Privacy Policy

Last updated: February 25, 2026

Effective for https://studywizardry.com — see “Last updated” above.

1. Controller (Art. 4(7) GDPR)

StudyWizardry Education UG (haftungsbeschränkt)
Friedrichstraße 155
10117 Berlin
Deutschland
Email: [email protected]
Phone: ****

2. What data we process

Depending on how you use the service, we may process:

  • Account data (e.g., email, login identifiers, hashed password, preferences, language)
  • Usage data (e.g., viewed content, learning progress, interactions)
  • Device/log data (e.g., IP address, timestamps, browser/OS, referrer)
  • Payment data (only if paid features are used; handled via ُStripe)

When you use the guest area of our /app workspace, we also use a first-party visitor identifier cookie (sw_app_visitor) so we can enforce free-usage limits across browser sessions. In addition, we maintain internal page-view and abuse-prevention logs (for example path, route, timestamp, referrer, user agent, visitor ID where available, and IP hash). These internal measurements are separate from optional third-party analytics.

We process personal data for the following purposes:

  1. Providing the service / performing the contract (Art. 6(1)(b))
    Account creation, authentication, learning content delivery, support.
  2. Security and abuse prevention (Art. 6(1)(f))
    Fraud/spam prevention, error analysis, system stability.
  3. Service access control and free-usage enforcement (Art. 6(1)(f), where applicable Art. 6(1)(b))
    Recognising returning guest browsers to enforce free-use limits and prevent abuse.
  4. Consent (Art. 6(1)(a))
    Optional third-party analytics/marketing technologies (see Cookie Policy).
  5. Legal obligations (Art. 6(1)(c))
    E.g., statutory retention obligations.

4. Processors and third parties

We may use service providers acting as processors, including:

  • Hosting/Infrastructure:
  • Analytics (optional): Google Analytics
  • Payments (optional): ُStripe

Where required, we conclude data processing agreements (Art. 28 GDPR).

5. International transfers

If providers process data outside the EU/EEA, we ensure an adequate level of protection (e.g., adequacy decision, Standard Contractual Clauses) and provide relevant information in this policy and/or the provider documentation.

6. Retention

We keep personal data only as long as necessary for the purposes above or as required by law. Afterwards, we delete or anonymize data.

Typical retention examples:

  • Cookie-consent preferences: up to 6 months
  • Guest /app visitor identifier cookie (sw_app_visitor): up to 12 months
  • Internal operational/page-view logs: only as long as needed for analytics, fraud prevention, support, and legal obligations

7. Your rights

You may have the following rights (subject to legal requirements):

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16)
  • Erasure (Art. 17)
  • Restriction (Art. 18)
  • Data portability (Art. 20)
  • Objection (Art. 21)
  • Withdrawal of consent (Art. 7(3))

Contact: [email protected].

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Details are described in our Cookie Policy. We use optional third-party analytics/marketing technologies only with your opt-in consent. You can change your choice at any time via “Cookie settings” in the footer.

9. Minors

The platform is intended for users aged 16+. Under 16, use is only permitted with parental/guardian consent.

10. Contact

Privacy requests: [email protected]