Privacy Policy

1. Introduction

This Privacy Policy explains how Praepa ("we", "us", or "our") collects, uses, and protects your personal data when you use our website and services. We are committed to protecting your privacy and handling your data in an open and transparent manner in accordance with the EU General Data Protection Regulation (GDPR) and German Federal Data Protection Act (BDSG).

This policy applies to all users of our platform, including registered members and visitors.

2. Data Controller

For the purposes of applicable data protection law, the data controller is Praepa, located at [Your Address]. For questions regarding this privacy policy or to exercise your rights, please contact us at [Your Email].

3. Information We Collect

We collect the following types of information:

• Account Information: When you create an account, we collect your name, email address, and password.
• Profile Information: Information you provide in your user profile, including optional biographical information and preferences.
• Usage Data: Information about your interaction with our platform, including practice test results, performance data, session logs, and learning progress.
• Technical Data: IP address, browser type, device information, operating system, and other technological identifiers.
• Cookies and Similar Technologies: Information collected through cookies and similar technologies as detailed in our Cookie Policy.

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

• Performance of Contract: Processing necessary to provide our services to you as per our Terms of Service.
• Legitimate Interests: Processing necessary for our legitimate interests, such as improving our services, preventing fraud, and ensuring network security.
• Consent: Where you have given specific consent for processing activities.
• Legal Obligation: Processing necessary to comply with legal obligations.

5. How We Use Your Information

We use your information for the following purposes:

• To provide and maintain our services, including user account management.
• To personalize your experience and deliver tailored content and recommendations.
• To analyze usage patterns and improve our platform functionality.
• To communicate with you about service updates, changes, and educational content.
• To ensure the security of our platform and detect fraudulent activities.
• To comply with legal obligations and enforce our terms and policies.

6. Data Sharing and Recipients

We may share your information with:

• Service Providers: Third-party companies that perform services on our behalf, such as hosting, analytics, and payment processing.
• Legal Authorities: When required by law, court order, or governmental regulation.
• Business Partners: Only with your explicit consent and for specific purposes that will be communicated to you.

All data recipients are bound by confidentiality obligations and can only use your data for specified purposes.

7. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place through standard contractual clauses approved by the European Commission, binding corporate rules, or other legally accepted mechanisms.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. User account data is kept until you delete your account or request deletion. After account deletion, we may retain certain data in anonymized form for analytical purposes.

9. Your Rights

Under the GDPR and German data protection law, you have the following rights:

• Right to Access: Request information about your personal data we process.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: Request limitation of processing in certain scenarios.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Lodge a Complaint: File a complaint with a data protection authority, particularly in Germany or your EU member state.

To exercise these rights, please contact us at [Your Contact Email].

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

11. Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance user experience, analyze usage patterns, and provide personalized content. You can manage your cookie preferences through your browser settings. For more details, please see our Cookie Policy.

12. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy regularly.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: