only what is necessary for the stated purpose.

  • Accuracy — We keep personal data accurate and up to date.

  • Storage Limitation — We retain data only as long as necessary.

  • Security — We implement reasonable technical and organizational measures to protect data.

  • Accountability — We document processing activities and maintain records.

Information We Collect

 

Information You Provide Directly

  • Contact Details: Name, email, postal address, phone number.

  • Account Data: Username, password, profile information.

  • Payment and Billing Data: Payment card details, billing address, transaction records (processed by third‑party payment processors).

  • Volunteer and Membership Data: Skills, availability, background, volunteer history, voting participation.

  • Donor Data: Donation amounts, receipts, donor preferences, tax documentation.

  • Community Input: Survey responses, votes, feedback, incident reports.

  • Communications: Messages you send to us, including support requests.

  • Program Participation Data: Enrollment and consent forms for initiatives such as the Vitamin Project or youth OTC programs.

Information Collected Automatically

  • Usage Data: IP address, device type, browser, pages visited, referral source, timestamps, and interaction events.

  • Cookies and Tracking: Cookies, web beacons, and similar technologies used for analytics, security, and site functionality.

  • Analytics Data: Aggregated metrics about site performance and user engagement.

Sensitive Data

We do not collect sensitive personal data by default. If a program requires sensitive data (for example, limited health information for youth health initiatives), we will obtain explicit consent, limit collection to what is necessary, and apply enhanced protections.

How We Use Personal Data

We use personal data to:

  • Provide and operate services: Manage subscriptions, process donations, administer volunteer programs, and operate voting systems.

  • Communicate: Send confirmations, updates, newsletters, and program invitations.

  • Improve services: Analyze usage to improve our website, programs, and outreach.

  • Support research and programs: Aggregate and anonymize community input to guide budget allocation, research, and program design.

  • Comply with legal obligations: Maintain financial records, tax reporting, and respond to lawful requests.

  • Protect rights and safety: Detect and prevent fraud, abuse, or security incidents.

  • Fundraising and partnerships: Conduct outreach to potential partners and supporters consistent with our mission.

We will not use your personal data for purposes incompatible with the reasons it was collected without notifying you.

Legal Bases for Processing

Where applicable law requires a legal basis, we rely on one or more of the following:

  • Consent: When you opt in to communications, program participation, or specific data uses.

  • Contractual necessity: To fulfill agreements such as subscriptions, donations, or volunteer commitments.

  • Legal obligation: To comply with tax, accounting, or regulatory requirements.

  • Legitimate interests: For activities such as fraud prevention, platform security, and improving services, balanced against your rights.

  • Vital interests: In rare cases where processing is necessary to protect life or safety (e.g., emergency response).

Cookies and Tracking Technologies

We use cookies and similar technologies to provide and improve our services.

  • Essential Cookies: Required for site functionality and security.

  • Performance and Analytics Cookies: Help us understand site usage and improve user experience.

  • Functional Cookies: Remember preferences and enable enhanced features.

  • Advertising Cookies: We do not use third‑party advertising cookies for profit‑driven advertising; any partner tracking is disclosed and limited.

You can manage cookie preferences through our cookie banner and your browser settings. Disabling non‑essential cookies may limit certain features.

Sharing and Disclosure

We share personal data only as necessary and with safeguards:

  • Service Providers: Payment processors, hosting providers, email platforms, analytics vendors, and other processors acting on our behalf.

  • Partner Organizations: Businesses and nonprofits collaborating on projects, only when necessary to deliver services or programs and under data protection agreements.

  • Legal and Safety: When required by law, to respond to legal process, or to protect rights, property, or safety.

  • Business Transfers: In the event of a merger, acquisition, or sale, personal data may be transferred as part of the transaction with notice to affected individuals.

  • Aggregated and Anonymized Data: We may publish or share aggregated research findings that do not identify individuals.

All third parties are required to maintain appropriate security and confidentiality measures.

International Data Transfers

Universe One operates globally. Personal data may be transferred to countries with different data protection laws. When we transfer data internationally, we use appropriate safeguards such as standard contractual clauses, data processing agreements, or other lawful mechanisms to protect your information.

Data Retention

We retain personal data only as long as necessary for the purposes described and to meet legal obligations. Typical retention periods include:

  • Account and profile data: 7 years after account closure for financial and legal compliance.

