Cookie Policy - The Closet Rehab

1. What Are Cookies?

Cookies are small text files that a website stores on your device (computer, tablet, or phone) when you visit. They are widely used to make websites work, remember your preferences, and provide information to the owners of the site. Cookies set by the website you are visiting are called “first-party cookies.” Cookies set by other websites are called “third-party cookies.”

2. How We Use Cookies

We use the cookies necessary to run the website plus a small number of analytics and advertising-measurement cookies that help us understand how visitors found us and which pages are useful. We do not sell your personal information.

Under the CCPA opt-out model we use, analytics, advertising, and conversion-measurement cookies all load by default. When you first visit our site you will see a brief, dismissible notice pointing you to this policy and to your opt-out options. You can opt out of analytics and advertising cookies at any time via the Do Not Sell or Share My Personal Information link, and browsers sending the Global Privacy Control (GPC) signal are auto-opted-out before any optional cookie is read.

3. Categories of Cookies We Use

Strictly Necessary Cookies

These cookies are required for the website to function. They cannot be switched off in our systems. They do not store any personally identifiable information.

Name	Purpose	Duration	Provider
`cookie_consent`	Stores your cookie preferences so the banner does not reappear on every page.	12 months	The Closet Rehab (first-party)
`__cf_bm`	Cloudflare bot-management cookie. Distinguishes humans from automated bots to protect the site from abuse.	30 minutes	Cloudflare (first-party via theclosetrehab.com)

Analytics Cookies (load by default — CCPA opt-out)

These cookies help us measure how visitors use the website so we can improve it. All analytics data is aggregated and de-identified. IP addresses are anonymized before storage.

Name	Purpose	Duration	Provider
`_ga`	Distinguishes unique visitors so we can count sessions.	2 years	Google Analytics 4 (G-DYBWH1P9LC)
`_ga_DYBWH1P9LC`	Maintains session state for Google Analytics 4.	2 years	Google Analytics 4 (G-DYBWH1P9LC)

Advertising & Conversion-Measurement Cookies (load by default — CCPA opt-out)

These cookies help us measure how our paid advertising performs and attribute form submissions or phone calls to the advertising channel that drove them. We use Google Ads remarketing to show our own ads to past visitors across Google's advertising network (YouTube, Search, Display). We do not share or sell your personal information to third parties for independent marketing.

Name / Family	Purpose	Duration	Provider
`_gcl_*`, `_gcl_aw`, `_gcl_au`	Google Ads click identifiers used to attribute a form submission or call to a specific paid-search click. Conversion measurement only.	Up to 90 days	Google Ads (AW-17789865483)
`_fbp`	Meta (Facebook) Pixel browser identifier used to measure conversions from our Meta ads.	90 days	Meta (Facebook)
`wc_visitor`	WhatConverts persistent visitor identifier. Used to attribute later calls or form submissions back to the original visit.	~13 months	Topshelf Advertising via WhatConverts profile 166854, served through Stape infrastructure (`s.ksrndkehqnwntyxlhgto.com`, `iconnode.com`)
`wc_client`	WhatConverts attribution context for this visitor (initial source, medium, referrer, landing page).	~6 months	Topshelf Advertising via WhatConverts profile 166854, served through Stape infrastructure
`wc_client_current`	WhatConverts current-visit attribution context (refreshes per session).	Session	Topshelf Advertising via WhatConverts profile 166854, served through Stape infrastructure
`wc_swap`	WhatConverts dynamic phone-number swap state for this visitor (which tracked number is currently displayed).	Rolling, per-visit	Topshelf Advertising via WhatConverts profile 166854, served through Stape infrastructure
`$wc_leads` (browser global, not a cookie)	In-page JavaScript context captured at page load (URL, referrer, query string, hash) used by the WhatConverts script to enrich attribution.	Page lifetime only	Topshelf Advertising via WhatConverts profile 166854
`calltrk_session_id`	CallRail call-tracking session identifier. Used to attribute incoming phone calls to the visitor session that placed them.	Session	CallRail (call tracking & dynamic number replacement)
`calltrk_referrer`	CallRail referrer attribution — captures the page or source that referred you so a later phone call can be tied back to its marketing channel.	Up to 12 months	CallRail
`calltrk_landing`	CallRail landing-page attribution — the first page of your visit, so call attribution maps back to the entry point of the session.	Up to 12 months	CallRail
`calltrk_fcid`	CallRail first-click identifier — persistent visitor ID used to dedupe repeat callers and tie repeat calls to the original visit context.	Up to 12 months	CallRail
Google Tag Manager container state	Loads and orchestrates the tags listed above. Sets no cookies on its own.	N/A	Google Tag Manager (containers GTM-KDKJXVL7 and GTM-W2PFGM2C)

Server-Side Conversion Forwarding

In addition to the browser-side cookies above, we operate a server-side tagging pipeline hosted at Stape.io, reached through s.ksrndkehqnwntyxlhgto.com, bvlxavhr.use.stape.io, and shared Stape/Iconnode hosts such as iconnode.com. When you submit a form or place a tracked call, the pipeline forwards a minimal set of conversion parameters (hashed email, first-party cookies, event name) to Google Ads (Enhanced Conversions) and to Meta’s Conversions API so we can measure campaign effectiveness even when browser cookies are unavailable. Server-side forwarding only runs for events you actively initiate on our site and respects the Global Privacy Control signal and any explicit opt-out you have made via the Do Not Sell or Share link. Form-submission data is also delivered to our customer-relationship system (Idea Forge Studios CRM) so our design team can follow up, and transactional emails are sent via SendGrid.

4. Managing Your Preferences

You have several ways to control cookies:

On this website — click at any time to review and change your choices.
In your browser — most browsers let you block or delete cookies. Look for the “Privacy” or “Security” section of your browser settings. Blocking all cookies may prevent some websites from working correctly.
Do Not Track / Global Privacy Control — we honor the Global Privacy Control (GPC) signal. If your browser sends GPC, we treat it as a request to opt out of the sale or sharing of personal information, even though we do not sell personal information.
Formal CCPA/CPRA opt-out — see our Do Not Sell or Share My Personal Information page.

5. Google Consent Mode v2 & Meta Consent

We use Google Consent Mode v2 under the US CCPA opt-out posture. All seven Consent Mode signals (ad_storage, ad_user_data, ad_personalization, analytics_storage, functionality_storage, personalization_storage, security_storage) are granted by default. When you opt out — either by sending the Global Privacy Control header, or by using the Do Not Sell or Share My Personal Information button — the advertising, analytics, and personalization-related signals (ad_storage, ad_user_data, ad_personalization, analytics_storage, personalization_storage) are downgraded to denied. We keep functionality_storage and security_storage granted so the site continues to function and to honor your opt-out choice on subsequent page loads. The Meta Pixel honors the same opt-out signals. You can change your choice at any time using the “Enable analytics and advertising cookies again” button on the privacy page or by clearing the cookie_consent cookie in your browser.

6. Updates to This Policy

If we change the cookies or tracking vendors we use, we will update this page and revise the “Last updated” date above. For significant changes we will re-surface the cookie banner so you can review and re-confirm your choices.

7. Contact

Questions about this Cookie Policy? Contact us at design@theclosetrehab.com or 704-604-3870.