Welcome to Guardians of Liberty, a patriot organization based in the United States of America and operated from North Carolina. This is our methods and policy for handling your personal and sensitive data on our website. By using our website you consent to these methods whether you read this policy or not. We have also made additional efforts to make this policy easily readable and understandable. Please ensure you read this policy thoroughly and if you do not consent, immediately discontinue the use of this website!
In order to operate our website, we must collect some data from you. This is called NON-PII or Non-Personally Identifiable Information. By simply navigating to our website, we must know your screen resolution, operating system, and other details to know what version of the website to serve to you so that it best displays on your device. This is called NON-PII. However, we also collect PII or Personally Identifiable Information.
We will explain what information we collect and how we use and safeguard it.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you are a registered member, any information you have publicly available on your profile is linked to every comment you make. We also collect your IP address and cookie information for security purposes.
When you register for the site, you may be asked to provide certain personal data for display on your profile. The “Name” field is required as well as public, and user profiles are visible to any site visitor. Other profile information may be required or optional, as configured by the site administrator.
User information provided during account registration can be modified or removed on the Profile > Edit panel. In most cases, users also have control over who is able to view a particular piece of profile content, limiting visibility on a field-by-field basis to friends, logged-in users, or administrators only. Site administrators can read and edit all profile data for all users.
This site records certain user actions, in the form of “activity” data. Activity includes updates and comments posted directly to activity streams, as well as descriptions of other actions performed while using the site, such as new friendships, newly joined groups, and profile updates.
The content of activity items obey the same privacy rules as the contexts in which the activity items are created. For example, activity updates created in a user’s profile is publicly visible, while activity items generated in a private group are visible only to members of that group. Site administrators can view all activity items, regardless of context.
Activity items may be deleted at any time by users who created them. Site administrators can edit all activity items.
Private Messaging (Non-Chat)
The content of private messages is visible only to the sender and the recipients of the message. With the exception of site administrators, who can read all private messages, private message content is never visible to other users or site visitors. Site administrators may delete the content of any message.
We utilize discussion boards, also referred to as forums, for primary communications on our website. This is an act of someone creating a topic comment, and allowing others to comment directly to that topic comment.
Any information you have publicly available on your profile is linked to every comment you make. We also collect your IP address and cookie information for security purposes.
We allow the use of chat rooms for live discussions that are both text based, and video based.
Any information you have publicly available on your profile is linked to every chat comment you make. We also collect your IP address and cookie information for security purposes.
In many of the commenting and discussion services we offer, we allow the uploading of media – ie, videos, music, and photos/images. Along with other data we collect, you need to understand that some photographs, videos, and audio comes with META DATA attached to it which can reveal your location, your name, the device you used, and much more information.
We do NOT parse or otherwise collect any meta data. We do attempt to scrub meta data from your photos and images for your security. This is not always achievable with some image formats.
We do not have the server capacity to scrub meta data from videos and audio. This requires a LOT of CPU power that we simply don’t have access to with our budget.
THEREFORE, IT IS YOUR RESPONSIBILITY TO MAINTAIN YOUR PRIVACY BY SCRUBBING META DATA BEFORE YOU UPLOAD YOUR MEDIA!
Please understand, that while we do not use your meta data, OTHER nefarious individuals may if they have access to the media you posted. If you are unable to scrub your meta data or do not know how, we would advise and encourage you to only post media in private, access-controlled areas with other people you know and trust.
We have contact forms on our website which sends all data you enter to the administrator’s email addresses on our website. This information is sent to our own network as our admins all use emails at guardiansofliberty.us.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Our website does NOT track cookies from other websites. However, other shady websites may be able to track our cookies and understand that you frequent this website (and others) – we have no control over this, only your browser does.
We use a cookie to show success and failure messages to logged-in users, in response to certain actions, like joining a group. These cookies contain no personal data, and are deleted immediately after the next page load.
When a logged-in user creates a new group, we use a number of cookies to keep track of the group creation process. These cookies contain no personal data, and are deleted either upon the successful creation of the group or after 24 hours.
We use anonymous cookies to prevent users from seeing the same popup repetitively in an attempt to make our users experience more pleasant while still delivering time sensitive messaging.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Events & Tickets
We collect and store information you submit to us when making a booking, for the purpose of reserving your requested spaces at our event and maintaining a record of attendance.
We collect and store information you submit to us about events (and corresponding locations) you would like to publish on our site.
When you submit a classified listing, the content of the listing and its metadata are retained indefinitely. All users can see, edit or delete the personal information included on their listings at any time. Website administrators can also see and edit that information.
Website visitors can see the contact name, website URL, phone number, address and other information included in your submission to describe the classified listing.
We collect your information during the checkout process on your purchase. The information collected from you may include, but is not limited to, your name, billing address, shipping address, email address, phone number, credit card/payment details and any other details that might be requested from you for the purpose of processing.
Handling this data will also allow us to:
- Send you important service information.
- Respond to your queries or complaints.
- Set up and administer your account, provide technical and/or customer support, and to verify your identity.
Additionally we may also collect the following information:
- Your comments and product reviews if you choose to leave them on our website.
- Account email/password to allow you to access your account, if you have one.
- If you choose to create an account with us, your name, address, and email address, which will be used to populate the checkout for future orders.
Data Collection & Storage
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Non-PII is sent to Google for statistical analysis. This information includes your geographical region, your web browser, your web browser resolution (so we can understand what devices are using our website and how best to tailor our website in the future), what pages you visit (so we understand what content is useful to our members), and how you interact with that content (so we know if you are getting errors).
