RI rifinance.xyz See compound interest do its work
Legal

Privacy Policy

This document describes what data is processed by rifinance.xyz (the “Service”) and on what legal basis. It complies with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, the California Consumer Privacy Act (CCPA / CPRA), and the IAB Europe Transparency & Consent Framework (TCF) v2.3.

Last updated:

1. Data controller

The data controller for this Service is rifinance.xyz (“we”, “us”). For privacy-related correspondence please use privacy@rifinance.xyz or the contact page. Verifiable privacy requests receive a response within thirty (30) days.

2. What we collect — and what we do not

The compound interest calculator processes no personal data and no input values on our servers. Every figure you enter remains in your browser. We do not log it, transmit it, or store it. You can verify this by opening DevTools → Network and observing the absence of outbound requests as you type.

The Service may, however, process the following limited categories of data:

  • Server access logs kept by our hosting provider for security and diagnostics — IP address, user-agent, requested URL, timestamp, HTTP status code. Retention: 30 days.
  • Aggregated analytics (page-view counts, country-level geography, device class). Loaded only after you grant analytics consent.
  • Advertising cookies set by Google AdSense and the Google DoubleClick advertising network — only after you grant advertising consent.
  • Contact-form submissions (name, email, message body) retained only as long as required to respond, default 12 months.

3. Legal bases for processing

  • Legitimate interest (Art. 6(1)(f) GDPR) for security logging.
  • Consent (Art. 6(1)(a) GDPR; ePrivacy Directive) for analytics, advertising, and any non-essential cookie.
  • Contract / pre-contractual measures (Art. 6(1)(b) GDPR) for contact-form correspondence.

4. Cookies

We use three categories of cookies and similar storage technologies. The cookie policy lists each individual cookie with its provider, purpose, and retention period.

  • Strictly necessary — required for the site to function (consent state, anti-CSRF). Set without prior consent on the legal basis of legitimate interest.
  • Analytics — aggregated measurement, set only after opt-in.
  • Advertising — Google AdSense and DoubleClick cookies for ad delivery, frequency capping, and personalisation. Set only after opt-in.

5. Google AdSense, DoubleClick and personalised advertising

The Service may display advertising delivered by Google AdSense and the Google DoubleClick / Google Marketing Platform. With advertising consent granted, Google and its certified vendors may:

  • Set and read first-party and third-party cookies including __gads, __gpi, IDE, NID, DSID, and test_cookie.
  • Process your IP address, user-agent, and approximate location for ad delivery, frequency capping, and fraud prevention.
  • Build interest-based advertising profiles using the Google Ads identifier.
  • Share data with the IAB Europe TCF v2.3 vendor partners you have authorised in the consent banner.

Google's processing is governed by Google's own privacy policy (policies.google.com/privacy) and Advertising Privacy & Terms (policies.google.com/technologies/ads). Manage Google's use of advertising data at adssettings.google.com.

You can opt out of personalised advertising at any time by re-opening the consent banner via the “Cookie preferences” link in the footer, or use the EDAA WebChoices tool at youronlinechoices.eu.

6. TCF v2.3 consent management

The Service uses an IAB Europe Transparency & Consent Framework (TCF) v2.3 compliant Consent Management Platform (CMP). On your first visit you see a banner listing the data-processing purposes (storage and access of information, personalised advertising, measurement, etc.) and the certified vendors that may process your data. No non-essential cookie is set, and no third-party advertising script is loaded, until you grant or refuse consent on a per-purpose, per-vendor basis. Your consent string is stored locally in your browser and made available to vendors via the standard __tcfapi interface. Withdraw or modify your consent at any time via the footer link.

7. International transfers

Some third parties (notably Google) may transfer personal data to the United States. Such transfers rely on the EU–U.S. Data Privacy Framework, the UK Extension, and Standard Contractual Clauses where applicable.

8. Your rights

Under the GDPR, the UK GDPR, and the CCPA/CPRA you have the right to:

  • Access the personal data we hold about you;
  • Request correction or erasure;
  • Restrict or object to processing, including profiling for advertising;
  • Receive your data in a machine-readable format (portability);
  • Withdraw consent at any time;
  • Lodge a complaint with the data protection authority of your habitual residence.

California residents may opt out of the “sale” or “sharing” of personal information. We honour the Global Privacy Control (GPC) signal automatically: if your browser sends a GPC header, we treat it as a CCPA opt-out and suppress advertising cookies for the session.

9. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we hold such data, please contact us so we can delete it.

10. Changes to this policy

We may update this policy from time to time. Material changes will be flagged on the home page; the “Last updated” date above always reflects the most recent substantive revision.