Privacy Policy

Effective: May 5, 2026

Jacob Tyler Creative Group (“we”, “us”, “our”) respects your privacy. This policy explains what we collect when you visit jacobtyler.com, how we use it, and the choices you have. We’ve kept it as plain-English as we can.

Questions? Email hschmitt@jacobtyler.com or les@jacobtyler.com, or call 858-922-9153.

What We Collect

You give us information when you:

  • Submit our contact form. We collect your name, company, email, phone (if provided), and your message. Submissions are stored on our servers and routed to our team by email.
  • Comment on a blog post. WordPress collects your name, email, the comment text, your IP address, and your browser’s user-agent. Comments are closed by default on most posts.
  • Log in to our Client Portal. If you’re an existing client with portal access, signing in creates standard WordPress session cookies tied to your account. We don’t enroll new portal users from the public site.

We collect automatically when you visit:

  • Standard server log data — IP address, pages loaded, referring URL, browser and device info, and timestamps. The same baseline every web server sees.
  • Analytics data via Google Analytics 4 (Google Site Kit), including pages viewed, session duration, approximate geographic region, device type, and how you arrived at the site.
  • Heatmap and behavior data via Crazy Egg, including scroll depth, clicks, and mouse movement. We use this to see which parts of the site work and which don’t.
  • Spam-protection signals from Cloudflare Turnstile when you interact with our contact form.

We do not collect payment card data, government IDs, or sensitive personal information from public site visitors. Client engagements happen offline; we don’t take payment through this site.

How We Use It

  • Respond to your inquiry. If you fill out the contact form, we use your contact info to write back, schedule a call, and follow up on the project you described.
  • Improve the site. Analytics and heatmaps help us see what’s working — which case studies people read, where they get stuck, what loads slowly.
  • Keep things working. Spam protection, security logs, and bot challenges keep our forms usable for actual humans.
  • Stay in touch about your project. If we begin a working relationship, we communicate with you about that project. We don’t add inquiries to a marketing email list.

We do not sell your personal information.

Cookies and Similar Tracking

We use a small number of cookies and identifiers:

  • _ga, _ga_* (Google Analytics) — distinguish unique visitors and sessions.
  • _ce.s, _CEFT and similar (Crazy Egg) — track scroll, click, and behavior patterns.
  • Cloudflare Turnstile tokens — verify form submissions aren’t from bots; transient.
  • WordPress session cookies (jacobtyler.com) — keep you signed in to the Client Portal; only set when you log in.
  • Comment cookies — remember your name and email if you’ve commented before, so you don’t have to retype them.

Most browsers let you block or delete cookies through their settings. Blocking analytics or behavior cookies won’t break the site — you just won’t appear in our analytics.

Third-Party Services We Use

These vendors process some of your data on our behalf or as part of their own service:

  • Google LLC — Google Analytics 4 (visitor analytics), Google Ads (linked to Analytics for audience signals), Google Site Kit. Google’s privacy policy.
  • Crazy Egg, Inc. — heatmaps, scroll tracking, click tracking. Crazy Egg’s privacy policy.
  • Cloudflare, Inc. — Turnstile bot protection on our contact form. Cloudflare’s privacy policy.
  • Adobe Inc. — Adobe Fonts (Typekit) serves the site’s web fonts. Adobe’s privacy policy.
  • YouTube (Google LLC) — vlog posts embed videos via the privacy-enhanced youtube-nocookie.com domain; YouTube is only contacted when you play an embedded video.
  • Yoast SEO — generates SEO metadata for search engines; runs on our server and doesn’t transmit visitor data off-site.

We choose vendors with reasonable privacy practices, but each has its own policy and we can’t speak for them.

Sharing and Disclosure

We share information only:

  • With the service providers listed above, as needed for them to provide their service.
  • When required by law — subpoenas, court orders, or to protect the safety of our team, our clients, or the public.
  • In the rare event of a business transition (acquisition, merger), in which case we’d notify you and the new owner would be bound by this policy.

We don’t sell, rent, or trade your personal information.

Your Rights

Depending on where you live, you have specific rights over your personal information.

California (CCPA/CPRA). You have the right to know what personal information we have, request a copy, request deletion, and opt out of “selling” or “sharing.” We don’t sell, but Google Analytics’ use of cookies for advertising audiences may qualify as “sharing” under the CCPA. To opt out, you can install Google’s Analytics Opt-Out Browser Add-on, or set a Global Privacy Control signal in your browser — we honor GPC.

EEA / UK (GDPR). You have the rights of access, rectification, erasure, restriction, portability, and objection. Our legal bases are: legitimate interests (analytics, security), your consent (where required for cookies in your jurisdiction), and the necessity of processing to respond to your inquiry.

Other US states with privacy laws (Virginia, Colorado, Connecticut, Utah, and others) — you generally have similar rights to access, correction, and deletion.

To exercise any of these rights, email us at hschmitt@jacobtyler.com or les@jacobtyler.com. We’ll respond within 45 days (CCPA) or one month (GDPR), whichever applies.

How Long We Keep Things

  • Contact form submissions — retained for up to 24 months, unless you ask us to delete sooner or unless we’re actively engaged on a project, in which case we keep them while the engagement is ongoing.
  • Comments — kept for the life of the post unless you ask for removal.
  • Server logs — rotated and aged out within 90 days.
  • Analytics data — Google Analytics 4 is configured for Google’s default retention; raw event data ages out per Google’s policy.
  • Crazy Egg data — retained per Crazy Egg’s snapshot lifecycle.

Children’s Privacy

This site is not intended for children under 13 (or 16 in the EU). We don’t knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

Security

We use HTTPS site-wide (with HSTS), keep WordPress and our plugins patched, run server-side spam and brute-force protection, and limit access to submissions to a small team. No site is invulnerable, but we take reasonable steps.

Changes to This Policy

We may update this policy as our practices evolve. The “Effective” date at the top tells you when we last revised it. If we make a material change, we’ll note it visibly on this page.

Contact Us

Jacob Tyler Creative Group
San Diego, California
Phone: 858-922-9153
Email: hschmitt@jacobtyler.com or les@jacobtyler.com

If you’d like to exercise a privacy right, please put “Privacy Request” in your subject line so we route it correctly.