Frequently Asked Questions

We collect: account info (name, email, password hash), learning data (videos watched, exercises completed, vocabulary, progress), usage analytics (features used, time spent), and device info (browser, OS, IP address). We never sell your data. See our Privacy Policy for full details on data collection, storage, and usage.

Yes! SubLearn fully complies with GDPR (EU), CCPA (California), and international privacy laws. You have rights to access, export, correct, and delete your data anytime. We use explicit consent for cookies and data processing. EU users can exercise rights from Settings → Privacy → Data Rights.

Go to Settings → Privacy → Delete My Data. Choose to delete specific data (vocabulary, progress, history) or entire account. Account deletion is permanent and removes all personal data within 30 days. You'll receive a confirmation email. If you only want to pause learning, consider deactivating your account instead.

We use essential cookies (authentication, security), functional cookies (preferences, dark mode), and analytics cookies (usage stats, improvement). You can control cookies from the cookie banner on first visit or Settings → Privacy → Cookie Preferences. Essential cookies can't be disabled. We don't use advertising cookies.

We share data with service providers only (AWS, Stripe, SendGrid) to operate SubLearn. These partners are contractually obligated to protect your data and can't use it for other purposes. We never sell your data to advertisers or third parties. AI conversations are processed by OpenAI under data processing agreements with strict privacy protections.

Security measures include: encrypted passwords (bcrypt hashing), HTTPS encryption for all traffic, two-factor authentication (optional), session expiration (auto logout after inactivity), login history tracking, and anomaly detection (unusual login alerts). We recommend enabling 2FA and using a strong, unique password.

Passwords must be at least 8 characters and include a mix of letters (upper/lower), numbers, and symbols. We recommend using a password manager to generate and store strong passwords. Avoid common words, personal info, or reusing passwords from other sites. Change passwords regularly from Settings → Security.

Yes. Go to Settings → Security → Login History to see recent logins with date/time, device, browser, location, and IP address. If you see unfamiliar activity, immediately change your password, enable 2FA, and log out all devices from the same page. Contact support if you suspect unauthorized access.