Privacy Policy

“Woodstock Locals,” “we,” and “us” refers to the team behind woodstocklocals.com, an online community for people in Woodstock, Georgia and the surrounding Cherokee County area. We are the data controller for the personal information described in this policy.

For privacy questions, data-rights requests, or complaints, open a support request and pick the “Account” or “Other” category. Security issues should also go through support under “Safety” — that way urgent items get the right eyes on them first.

• To run the Service and let neighbors find each other.
• To keep accounts secure, detect abuse, and respond to safety incidents.
• To send transactional email (sign-up confirmation, password reset, important account or policy notices).
• To improve features and reliability — using aggregated, non-identifying signals only. We never use the body of your content for product analytics or advertising.
• To enforce these Terms and the community rules — including investigating reports and pattern abuse.
• To comply with the law and respond to valid legal process. See Section 9.
• To honor your access, correction, and deletion requests under Section 11.

• We don't sell or rent your personal information.
• We don't run third-party ad pixels, retargeting tags, or behavioral advertising networks.
• We don't build cross-site profiles, fingerprint your device, or share your behavior with data brokers.
• We don't read your direct messages except as needed to investigate a specific report or legal request, restore lost data, or fix a documented bug. We don't mine DMs in aggregate, scan them for advertising signals, or pass their contents to third parties.
• We don't use the contents of your posts, comments, or DMs to train third-party AI models. If we ever build Service-internal features that use machine learning on public Content, we'll describe it here first and give you a way to opt out where the law requires.
• We don't voluntarily disclose user identities to marketers, business owners, civil litigants, or curious neighbors. See Section 9 for what does trigger disclosure.

Woodstock Locals is built around posting and commenting under a pseudonym. When you post, other users see a generated animal-and-adjective name (“Foggy Otter 421”) and an emoji rather than your real handle. When you start an anonymous DM from a post, both sides keep their pseudonyms until either of you chooses to reveal.

Anonymity is real to other users. It is not absolute against us. We always know which account created a post, comment, DM, or report. We need this association to moderate the Service: enforce rules, investigate harassment, respond to legal requests, prevent ban evasion, and honor your own data-access and deletion requests.

Section 9 lists the specific circumstances under which we will identify the author of anonymous content — including law enforcement with proper legal process, imminent-harm emergencies, child-safety cases, targeted criminal harassment, and our own investigations of repeat or coordinated abuse.

What we never do with the link:

• We never sell it.
• We never share it with marketers or data brokers.
• We never disclose it to other users, businesses, or officials on private request without proper legal process or a Section 9 trigger.
• We never use it for advertising or any commercial purpose outside operating the Service.

Direct messages and group chats are private to their participants in normal use, but they are not end-to-end encrypted. Specifically:

• DMs are encrypted in transit (HTTPS) and at rest in our database (managed encryption by our cloud database provider).
• We have the technical ability to read DMs. We use this ability only when one of these is true:

• You report a specific DM and we need to review it.
• We receive a valid legal request authorizing access (Section 9).
• There's a credible imminent-harm situation (Section 9).
• We need to debug a specific reported issue you reported, and even then we limit access to what's necessary.
• You ask us to (data export, account recovery).

We do not browse DMs out of curiosity, search them in aggregate, scan them for advertising signals, or feed their contents to third-party services.

Image attachments in DMs are stored in a separate bucket with access restricted to conversation members at the database level. They share the same encryption-at-rest and access controls as the messages themselves.

We rely on a short list of vendors. They process your data on our behalf, under their own published privacy and security commitments. We share with them only what they need to do their job.

• Amazon Web Services (AWS) — provides the cloud infrastructure that hosts our application, database, file storage, and real-time messaging. All of the user-facing Service runs on AWS infrastructure in the United States.
• DataForSEO — fetches Google place and news listings on our behalf so we can cache them. They receive the search query and a location code; they do not receive your identity, your account, or anything you posted.
• Transactional email provider— delivers sign-up confirmations, password resets, and important account or policy notices. They receive your email address and the message body; they don't receive your posts, DMs, or browsing activity.

We don't use third-party advertising networks, third-party analytics, marketing automation tools that profile users, data enrichment vendors, or AI training data brokers. We will add to this section before introducing any new vendor that processes user data.

We take legal requests seriously and we take user privacy seriously. We will identify users (including the author of anonymous content) under these specific circumstances:

• Valid legal process— a subpoena, court order, search warrant, or other legal demand issued by a court or government authority with jurisdiction over us. We review every request, and we challenge ones that are facially invalid, overbroad, or beyond the issuer's jurisdiction.
• Imminent threat to life or serious physical injury— when there's a credible report of an active threat to a person's safety, we may disclose identifying information to law enforcement without waiting for legal process, consistent with applicable emergency-disclosure law (e.g., 18 U.S.C. § 2702(c)(4)).
• Child safety— cases involving the exploitation of a minor are reported to the National Center for Missing & Exploited Children (NCMEC) as required by law, and the relevant data is preserved for investigation.
• Criminal harassment, stalking, or doxxing with a clear victim— when anonymous content directly targets an identifiable person and crosses into criminal conduct, we will cooperate with that person's lawful investigation, which may include disclosing identifying information under proper process.
• Internal investigation of repeat or coordinated abuse — when patterns across multiple accounts indicate brigading, ban evasion, organized harassment, or fraud, we may correlate identifying information internally to take enforcement action.

