Privacy Policy

Effective June 12, 2026

This Privacy Policy describes how TiffinOhio.net and its parent company, NorthStar Civic Media LLC (“we”, “us”, or “our”) collects, uses, and discloses information about you when you use our website (“Site”).

---

Table of Contents

1. Information We Collect
2. How We Use Your Information
3. Information Sharing
4. Your Choices
5. Data Security
6. External Links
7. Accounts, Payments, and Children’s Data
8. Cookies and Tracking Technologies
9. Third-Party Tools
10. United States State Privacy Rights
11. Illinois Notice (BIPA)
12. Data Retention
13. Managing Your Membership and Billing Choices
14. Changes to This Policy
15. Contact Us

---

Information We Collect

We collect information that you provide directly to us and certain information that is collected automatically when you use our Site.

• Contact information you provide (for example, your name and email address) when you submit our contact form or manage your newsletter subscription.
• Message content you submit through the contact form.
• Newsletter preferences you submit (subscribe/unsubscribe and optional reason for unsubscribing).

Information collected automatically may include:

• IP address and approximate location (city/country level).
• Browser and device information (e.g., user agent, operating system).
• Pages viewed and referring/exit pages.
• Date/time stamps and interaction data (e.g., clicks, scroll depth) for diagnostics and usability.
• Site search queries. When you type into our site search bar, we may record the text you enter (after a short delay, and only when the query is at least two characters) even if you do not press Enter. Search queries are sent to our analytics providers (PostHog and Microsoft Clarity) and to Meta for advertising measurement, as described below.
• Article and advertising events. On article pages, we may send page-view and content-view signals to Meta (including article slug and page title). Newsletter sign-ups and contact-form submissions may also generate Meta conversion events.

We currently use Google Analytics, PostHog for website analytics and event measurement, Microsoft Clarity for session analytics, Meta Pixel and Meta Conversions API for advertising measurement, Comscore/ScorecardResearch for audience measurement, Open-Meteo for weather data served to your browser, and Cloudflare services for security and performance. See Third-Party Tools below for details and links to their privacy documentation.

How We Use Your Information

We may use the information we collect for various purposes, including to:

• Provide and improve our services.

• Communicate with you about your account or our services.

• Operate our contact and newsletter features (including security verification via CAPTCHA).

• Analyze and improve Site performance, content, and usability.

• Respond to your inquiries and provide customer support.

• Personalize and tailor your experience on our Site.

• Analyze usage trends and improve the quality of our Site.

• Measure advertising performance, attribute conversions, and build audiences through partners such as Meta.

Information Sharing

We share information with service providers who help us operate the Site (for example, email delivery, security verification, hosting/CDN, analytics, and advertising measurement). These providers are authorized to use your information to provide services to us and must protect it as required by applicable law and our agreements. This includes sharing site-usage and conversion data (such as page views, article views, and search queries) with Meta for advertising measurement through the Meta Pixel and Conversions API.

We may also share your information in the following circumstances:

• With your consent.

• When required by law or to protect our rights or the rights of others.

• In connection with a merger, acquisition, or sale of assets.

Your Choices

You may choose to opt-out of receiving promotional communications from us by following the instructions provided in such communications. Please note that even if you opt-out, we may still send you non-promotional communications, such as those related to your account or orders.

Data Security

We take reasonable measures to protect the information we collect from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

External Links

Our Site may contain links to third-party websites and tools. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites or tools you use.

Accounts, Payments, and Children’s Data

• We do not offer on-site user accounts. If you become a paying member or make a one-time contribution, a customer record is created and managed by our payment processors, Stripe and AutoBooks. You do not need a separate account on our Site to support us.
• We accept payments for monthly memberships and one-time contributions. Payments are processed securely by Stripe and AutoBooks; your payment card information is transmitted directly to these payment processors and does not pass through or get stored on our servers.
• From our payment processors, we receive limited billing details needed for receipts and support (for example: name, email, billing address, the last four digits of a card, card brand and expiration month/year, and transaction identifiers). We use this information to issue receipts, manage recurring billing, assist with customer support, and comply with accounting and legal requirements.
• You can manage your Stripe-based membership (update card, change plan, cancel) through our self-service customer portal operated by Stripe. A link to the portal is available on /support-us/.
• Our services are intended for a general audience and are not directed to children under 13. Individuals must be 18 or older to purchase a membership or make a contribution. If you believe we have collected personal information from a child under 13, please contact us and we will delete it.

