Legitimate Interest Assessment (LIA)
Last updated: 2026-04-20
Kefiw relies on Article 6(1)(f) GDPR — legitimate interest as the lawful basis for three narrowly scoped processing activities declared under the IAB Europe Transparency & Consent Framework v2.3. This page publishes the balancing test required by the TCF Policies and by EDPB guidelines, in purpose-by-purpose form.
Kefiw does not rely on legitimate interest for any purpose involving personalised advertising, profiling, cross-device matching, content personalisation, or geolocation. Those purposes are either declared as requiring consent or marked Not used.
Purpose 9 — Understand audiences through statistics
1. Purpose test
Kefiw logs aggregate counters (page view, impression, fill, unfill, click) keyed to an anonymous rolling session identifier to measure (a) which tools are used, (b) whether ad slots fill or fall back to the in-house placeholder, and (c) whether the site experiences abnormal traffic spikes. The statistics are used to prioritise tool development and to detect operational regressions.
2. Necessity test
The processing is necessary because there is no practical alternative that yields equivalent per-slot fill data. Server-side-only counters would omit client-side fill/viewability signals, and consent-gating the counters entirely would bias the measurement to the consented population only, defeating the purpose of operational monitoring.
3. Balancing test
- Data minimisation: no user-typed tool values are ever included in telemetry payloads. No IP address, no user-agent string, no precise timestamp beyond the event is stored with the session record.
- Identifiability: the session identifier (
kfw_sid) is a random UUID, rotated after 30 days of inactivity, not linkable to any account because Kefiw has no accounts. - Reasonable expectation: users interacting with a free web tool reasonably expect the operator to measure whether the tool is used.
- Opt-out: users may clear
kfw_sidfrom their browser at any time; users who select the Contextual-only or Pending protocol state cause telemetry to be disabled via__KFW_TELEMETRY_DISABLED.
4. Outcome
The interests of Kefiw in operating a reliable measurement layer are not overridden by the limited and anonymised impact on data subjects. Legitimate interest is the correct lawful basis.
Special Purpose 1 — Ensure security, prevent and detect fraud, and fix errors
1. Purpose test
Kefiw's edge infrastructure (Cloudflare) inspects request metadata — IP address, user agent, TLS fingerprint — to block bot traffic, credential-stuffing attempts, and denial-of-service patterns. Error reporting retains a transient copy of the HTTP request envelope for up to 24 hours for incident diagnosis.
2. Necessity test
A free, unauthenticated public web service is a standing target for automated abuse. Without edge-level fraud and anomaly detection the service cannot remain available to legitimate users. There is no less-intrusive alternative that delivers equivalent protection.
3. Balancing test
- Data minimisation: only the network envelope is inspected; no request body content and no tool inputs are examined.
- Retention: fraud-detection logs are retained for 30 days. Error-diagnostic copies are retained for 24 hours.
- Reasonable expectation: all visitors reasonably expect a public site to defend itself against attack.
4. Outcome
Processing is strictly proportionate to the security interest and does not override data-subject rights.
Special Purpose 3 — Save and communicate privacy choices
1. Purpose test
The CMP stores the user's consent state (pending / ltd / full) in first-party browser storage and emits it to downstream vendors as a TCF 2.3 string plus a GPP 1.1 section string. This is the core operational function of the Consent Management Platform.
2. Necessity test
Recording a privacy choice is definitionally necessary to honour that choice on subsequent page loads. Without this, the CMP could not function and Kefiw could not serve any advertising lawfully in the EU/UK.
3. Balancing test
- The stored values record the user's own decision and are not used for any secondary purpose.
- The user can overwrite or erase the stored choice at any time via the privacy anchor fixed to the bottom of every page.
- TCF Policy explicitly contemplates this processing under Special Purpose 3; the European Data Protection Board has affirmed legitimate interest as appropriate for CMP consent records.
4. Outcome
Processing is necessary and proportionate; legitimate interest is the correct basis.
Your right to object
Under Article 21 GDPR you may object at any time to processing based on legitimate interest. To exercise this right:
- For Purpose 9 telemetry: select the Contextual-only or Pending state in the privacy anchor at the bottom of any page. Telemetry stops immediately.
- For Special Purpose 1 security logs: contact us at the contact form; note that we cannot discontinue fraud detection for a specific visitor without simultaneously ceasing to serve them.
- For Special Purpose 3 consent records: clear site data in your browser.
Review cadence
This assessment is reviewed annually, or sooner if the scope of processing or governing guidance changes.
Back to Privacy Policy.