Automattic, the creators of WordPress, is sent almost all form data you submit to determine if it is spam or not. If that information isn’t flagged as spam, it is NOT saved on Automattic’s servers.
We also use Automattic’s service to determine if your password has been previously compromised on another website by relying on their databases of “dark web” searches for compromised passwords. If you submit a password to our website, the hash of that password is checked in Automattic’s databases and returns a Go or No-Go code to our website so we know to notify our members and force a password change.
We utilize CloudFlare as a reverse proxy for our website. A reverse proxy is a caching mechanism that stands between our users and the actual server. All data you send to our website is first sent through CloudFlare and all data you receive from our website is also sent through CloudFlare.
This allows CloudFlare to intercept attacks, spam, and other unwanted data before it arrives at our servers. It also masks our servers IP addresses making it harder for our server to be attacked and compromised.
This is an essential service that prevents our hosting provider from having to hire a full-time staff of abuse and network security teams to work around the clock blocking attacks as they arrive. CloudFlare is a large network provider who protects some of the biggest sites on the internet.
Image Compression Third-Party Services
User-submitted images may be transmitted to image compression servers in the United States and stored there for up to 30 days so that they may be served to end-users in an optimized and compressed manner.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
We take great strides to ensure the Private (PII) Data you send to us is safeguarded and remains out of the hands of those that would exploit it or do evil things with your data.
While listing ALL of our practices would enable an attacker to know how to circumvent our safeguards, we will list a few but not all of our methods here.
Our website is only accessible through SSL – Secure Socket Layer, which is a 2-way encryption that ensures that eavesdropping is near impossible. How does someone eavesdrop on you? With unsecured websites, it is possible for someone on the same network with you or the server to sniff out the packets being set and see exactly what you are posting and sending to that website and what that website is sending to you. When those packets are encrypted, this becomes a near-impossibility.
Your most sensitive data is stored on our server’s hard drive in a database in an encrypted or salted manner.
Salted – Salting data is to provide an irreversible encryption that only the server will understand. This means it is impossible to ever decrypt it in the future. We salt all passwords in our database.
Encrypted – Encrypting data is to scramble the data so that it can only be understood with the right key which can be stored on the server in a secret location or off-site. Because there is a key, there are ways of circumventing it, usually by brute-forcing a key which takes years to do. So it is not impossible, but improbable. We encrypt your most personal data on our servers to include your address, credit card details, and your phone number.
We give you control over what profile fields are visible and to whom. You can change this by editing your profile or by visiting your account settings under the privacy tab. Administrators can ALWAYS SEE EVERYTHING.
Private, Local Servers
The owner of our servers is Goldsboro Web Development, who is run by our leaders, Michael and Kimberly Wells. These servers are geographically located in a secure, brick building, in a secure office in Princeton, North Carolina (just beside the US Post Office). We do not utilize a web hosting provider where our data is stored on a server in an unknown location, with people we don’t know having access to that data. Our servers are controlled access by only those who you know and trust in our organization.
Run By IT Experts
Unless we’re served with a warrant or summons, our default is “no”. We do not KNOWINGLY share your information, communications, or other data with law enforcement or other government agencies unless we have been served with a legal document that compels us to do so.
However, if you admit to a crime on our website or threaten bodily harm to others or yourself, we are legally compelled to alert law enforcement. In a case the website administration deems it necessary to activate this privacy clause, you will be notified and the information transferred to law enforcement will be limited in scope to the information we faithfully deem absolutely necessary to stopping the crime or bodily harm.
To be clear, if you tell us on this website that you are going to commit suicide, you can’t expect us not to call law enforcement for a health and welfare check. We would have to be sick narcissistic sociopaths to just sit and watch.
As the saying goes in network security: An administrator who thinks their systems cannot be broken into will be broken into. If you plan for a breech, it makes it less likely to happen because you’re always conscientious over the latest attack vectors, updating the website’s code, and ensuring security methods are updated and at their best.
Because of this, we also have a plan and policy in place in case our website is breached and how we will notify you.
Upon finding that this website has been breached, we will immediately go into lock-down-mode. That means that only administrators with certain IP addresses will have access to the website. Everyone else will be temporarily locked out. This allows us time to study the logs and see how our website was being used at the time so we can replicate the breech and stop it. Our first priority is stopping the breech and the safe operation of our website.
Once we have secured our website and taken steps to ensure it will not happen again, we will email all users on our website, providing your email address works and isn’t sending our emails to your spam folder. We will address the breach and how it happened and what information the attack may have gained access to (if any).
If we’re certain that an attacker has gained access to your PII, we will call you directly, generally within 3 days of the attack.
Third Party Data
We do not collect any data about you from another third party except that data that is provided by Google Analytics, Automattic, and CloudFlare.
Many companies and websites will use your data to profile you for marketing based on your religious and political affiliations – even your race and gender. We do not do this. We may use some of your data to match you with other members that are close by and sort you into state and zone, but that is the extent of our profiling methods.
However, security personnel may use data you give them in interviews and data they gather from social media websites to profile you politically to understand if you are a threat to our organization.
Rights to Amend
The Guardians Of Liberty website administrators and leadership reserves the right to amend this document at any time for any reason whatsoever and those amendments shall be effective immediately and shall alert you through this document when the last amendment was made.
LAST EDITED: September 10, 2020