Privacy Policy
Last updated: February 2026
1. Who We Are
EasyGeorgian.com ("we", "us", "our") provides Georgian language learning tools including audio courses, podcast courses, a flashcard web application, and related services. This Privacy Policy describes how we collect, use, and protect your personal data in compliance with the EU General Data Protection Regulation (GDPR).
2. Data We Collect
Account Data
When you create an account: email address, display name (optional), and authentication data (hashed password or social login token).
Purchase Data
When you purchase a course: name, email, billing country, transaction ID, payment method (last 4 digits only). Full payment details are handled by our payment processor and never stored on our servers.
Learning Data
As you use our services: course progress, flashcard review history, spaced repetition metrics (ease factor, interval, repetition count), study session timestamps, and streak data.
Automatic Data
When you visit our site: IP address, browser type, device type, operating system, referring URL, pages visited, and visit duration. Collected via server logs and analytics.
3. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide course access and flashcard app | Contract performance |
| Process payments | Contract performance |
| Send purchase confirmations and account info | Contract performance |
| Track learning progress | Contract performance |
| Send marketing emails (tips, offers) | Consent (opt-in) |
| Improve our products and services | Legitimate interest |
| Prevent fraud and abuse | Legitimate interest |
4. Data Storage
Your data is stored on:
- Firebase (Google Cloud) — europe-north1 region (Finland). Used for authentication, learning data, and the flashcard app.
- Cloudflare Pages — static site hosting (global CDN).
5. Data Sharing
We never sell your personal data. We share data only with:
- Payment processor — to process purchases
- Email service — to send transactional and marketing emails (if opted in)
- Firebase/Google Cloud — infrastructure provider
- Analytics — anonymized usage data
6. Your Rights (GDPR)
You have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Portability — receive your data in a structured, machine-readable format
- Object — object to processing based on legitimate interest
- Withdraw consent — for marketing emails at any time
- Complaint — file a complaint with your local data protection authority
To exercise any of these rights, email hello@easygeorgian.com.
7. Data Retention
- Account data: kept while your account is active. Deleted within 30 days of account deletion request.
- Learning data: kept while your account is active.
- Purchase records: kept for 7 years (tax/legal requirements).
- Server logs: deleted after 90 days.
8. Cookies
We use essential cookies for authentication and site functionality. We may use analytics cookies with your consent. You can manage cookie preferences through your browser settings.
9. Marketing
We only send marketing emails if you explicitly opt in. Every marketing email includes an unsubscribe link. We never send spam.
10. Children's Privacy
Our services are intended for users aged 16 and older. We do not knowingly collect data from children under 16.
11. Changes to This Policy
We may update this policy from time to time. Significant changes will be communicated via email or a notice on our website.
12. Contact
For privacy-related questions or requests: hello@easygeorgian.com