Privacy Policy

1. Data controller

The data controller for this Service is ryfinance.xyz (“we”, “us”). For any privacy-related request, please contact us via our contact page or by writing to privacy@ryfinance.xyz. We respond to every verifiable privacy request within thirty (30) days.

2. What we collect — and what we do not

The translation tool itself processes no personal data and no formula content on our servers. All translation work happens inside your browser via vanilla JavaScript. Formulas you paste into the tool are never transmitted to us, our hosting provider, or any third party.

The Service may, however, process the following limited categories of data:

• Server access logs kept by our hosting provider for security and debugging purposes — IP address, user-agent string, requested URL, timestamp, HTTP response code. Retention: 30 days.
• Aggregated, non-identifying analytics (page-view counts, country at country-level granularity, device class). Loaded only after you grant analytics consent.
• Advertising cookies set by Google AdSense and its DoubleClick advertising network — only after you grant advertising consent through the consent banner. See section 5.
• Contact-form submissions — name, email and the body of your message, stored only for as long as required to respond to you (default 12 months).

3. Legal bases for processing

• Legitimate interest (Art. 6(1)(f) GDPR) — for security logging and fraud prevention.
• Consent (Art. 6(1)(a) GDPR; ePrivacy Directive) — for analytics cookies, advertising cookies, and any non-essential cookie or local-storage entry.
• Contract / pre-contractual measures (Art. 6(1)(b) GDPR) — for contact-form correspondence you initiate.

4. Cookies

A cookie is a small text file placed on your device by your browser at the request of a website. We classify the cookies that may be set by this Service in three categories:

• Strictly necessary cookies. Required for the site to function (e.g., remembering your consent choice). Set without prior consent on the legal basis of legitimate interest.
• Analytics cookies. Aggregate measurement of how the site is used. Set only after you opt in.
• Advertising cookies. Set by Google AdSense and DoubleClick to display contextual or personalised ads, frequency-cap ads, and measure ad performance. Set only after you opt in.

A full enumeration of cookies — names, providers, durations and purposes — is given on the Cookie Policy page.

5. Google AdSense, DoubleClick and personalised advertising

The Service may display advertising delivered by Google AdSense and the Google DoubleClick / Google Marketing Platform ad-serving network. When advertising consent is granted, Google and its certified vendors may:

• Set and read first-party and third-party cookies (including the __gads, __gpi, IDE, NID, and DSID cookies).
• Process your IP address, user-agent and approximate location for ad delivery, frequency-capping, and fraud prevention.
• Build interest-based advertising profiles using the Google Ads identifier.
• Share data with the IAB Europe TCF v2.3 vendor list partners that you have authorised in the consent banner.

Google's processing is governed by Google's own Privacy Policy, available at policies.google.com/privacy, and Google's Advertising Privacy & Terms at policies.google.com/technologies/ads. You can manage Google's use of advertising data at adssettings.google.com.

You can opt out of personalised advertising at any time by reopening the consent banner (link in the footer) and toggling the “Advertising” category off, or by using the EDAA WebChoices tool at youronlinechoices.eu.

6. TCF v2.3 consent management

The Service uses an IAB Europe Transparency & Consent Framework (TCF) v2.3 compliant Consent Management Platform (CMP). On your first visit you will see a banner listing the purposes (storage and access of information, personalised advertising, measurement, etc.) and the certified vendors that may process your data. No non-essential cookie is set, and no third-party advertising script is loaded, until you either grant or refuse consent on a per-purpose, per-vendor basis.

Your consent choice is stored in a TC string in your browser and transmitted to vendors via the standard __tcfapi interface. You can withdraw or modify consent at any time by clicking the “Cookie preferences” link in the footer of any page; the change takes effect immediately and any non-consented cookies are dropped.

7. Data transfers outside the EEA / UK

Some of the third-party services mentioned above (notably Google) transfer personal data to the United States. Such transfers are protected by the EU–U.S. Data Privacy Framework, the UK Extension to the DPF, and Standard Contractual Clauses where applicable.

8. Your rights

Under the GDPR, the UK GDPR and the CCPA / CPRA you have the right to:

• Access the personal data we hold about you;
• Request rectification of inaccurate data or erasure of data we no longer have a lawful basis to keep;
• Restrict or object to processing, including profiling for advertising;
• Receive your data in a structured, machine-readable format (data portability);
• Withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal;
• Lodge a complaint with the data protection authority of your habitual residence (e.g., the Irish DPC, the UK ICO, the French CNIL).

California residents additionally have the right to opt out of the “sale” or “sharing” of personal information. We honour the Global Privacy Control (GPC) signal automatically.

9. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we hold such data, please contact us so we can delete it.

10. Changes to this policy

We may update this policy from time to time. Material changes will be flagged on the home page and the “Last updated” date at the top of this document will be revised. Continued use of the Service after a change constitutes acceptance of the updated policy.