Learn Spanish Like I Did Logo
Learn SpanishLike I Did
← Back to Home

GDPR Policy

Last updated: March 15, 2026

1. Introduction

Learn Spanish Like I Did is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the European Economic Area (EEA). This GDPR Policy outlines how we collect, process, and protect your personal data in accordance with GDPR requirements.

2. Data Controller

Learn Spanish Like I Did acts as the data controller for the personal data we collect through learnspanishlikeidid.com. For any GDPR-related inquiries, contact us at hola@learnspanishlikeidid.com

3. Legal Basis for Processing

We process your personal data under the following legal bases:

3.1 Contractual Necessity (Art. 6(1)(b) GDPR)

Processing is necessary to perform our contract with you (course enrollment, access, and delivery).

3.2 Legitimate Interests (Art. 6(1)(f) GDPR)

We process data for legitimate business interests such as improving our services, fraud prevention, and internal analytics, provided your interests and rights do not override these interests.

3.3 Consent (Art. 6(1)(a) GDPR)

For marketing communications and non-essential cookies, we rely on your explicit consent, which you can withdraw at any time.

3.4 Legal Obligation (Art. 6(1)(c) GDPR)

We process data to comply with legal obligations such as tax and accounting requirements.

4. Your Rights Under GDPR

As a data subject in the EEA, you have the following rights:

Right of Access (Art. 15)

You have the right to obtain confirmation about whether we process your personal data and to access that data.

Right to Rectification (Art. 16)

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (Art. 17)

You can request deletion of your personal data under certain circumstances, subject to legal retention obligations.

Right to Restriction of Processing (Art. 18)

You can request that we limit the processing of your personal data in specific situations.

Right to Data Portability (Art. 20)

You can receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

Right to Object (Art. 21)

You can object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent (Art. 7(3))

Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Right to Lodge a Complaint (Art. 77)

You have the right to lodge a complaint with your local data protection authority.

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: hola@learnspanishlikeidid.com

Subject Line: GDPR Rights Request

We will respond to your request within one month. In complex cases, we may extend this period by two additional months and will inform you of the extension.

6. Data Processing and Storage

6.1 Data Categories

We process the following categories of personal data:

  • Identity Data: Name, username
  • Contact Data: Email address
  • Financial Data: Payment information (processed by Stripe)
  • Technical Data: IP address, browser type, device information
  • Usage Data: Course progress, interaction patterns
  • Marketing Data: Newsletter preferences, communication preferences

6.2 Data Storage

Your personal data is stored securely using industry-standard encryption and security measures. We retain data only as long as necessary for the purposes outlined in our Privacy Policy or as required by law.

7. International Data Transfers

We may transfer your personal data outside the EEA. When we do, we ensure adequate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequacy decisions
  • Processor agreements with GDPR-compliant terms

8. Data Protection Principles

We adhere to the GDPR data protection principles (Art. 5):

  • Lawfulness, Fairness, and Transparency: We process data lawfully and transparently
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes
  • Data Minimization: We collect only necessary data
  • Accuracy: We keep data accurate and up to date
  • Storage Limitation: Data is kept only as long as necessary
  • Integrity and Confidentiality: We implement appropriate security measures
  • Accountability: We demonstrate compliance with GDPR principles

9. Third-Party Processors

We use GDPR-compliant third-party processors:

  • Stripe: Payment processing (PCI-DSS compliant, GDPR-compliant)
  • Email Service Providers: For course communications and newsletters
  • Hosting Providers: For website and data hosting

All processors are bound by data processing agreements (DPAs) ensuring GDPR compliance.

10. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

11. Cookies and Consent

We use cookies in compliance with the ePrivacy Directive. Essential cookies are necessary for the website to function. Non-essential cookies (analytics, marketing) require your explicit consent, which you can manage through our cookie consent banner.

12. Updates to This Policy

We may update this GDPR Policy to reflect changes in our practices or legal requirements. Material changes will be communicated to you via email or prominent notice on our website.

13. Supervisory Authority

If you are not satisfied with our response to your GDPR request or believe we are not processing your data in accordance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.

Find your local authority: European Data Protection Board Members

14. Contact Information

Data Controller: Learn Spanish Like I Did

Email: hola@learnspanishlikeidid.com

Website: learnspanishlikeidid.com