Privacy Policy

We (How To Study German LLC) take data protection seriously. This notice explains what personal data we process when you use our website, on which legal bases (GDPR), for which purposes, and how you can exercise your rights.

1) Controller & Contact

Controller:
How To Study German LLC
30 N Gould St Ste N, Sheridan, WY 82801, United States
Email: in**@**************an.com

EU Representative (Art. 27 GDPR):
EXCHANGENB OÜ, Männimäe 1, Pudisoo küla, 74626 Kuusalu vald, Harju maakond, Estonia
Email: ho*************@***il.com

2) Legal Bases

3) What We Process & Why

4) Cookies & Consent (Real Cookie Banner)

We use the consent tool Real Cookie Banner (devowl) to obtain and manage your consent for cookies and similar technologies. The tool sets a necessary cookie to store your choices (legal basis: Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR). You can change or withdraw consent at any time via the cookie settings link displayed on the site.

Essential cookies are required for the website to function (e.g., security, load balancing, consent storage). Non-essential cookies (e.g., analytics) are only used with your consent.

5) Third-Party Services & Plugins

We use WordPress plugins and third-party services. Depending on your interaction, the following may process personal data. Where applicable, international transfers are protected by appropriate safeguards (e.g., SCCs). Links lead to the providers’ own privacy information.

5.1 Payments – Paddle (Merchant of Record)

For paid digital products, checkout and billing are handled by Paddle as Merchant of Record. Paddle processes your payment details (e.g., name, email, billing address, payment method, IP for tax compliance) to complete transactions and prevent fraud. Paddle acts as an independent controller for payment data. See Paddle’s privacy policy: https://www.paddle.com/legal/privacy. Legal bases: Art. 6(1)(b) (contract) and Art. 6(1)(c) (legal obligation).

5.2 Anti-Spam – CleanTalk Anti-Spam

To protect forms and comments from spam, we use CleanTalk Anti-Spam. When you submit a form, technical data (IP address, email, form text/fields, browser info) are checked against spam indicators. The service may keep short-term logs for security/diagnostics. Legal basis: Art. 6(1)(f) (legitimate interests in site security and abuse prevention). CleanTalk offers EU data center options and SCCs; logs are retained for a limited period as configured.

5.3 Security – CleanTalk Security

We use Security by CleanTalk for firewall, malware, and security monitoring. It may process IP addresses, URLs requested, and suspicious activity patterns to prevent attacks. Legal basis: Art. 6(1)(f) (security of our website).

5.4 Security – Wordfence

Wordfence Security provides additional firewall and login protection. It may process IP addresses, user agent, and attempted login/activity details to detect malicious traffic. Legal basis: Art. 6(1)(f).

5.5 Bot Protection – Advanced Google reCAPTCHA

Where enabled, Google reCAPTCHA helps distinguish human users from bots. Google may receive your IP address and other technical data for this purpose. Legal basis: Art. 6(1)(f) (security). Google privacy: policies.google.com/privacy.

5.6 Site Kit by Google (Analytics/Search Console)

If analytics are enabled via Site Kit, Google Analytics uses cookies or similar tech to measure usage (pages viewed, device info, approximate location, etc.). Data may be aggregated and retained according to our Analytics settings. We load analytics only with your consent via the cookie banner (legal basis: Art. 6(1)(a)). You can withdraw consent at any time. Google privacy: policies.google.com/privacy.

5.7 Quiz Maker (By Quiz Maker team)

Our quizzes are powered by the Quiz Maker plugin. Depending on the quiz, it can store your answers and —if you choose to provide them—name and/or email address to show results, score, or send feedback. Data are stored on our server. Legal basis: Art. 6(1)(b) (providing the quiz feature) or Art. 6(1)(f) (improving content).

5.8 Forms – WPForms Lite & Contact Form 7

When you submit a form, we process the data you provide (e.g., name, email, message) to handle your request. Depending on configuration, submissions are emailed to us and/or stored on our server. Legal basis: Art. 6(1)(b) or Art. 6(1)(f).

5.9 Activity Log (admin only)

We use an Activity Log plugin to monitor administrative changes (e.g., logins, content updates) for security and troubleshooting. It stores user ID/role (for site staff), timestamps, and the action performed. Typical retention is up to 45 days. Legal basis: Art. 6(1)(f).

5.10 Redirection

Redirection manages URL redirects and may log technical error data (e.g., 404s) for debugging. We minimize or anonymize IPs where feasible. Legal basis: Art. 6(1)(f).

5.11 WP Rocket (caching)

WP Rocket speeds up the site by caching pages. It may set necessary cookies for logged-in users and store non-personal cache data. Legal basis: Art. 6(1)(f) (performance and UX). Privacy policy: https://wp-rocket.me/privacy-policy/

5.12 Local Google Fonts

Fonts are served locally via the Local Google Fonts plugin to avoid requests to Google when loading text. No personal data are sent to Google for fonts.

5.13 Elementor & Royal Elementor Addons

We use Elementor and related addons as site-building tools to render and design pages. In the standard plugin setup on our own hosting, Elementor does not itself profile visitors or process personal data beyond what is described elsewhere in this policy.

Our website is hosted via Elementor Cloud Hosting, certain personal data (such as IP addresses, technical usage data, or form submissions) may be processed on Elementor’s servers. In this case, Elementor Ltd. acts as a data processor under the GDPR. The processing is governed by a Data Processing Addendum (DPA) that is part of Elementor’s Terms of Service and ensures GDPR-compliant handling of data. More details can be found here: https://elementor.com/dpa

5.14 SEO & Utilities

Slim SEO, Schema & Structured Data for WP & AMP, XML Sitemap Generator, MaxButtons, Database Cleaner, WPCode Lite, WordPress Hide Posts are utility plugins. They primarily affect page output/metadata or maintenance and generally do not process personal data beyond technical/functional necessities.

5.15 Embedded Videos (YouTube, privacy-enhanced mode)

Where we embed videos, we use YouTube’s privacy-enhanced mode when possible. YouTube/Google may still receive your IP address and information about the page you visit. This loads only with your consent via the cookie banner (legal basis: Art. 6(1)(a)). Google privacy: policies.google.com/privacy.

6) Retention

We keep personal data only as long as necessary for the purposes stated above or as required by law. Security and activity logs are typically retained for up to 45 days unless a longer period is needed to investigate specific incidents. Quiz responses may be kept to show results/history; you can request deletion at any time.

7) International Transfers

Some providers may process data outside the EU/EEA. Where this occurs, we rely on recognized safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms and implement additional measures where appropriate.

8) Security

We apply appropriate technical and organizational measures (encryption, firewalls, least-privilege access, logging, backups) to protect your data against loss, misuse, and unauthorized access.

9) Your Rights

To exercise your rights, please contact us at info [at] howtostudygerman [dot] com or reach out to our EU representative at how2studygerman [at] gmail [dot] com.

10) Changes to This Policy

We may update this notice to reflect legal, technical, or business developments. The “Last updated” date indicates the latest revision.

Last updated: 06 September 2025