Privacy Policy
Effective Date: July 26, 2025
📋 Table of Contents
- 1. Information We Collect
- 2. How We Use Information
- 3. Legal Basis for Data Processing (GDPR)
- 4. Google Analytics & Cookies
- 5. Newsletter & Communication
- 6. Data Security
- 7. Your Rights (GDPR)
- 8. Data Retention
- 9. International Data Transfer
- 10. Children's Rights
- 11. Policy Changes
- 12. Contact & DPO
1. Information We Collect
1.1 Data We DO NOT Collect
VIN NESIA JSON Beautifier is designed with the principle of Privacy by Design. We explicitly DO NOT collect:
- Personal Data: Name, address, phone number, or other personal identifiers
- JSON Files: All files you upload or text you enter
- Sensitive Content: Any business data, configurations, or confidential information
- Credentials: Passwords, tokens, or authentication information
- Biometric Data: Fingerprints, facial recognition, or other biometric data
1.2 Data We Collect (Minimal & Anonymous)
📊 Google Analytics (Only with Consent):
| Type of Data | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Visit Statistics | Website performance analysis | Consent | 26 months |
| Browser & OS Type | Compatibility optimization | Consent | 26 months |
| Geographical Location (Country/City) | Regional content customization | Consent | 26 months |
| Visit Duration | User engagement analysis | Consent | 26 months |
1.3 Newsletter (Optional)
If you subscribe to the newsletter:
- Email Address: To send updates and programming tips
- Timestamp Subscription: To manage subscriber list
- Preferences: Type of content you are interested in (if any)
2. How We Use Information
2.1 Client-Side Processing
🔐 100% Local Processing: All JSON operations (beautify, validate, minify) are performed entirely in your browser. Your files or data:
- ✅ Never leave your device
- ✅ Are not sent to our servers or third parties
- ✅ Are not stored in a database
- ✅ Are lost when you close or refresh the page
2.2 Use of Analytics Data
Analytics data (only if you consent) is used for:
- Service Improvement: Understanding the most useful features
- Performance Optimization: Identifying and fixing technical issues
- Feature Development: Planning new features based on user needs
- Security: Detecting suspicious activity or misuse
3. Legal Basis for Data Processing (GDPR)
Our Legal Basis
- Consent (Art. 6(1)(a) GDPR): For Google Analytics and newsletter
- Legitimate Interest (Art. 6(1)(f) GDPR): For website security and prevention of misuse
- Contract Performance (Art. 6(1)(b) GDPR): To provide the JSON Beautifier service
4. Google Analytics & Cookies
4.1 Google Analytics 4 (GA4)
We use Google Analytics 4 with Consent Mode which ensures:
- Data is only collected after you give explicit consent
- IP Addresses are anonymized (cannot be identified)
- Sensitive demographic data is not collected
- You can withdraw consent at any time
4.2 Types of Cookies
🍪 Cookies We Use:
| Cookie Name | Purpose | Duration | Required |
|---|---|---|---|
| vinnesia_cookie_consent | Stores your cookie preferences | 1 year | Yes |
| _ga | Google Analytics - Unique user identification | 2 years | No |
| _ga_* | Google Analytics - Session data | 2 years | No |
4.3 Managing Cookies
You can manage cookies through:
- Cookie Banner: Choose preferences when first visiting the site
- Cookie Settings: Change preferences anytime via the footer
- Browser Settings: Block or delete cookies through browser settings
- Google Analytics Opt-out: Install browser add-on
5. Newsletter & Communication
5.1 Newsletter Subscription
If you subscribe to our newsletter:
- Double Opt-in: Confirmation via email before adding to list
- Full Control: Unsubscribe anytime with one click
- Frequency: Maximum 1 email per week, no spam
- Content: Programming tips, tool updates, and technology articles
5.2 Transactional Communication
We may send emails for:
- Subscription/unsubscription confirmation
- Important security notifications
- Significant privacy policy updates
6. Data Security
6.1 Technical Security Measures
- 🔒 HTTPS/TLS Encryption: All communication is encrypted end-to-end
- 🛡️ Content Security Policy (CSP): Protection from XSS attacks
- 🔐 Client-Side Processing: Data is never sent to the server
- ⚡ Memory Management: Data is automatically cleared from browser memory
- 🚫 No Backend Storage: No database or server storage
6.2 Organizational Security Measures
- Access Control: Limited access only to authorized personnel
- Regular Security Audits: Periodic security checks
- Incident Response Plan: Response procedures in case of security incidents
- Staff Training: Security and privacy training for the team
7. Your Rights (GDPR)
🇪🇺 Your Rights Under GDPR
7.1 Right of Access
You have the right to know what personal data we process about you.
