GDPR Compliance

This page explains how client-side processing supports GDPR-aligned data handling.

  1. No personal data is collected or stored by the service.
  2. Your files stay on your device during conversion.
  3. You retain full control over any data you process.

1. GDPR Compliance Statement

JSON/CSV Converter is designed to be fully compliant with the General Data Protection Regulation (GDPR) because we do not collect, process, or store any personal data. This page explains how our service aligns with GDPR principles.

2. Personal Data Processing

We do not:

  • Collect personal data from users
  • Process personal data on our servers
  • Store personal data in any database
  • Share personal data with third parties
  • Use personal data for marketing or profiling

3. Your Data Rights Under GDPR

GDPR grants you the following rights regarding personal data:

  • Right to Access: Request access to personal data held about you
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of personal data
  • Right to Restrict Processing: Limit how data is processed
  • Right to Data Portability: Receive data in a portable format
  • Right to Object: Object to processing of personal data

Since we do not collect personal data, these rights do not apply to our service. However, any personal data you choose to process with the Converter belongs entirely to you.

4. Client-Side Processing

All data conversion operations occur 100% in your browser. This means:

  • Your files never leave your device
  • Your data is not transmitted to our servers
  • We cannot access, view, or process your data
  • You retain full ownership and control of your data

5. Local Storage & Cookies

The Converter uses only essential storage:

  • localStorage: Stores your column templates and conversion history locally in your browser
  • Cookies: No tracking cookies or persistent identifiers
  • All storage is under your control and can be cleared anytime

6. Data Processing Agreement

Since we do not process personal data, a formal Data Processing Agreement (DPA) is not required under GDPR. However, if you process personal data through our Converter, you:

  • Remain the Data Controller
  • Are responsible for compliance with GDPR
  • Must ensure you have legal basis to process the data
  • Should keep records of your processing activities

7. Sensitive Data (Special Categories)

GDPR protects sensitive personal data including health, biometric, genetic, and racial data. The Converter can process any data type, but YOU are responsible for:

  • Ensuring proper legal basis for processing sensitive data
  • Obtaining necessary consent from data subjects
  • Protecting this data appropriately
  • Complying with all GDPR requirements

8. Data Breach Notification

Since we do not store or process personal data on our servers, data breaches cannot occur on our end. However, you should:

  • Protect your device and browser security
  • Keep sensitive data encrypted when not in use
  • Clear your browser cache after processing sensitive data

9. International Data Transfers

Since all processing is client-side in your browser, no international data transfers occur. Your data never leaves your device.

10. Third-Party Services

The Converter does not integrate with third-party services that process your data. We do not use analytics, tracking, or advertising services.

Related policies

For privacy and storage details, see our Privacy Policy and Cookie Policy.

11. Your GDPR Responsibilities

As a user, when processing personal data through the Converter:

  • You are the Data Controller
  • You must have a legal basis for processing
  • You should keep privacy notices updated
  • You are responsible for security and compliance
  • You must respond to data subject requests

12. Contact & Questions

If you have questions about GDPR compliance or our privacy practices, please contact us via our contact form.

Authored by: JSON CSV Converter

Last updated: February 15, 2026