Cookies and Tracking Technologies

We use limited cookies and similar technologies to support analytics and essential Site functionality:

• Google Analytics is loaded using Google’s gtag.js (served from Google Tag Manager). Google may set cookies or use similar storage as described in Google’s documentation. We use analytics to understand aggregate usage and improve the Site.
• PostHog helps us measure site traffic, approximate IP-derived location, and selected user interactions through a first-party analytics endpoint on our domain. We configure PostHog without automatic click capture or session recording, and use it for pageview and explicit event analytics (including site search queries typed into the search bar—recorded after you pause typing for about one second or when you press Enter, for queries of at least two characters; optional article listen-audio usage such as opening the player, play/pause, and approximate listening progress; article republish tool usage such as opening the modal, switching HTML/plain-text tabs, and copying republish snippets; related-article clicks in the article footer and exit-intent recommendation modal; and when subscribed readers are shown the exit-intent “You may also like” recommendations).
• Meta Pixel (Meta/Facebook) loads on our Site to measure advertising performance and build audiences. Meta may set cookies or use similar storage. We send Meta standard events including PageView (all pages), ViewContent (when you open an article), Search (when you search the Site, including the search text), and Subscribe (newsletter sign-ups, for browser-side deduplication). Selected events (ViewContent and Search) are also forwarded from our server to Meta through the Meta Conversions API (/api/meta-events) using your IP address, browser identifiers, page URL, and event metadata. This server-side forwarding helps Meta receive more complete measurement when browser-based tracking is blocked. Meta may use this data for ad delivery, measurement, attribution, and audience building according to Meta’s policies. You can learn about Meta’s practices and opt-out choices at https://www.facebook.com/privacy/policy/ and https://www.facebook.com/settings?tab=ads.
• Microsoft Clarity helps us understand how visitors use the Site through session replays, heatmaps, and interaction analytics. Clarity may use cookies or similar storage to distinguish browsers and sessions. We mirror selected explicit interaction events (the same categories described for PostHog above) into Clarity for filtering and analysis. Clarity retains recordings for approximately 30 days. Microsoft may use aggregated behavioral data to improve its products. We mask newsletter and gate email fields in Clarity recordings.
• Comscore/ScorecardResearch helps us measure audience size and traffic patterns. Comscore may collect information about visits to our pages, including device and browser information, referrer information, IP-derived location, and identifiers or cookies where permitted. We configure the Comscore tag with first-party cookies disabled.
• Cloudflare Web Analytics helps us measure page views and real-user performance metrics. We load its browser beacon manually.
• Cloudflare may collect limited technical information (such as IP address) to provide security and performance services.

Your choices:

• You can manage cookies through your browser settings.
• You can install the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout.
• We do not treat legacy Do Not Track (DNT) signals as an analytics opt-out because DNT does not have a uniform legal or technical standard in the United States.

Third-Party Tools

We currently use or embed the following services. Their privacy practices are governed by their own policies:

1. Google Analytics (website analytics) – See Google: https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy; Google Analytics terms: https://marketingplatform.google.com/about/analytics/terms/us/.

2. PostHog (website analytics, approximate IP-derived location, event measurement, and Core Web Vitals performance metrics such as LCP, INP, CLS, and FCP) – See PostHog Privacy Policy: https://posthog.com/privacy and PostHog data privacy documentation: https://posthog.com/docs/privacy.

3. Microsoft Clarity (session replay, heatmaps, and behavioral interaction analytics) – See Microsoft Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement and Clarity FAQ: https://learn.microsoft.com/en-us/clarity/faq.

4. Comscore/ScorecardResearch (audience measurement and traffic analytics) – See Comscore Privacy Policy: https://www.comscore.com/About/Privacy-Policy and Comscore privacy choices: https://www.comscore.com/About/Privacy-Policy/Privacy-Choices.

5. Cloudflare Web Analytics (pageview and real-user performance analytics) – See Cloudflare Privacy Policy: https://www.cloudflare.com/privacypolicy/ and Cloudflare Web Analytics docs: https://developers.cloudflare.com/web-analytics/.

6. Cloudflare Turnstile (spam and abuse prevention CAPTCHA) – See Cloudflare Privacy Policy: https://www.cloudflare.com/privacypolicy/ and Turnstile docs: https://developers.cloudflare.com/turnstile/.

7. Cloudflare (hosting/CDN and security) – See Cloudflare Privacy Policy: https://www.cloudflare.com/privacypolicy/.

8. Vote.org (embedded voter tools on certain pages) – See Vote.org Privacy Policy: https://www.vote.org/privacy/.

9. Stripe (payment processing for monthly memberships) – See Stripe Privacy Policy: https://stripe.com/privacy and Stripe Security: https://stripe.com/docs/security.