  • Donation and payment records: 7 years for tax and audit requirements.

  • Volunteer records: 5 years after last activity for program administration.

  • Voting and community input: 3 years; anonymized for research thereafter.

  • Support correspondence: 2 years for service improvement.

  • Analytics and logs: 1 year; aggregated longer for performance and security.

Retention periods may be extended where required by law or legitimate organizational needs; we will notify affected individuals when appropriate.

Security Measures

We implement reasonable technical and organizational measures to protect personal data, including:

  • Encryption of data in transit and at rest where feasible.

  • Access controls limiting data access to authorized personnel.

  • Role based permissions and least privilege principles.

  • Regular security assessments and patch management.

  • Multi‑factor authentication for administrative access where possible.

  • Incident response procedures to detect, contain, and remediate breaches.

  • Vendor vetting and contractual security requirements for subprocessors.

As a startup, we continuously improve security practices and may engage external auditors or security partners.

Data Subject Rights and How to Exercise Them

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of personal data we hold about you.

  • Correction: Request correction of inaccurate or incomplete data.

  • Deletion: Request deletion of personal data, subject to legal and operational limits.

  • Restriction: Request restriction of processing in certain circumstances.

  • Portability: Request a machine‑readable copy of data you provided.

  • Objection: Object to processing based on legitimate interests or direct marketing.

  • Withdraw Consent: Withdraw consent where processing is based on consent.

  • Complain to a Regulator: Lodge a complaint with a data protection authority.

To exercise rights, contact privacy@universeone.org. We will verify identity before fulfilling requests and respond within applicable legal timeframes. If we refuse a request, we will explain the reasons and provide information about appeal options.

Verification Process for Requests

To protect privacy, we may require:

  • A copy of a government‑issued ID or other verification documents.

  • Confirmation of account details or recent transaction information.

  • Additional information to locate the data you request.

We will minimize the personal data we collect for verification and delete verification documents once the request is processed.

Special Provisions for Donors and Subscribers

  • Payment Processing: Payment card data is processed by third‑party payment processors and is not stored on our servers except as permitted by those processors.

  • Receipts and Tax Records: We retain donation records for tax and audit purposes.

  • Subscription Management: Subscribed members can manage billing, cancel subscriptions, and update preferences through their account settings.

  • Voting Rights and Data: Voting participation and related metadata are recorded to ensure integrity of community decisions; aggregated results may be published.

Special Provisions for Volunteers and Program Participants

  • Background Information: Volunteers may provide background or qualification details; access is limited to program staff.

  • Program Health Data: If a program requires limited health information (e.g., for youth OTC distribution), we obtain explicit consent and apply enhanced protections.

  • Safety Reporting: Reports submitted by volunteers may be used to improve safety and program design; personally identifying details are shared only on a need‑to‑know basis.

Research Data Governance

Universe One conducts research to guide programs and budget allocation. We follow these practices:

  • Ethical Review: Research involving human subjects or sensitive topics will follow ethical review and consent procedures.

  • Anonymization and Aggregation: We anonymize or aggregate personal data before analysis or publication whenever possible.

  • Data Sharing for Research: Any sharing of research datasets with partners uses de‑identified data and data use agreements.

  • Data Protection Impact Assessments: We perform DPIAs for high‑risk processing activities.

Automated Decision Making and Profiling

We may use automated tools to analyze aggregated data for research, program planning, and fraud detection. We do not use automated decision making that produces legal effects or similarly significant outcomes about individuals without human review and appropriate safeguards.

Data Breach Response

In the event of a data breach, we will:

  • Contain and investigate the incident promptly.

  • Notify affected individuals and regulators as required by law and within applicable timelines.

  • Provide guidance on steps individuals can take to protect themselves.

  • Remediate vulnerabilities and update security measures.

  • Document the incident and response actions.

Subprocessors and Service Providers

We use third‑party service providers to operate our services. These may include payment processors, hosting providers, email platforms, analytics vendors, and security partners. We maintain a list of subprocessors and require contractual commitments to protect personal data. Contact privacy@universeone.org for current subprocessors.

Third Party Links and Embedded Content

Our website may contain links to third‑party sites or embedded content. We are not responsible for the privacy practices of those sites. Review their privacy policies before providing personal information.

