Who We Are
This Web site, “The American Revolution Tour of North Carolina™” (“AmRevNC.com”) is found at “https://amrevnc.com.” It is owned by AmRevNC, LLC, based in Durham, North Carolina, USA.
The Short Version
- The only information we get that identifies you personally is what you provide if you use our Contact Form or buy from our Shop. We retain that to refer back to when providing customer service and for our own marketing to you, but we never share that with anyone else unless legally required to.
- We do not get your credit card number or other payment information, though our vendors do (see the “Shop” section below).
- We get and share with advertisers aggregated, anonymous data, like the number of clicks on their ads and the regions people clicked from. This does not include any personally identifiable information like IP addresses.
- We prioritize high-privacy third-party providers. They may collect and retain other information, so check their privacy policies (linked from “Providers” below) if you have concerns.
- We are happy to send you the little bit of data we have on you, if any, and to delete it.
What Personal Data We Collect and Why
When visitors use our Contact Us page, we collect the data shown in the contact form, and also the visitor’s IP address and browser user agent string to help us block spam.
Our Shop vendors also share your name, address and e-mail address with us (not your phone number) if you buy something, and what you buy. We only store that information in those e-mails from them, but we can access that information through our vendors. If you create an account, we have access to any information you provide.
Here are links to the privacy policies of our Shop providers:
We know how much you spent, but do not get or have access to your payment information, such as credit card numbers, even if you choose to store it.
If you leave a contact message on our site you may opt-in to saving your name, email address and other information in cookies. These are for your convenience so that you do not have to fill in your details again when you make another contact. You can delete them from your browser anytime.
How We Use Your Information
Although we have no plans for e-mail marketing at this time, AmRevNC may add your e-mail address to contact lists for that purpose in the future. If so, you will be able to opt-out permanently with a few clicks. We will never share or sell those lists. See also “Our Data Breach Procedures” below.
We will never conduct paper mail or telephone campaigns.
Automated Decision-making and Profiling with User Data
None. Aggregated, anonymous data (only) are used to make manual decisions about page content, security, and marketing, etc.
Who We Share Your Data With
No one, unless a court requires us to. AmRevNC does not sell or share personally identifiable data. We only provide aggregated, anonymous data to advertisers as part of our marketing.
Where We Send Your Data
Visitor contacts may be checked through automated spam or robot detection services.
Connections to Other Web Sites
Pages on this site include embedded content, specifically maps provided by OpenStreetMap, and links to a wide range of other Web sites. Embedded content from other Web sites behaves in the exact same way as if the visitor has visited the other Web site, and links to external sites work the same way as they would from any other source, including search engines.
We place a high priority on privacy protection when selecting our service providers, though they in turn may use vendors that collect personalized data. Please see our providers’ privacy policies for more information:
How Long We Retain Your Data
If you contact or buy something from us, the generated e-mail and related metadata (see above) are retained indefinitely. This is for legal purposes and to maintain continuity of service if you contact us again in the future.
What Rights You Have Over Your Data
You can request an exported file of the personal data we hold about you through our Contact form, including any data you have provided to us. You can also request that we erase any personal data we hold about you. We will do so immediately, confirm by e-mail, and then delete your e-mail address. This does not include any data we are obliged to keep for legal or security purposes.
How We Protect Your Data
Our Data Breach Procedures
Within one hour of learning our contact e-mail addresses have been hacked or third-party user accounts have been breached, we will:
- Request any affected provider to force password changes on all related accounts.
- Notify users which data have been compromised.
- Begin an investigation with our security providers (see previous section) to determine if we did anything that allowed the breach.
When the Step 3 investigation is complete, we will:
- Take all steps recommended by our security providers to prevent a recurrence.
- Report the results to all users.
Brute Force Attack Protection
Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.
Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
WooCommerce Shipping & Tax
Data Used: For payments with PayPal or Stripe: purchase total, currency, billing information. For taxes: the value of goods in the cart, value of shipping, destination address. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities. For shipping labels: customer’s name, address as well as the dimensions, weight, and quantities of purchased products.
Data Used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Important: The site owner does not have access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs—containing visitor IP addresses and WordPress.com usernames (if available)—are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.