Privacy Policy
1. Who we are
This site is operated by LIMEN HELIX Transformational Sciences LLC, doing business as All Access KC ("All Access KC", "we", "us", "our"). You can reach us at info@allaccesskc.com.
2. What we collect
We try to collect as little as possible. Here is everything we collect, what each piece is used for, and how long we keep it.
Payment information (via Stripe)
When you purchase the $5 visitor guide, payment is processed by Stripe. Stripe collects your card details, billing postal code, and email address. We do not see or store your card details. Stripe shares a unique session ID with us so we can confirm your purchase and unlock the guide on your device.
Server logs (via Vercel)
Our hosting provider, Vercel, logs standard web request data: your IP address, browser user agent, the page you requested, the page that referred you, and the date and time. Vercel uses these logs for security and operational purposes. We may access them when investigating abuse or outages. They are typically retained by Vercel for approximately 30 days.
Browser localStorage
Once you have purchased the guide, your browser stores a Stripe session ID in localStorage on your device. This is what unlocks the guide for future visits without making you pay again. localStorage also caches your language preference and translated text strings so language switches are instant on repeat visits.
localStorage lives only in your browser. We have no way to read it remotely. Clearing your browser data removes it, which will lock the guide on that device until you re-enter your purchase receipt (see the Refund Policy for the underlying mechanics).
Translation requests (via Google Translate)
If you select a non-English language, your browser sends visible page text to Google's translation API and displays the result. We do not see what you translate; Google may log the request per their privacy policy.
Email you send us
If you email us at info@allaccesskc.com, we receive your email address and the contents of your message. We use this to reply and to help with bookings or refunds. We do not add you to any marketing list.
3. What we do not collect
- We do not use tracking cookies, web beacons, or browser fingerprinting.
- We do not use Google Analytics, Facebook Pixel, or any other third-party analytics tool, as of the date of this policy. If we ever add one, we will update this policy first and link to the relevant third-party privacy terms.
- We do not require you to create an account, sign up for a newsletter, or provide your real name to use the guide.
- We do not collect precise geolocation. We do not access your camera, microphone, or contacts.
- We do not sell, rent, or trade any of the limited data we do collect.
4. Who we share data with
We share the minimum necessary data with three service providers, each of which is contractually bound to use it only for the service they provide to us:
- Stripe — payment processing
- Vercel — site hosting and server logs
- Google Translate — on-demand translation, only when you select a non-English language
We will not share your data with any other party except as required by law (for example, in response to a valid legal process from US law enforcement).
5. Your rights
You have the right to:
- Know what we have collected about you (this entire policy summarizes it)
- Access any specific records — email us with your Stripe session ID or purchase receipt
- Request deletion of any records associated with your purchase — email us
- Withdraw consent by clearing your browser's localStorage for this site and not returning
California residents (CCPA / CPRA)
We do not sell personal information, share it for cross-context behavioral advertising, or use it for targeted advertising. You have the same rights of access and deletion described above. To exercise them, email us at info@allaccesskc.com.
European residents (GDPR)
Our legal basis for processing payment data is the performance of a contract (delivering the guide you paid for). Our legal basis for processing minimal server logs is our legitimate interest in operating a secure site. You have the right to access, rectify, erase, restrict, or port your data, and to lodge a complaint with your local data protection authority.
6. Children
This site is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please email us and we will delete it.
7. International data transfers
Our hosting, payment, and translation providers operate primarily in the United States. If you use this site from outside the United States, your data may be transferred to, and processed in, the United States. By using this site, you consent to this transfer.
8. Changes to this policy
We may update this policy from time to time. We will revise the "Last updated" date at the top. Material changes will be flagged with a notice on this page.
9. Contact
Questions or requests: info@allaccesskc.com.