Legal

Privacy Policy

Effective date: January 1, 2026  ·  Last updated: January 1, 2026

This Privacy Policy explains how [YOUR BUSINESS NAME] ("we," "us," or "our"), a Virginia-based company, collects, uses, and protects your information when you use the HistoricWalk platform at historicwalk.com (the "Service").

1. Information We Collect

We collect information you provide directly and information generated automatically when you use the Service:

• Account information: name, email address, and profile photo provided via Google Sign-In.
• Purchase information: transaction records processed through Stripe. We do not store credit card numbers — Stripe handles payment processing.
• Tour activity: which stops you have completed, challenge answers, and photos you submit for observation challenges.
• Location data: GPS coordinates, collected only while you are actively on a tour and only with your permission. We do not track your location in the background.
• Device data: browser type, operating system, and device identifiers used to deliver the app and diagnose issues.
• Usage data: pages viewed, buttons tapped, and time spent — used to improve the experience.

2. How We Use Your Information

• To provide, operate, and maintain the Service.
• To process purchases and send purchase confirmations.
• To save your tour progress across devices.
• To send proximity alerts when you are near a tour stop (only if you have enabled notifications).
• To respond to your support requests.
• To improve the Service through aggregated, anonymized analytics.
• To comply with legal obligations.

3. Sharing Your Information

We do not sell your personal information. We share information only with:

• Supabase — our database and authentication provider, which stores your account and tour progress data.
• Stripe — our payment processor. See Stripe's Privacy Policy.
• Google — used for Sign-In only. See Google's Privacy Policy.
• Mapbox — used to display maps within the app. See Mapbox's Privacy Policy.
• Legal authorities — when required by law or to protect rights and safety.

4. Cookies and Local Storage

We use browser local storage to save your settings, tour progress, and one-time preference flags (such as whether you have been asked about location access). We do not use third-party advertising cookies.

5. Data Retention

We retain your account and tour progress data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

6. Your Rights (Virginia VCDPA)

If you are a Virginia resident, the Virginia Consumer Data Protection Act (VCDPA) provides you with the following rights:

• Access: request a copy of the personal data we hold about you.
• Correction: request that we correct inaccurate personal data.
• Deletion: request that we delete your personal data.
• Portability: receive your personal data in a portable, commonly used format.
• Opt out of sale: we do not sell your data, so this right is not applicable.

To exercise any of these rights, contact us at the address below. We will respond within 45 days as required by law.

7. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

8. Security

We use industry-standard measures including HTTPS encryption and access controls to protect your data. No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page with a revised effective date. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us