Legal
Privacy Policy
This page explains what information hexrgb.com collects when you use the site, how that information is handled, and how you can exercise your rights over it.
Summary
hexrgb.com is a free, browser-based color toolkit. The color values you type into the converter, palette generator, or contrast checker stay in your browser — they are not sent to any server. The site does use third-party services (Google Analytics for traffic measurement and Google AdSense for advertising) that set cookies and may collect technical information about your visit. Details follow.
Who runs this site
hexrgb.com is operated by the team behind hexrgb.com ("we", "us", "the site"). The data controller for the purposes of GDPR is hexrgb.com. To contact us about privacy, write to [email protected].
Data we collect
Information you provide directly
If you email us via the address on the contact page, we receive whatever you put in that email — your address, the subject, the body, and any attachments. We use it only to reply to you.
Information collected automatically
When you load any page on hexrgb.com, the following information is typically collected by us or by the third-party services we use:
- IP address (often truncated for analytics).
- Browser type, version, language, and operating system.
- Device type and screen size.
- Referring URL (the page that linked to ours).
- Pages viewed, time on page, and approximate geographic region.
- For advertising purposes: identifiers stored in cookies, and signals about ad interactions.
Information that stays in your browser
Color values you type, the URL hash that mirrors your current color, and the active state of the palette and contrast tools all live entirely in your browser. They are not uploaded to a server, written to our database, or shared with any third party.
How we use information
- To run the site — serving HTML, CSS, JavaScript, and images.
- To understand traffic — aggregate analytics about which pages are popular, which countries visitors come from, and which browsers we should keep supporting.
- To show advertising — Google AdSense uses information about your visit to select and display ads.
- To respond to your messages — when you email us.
- To detect abuse — for example, identifying scripted abuse patterns from a particular IP.
Cookies and similar technologies
The site uses cookies set by us (limited) and by third parties (mainly Google). Categories include:
- Strictly necessary — currently none required for the tools to function.
- Analytics — Google Analytics cookies (such as
_ga,_ga_*) used to measure traffic. - Advertising — Google AdSense cookies used to serve, personalise, and frequency-cap ads.
For a full breakdown and opt-out steps, see the cookie policy.
Google AdSense and personalised advertising
This site uses Google AdSense to display advertisements. Google AdSense and its partners may use cookies and similar identifiers to serve ads based on your prior visits to this and other websites. This is sometimes called "interest-based" or "personalised" advertising.
Specifically:
- Google, as a third-party vendor, uses cookies to serve ads on this site.
- Google's use of advertising cookies enables it and its partners to serve ads to you based on your visit to hexrgb.com and other sites on the internet.
- You can opt out of personalised advertising by visiting Google Ad Settings.
- You can also opt out of third-party vendors' use of cookies for personalised advertising by visiting aboutads.info or, in the EU, youronlinechoices.eu.
For Google's own description of how it uses data when you use partners' sites or apps, see Google's privacy and terms page.
Third-party services
The site relies on a small number of third parties:
- Google Analytics (Google LLC) — traffic measurement.
- Google AdSense (Google LLC) — advertising delivery.
- Hosting and CDN providers — to deliver the site's files quickly.
Each of these services has its own privacy policy. The most relevant for visitors is Google's Privacy Policy.
Legal basis (GDPR)
For visitors in the European Economic Area and the United Kingdom, the legal bases for processing are:
- Consent — for non-essential cookies, including analytics and personalised advertising, where required.
- Legitimate interests — for measuring aggregate site traffic, securing the site, and replying to your emails.
- Contract or pre-contract — for handling enquiries you initiate.
Your rights
Depending on where you live, you may have rights to:
- Access — request a copy of personal data we hold about you.
- Rectify — ask us to correct inaccurate data.
- Erase — ask us to delete data we hold about you.
- Restrict or object — limit certain types of processing.
- Portability — receive your data in a machine-readable format.
- Withdraw consent — at any time, where consent is the legal basis.
- Lodge a complaint — with your local data protection authority.
California residents have additional rights under the CCPA/CPRA, including the right to know what personal information is collected, the right to delete it, the right to correct it, and the right to opt out of the sale or sharing of personal information. We do not sell personal information for money. Where the use of advertising cookies is treated as "sharing" under the CPRA, you can opt out via the controls listed in the cookie policy.
To exercise any of these rights, email [email protected].
Children
The site is a general-audience tool and is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take steps to delete it.
Data retention
Email correspondence is kept for as long as needed to handle your enquiry and any reasonable follow-up. Analytics data is retained according to the defaults of the analytics provider (typically up to 14 months for Google Analytics 4 event data), unless changed in our settings. Advertising-related cookies follow their own provider-set lifetimes.
Security
The site is served over HTTPS. We rely on reputable hosting and analytics providers and use the security controls those services offer. No system is perfect, so we cannot guarantee absolute security; we will notify users in line with applicable law if a breach affects them.
International transfers
Some of the third-party services we use (notably Google) process data outside the EEA, UK, and other regions. Those providers rely on standard contractual clauses or equivalent safeguards as described in their own policies.
Changes to this policy
This policy may be updated to reflect changes in the site, the tools we use, or applicable law. The "Last reviewed" date at the top of the page reflects the most recent change. Material changes will be highlighted on the home page or via a notice on this page.
Contact for privacy questions
For any questions about this policy or about how your data is handled, write to [email protected].