Privacy Policy

Last updated: December 14, 2025

Overview

This policy explains how we collect, use, and protect your data when you use our finance interview preparation platform. We take your privacy seriously and only collect data necessary to provide our service.

Data Controller

HAREMO IT Solutions GmbH
Wellingsbütteler Landstr. 193
22337 Hamburg, Germany

For privacy inquiries: info@financeinterviewprep.com

We have not appointed a Data Protection Officer, as we are not legally required to do so under Art. 37 GDPR. Our core activities do not involve large-scale, regular, or systematic monitoring of data subjects, nor large-scale processing of special categories of data.

Data We Collect

  • Account information: Email address and password (hashed) when you create an account
  • Learning data: Your answers, progress, performance statistics, XP, streaks, and badges
  • Payment data: Processed by Stripe (we don't store card details)
  • Technical data: IP address and browser info (server logs)
  • Analytics data: Via Google Analytics (only with your consent)

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Contract performance (Art. 6(1)(b)): Processing your account, tracking your learning progress, handling payments, and delivering our service
  • Consent (Art. 6(1)(a)): Analytics and cookies (you can withdraw consent anytime)
  • Legal obligation (Art. 6(1)(c)): Retaining payment records for tax compliance
  • Legitimate interests (Art. 6(1)(f)): Security measures, fraud prevention, and service improvement

How We Use Your Data

  • To provide and personalize your learning experience
  • To track your progress, XP, streaks, and achievements
  • To process your subscription payments
  • To send you account-related notifications
  • To ensure security and prevent abuse
  • To improve our service (with anonymized data)

Data Retention

  • Account and learning data: Retained while your account is active; deleted upon account deletion request
  • Payment records and invoices: Retained for 10 years as required by German tax law (§ 147 AO)
  • Server logs: Retained for 30 days for security purposes
  • Analytics data: Managed by Google (typically 14 months, configurable)

Third-Party Services & Data Processors

We share your data with the following service providers who act as data processors:

  • Stripe — payment processing (GDPR-compliant, DPA in place)
  • Supabase (AWS) — secure data storage (Standard Contractual Clauses)
  • Google Analytics — website analytics (only with your consent, IP addresses anonymized)
  • Vercel — website hosting (global CDN, GDPR-compliant)

International Data Transfers: Some providers process data outside the EU (primarily in the United States). Where personal data is processed outside the EU/EEA, appropriate safeguards such as Standard Contractual Clauses (SCCs) and EU-US Data Privacy Framework adequacy decisions are in place. You have the right to request copies of these safeguards.

Cookies & Tracking

We use cookies and similar technologies for essential functionality and, with your consent, for analytics:

  • Essential cookies: Required for site functionality and security (no consent needed)
  • Analytics cookies: Google Analytics for understanding site usage (requires your consent). IP addresses are anonymized.
  • Local storage: Stores your cookie preferences and session data (browser-only)

For more details, see our Cookie Policy.

Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access (Art. 15): Request a copy of all personal data we hold about you
  • Right to rectification (Art. 16): Correct inaccurate or incomplete data
  • Right to erasure (Art. 17): Request deletion of your data ("right to be forgotten")
  • Right to restriction (Art. 18): Limit how we process your data
  • Right to data portability (Art. 20): Receive your data in a machine-readable format
  • Right to object (Art. 21): Object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3)): Withdraw consent for analytics/cookies at any time

How to exercise your rights: Email us at info@financeinterviewprep.com with:

  • Your request type (access, deletion, etc.)
  • Your account email
  • Proof of identity (to prevent unauthorized access)

We will respond within 1 month. If your request is complex, we may extend this by 2 additional months and will inform you.

Security

All data is transmitted over encrypted connections (HTTPS/TLS). We implement appropriate technical measures to protect your data. Passwords are stored only in hashed and salted form and cannot be read by us.

Changes to This Policy

We may update this policy from time to time. The current version will always be available on this page.

FinanceInterviewPrep.com — Interview prep platform for finance professionals.