Privacy Policy

Effective Date: May 1, 2026
Last Updated: May 1, 2026

The North Carolina Association of County Veteran Service Officers ("NCACVSO," "we," "us," or "our") operates the website located at https://www.ncacvso.com (the "Site"). This Privacy Policy describes the types of personal information we collect through the Site, how we use and protect that information, with whom we share it, and the choices available to you regarding our use of your information.

By accessing or using the Site, you acknowledge that you have read and understand this Privacy Policy. If you do not agree with the practices described here, please do not use the Site.

1. Who We Are

NCACVSO is a nonprofit professional association serving County Veteran Service Officers across North Carolina. Our website provides public information about veteran services, a searchable directory of county VSO offices, and a members-only portal for registered county membership holders.

Contact Information:
NCACVSO
104 E Main St
Franklin, NC 28734
Email: info@ncacvso.com
Phone: (828) 349-2151

2. Information We Collect

2.1 Information You Provide Directly

When you interact with the Site, we may collect personal information that you voluntarily provide, including:

Membership Registration. When a county applies for NCACVSO membership, we collect the primary contact's full name, email address, phone number, mailing address, county name, and office name. If staff members are included in the application, we collect their full names and email addresses. We also collect the selected payment method (credit card or check).

User Accounts. When a membership is processed, we create a user account on the Site. Account information includes your name, email address (used as your login identifier), and an encrypted password that you set through a secure link. We also store your designated role within your county membership (primary contact or staff member), your county affiliation, job title (if provided), and billing address information.

Conference Registration. When you register for the NCACVSO Annual Conference, we collect your name, county affiliation, payment method, and the names and email addresses of any guests you register for conference events such as the banquet or mixer.

Guest Payment Information. If a conference guest is sent a payment link, we collect the guest's name and email address. Guests are not required to create an account to complete payment.

Continuing Education (CEU) Credits. We maintain records of CEU credits awarded to members, including the training date, event name, number of credit hours, notes, and the name of the individual who awarded the credits.

Directory Listings. Primary contacts may update their county's public directory listing, which may include the office name, address, phone number, email address, hours of operation, and other contact details. This information is displayed publicly in our Find a Service Officer directory.

Forum Posts. If you participate in the NCACVSO member forum, we collect the content of your posts and any associated metadata.

Communications. If you contact us by email or through the Site, we retain the content of your communications along with your email address and any other information you provide.

2.2 Information Collected Automatically

Log Data. Our web server automatically records certain information when you visit the Site, including your Internet Protocol (IP) address, browser type and version, the pages you visit, the date and time of your visit, and the referring URL.

Cookies and Similar Technologies. We use cookies and similar technologies as described in Section 5 of this policy.

2.3 Payment Information

We do not store credit card numbers, CVV codes, or other sensitive payment card data on our servers. All credit card transactions are processed through Stripe, Inc., a PCI-DSS compliant third-party payment processor. When you make a payment by credit card, your card information is transmitted directly to Stripe and is subject to Stripe's Privacy Policy. We receive only a transaction confirmation, the last four digits of your card, and the payment amount from Stripe.

If you choose to pay by check, we record the check number and date when payment is processed by our administrative staff.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

Membership Administration. To process membership applications, create and manage user accounts, track membership status and expiration dates, process renewals, manage staff rosters, and maintain county membership records.

Conference Management. To process conference registrations, manage guest registrations and payments, send payment links to guests, and track attendance.

Communications. To send you transactional emails related to your membership, including welcome emails, password setup links, activation notices, renewal reminders, conference registration confirmations, guest payment links and reminders, and administrative notifications such as role transfers.

CEU Tracking. To record and display continuing education credits earned by members.

Directory Services. To maintain and display the public VSO office directory so that veterans and their families can locate county veteran service officers.

Billing and Payments. To process payments, generate invoices, and maintain financial records for membership dues, conference registrations, and guest fees.

Site Operations. To operate and maintain the Site, monitor and improve site performance, troubleshoot technical issues, and ensure the security of user accounts.

Administrative Reporting. To generate internal reports on membership activity, conference registrations, and CEU credit summaries for organizational administration.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share your information in the following circumstances:

Within Your County. Your county's primary contact (County Admin) can view the names, email addresses, and roles of all staff members linked to their county membership. If the County Admin role is transferred, the new admin will have the same access.

Public Directory. If your county maintains a listing in our VSO directory, the office contact information (not individual member personal data) is publicly visible to help veterans locate services.

Conference Guests. When a member registers a guest for a conference event, the member's name is shared with the guest in the payment link email so the guest knows who registered them.

Service Providers. We use the following third-party service providers who may process your personal information on our behalf:

Stripe, Inc. processes credit card payments. Stripe Privacy Policy
Web Hosting Provider. Our Site is hosted on a private server managed by our web development agency. Server access is restricted to authorized administrative personnel.
WordPress and WooCommerce. Our Site runs on WordPress with WooCommerce for order management. These platforms process data on our server and are not transmitted to Automattic unless you interact with features governed by their policies (such as Gravatar for comment avatars). Automattic Privacy Policy

Legal Requirements. We may disclose your information if required to do so by law, court order, or governmental regulation, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of NCACVSO, our members, or the public.