7.2 Right of Rectification
You have the right to request correction of inaccurate or incomplete data.
7.3 Right to Erasure / "Right to be Forgotten"
You have the right to request the deletion of your personal data under certain conditions.
7.4 Right to Restriction of Processing
You have the right to request restriction of data processing in certain situations.
7.5 Right to Data Portability
You have the right to receive your personal data in a structured, machine-readable format.
7.6 Right to Object
You have the right to object to the processing of personal data for certain purposes.
7.7 Rights Related to Automated Decision-Making
We do not use automated decision-making or profiling.
Send an email to privacy@vinnesia.my.id with the subject "GDPR Request" and include:
- Type of right you wish to exercise
- Information that allows us to identify you
- Reason for the request (if required)
8. Data Retention
8.1 Retention Period
| Type of Data | Retention Period | Reason |
|---|---|---|
| Uploaded JSON Files | 0 days (Not stored) | Client-side processing |
| Google Analytics Data | 26 months | Google Analytics Standard |
| Newsletter Email | Until unsubscribe + 30 days | Compliance and anti-spam |
| Cookie Preferences | 12 months | Remembering user choices |
8.2 Automatic Deletion
Data will be automatically deleted after the retention period expires or if you:
- Decline analytics cookies
- Unsubscribe from the newsletter
- Request deletion through GDPR rights
9. International Data Transfer
9.1 Google Analytics
Analytics data may be transferred to Google servers outside Indonesia/EU. Google has:
- Adequacy Decision: EU-US Data Privacy Framework
- Standard Contractual Clauses (SCCs): Legal protection for data transfer
- Additional Safeguards: Encryption and pseudonymization
9.2 Newsletter Service
Email newsletters may be processed through providers located in:
- Indonesia (primary server)
- Singapore (backup and CDN)
- Europe (GDPR compliance)
10. Children's Rights
👶 Child Protection
Minimum Age: This service is not specifically aimed at children under 16 years old (13 years in some jurisdictions).
10.1 If You Are Under 16 Years Old:
- Please ask for parental/guardian permission before using the service
- Do not subscribe to the newsletter without parental consent
- Parents can contact us to delete children's data
10.2 For Parents:
If you believe your child has provided personal information, please contact us immediately at privacy@vinnesia.my.id
11. Policy Changes
11.1 Notification of Changes
We will notify you about material changes through:
- Website Banner: Notification on the main page
- Email Notification: If you subscribe to the newsletter
- Updated Date: The "Last Updated" date at the top
11.2 Material Changes
For significant changes, we will:
- Provide 30 days prior notice
- Request re-consent if necessary
- Provide an option to decline changes
12. Contact & Data Protection Officer
📧 Contact Information
Data Controller:
VIN NESIA
Website: www.vinnesia.my.id
Location: Indonesia
Data Protection Officer (DPO):
Email: privacy@vinnesia.my.id
Subject Line: "Privacy Inquiry" or "GDPR Request"
General Contact:
Admin: admin@vinnesia.my.id
Support: support@vinnesia.my.id
Supervisory Authority:
If you are not satisfied with our response, you can complain to:
- Indonesia: Ministry of Communication and Information Technology
- EU: Data Protection Authority in your country
- UK: Information Commissioner's Office (ICO)
⚡ Our Commitment
VIN NESIA is committed to:
- ✅ Always maintaining transparency in data processing
- ✅ Implementing Privacy by Design principles
- ✅ Complying with all applicable privacy regulations
- ✅ Providing full control to users over their data
- ✅ Never selling or renting personal data
🛡️ Thank you for trusting VIN NESIA JSON Beautifier!
Your privacy is our top priority. If you have any questions or concerns about this privacy policy, please do not hesitate to contact us.
This document is available in:
🇮🇩 Indonesian | 🇬🇧 English (coming soon) | 🇪🇸 Español (coming soon)