Artisan Historic Contracting

Privacy Policy

Effective Date: January 1, 2026
Last Updated: Novenber 11, 2025

1. Overview

This Privacy Policy governs the collection, use, and protection of personal information on the website of Artisan Historic Contracting and all associated domains and subdomains. By accessing or using this website, you agree to the terms outlined herein.

2. Legal Compliance

This website complies with applicable data privacy laws, including but not limited to:

• United States Federal Laws:
  • Children’s Online Privacy Protection Act (COPPA)
  • Health Insurance Portability and Accountability Act (HIPAA) (if applicable)
  • Federal Trade Commission Act (FTC Act)
• U.S. State Laws:
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Virginia Consumer Data Protection Act (VCDPA)
  • Colorado Privacy Act (CPA)
  • Connecticut Data Privacy Act (CTDPA)
  • Utah Consumer Privacy Act (UCPA)
  • Additional state laws as enacted in 2025
• International Laws:
  • General Data Protection Regulation (GDPR) – European Union
  • UK GDPR – United Kingdom
  • PIPEDA – Canada
  • Other applicable international frameworks

3. Information Collection and Use

We may collect personal information such as name, email, IP address, and browsing behavior for the purposes of communication, analytics, and service improvement. We do not sell or share your data without consent, except as required by law.

4. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access, correct, or delete your personal data
• Opt out of data sharing or targeted advertising
• Request data portability
• File a complaint with a regulatory authority

5. Cookies and Tracking

This site uses cookies and similar technologies to enhance user experience and analyze traffic. You may manage cookie preferences through your browser settings.

6. Third-Party Links

This website may contain links to external sites. We are not responsible for the privacy practices or content of those sites.

7. Intellectual Property Notice

All content, media, and data on this website—including linked or embedded materials across all domains and subdomains—are the exclusive intellectual property of G. Ellsworth Jordan and the International Guild of Artisan & Masters Inc., unless otherwise stated. Unauthorized use, reproduction, or distribution is strictly prohibited.

8. Contact

For questions or data requests, please contact:
Artisan Historic Contracting
Email: Artisanrest@gmail.com

Phone: (951) 213-6435 8am -6pm M-F PST

PCI Compliance Policy Page Artisan Historic Contracting PCI Compliance Policy Effective Date: [Insert Date] Last Updated: [Insert Date] Artisan Historic Contracting (AHC) is committed to protecting sensitive payment information and maintaining compliance with the Payment Card Industry Data Security Standard (PCI DSS). This policy outlines the security measures we implement to safeguard cardholder data and ACH transactions.

1. Scope This policy applies to all systems, processes, and personnel involved in handling payment card data and ACH transactions within AHC·s environment.

2. Compliance Framework AHC adheres to PCI DSS requirements and SecurityMetrics validation processes, including:- Completion of the Self-Assessment Questionnaire (SAQ).- Maintenance of an Attestation of Compliance (AOC).- Regular vulnerability scans and penetration testing.- Continuous monitoring and risk assessments.

3. Strong Authentication .3 Strong authentication for users and administrators is established and managed:- Multi-factor authentication (MFA) is required for all administrative and remote access.- Unique user IDs with enforced password complexity and rotation policies.- Secure credential storage using industry-standard hashing and salting.- Regular access reviews and immediate revocation of unused accounts.

4. Encryption & Transmission Security .4 POI terminals using SSL and/or early TLS are not susceptible to known SSL/TLS exploits:- All POI terminals enforce TLS 1.2 or higher for encrypted transmissions.- SSL and early TLS are disabled unless documented compensating controls exist.- Vulnerability scans confirm no SSL/TLS weaknesses.- Vendor patches and firmware updates are applied promptly.

5. Data Protection- Cardholder and ACH data are encrypted during transmission and storage.- Access to sensitive data is restricted to authorized personnel only.- Secure deletion procedures are followed for obsolete data.

6. Monitoring & Incident Response- Continuous monitoring of authentication logs and network traffic.- Documented incident response plan aligned with PCI DSS and Nacha rules.- Immediate reporting and remediation of any suspected breach.

7. Validation & Certification- AHC maintains a PCI Compliance Certificate issued by SecurityMetrics.- Compliance evidence includes SAQ, AOC, ASV scan reports, and risk assessments.