4. Legal Basis for Processing
In accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR), we inform you of the legal grounds on which we process your personal data. Transparency is core to our values at App Config.json; we only process data when we have a valid legal reason to do so. We process personal data only if one or more of the following applies:
Overview of Legal Bases
Performance of a Contract
Processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.
Consent
The data subject has given consent to the processing of their personal data for one or more specific purposes. Consent can be withdrawn at any time.
Legitimate Interests
Processing is necessary for the purposes of the legitimate interests pursued by App Config.json or by a third party, except where such interests are overridden by the interests or fundamental rights of the data subject.
Legal Obligation
Processing is necessary for compliance with a legal obligation to which the controller is subject under EU or Member State law.
Mapping of Processing Activities
Below you will find a detailed mapping of our specific data processing activities and the corresponding legal basis. This transparency allows you to understand exactly why your data is being processed in each context.
| Processing Activity | Purpose | Legal Basis |
|---|---|---|
| Account Registration & Login | Creating and managing user accounts, authentication, and session management. | Contract Legal Obligation |
| Configuration Management | Storing, syncing, and versioning application configuration files and metadata. | Contract |
| Billing & Invoicing | Processing payments, generating invoices, and managing subscription status. | Contract Legal Obligation |
| Customer Support | Handling support tickets, troubleshooting, and communicating with customers regarding service issues. | Contract Legitimate Interest |
| Security & Abuse Prevention | Monitoring for suspicious activity, preventing unauthorized access, and ensuring platform integrity. | Legitimate Interest Legal Obligation |
| Marketing & Newsletters | Sending product updates, promotional emails, and marketing communications. | |
| Analytics & Optimization | Anonymized usage analytics to improve platform performance and user experience. | Legitimate Interest |
| Business Transfers | Due diligence and transfer of data in the event of merger, acquisition, or bankruptcy. | Legitimate Interest Legal Obligation |
Specific Provisions
Withdrawal of Consent
Where App Config.json relies on consent as the legal basis for processing (e.g., for marketing communications), you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. You may manage your consent preferences via your Account Dashboard or by contacting our Data Protection Officer.
Legitimate Interests Assessment
Where we process data based on legitimate interests, we have conducted a Legitimate Interest Assessment (LIA) to ensure that your rights are not overridden by our interests. Our legitimate interests include:
- Ensuring the security and stability of the App Config.json platform.
- Improving our services and developing new features based on aggregated usage patterns.
- Preventing fraud and abuse of our systems.
- Complying with regulatory requirements and industry standards.
Questions About Our Legal Basis?
If you have questions about the legal basis for a specific processing activity, or if you believe the processing is unlawful, please contact our Data Protection Officer at dpo@appconfig.json.