Who we are (Data Controller)
[Your legal name], FOP[address]
Contact: privacy@bbeprep.com / hello@bbeprep.com

What data we collect

  • Account data: name, email, password (hashed), plan, settings.

  • Learning data: attempts, scores, timing, error logs, notes.

  • Billing data: handled by Paddle; we receive payment status, amounts, country, tax outcome, and masked identifiers. We do not store full card numbers.

  • Device & usage: IP, browser, device, pages used; cookies/local storage; rough location (city/country).

  • Support: messages, attachments, call notes.

Why we process your data (legal bases under GDPR)

  • To provide the Service and fulfill the contract (Art. 6(1)(b)).

  • To improve and secure the Service (Art. 6(1)(f) legitimate interest).

  • To meet legal/tax obligations (Art. 6(1)(c)).

  • With your consent for marketing/cookies where required (Art. 6(1)(a)).

How we use data

  • Account creation, authentication, access control (Memberstack).

  • Payment processing, tax documents, receipts (Paddle).

  • Learning analytics, personalization, and progress tracking (Supabase).

  • Emails, notifications, and automation (e.g., Make.com + email provider).

  • Security, fraud prevention, debugging, and support.

Processors / recipients

  • Paddle.com (billing & tax, Merchant of Record)

  • Memberstack (auth & membership)

  • Supabase (database/hosting)

  • Make.com (automations)

  • Email provider (e.g., Postmark/Mailgun)

  • Analytics/monitoring (if used; specify name here)

International transfers
Some providers may process data outside the EU/EEA under appropriate safeguards (e.g., SCCs). We select vendors with GDPR‑aligned terms where possible.

Retention

  • Account & learning data: for your account’s lifetime, then deleted or anonymized within 12 months.

  • Transactional/billing records: up to 10 years for tax/compliance (mostly retained by Paddle as Merchant of Record).

  • Support tickets: up to 24 months after resolution.

Your rights
Access, rectification, erasure, restriction, portability, and objection. You can withdraw consent at any time (for consent‑based processing). To exercise rights, email privacy@bbeprep.com. You also have the right to complain to your local data protection authority.

Cookies

  • Essential: authentication, session, security, checkout.

  • Functional/Analytics (optional): usage insights, A/B tests.
    We’ll show a consent banner where required; you can change preferences in‑app.

Children
The Service isn’t directed to children under 16.

Security
We use encryption in transit (HTTPS), access controls, and vendor due diligence. No method is 100% secure; report issues to security@bbeprep.com.

Changes
We may update this policy; we’ll notify you of material changes via email or in‑app.

Contact
privacy@bbeprep.com


Start preparing today

Take free test

Home

Home

FAQ

Pricing

Resources

About

Blog

Contact

Reviews

Legal

Terms of Service

Privacy Policy

Imprint