Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.

Last Updated: November 8, 2025

Introduction

This Privacy Policy explains how christaylor.codes ("we," "our," or "the Site") collects, uses, and protects your personal information when you visit our website. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Information We Collect

1. Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing activity:

  • Analytics Data: We use Google Analytics 4 and Cloudflare Web Analytics to collect:
    • Browser type and version
    • Operating system
    • Referring website
    • Pages visited and time spent
    • Approximate geographic location (city/country level)
    • Device type (desktop, mobile, tablet)
  • IP Address: Your IP address is anonymized by Google Analytics and not stored in an identifiable form.

2. Information You Provide

We may collect information you voluntarily provide when you:

  • Submit a contact form (name, email address, message content)
  • Subscribe to our newsletter (if applicable)
  • Leave comments on blog posts (if applicable)

How We Use Your Information

We use the collected information for the following purposes:

  • Website Analytics: To understand how visitors use our site, improve content, and enhance user experience
  • Performance Monitoring: To track site performance, identify issues, and optimize load times
  • Communication: To respond to your inquiries when you contact us
  • Security: To detect, prevent, and address technical issues or fraudulent activity

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Third-Party Services

Our website uses the following third-party services that may collect and process your data:

Google Analytics 4

  • Purpose: Website analytics and visitor behavior tracking
  • Data Collected: Browser info, device type, pages visited, session duration, geographic location
  • Privacy Features: IP anonymization enabled, no advertising features enabled
  • Privacy Policy: Google Privacy Policy
  • Opt-Out: Google Analytics Opt-out Browser Add-on

Cloudflare Web Analytics

  • Purpose: Privacy-friendly website analytics and CDN services
  • Data Collected: Page views, referring sites, browser type (cookieless tracking)
  • Privacy Features: No cookies, no cross-site tracking, GDPR compliant by default
  • Privacy Policy: Cloudflare Privacy Policy

Cloudflare CDN

  • Purpose: Content delivery, security, and DDoS protection
  • Data Collected: IP address, request headers, cached content
  • Privacy Policy: Cloudflare Privacy Policy

Formspree (Contact Form)

  • Purpose: Contact form submissions
  • Data Collected: Name, email address, message content you provide
  • Privacy Policy: Formspree Privacy Policy

GitHub Pages (Hosting)

  • Purpose: Website hosting
  • Data Collected: IP address, request logs (retained by GitHub)
  • Privacy Policy: GitHub Privacy Statement

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies:

Essential Cookies

These cookies are necessary for the website to function and cannot be disabled:

  • Cookie Consent Preferences: Stores your cookie consent choices

Analytics Cookies (Optional)

These cookies help us understand how visitors use our website. You can opt out via the cookie consent banner:

  • _ga: Google Analytics - Distinguishes unique visitors (Expires: 2 years)
  • _ga_*: Google Analytics - Stores session information (Expires: 2 years)
  • _gid: Google Analytics - Distinguishes users (Expires: 24 hours)

Managing Cookies

You can control cookies through:

  • The cookie consent banner that appears on your first visit
  • Your browser settings (may affect site functionality)
  • Google Analytics Opt-out Add-on (link provided above)

Data Retention

  • Analytics Data: Google Analytics retains user-level data for 14 months, aggregate data indefinitely
  • Contact Form Submissions: Retained for as long as necessary to respond to your inquiry, then deleted
  • Server Logs: Cloudflare and GitHub retain logs according to their data retention policies (typically 30-90 days)

Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Request limitation of processing of your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us at: [email protected]

Your Rights (CCPA - California Residents)

If you are a California resident, you have the following rights under CCPA:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of your personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your privacy rights

To exercise these rights, please contact us at: [email protected]

Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • HTTPS Encryption: All data transmitted between your browser and our site is encrypted using SSL/TLS
  • Cloudflare Security: DDoS protection, Web Application Firewall (WAF), and bot management
  • Content Security Policy: Prevents XSS attacks and unauthorized code injection
  • Regular Security Audits: Automated security scanning via Aikido Security
  • IP Anonymization: Analytics data anonymizes IP addresses

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

Children's Privacy

Our website is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence, including the United States, where data protection laws may differ. When we transfer data, we ensure appropriate safeguards are in place to protect your information.

Do Not Track Signals

Our website respects Do Not Track (DNT) signals. If your browser sends a DNT signal, we will not track your activity using Google Analytics.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Displaying a prominent notice on our website (for material changes)

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer

For GDPR-related inquiries, you may contact our data protection point of contact at: [email protected]

This privacy policy is effective as of November 8, 2025 and governs your use of christaylor.codes.