KEkefinance.xyzCross-rate · transparent
Legal

Privacy Policy

What data kefinance.xyz processes, on what legal basis, and how the rules of EU GDPR, the German BDSG, CCPA/CPRA and the IAB Europe TCF v2.3 apply.

// Last updated:

1. Data controller

kefinance.xyz. Privacy correspondence: privacy@kefinance.xyz. Verifiable requests answered within 30 days per GDPR Art. 12.

2. What we collect

The currency converter processes no personal data on our servers. Amounts and currency pairs entered remain in your browser. Verifiable via DevTools → Network.

  • Server access logs (IP, user-agent, URL, timestamp, status). 30 days.
  • Aggregated analytics (page views, country, device class), opt-in.
  • Advertising cookies (Google AdSense / DoubleClick), opt-in.
  • Contact-form submissions retained for 12 months.

3. Legal bases

  • Legitimate interest (Art. 6(1)(f) GDPR) for security logging.
  • Consent (Art. 6(1)(a) GDPR; ePrivacy) for analytics, advertising.
  • Contract / pre-contractual measures (Art. 6(1)(b)) for contact-form correspondence.

4. Cookies

Three categories detailed in the cookie policy: strictly necessary, analytics (opt-in), advertising (opt-in).

5. Google AdSense, DoubleClick and personalised advertising

With advertising consent granted, Google and certified TCF v2.3 vendors may set and read __gads, __gpi, IDE, NID, DSID, and test_cookie; process IP, user-agent and approximate location for ad delivery, frequency capping and fraud prevention; build interest-based advertising profiles; and share data with TCF v2.3 vendors you authorise. Google's processing is governed by policies.google.com/privacy and policies.google.com/technologies/ads.

6. TCF v2.3 consent management

We use a TCF v2.3-compliant CMP. No non-essential cookie is set, and no third-party advertising script is loaded, until you grant or refuse consent on a per-purpose, per-vendor basis. Modify via the “Cookie preferences” footer link.

7. International transfers

Some third parties (Google) transfer personal data to the United States. Such transfers rely on the EU–U.S. Data Privacy Framework and Standard Contractual Clauses where applicable.

8. Your rights

Under GDPR, BDSG and CCPA/CPRA you may access, correct, erase, restrict, port, and withdraw consent. Lodge complaints with the BfDI (Germany) or your supervisory authority.

California residents: opt-out of “sale”/“sharing”. We honour the GPC signal.

9. Children

The Service is not directed at children under 16.

10. Changes

Material changes are flagged on the home page; the “Last updated” date reflects the most recent revision.