What we don't do:we don't identify users in response to private business requests, ordinary civil disputes, hurt feelings, public-records requests against us as a private party, or demands that lack proper legal process.

Notice to you:when the law allows it, we'll let you know about a request for your information before responding, so you have a chance to object or seek your own counsel. Some demands come with non-disclosure orders that prevent us from telling you immediately; in those cases we'll tell you as soon as we're allowed.

Transparency: when the law allows, we publish a basic transparency note about the volume of legal demands we receive on a periodic basis.

We use a small number of strictly-necessary cookies to keep you signed in and to remember your interface preferences. We don't use third-party advertising cookies, retargeting pixels, behavioral analytics, or cross-site tracking technology. If we ever add product analytics, it will be privacy-respecting (no IP retention beyond a short rolling window, no cross-site tracking, no profile-building) and we'll update this page first.

Browser-level “Do Not Track” and Global Privacy Control (GPC) signals are honored where applicable — we're not doing the things those signals are intended to opt you out of in the first place.

You can:

• Access and update your profile from Settings.
• Delete your account from Settings. See Section 11 for what gets deleted, what gets orphaned, and what we keep for safety/legal reasons.
• Restrict who can DM you from Settings — anyone, group mates only, or nobody.
• Block another user from a DM thread or their profile. Blocks remove their ability to DM you and hide them from your inbox.
• Manage blocks— see and unblock anyone you've blocked from Settings.
• File a report on a post, comment, or profile that breaks the rules.
• Request a copy of your data — open a support request under “Account” with “Data Export” in the subject line and we'll send a machine-readable archive of your account data within 30 days.
• Correct inaccurate data— you can edit most of it from Settings; for anything you can't edit, send us a note and we'll fix it.

If you're a resident of California, the EEA, the UK, Virginia, Colorado, Connecticut, Utah, or another jurisdiction with specific privacy rights, you also have additional rights including the right to know what we process about you, the right to correct it, the right to limit certain processing, and the right to non-discrimination for exercising those rights. We don't sell or “share” personal information for cross-context behavioral advertising as defined by the CPRA. To exercise any of these rights, contact support under “Account” and we'll route the request to the right place. We aim to respond within seven days for routine questions and within 30 days for formal data-rights requests.

If you believe we haven't handled a request properly, you have the right to complain to your local data-protection authority.

When you delete your account from Settings, here's exactly what happens:

• Profile data (display name, bio, avatar emoji, neighborhood, handle, DM privacy setting) is deleted from the active database immediately.
• Non-anonymous posts and comments are deleted along with their reactions and votes.
• Anonymous posts and anonymous comments are orphaned, not deleted: the body stays visible to the community under a generic “Deleted user” label, and the link to your real account is severed in our database. We do this so other neighbors' replies and reactions don't disappear out from under them. If you want a specific anonymous post deleted instead, delete it before deleting your account.
• Direct messagesare removed from your inbox. Other participants' copies of the conversation remain in their inboxes (the same way email works) — we can't reach into someone else's account and rewrite their history.
• Reports you filedare kept (with reporter identity hashed) for trust-and-safety records, since they describe other users' conduct.
• Blocks list is deleted.
• Backups roll out within 30 days. After that, copies of your deleted data exist only in offline archives required by law (e.g., a legal hold) or in third-party logs governed by their own retention policies.
• Legal-hold preservation — if your account is subject to an active legal hold (active subpoena, pending litigation, ongoing law-enforcement investigation), deletion is paused for the data subject to the hold. We tell you when this applies, except where the hold itself forbids it.

• Active accounts — retained until you delete them.
• Deleted accounts — see Section 11. Active database is purged immediately; backups within 30 days; legal-hold preservation indefinite while the hold lasts.
• Server logs (IP, user-agent, request paths) — up to 90 days.
• Reports — kept while the related account is active, plus a short period after account closure for trust-and-safety records (typically up to one year).
• Support tickets — kept up to two years for product feedback and follow-up.
• Cached third-party content (places, news, link previews) — see Section 2.3.
• Backups — rolling 30-day window for disaster recovery.

The Service is not intended for children under 13 and we don't knowingly collect personal information from them. If you believe a child has used the Service, let us know through support under “Safety” and we'll remove the account and delete the associated data.

For users between 13 and 17, parents or guardians can contact support to request access to or deletion of their child's account.

We use industry-standard practices: passwords are hashed and salted, traffic is HTTPS-encrypted, data is encrypted at rest in our cloud database, role-based access control limits what each part of the system can see, and admin access to user data is restricted, logged, and reviewed.

We don't publish the specific configuration, internal architecture, credential rotation schedule, backup procedures, or incident-response playbook details, because those would be a roadmap for attackers rather than useful information for users.

No system is perfect. If you spot a security issue, please report it through support under “Safety” with details before disclosing publicly. We'll work with good-faith researchers and acknowledge contributions.

If a security incident affects your data and the law requires us to notify you, we will do so without undue delay using the email address on your account.

Our infrastructure operates primarily in the United States. By using the Service, you understand your information may be stored and processed in the U.S. and other countries where our infrastructure provider operates. Where data protection law requires it, we rely on appropriate safeguards (including standard contractual clauses) for cross-border transfers.

We'll post material changes here and, when reasonable, notify you in-app or by email before they take effect — for example, before adding a new vendor, expanding a data use, or changing how anonymity works. The “Effective” date at the top of the page is the latest revision.

If you don't accept a material change, your remedy is to stop using the Service and delete your account before the change takes effect.