GDPR Compliance
Last Updated: October 1, 2025
1. Introduction
Random Number Generator is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR), which applies to individuals in the European Economic Area (EEA), United Kingdom, and Switzerland.
This page explains your rights under the GDPR and how we fulfill our obligations as a data controller.
2. Data Controller Information
Data Controller: Random Number Generator
Website: randomnumbergenerator.co
Contact Email: [email protected]
We are the data controller responsible for your personal data collected through our website.
3. Personal Data We Process
3.1 Data We Collect
We collect minimal personal data from visitors to our website:
- Usage Data: Pages visited, time spent, browser interactions
- Technical Data: IP address, browser type, device type, operating system
- Analytics Data: Information collected through Google Analytics cookies
- Cookie Preferences: Your consent choices for cookies
3.2 Data We Do NOT Collect
We do NOT collect:
- Names or personal identification information
- Email addresses (unless you contact us)
- Random numbers you generate (they stay in your browser)
- Financial or payment information
- Precise geolocation data
3.3 Client-Side Processing
Important: All random number generation occurs locally in your web browser. We do not transmit, store, or have access to any numbers you generate. This data processing happens entirely on your device and is not subject to our data collection.
4. Legal Basis for Processing
Under GDPR Article 6, we process your personal data based on the following legal grounds:
4.1 Legitimate Interests (Article 6(1)(f))
- Website Analytics: Understanding how visitors use our site to improve services
- Technical Functionality: Ensuring the website operates correctly
- Security: Protecting against fraud, abuse, and technical issues
4.2 Consent (Article 6(1)(a))
- Analytics Cookies: We obtain your explicit consent before placing analytics cookies
- Cookie Preferences: You can withdraw consent at any time through our cookie banner
4.3 Legal Obligation (Article 6(1)(c))
- Compliance with legal requirements and regulations
- Responding to lawful requests from authorities
5. Your GDPR Rights
As a data subject under the GDPR, you have the following rights:
5.1 Right to Access (Article 15)
You have the right to request confirmation of whether we process your personal data and obtain a copy of your data.
How to exercise: Email [email protected] with subject "GDPR Access Request"
Response time: Within 30 days
5.2 Right to Rectification (Article 16)
You have the right to request correction of inaccurate or incomplete personal data.
How to exercise: Email [email protected] with subject "GDPR Rectification Request"
Response time: Within 30 days
5.3 Right to Erasure / "Right to be Forgotten" (Article 17)
You have the right to request deletion of your personal data under certain circumstances.
How to exercise: Email [email protected] with subject "GDPR Erasure Request"
Response time: Within 30 days
Note: We may need to retain certain data to comply with legal obligations
5.4 Right to Restrict Processing (Article 18)
You have the right to request limitation of how we process your personal data in certain situations.
How to exercise: Email [email protected] with subject "GDPR Restriction Request"
Response time: Within 30 days
5.5 Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
How to exercise: Email [email protected] with subject "GDPR Portability Request"
Response time: Within 30 days
Format: JSON or CSV
5.6 Right to Object (Article 21)
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
How to exercise: Email [email protected] with subject "GDPR Objection"
Response time: Within 30 days
5.7 Right to Withdraw Consent (Article 7(3))
You have the right to withdraw consent for data processing at any time where we rely on consent as the legal basis.
How to exercise: Adjust cookie preferences through our cookie banner or email [email protected]
Effect: Immediate upon withdrawal
5.8 Right to Lodge a Complaint (Article 77)
You have the right to lodge a complaint with a supervisory authority if you believe we have violated your rights under the GDPR.
EU Supervisory Authorities: Find your local authority at European Data Protection Board
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
| Data Type | Retention Period | Reason |
|---|---|---|
| Analytics Data | 26 months | Google Analytics default, GDPR compliant |
| Cookie Consent | 365 days | Remember user preferences |
| Server Logs | 90 days | Security and technical troubleshooting |
7. International Data Transfers
Some of the personal data we collect may be transferred to and stored in countries outside the EEA, particularly the United States, where our third-party service providers (such as Google) operate.
7.1 Transfer Safeguards
When transferring data outside the EEA, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses: Approved by the European Commission
- Adequacy Decisions: Transfers to countries with adequate data protection (where applicable)
- Privacy Shield Alternatives: Google's data transfer frameworks
7.2 Third-Party Processors
| Service | Location | Safeguards |
|---|---|---|
| Google Analytics | United States | Standard Contractual Clauses, Data Processing Amendment |
| Google Tag Manager | United States | Standard Contractual Clauses |
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption: HTTPS/TLS encryption for data in transit
- Access Controls: Limited access to personal data on a need-to-know basis
- Regular Security Reviews: Ongoing assessment of security measures
- Incident Response: Procedures to detect, report, and respond to data breaches
9. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware (Article 33)
- Notify affected individuals without undue delay if the breach poses a high risk (Article 34)
- Document all data breaches, including facts, effects, and remedial actions
10. Children's Privacy
Our service is not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent, as required by GDPR Article 8.
If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete such information promptly.
11. Automated Decision-Making and Profiling
We do NOT engage in automated decision-making or profiling that produces legal effects or significantly affects you.
Our use of Google Analytics for statistical purposes does not constitute automated decision-making under GDPR Article 22.
12. How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us:
Email: [email protected]
Include in your request:
- Your full name (if applicable)
- Description of your request and the right you wish to exercise
- Any relevant details to help us locate your data
Response Timeline
We will respond to your request within 30 days. If we need more time, we will inform you and explain the reason for the delay. In complex cases, we may extend the response time by up to 60 additional days (90 days total).
Verification
To protect your privacy, we may need to verify your identity before processing your request. We will not charge a fee for processing valid requests unless they are manifestly unfounded, excessive, or repetitive.
13. Updates to This Page
We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We will post the updated version with a new "Last Updated" date.
14. Contact Information
For questions about GDPR compliance or to exercise your rights:
- Email: [email protected]
- Website: randomnumbergenerator.co