Privacy Policy & Cookie Policy
Effective Date: March 27, 2026 · Last Updated: March 27, 2026
yellowHEAD, Inc. (“yellowHEAD,” “we,” “us,” or “our”) is committed to protecting your privacy. This page explains how we collect, use, and safeguard your personal information when you visit yellowhead.com, and describes our use of cookies and similar tracking technologies. By using our website, you agree to the practices described here.
This policy applies to all visitors, clients, and partners who interact with yellowhead.com. It should be read alongside any notices we provide at the point of data collection, such as on contact or sign-up forms.
1. Who We Are
yellowHEAD, Inc. is a digital performance marketing agency headquartered at 109 N 12th Street, 9th Floor, Brooklyn, NY 11249, United States. We operate yellowhead.com and offer services including App Store Optimization (ASO), Search Engine Optimization (SEO), Generative Engine Optimization (GEO), Paid User Acquisition, Creative Studio, and Programmatic Advertising.
yellowHEAD is the data controller responsible for the personal data collected through this website.
Email: [email protected]
Address: 109 N 12th Street, 9th Floor, Brooklyn, NY 11249, USA
Website: yellowhead.com
2. Information We Collect
2.1 Information You Provide Directly
When you interact with our website, you may voluntarily provide us with personal information, including:
– Email address (via contact forms, demo requests, or newsletter sign-up)
– Name and company name
– Message content submitted through inquiry or contact forms
– Account credentials if you register via our partner portal at partners.yellowhead.com
Where we collect your data through forms, we display a link to this policy and, where required by law, a consent checkbox. By submitting a form, you acknowledge that you have read this policy.
2.2 Information Collected Automatically
When you visit our website, we automatically collect technical and behavioral data using cookies and tracking tools, including:
– IP address and approximate geographic location
– Browser type, version, and device information
– Operating system
– Pages visited, time spent on each page, and navigation paths
– Referring URLs and exit pages
– Links clicked and scroll activity
We may collect and analyze information about your interactions with our website, including pages viewed, links clicked, scroll activity, and time spent on specific pages, to improve our services, optimize performance, and enhance user experience.
2.3 Information from Third-Party Services
We use third-party analytics and tracking platforms that collect data on our behalf, including Google Analytics and Google Tag Manager (GTM). Third-party social media integrations (such as sharing buttons or embedded content) may also collect data on their own behalf, subject to their respective privacy policies.
3. How the Data Is Collected
We gather personal data in three ways:
– Direct input: When you actively provide your information by filling out a form, requesting a demo, or signing up for communications.
– Automated collection: Via cookies, tracking pixels, and analytics tools that operate as you browse our website. See Part II — Cookie Policy for full details.
– Third-party services: Platforms such as Google Analytics, Google Tag Manager, and advertising networks may collect data on our behalf when you interact with our website.
4. Why the Data Is Collected (Purpose of Processing)
Data collection is always tied to a specific purpose. We only retain your data until those purposes are fulfilled, or as long as legally required. We use the information we collect for the following purposes:
– Service provision: To respond to inquiries, process requests, and deliver the services or information you have asked for.
– Personalization: To tailor content, recommendations, and communications based on your preferences and interactions with us.
– Marketing: To send newsletters, promotional emails, or marketing communications, but only where you have provided consent or where we have a legitimate interest permitted by law.
– Analytics: To analyze website traffic, user behavior, and performance metrics in order to improve our website, content, and services.
– Optimization: To optimize page content, ad performance, and user journeys based on behavioral and event tracking data.
– Security: To maintain the security, integrity, and functionality of our website.
– Legal compliance: To meet applicable legal and regulatory obligations.
5. How the Data Is Shared (Third Parties)
We do not sell your personal data. We may share your information in the following circumstances:
– Service providers: Technology partners and vendors who help operate our website and deliver our services (e.g., Google, CRM platforms, email marketing tools). These parties act as data processors under appropriate data processing agreements and are not permitted to use your data for their own purposes.
– Analytics and advertising platforms: Data is shared with platforms such as Google Analytics, Google Ads, and Meta to measure website performance and campaign effectiveness. See Part II for details.
– Social media integrations: Third parties (e.g., LinkedIn, Facebook) may collect data through widgets or integrations when you interact with embedded content on our site.
– Legal or regulatory authorities: When required by law, court order, or to protect our legal rights.
– Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to a successor entity under equivalent privacy protections.
6. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases as required by the GDPR:
– Consent: For analytics cookies, marketing emails, and behavioral tracking, where you have given explicit and freely given consent.
– Legitimate interests: For website security and performance analytics, where our interests do not override your fundamental rights.
– Contract performance: Where processing is necessary to fulfill a service agreement or pre-contractual request.
– Legal obligation: Where processing is required to comply with applicable law.
Where consent is the legal basis, you have the right to withdraw it at any time without affecting the lawfulness of prior processing.
7. Data Retention
We retain your personal data only as long as necessary to fulfill the specific purposes for which it was collected, or as required by law. Once the purpose is fulfilled, data is deleted or anonymized:
– Contact form submissions: Up to 24 months from the date of submission
– Newsletter and email subscriptions: Until you unsubscribe or withdraw consent
– Analytics data: In accordance with platform default settings (typically 14–26 months for Google Analytics)
– Account data: For the duration of your active account, plus a reasonable period thereafter for legal and support purposes
8. Your Rights
Depending on your location, you have the following rights regarding your personal data. To exercise any of them, please contact us at [email protected]. We will respond to verified requests within 30 days.
Under GDPR (EEA & UK users)
– Access: Request a copy of the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure (Right to be Forgotten): Request deletion of your personal data, subject to legal obligations.
– Restriction of processing: Request that we limit how we process your data in certain circumstances.
