Privacy Policy

We (How To Study German LLC) take data protection seriously. This notice explains what personal data we process when you use our website, on which legal bases (GDPR), for which purposes, and how you can exercise your rights.

1) Controller & Contact

Controller:
How To Study German LLC
30 N Gould St Ste N, Sheridan, WY 82801, United States
Email: in**@**************an.com

EU Representative (Art. 27 GDPR):
EXCHANGENB OÜ, Männimäe 1, Pudisoo küla, 74626 Kuusalu vald, Harju maakond, Estonia
Email: in**@**************an.com

2) Legal Bases

3) What We Process & Why

4) Cookies, Local Storage & Consent

Real Cookie Banner:
We use Real Cookie Banner to manage consent for cookies and external services. Essential cookies are required for the operation and security of the website. Non-essential cookies (e.g. analytics, marketing, embedded media) are used only after consent. You can change or withdraw your consent at any time via the cookie settings link on our website.

Local Storage (Functional Elements):
We use the so-called “Local Storage” of your browser to save technical status information (e.g., whether you have already seen or closed a promotional popup/sticky bar). This ensures that popups are not displayed to you repeatedly within a certain timeframe.

This data is stored locally on your device, contains no personal identifiers, and is not transferred to third parties.

Legal Basis: Art. 6(1)(f) GDPR (Legitimate interest in usability) and § 25(2) No. 2 TTDSG (Technical necessity).

5) Third-Party Services & Plugins

5.1 Security & Bot Protection – Cloudflare

We use Cloudflare as a security and performance service to protect our website against malicious traffic, bots, and attacks (e.g. DDoS).
Cloudflare processes technical connection data such as IP addresses, request metadata, and security-related information.
This processing is essential to protect the website and is based on Art. 6(1)(f) GDPR (legitimate interest in security and abuse prevention).
Privacy policy: https://www.cloudflare.com/privacypolicy/

5.2 Payments – Paddle (Merchant of Record)

Payments for digital products are handled by Paddle as Merchant of Record.
Paddle processes payment and billing data independently as controller.
Legal basis: Art. 6(1)(b) and Art. 6(1)(c).
https://www.paddle.com/legal/privacy

5.3 Anti-Spam – CleanTalk

We use CleanTalk Anti-Spam and CleanTalk Security to protect forms, logins, and the website from spam and attacks.
Technical data such as IP addresses and request patterns may be processed.
Legal basis: Art. 6(1)(f) GDPR.

5.4 Security – Wordfence

We use the security plugin Wordfence, provided by Defiant, Inc. (1700 Westlake Ave N Ste 200, Seattle, WA 98109, USA), to protect our website against cyberattacks, malicious traffic, and brute-force logins. For this purpose, your IP address and website activity data are processed.

The legal basis for this processing is our legitimate interest in maintaining the security and integrity of our website according to Art. 6(1)(f) GDPR.

Since data is transferred to the USA, the provider guarantees an adequate level of data protection by using EU Standard Contractual Clauses (SCCs). For more information, please refer to the Wordfence Privacy Policy: https://www.wordfence.com/privacy-policy/

5.5 Tag Management – Google Tag Manager (GTM4WP)

We use Google Tag Manager, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), to manage and deploy marketing and analytics tags on our website. The plugin GTM4WP (Google Tag Manager for WordPress) is used to integrate the GTM container into WordPress.

Google Tag Manager itself does not set cookies or collect personal data independently. It acts solely as a container that controls which other tags (e.g. Google Analytics, Google Ads) are loaded – and only after the visitor has given their consent via our cookie banner.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient tag management); marketing tags within GTM are loaded only on the basis of Art. 6(1)(a) GDPR (consent).
Privacy policy: https://policies.google.com/privacy

5.6 Analytics – Google Analytics

If enabled and after your consent, we use Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to analyse website usage. Data collected may include page views, session duration, device information, and approximate location. Google Analytics is deployed via Google Tag Manager and only activated after consent.

IP addresses are anonymised before storage. Data may be transferred to Google servers in the USA; Google provides appropriate safeguards through Standard Contractual Clauses (SCCs).

Legal basis: Art. 6(1)(a) GDPR (consent).
Privacy policy: https://policies.google.com/privacy

We use Google Ads (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for online advertising and to measure the effectiveness of our ads. This includes:

For these purposes, Google places a cookie or uses similar technologies on your device. A pseudonymous ID is used to recognise returning visitors. No personally identifiable information is collected or linked to your identity by us.