Children and Youth Protections

We do not knowingly collect personal data from children under 13 without parental consent. Youth programs will include parental consent processes and additional safeguards. For participants under the age of majority in their jurisdiction, we will obtain appropriate consent and limit data collection to what is necessary.

International Compliance

We aim to comply with applicable privacy laws, including GDPR for EU residents and other regional requirements. Where required, we provide mechanisms to exercise rights and implement safeguards for international transfers.

Accountability and Governance

  • Privacy Lead: We maintain a privacy lead responsible for oversight and compliance.

  • Training: Staff and volunteers receive privacy and security training appropriate to their roles.

  • Audits: We conduct periodic internal reviews and may engage external auditors.

  • Transparency Reports: We publish periodic transparency reports summarizing data requests, research outputs, and high‑level budget allocation outcomes.

Legal Notices and Jurisdiction

Universe One is incorporated as a nonprofit startup and operates under the laws of the jurisdiction in which it is registered. This policy is governed by applicable law; disputes will be handled in accordance with those laws and local regulatory requirements.

Contact Information

For privacy inquiries, data subject requests, or concerns, contact:

Email: privacy@universeone.org
Mail: Universe One, Privacy Office, [Address Placeholder], [City], [Country]
We will acknowledge requests promptly and respond within applicable legal timeframes.

Changes to This Policy

We may update this Privacy Policy as our organization and services evolve. We will post the revised policy with an updated “Last updated” date and, where appropriate, notify users of material changes.

If you’d like, I will produce a concise Privacy Highlights summary for your site header and a cookie banner text that matches this expanded policy. Respond with “Create highlights” to have both ready.

​​​​​

Legal Framework Overview

Federal compliance begins with organizing and operating under the Internal Revenue Code for charitable organizations (Section 501(c)(3)), including filing Form 1023, maintaining exempt‑purpose operations, and meeting annual reporting obligations.

Florida state requirements include incorporation under the Florida Nonprofit Corporation Act (Chapter 617) and initial filings with the Division of Corporations (Sunbiz). Charitable solicitation registration with the Florida Department of Agriculture & Consumer Services (FDACS) is required before fundraising in Florida, with a simplified path for small organizations under certain thresholds.

Local obligations (Kissimmee / Osceola County): obtain the City of Kissimmee Business Tax Receipt or Osceola County Local Business Tax Receipt as applicable before operating within city or county limits. Confirm zoning and local permits during setup.

Data, Privacy & Youth Protections

Data security and breach notification: Florida’s Information Protection Act (FIPA) requires prompt breach response and notification for Florida residents’ personal data; implement incident response, encryption, and vendor controls.

Health data (HIPAA): if Universe One collects, stores, or transmits protected health information (PHI) in connection with programs (e.g., Vitamin Project, OTC distribution), determine whether HIPAA applies and adopt required safeguards and Business Associate Agreements.

Children’s online privacy (COPPA): any online services directed to children under 13 or knowingly collecting their data must follow COPPA requirements (parental notice/consent, data minimization, and privacy policy disclosures). Design youth programs with parental consent workflows.

Volunteers, Background Checks & Employment

Volunteer screening: for volunteers working with children, elderly, or disabled persons, use Florida’s VECHS program and FDLE criminal history checks as required; document screening policies.

Employment law: Florida is an at‑will employment state, but comply with federal anti‑discrimination laws, wage and hour rules, and whistleblower protections; maintain clear volunteer vs. employee classifications.

Tax, Fundraising & Financial Compliance

Sales and use tax: apply for Florida’s Consumer’s Certificate of Exemption (DR‑14) if eligible; maintain records showing purchases are for exempt charitable purposes.

Financial records & audits: retain donation, subscription, and grant records for tax and audit purposes (commonly 7 years for donations); prepare annual filings and transparency reports to donors and regulators.

Practical Next Steps (Compliance Checklist)

  • File Articles of Incorporation (Florida) and apply for EIN and IRS 501(c)(3) recognition.

  • Register for charitable solicitation with FDACS before fundraising.

  • Obtain local Business Tax Receipt for Kissimmee/Osceola operations.

  • Implement privacy, HIPAA (if applicable), COPPA, and FIPA‑aligned policies and vendor contracts.

  • Adopt volunteer screening via FDLE VECHS where relevant.

If you’d like, I will turn this into a downloadable compliance checklist tailored to Universe One’s launch timeline and assignable owner roles for each item.

bottom of page