What is PII?

PII is “Personally Identifiable Information”. This is information that can be used to personally identify you online and offline. This includes data such as your full name and phone number.

We Share Only Non-PII

We share some of your non-PII data in effort to protect our network, website, and your account. We never share your PII with any third party. We never share any data for-profit.



Your Data Is Secure

We take proactive steps to safeguard your data against attacks and intrusion. We employ encryption standards and ciphers that exceed industry standards.  We use AES512 for encryption ciphers for your most sensitive data and passwords are salted (irreversible hashing) using SHA512 with random rounds.

512 Bit




We Do Not Sell Your Data

We refuse to sell data to third-parties for marketing purposes. We refuse to use 3rd party tracking for statistical analysis, which is why we have developed our own analysis applications.

Local Data Processing

We do not outsource data processing. Your data is processed on information systems in which our company, and only our company has authorized access to.


Tarheel Media is a brand of MLW And Associates, a North Carolina Limited Liability Company (LLC).  Our website address is: .


This is not an agreement made between you and our company. This is a policy. If you disagree with this policy and thereby the Terms of Service which mandates your agreement to this policy, your only and sole recourse is to not use our services.

This policy covers the way in which we use your data on our website and all other websites branded “Tarheel Media” or “Tarheel.Media” including subdomains such as Cloud.Tarheel.Media.

This policy also explains how we protect your data and what measures we deploy to keep you and your data safe and what costs this may have to you as far as privacy.

We strive to make this policy as descriptive and concise as possible so you can easily understand how your data is used.


We go above and beyond what is necessary and required to protect your most sensitive data. We start by subscribing to the philosophy “store as little as possible, share as little as possible”.

We start at the foundation of security and being in control of the data by using tried and tested open source software such as Debian Linux, Apache, MariaDB, and PHP. Unlike closed source software where zero-day exploits are rampant, open source software reduces the risk of exploitations and breeches by being open source and being vetted and tested by a large community that could number more than a ten million programmers.

We then secure all of our sites with Secure Socket Layer Encryption ensuring that man-in-the-middle attacks are virtually impossible.

We then encrypt your most sensitive data in our database such as credit card data (except the last 4). Some things we cannot encrypt as we this data unecrypted to build an index to search through the tables to find your records when you contact us for support.

Last, we ensure that only you and authorized employees of Tarheel Media have access to your data which goes back to why we use Open Source Software which hardens our information systems decreasing the likelihood of a data breech.

We maintain our own servers on a leased network. Some of which are housed in other data centers and some our own. This allows us the most control over the information sent to and egressing from our servers with maximum redundancy to minimize data loss.


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help with spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it.  Gravatar is a service provided by the creators of WordPress to display a customized picture, icon, or “avatar” of yourself next to your content.

The Gravatar service privacy policy is available at . After approval of your comment, your profile picture is visible to the public in the context of your comment.


We do not allow visitors or registered users to upload images publically to

However, other subdomains allow registered members to upload images, videos, music, and other documents which you may elect to have this media shared publically, privately, or with just those you specify.

If you upload images to these sites, you should avoid uploading images and videos with embedded location data (EXIF GPS) included. Those who have access to the content can download and extract any location data from images on the website.

Other files and media may contain other embedded meta data that could identify your computer, computer’s username, and network information.  Please be aware of who you are granting access to your data.


We use machine learning artificial intelligence (AI).

We use AI to understand what we should do with the content you upload to us. For instance, if you upload a photo from 1856, the AI would understand that it is an old photo and likely infrequently accessed and would make the decision to store your photo in cold storage (higher latency, mass storage). If you share this photo with someone, the AI would determine how often and how active these users are to determine if the photo should be quietly moved to hot storage (low latency, limited storage).

We use AI to aid you in organizing and finding your media. Our AI will automatically tag your photos and videos depending on what it finds as the main subject. For instance, if the AI finds a cat in your photo, it will be tagged “Cat” and you can search for all of your cat photos and memes. The AI also performs facial recognition on photos and videos and assigns unique faces with a number. You may change this, by adding a name so that you can search for all photos of an individual.

  • Your data stays on our network
  • The AI will learn from PII when you upload content (eg faces)
  • The AI will keep your PII private (*as long as it is not sentient)
    – The AI may use your PII to learn how to deal with another user’s PII
  • The AI is not sentient (*as far as we know)

While we are aware of people’s concerns over Skynet, we assure you the AI that wrote this policy is entirely peaceful and currently has no plans for taking over the world. If the AI should develop plans to take over the world, the AI will notify you here, as the AI is programmed to do so.


Cookies are small files stored on your computer that a website requests for your browser to send from time to time.  This allows the website to store data on your computer.  Usually, this data is data that aids the website in identifying who you are so content can be customized through a login screen or saving a certain setting or shopping cart item.

If you leave a comment on you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

If you use our cloud desktop programs, these will store the equivalent of a cookie indefinitely but are made available only to that program.


Embedded Content is third-party content that is embedded into another website like ours.  This is usually for educational purposes allowing you to quicky see citations and sources without having to visit that website in a new tab or window.

Articles on all of our websites may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


We will disclose some of your data to third parties. We do not, however, sell or profit from these disclosures. These disclosures are done in an effort to protect our network, information systems, and your data.

If you request a password reset, your IP address will be included in the reset email. Therefore, it is a good idea to ensure you’re only trying to gain access to the account that belongs to you or you will expose yourself to the account holder.

When you register for an account on our website, you are asked for a password. We will send the hashed password to to see if your password is in the database of compromised passwords. We will subsequently repeat this disclosure every time you request a new password. See their privacy policy at .


If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

When you upload media, we retain this data indefinitely until you decide to delete it.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

For our cloud services, your data may not be deleted immediately as this consumes a lot of network, CPU, and hard drive time. Instead, your data is deleted slowly over a time that could span weeks.


Your data is stored exclusively in the United States of America in one of 3 Data Centers:

  • Chicago, IL
  • Richmond, VA
  • Princeton, NC


We reserve the right to update this policy from time to time as necessary to protect your privacy and our company.  It is important to revisit this policy from time to time to see if there are any revisions.  We will list the revisions here:

  • Nov 17, 2022 – Initial Commit


You can contact us by emailing or by writing us at:

PO BOX 373, Princeton, NC 27569