Organizational Transfers. In the unlikely event that NCACVSO merges with or transfers its operations to another organization, member data may be transferred as part of that transaction. You would be notified of any such change.

5. Cookies

Cookies are small text files stored on your device when you visit a website. We use the following types of cookies:

Essential Cookies. These cookies are necessary for the Site to function and cannot be disabled. They include:

WordPress session cookies that maintain your login state
WooCommerce cookies that manage your cart and payment session
Security cookies, including CSRF (cross-site request forgery) protection tokens
A temporary cookie set on the login page to determine if your browser accepts cookies (discarded when you close your browser)

Functionality Cookies. These cookies remember your preferences and login information:

Login cookies that last for two days (or two weeks if you select "Remember Me")
Screen display preference cookies that last for one year

Performance Cookies. Our server caching system (LiteSpeed Cache) may set cookies to optimize page loading performance. These cookies do not track personal information. All logged-in users are excluded from page caching to ensure they see current, personalized content.

We do not use advertising cookies, analytics tracking cookies, or third-party marketing cookies.

6. Data Retention

Membership Records. We retain your membership data, including county membership records, user account information, order history, and payment records, for as long as your membership remains active and for a reasonable period afterward to fulfill our record-keeping obligations and to allow for membership renewal. County membership records include the county name, membership status, start and end dates, staff count, and associated order information.

User Accounts. Active user accounts are maintained for the duration of your county's membership. If a staff member is removed from a county roster, the County Admin may choose to archive the account (preserving all data including CEU credits and forum history), retain the account as a basic subscriber, or unlink the account from the county. Archived accounts are retained with all associated data preserved.

CEU Credit Records. Continuing education credit records are retained indefinitely to provide members with a permanent record of their professional development.

Conference and Order Records. Conference registration records and WooCommerce order records (including invoices) are retained indefinitely for organizational record-keeping and financial reporting purposes.

Forum Content. Forum posts and associated metadata are retained for as long as the forum remains active.

Server Logs. Web server access logs are retained in accordance with our hosting provider's standard retention schedule and are periodically purged.

Transient Data. Certain temporary data, such as pending guest registration details and pending staff additions, is stored for a limited period (typically 24 hours to 30 days) and is automatically deleted after the associated transaction is completed or the storage period expires.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

All data transmitted between your browser and our Site is encrypted using SSL/TLS (HTTPS)
User passwords are stored using WordPress's standard one-way hashing algorithm and are never stored in plain text
Password reset links expire after 24 hours
Administrative access to the Site is restricted to authorized personnel
Server access is managed through a private hosting environment with restricted access controls
WooCommerce order screens are configured to limit the display of sensitive customer information
All logged-in users are excluded from page caching to prevent the display of another user's data
Session management controls are in place to maintain secure authentication

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your data.

8. Your Rights and Choices

Access and Correction. If you have an account on the Site, you can view and update certain personal information through the Members Area. Primary contacts can view and manage staff rosters for their county. You may contact us at info@ncacvso.com to request access to or correction of any personal information we hold about you.

Data Export. You may request a copy of the personal data we hold about you by contacting us at the email address above.

Deletion. You may request that we delete your personal data by contacting us. Please note that we may need to retain certain information for legitimate record-keeping purposes, to complete pending transactions, or as required by law. Deletion of your account data will result in loss of access to member services, CEU credit history, and forum participation records.

Email Communications. Transactional emails related to your membership (such as activation notices, renewal reminders, and password reset links) are essential to the operation of your account and cannot be opted out of while your membership is active. These communications are not marketing emails.

Password Management. You may reset your password at any time using the "Lost your password?" link on the login page. Primary contacts and site administrators may also trigger a password reset email on your behalf.

9. Third-Party Links and Embedded Content

The Site may contain links to third-party websites or embed content from external sources (such as videos, images, or documents). Embedded content from other websites behaves in the same manner as if you had visited the other website directly. These external websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction if you have an account and are logged in to that website.

We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any external sites you visit.

10. Children's Privacy

The Site is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at info@ncacvso.com.

11. Comments

When visitors leave comments on the Site, we collect the data shown in the comments form, the visitor's IP address, and browser user agent string to help with spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to determine if you are using it. The Gravatar service privacy policy is available at https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you leave a comment, the comment and its metadata are retained indefinitely so that we can recognize and approve follow-up comments automatically rather than holding them in a moderation queue. If you leave a comment, you may opt in to saving your name, email address, and website in cookies for your convenience. These cookies last for one year.

12. Media

If you upload images to the Site, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the Site may be able to download and extract any location data from images on the Site.

13. Password Resets

If you request a password reset, your IP address will be included in the reset email sent to your registered email address.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15. Contact Us

If you have questions or concerns about this Privacy Policy, our data practices, or your personal information, please contact us:

NCACVSO
104 E Main St
Franklin, NC 28734
Email: info@ncacvso.com
Phone: (828) 349-2151

This Privacy Policy was last updated on May 1, 2026.