– Portability: Request your data in a structured, machine-readable format, or have it transferred to another controller where technically feasible.
– Objection: Object to processing based on legitimate interests or for direct marketing.
– Withdraw consent: Where processing is consent-based, you may withdraw at any time.
Under CCPA (California residents)
– Know: The right to know what categories of personal information we collect, use, and disclose.
– Delete: Request deletion of your personal information, subject to certain exceptions.
– Opt out of sale: We do not sell personal information. If this changes, we will update this policy and provide an opt-out mechanism.
– Non-discrimination: We will not discriminate against you for exercising your CCPA rights.
Under LGPD (Brazilian users)
– Brazilian residents have rights under the Lei Geral de Proteção de Dados (LGPD) broadly equivalent to GDPR rights, including access, correction, deletion, portability, and the right to information about third-party sharing.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction, including:
– Encrypted data transmission using HTTPS/TLS protocols
– Role-based access controls limiting who can access personal data
– Regular security reviews and vulnerability assessments
– Data processing agreements with all third-party service providers
No method of internet transmission is completely secure. In the event of a data breach that affects your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.
10. International Data Transfers
yellowHEAD operates globally, with offices in the US, Spain, Italy, Israel, Poland, Ukraine, and Argentina. If you are located outside the United States, your personal data may be transferred to and processed in the US or other countries where our offices or service providers operate.
When transferring data from the EEA or UK to countries not deemed adequate by the European Commission, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs). For more information, contact us at [email protected].
11. Children’s Privacy
Our website is not directed at children under the age of 16 (or 13 in the United States, as defined under the Children’s Online Privacy Protection Act, COPPA). We do not knowingly collect, solicit, or process personal data from children.
If a parent or guardian believes their child has provided personal information to us without appropriate consent, please contact us immediately at [email protected] and we will promptly delete such data from our records.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations. When we do, we will:
– Update the “Last Updated” date at the top of this page
– Post the updated policy on yellowhead.com
– Where required by law or where changes are material, notify you directly via email or a prominent notice on our website
Continued use of our website after any changes have been posted constitutes your acknowledgment of the updated policy.
13. What Are Cookies?
Cookies are small text files placed on your device by a website when you visit it. They allow the website to remember your actions and preferences over time. Cookies can be:
– Session cookies: Temporary files deleted when you close your browser.
– Persistent cookies: Files that remain on your device for a set period or until manually deleted.
– First-party cookies: Set directly by yellowhead.com.
– Third-party cookies: Set by external services operating on our pages (e.g., Google, Meta).
14. How We Use Cookies
yellowhead.com uses cookies and similar tracking technologies for the following purposes:
– To enable essential website functionality and secure login
– To remember and honor your consent preferences
– To collect analytics data about how visitors use our website (pages visited, session duration, traffic sources)
– To measure and analyze website performance and key performance indicators (KPIs)
– To track user behavior and interactions via Google Tag Manager (GTM) and associated tags, including event tracking, scroll depth, and click tracking
– To serve and measure the effectiveness of advertising campaigns
– To enable social media sharing and other third-party integrations
15. Cookie Categories
Our website uses the following categories of cookies, managed through CookieYes — our consent management platform. When you first visit yellowhead.com, the CookieYes banner presents you with the option to accept, reject, or customize your preferences by category.
| Cookie Category | Purpose | Duration | Provider |
| Necessary | Essential site functionality, secure login, consent preferences | Session / Persistent | First-party |
| Functional | Social sharing, feedback collection, third-party integrations | Persistent | Various |
| Analytics | Visitor metrics, traffic sources, bounce rate | Up to 2 years | Google Analytics |
| Performance | KPI analysis, behavioral event tracking via Google Tag Manager | Persistent | Google Tag Manager |
| Advertisement | Personalized ads, ad campaign effectiveness | Persistent | Google Ads, Meta |
| Uncategorized | Cookies under analysis, not yet classified | Varies | Under review |
Google Tag Manager (GTM) is used to deploy and manage tracking tags on our website, including Google Analytics, conversion tracking pixels, and behavioral event tags. GTM itself does not collect personal data directly, but the tags it fires may do so based on your consent preferences.
16. Managing Your Cookie Preferences
16.1 CookieYes Consent Banner
When you first visit yellowhead.com, the CookieYes consent banner allows you to select which categories of cookies you accept. You can update your preferences at any time by clicking the cookie settings link in the footer of our website.
16.2 Browser Settings
You can also control or delete cookies through your browser settings:
– Google Chrome: Settings > Privacy and security > Cookies and other site data
– Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
– Safari: Preferences > Privacy > Manage Website Data
– Microsoft Edge: Settings > Cookies and site permissions
Disabling certain cookies — especially Necessary cookies — may affect website functionality and your user experience. Rejecting optional cookies does not prevent you from accessing our content.
17. Third-Party Cookies and Privacy Policies
Some cookies on our website are placed by third-party services. These parties operate under their own privacy policies, which we encourage you to review:
– Google Analytics & Google Tag Manager: policies.google.com/privacy
– Google Ads: policies.google.com/privacy
– Meta (Facebook / Instagram): facebook.com/privacy/policy
– LinkedIn: linkedin.com/legal/privacy-policy
– CookieYes (consent management): cookieyes.com/privacy-policy
18. Do Not Track (DNT)
Some browsers include a “Do Not Track” (DNT) signal. Our website does not currently respond to DNT signals, as there is no consistent industry standard for doing so. You can manage your tracking preferences directly through the CookieYes consent banner described in Section 16.
19. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or Cookie Policy, please reach out:
yellowHEAD, Inc.
109 N 12th Street, 9th Floor, Brooklyn, NY 11249, United States
Email: [email protected]
Website: yellowhead.com