Google Ads tags are deployed via Google Tag Manager and are only activated after your consent. Data may be transferred to Google servers in the USA; Google provides appropriate safeguards through Standard Contractual Clauses (SCCs).

Legal basis: Art. 6(1)(a) GDPR (consent).
You can opt out of personalised advertising at any time at: https://adssettings.google.com
Privacy policy: https://policies.google.com/privacy

5.8 Advertising – Microsoft Advertising (Bing UET: Remarketing & Conversion Tracking)

We use Microsoft Advertising (operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA; in the EU represented by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland), including its Universal Event Tracking (UET) technology, for online advertising and to measure the effectiveness of our ads. This includes:

For these purposes, Microsoft places cookies (e.g. _uetsid, _uetvid, MUID) or uses similar technologies on your device. A pseudonymous ID is used to recognise returning visitors. No personally identifiable information is collected or linked to your identity by us.

The Microsoft UET tag is integrated and managed via our consent manager (Real Cookie Banner) and is only activated after your consent. Data may be transferred to Microsoft servers in the USA; Microsoft is certified under the EU-US Data Privacy Framework and additionally provides appropriate safeguards through Standard Contractual Clauses (SCCs).

Legal basis: Art. 6(1)(a) GDPR (consent).
You can manage your advertising preferences at any time at: https://account.microsoft.com/privacy/ad-settings
Privacy policy: https://privacy.microsoft.com/en-us/privacystatement

5.9 Forms – WPForms & Contact Form 7

When you submit a generic contact form, we process the data to handle your request.

5.10 Newsletter (MailerLite)

We use MailerLite (UAB “MailerLite”, J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania) to manage our subscriber list and send emails.
Registration & Double Opt-In:
If you subscribe to our newsletter, we process your email address and name. Registration takes place via a so-called double opt-in procedure (you will receive a confirmation email asking you to confirm your registration). This prevents misuse of your email address.
Legal Basis:

Data Processing:
MailerLite is based in the EU (Lithuania) and processes data in compliance with the GDPR. Where sub-processors outside the EU/EEA are used, MailerLite ensures appropriate safeguards through Standard Contractual Clauses (SCCs).
You can unsubscribe at any time via the link in every email.
Privacy Policy MailerLite: https://www.mailerlite.com/legal/privacy-policy

5.11 Hosting & Page Builder – Elementor Cloud

Our website is hosted via Elementor Cloud Hosting.
Technical and usage data may be processed on Elementor servers under a GDPR-compliant DPA.
https://elementor.com/dpa

5.12 Embedded Videos (YouTube)

Embedded YouTube videos are loaded only after consent. Google may receive technical data such as IP address.

5.13 Security Activity Logs

To ensure the security of our website and defend against bot attacks or unauthorized access, we log administrative actions and login attempts of logged-in users.
Data processed includes IP address, username (public display name), timestamp, and the specific action performed.

Retention: These logs are automatically deleted after 3 months.

Legal Basis: Art. 6(1)(f) GDPR (Legitimate interest in website security and error diagnosis).

6) Retention

We store personal data only as long as necessary for the stated purposes or as required by law.
Security logs are retained for up to 3 months.

7) International Transfers

Where data are transferred outside the EU/EEA, appropriate safeguards such as Standard Contractual Clauses or certification under the EU-US Data Privacy Framework are used.

8) Security

We apply technical and organizational security measures such as encryption, firewalls, access controls, and backups.

9) Your Rights

To exercise your rights, contact us at info [at] howtostudygerman [dot] com.

10) Changes to This Policy

We may update this Privacy Policy to reflect legal or technical changes.
Last updated: 11 June 2026

Tired of Guessing Der/Die/Das?

Stop memorizing endless lists. Learn the rules behind 1,000+ German nouns.

  • 1,000+ Nouns: A1 to C1, organized by pattern
  • Smart Spaced Repetition: Adapts to your weak spots
  • Rule Explanations: Understand WHY it's der/die/das
  • Lifetime Access: Pay once, no subscription
$65 One-time payment · Lifetime access
Try the Article Trainer →

14-day money-back guarantee · All future updates included

🎯 Stop guessing der/die/das — Article Trainer · 1,000+ nouns · $65 lifetime 🎯 Stop guessing der/die/das · $65 once Try it →