10. AutoBooks (payment processing for one-time contributions) – See AutoBooks Privacy Policy: https://www.autobooks.co/privacy-policy and AutoBooks Terms of Use: https://www.autobooks.co/autobooks-terms-of-use-and-end-user-license-agreement.

11. Spotify (embedded podcast players) – When you play embedded podcasts, Spotify may collect information about your interaction with the player. See Spotify Privacy Policy: https://www.spotify.com/us/legal/privacy-policy/.

12. Meta Pixel and Meta Conversions API (Meta/Facebook advertising measurement) – We use Meta’s Pixel on our Site to measure ad performance and send conversion events (including page views, article views, site searches, and newsletter sign-ups). Selected events are also sent server-side to Meta through the Conversions API. Meta may use cookies, pixels, and device identifiers to collect information about your activity on our Site and elsewhere for measurement, attribution, retargeting, and audience building. See Meta Privacy Policy: https://www.facebook.com/privacy/policy/ and Meta ad preferences: https://www.facebook.com/settings?tab=ads.

13. Meta/Facebook (embedded video players) – When you view embedded videos from Meta platforms, Meta may additionally collect information about your interaction with the player. See Meta Privacy Policy: https://www.facebook.com/privacy/policy/.

14. Open-Meteo (weather data) – Our weather features (header weather, weather pages, and location search) fetch forecast and geocoding data directly from Open-Meteo’s APIs (api.open-meteo.com and geocoding-api.open-meteo.com) in your browser. Because these requests originate from your device, Open-Meteo receives your IP address and technical connection data. Open-Meteo states that such information may be logged for up to approximately 90 days. See Open-Meteo Terms of Use: https://open-meteo.com/en/terms and Open-Meteo documentation: https://open-meteo.com/.

United States State Privacy Rights

Depending on where you live, you may have certain rights over your personal information under U.S. state privacy laws (for example, in California, Colorado, Connecticut, Utah, Virginia, and other states with similar laws). Subject to verification and applicable exceptions, these may include the right to:

• Access/know the categories and specific pieces of personal information we have collected about you.
• Correct inaccurate personal information.
• Delete personal information.
• Obtain a portable copy of your personal information.
• Opt out of the sale or sharing of personal information and of targeted advertising. We do not sell personal information for monetary consideration. We do use third-party advertising and analytics tools—including Meta Pixel—that may collect or receive information about your activity on our Site for ad measurement, attribution, and audience building. Depending on your state, this may constitute “sharing” for cross-context behavioral advertising. You may opt out by adjusting Meta ad settings (https://www.facebook.com/settings?tab=ads), using browser privacy controls or ad blockers, and emailing us at info@tiffinohio.net with the subject line “Privacy Request.”
• Limit the use and disclosure of certain sensitive personal information (we do not collect sensitive categories such as precise geolocation, health, or biometric data).

How to exercise your rights:

• Email us at info@tiffinohio.net with the subject line “Privacy Request,” and tell us which right(s) you wish to exercise and the state in which you reside.
• We will verify your request using reasonable methods based on the information available to us. You may use an authorized agent where permitted by law.
• If we deny your request, you may appeal by replying to our response with “Appeal.” If your appeal is denied, you may contact your state attorney general.

Non-discrimination: We will not discriminate against you for exercising your privacy rights.

Ohio and Illinois:

• Ohio: We provide the rights and disclosures above to Ohio residents to the extent required by applicable law.
• Illinois: We comply with Illinois law. See the Illinois notice below regarding biometric information.

Illinois Notice (BIPA)

We do not collect, use, or store biometric identifiers or biometric information as defined by the Illinois Biometric Information Privacy Act (BIPA). If that changes, we will first provide written notice, obtain informed written consent, disclose the purpose and retention schedule, and implement a publicly available retention and destruction policy consistent with BIPA.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, including for security, legal, tax, or accounting requirements. Membership and transaction records may be retained for the period required by applicable law and our financial recordkeeping obligations. When we no longer need personal information, we take reasonable steps to delete, de-identify, or anonymize it.

Managing Your Membership and Billing Choices

• For monthly memberships processed through Stripe: Access the customer portal to update payment methods, view invoices, change plans, or cancel your membership. You can find the portal link on /support-us/.
• For one-time contributions processed through AutoBooks: Transaction receipts and records are managed by AutoBooks according to their policies.
• You may also contact us at info@tiffinohio.net for billing support. For your security, we may direct you to complete sensitive updates through the appropriate payment processor’s portal.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on this page.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at info@tiffinohio.net.

You can also reach us via the contact form on our Site at /contact-us/.