Get-Into-Finance.com
  • ACCOUNTING
  • VALUATION
  • LEARNING PATH
  • CASE LIBRARY
  • M&A
  • PRIVATE EQUITY
LOG IN REGISTER
We use cookies. Essential cookies (session, login persistence) are always active as they are required for the site to work. We also use Google Analytics to understand how the site is used — but only after you consent. Learn more in our Privacy Policy.

Privacy Policy

Last updated: July 18, 2026 — Get Into Finance — get-into-finance.com

Short version: We collect only the data you give us (email, progress). We never sell it. We use Google Analytics only after you consent. You can request deletion at any time.

1. Controller

The data controller responsible for processing your personal data is:

Get Into Finance
E-mail: hello@get-into-finance.com

As we are a small educational project without a physical office, all data inquiries are handled via e-mail. We will respond within 30 days.

2. Legal Bases (Art. 6 GDPR)

We process personal data only where a legal basis applies:

Processing activityLegal basis
Account creation & authenticationArt. 6(1)(b) GDPR — performance of a contract (providing the service)
Saving learning progress, ratings, commentsArt. 6(1)(b) GDPR — performance of a contract
Sending password-reset e-mailsArt. 6(1)(b) GDPR — performance of a contract
Login persistence ("Remember me" cookie)Art. 6(1)(b) GDPR — performance of a contract
Google Analytics (after consent)Art. 6(1)(a) GDPR — your explicit consent
Essential session cookie (PHPSESSID)Art. 6(1)(f) GDPR — legitimate interest (site functionality)

3. Data We Collect

3.1 Account Data

When you register, we store:

  • Your e-mail address
  • A hashed password (bcrypt via PHP’s password_hash() — the plaintext password is never stored)
  • Registration timestamp, last login timestamp, and login count
  • Account verification status

3.2 Learning Progress Data

To deliver the service, we store:

  • Which cases you have marked as complete
  • Items you have saved (cases or articles)
  • Star ratings you have submitted for cases
  • Comments you have posted (publicly visible on the relevant case)
  • The URL of the last page you visited before registering (used internally to understand the signup flow)

3.3 Technical / Log Data

Our hosting provider (IONOS SE, Germany) processes standard web-server logs that may include IP addresses and request timestamps for security and error-diagnosis purposes. These are governed by IONOS’s own privacy policy and are not under our direct control. Log data is typically retained for a maximum of 7 days.

3.4 What We Do NOT Collect

  • Real name, address, phone number, or date of birth
  • Payment or financial data (the service is free)
  • Government identification numbers
  • Data from social networks or third-party login providers

4. Cookies

We use the following cookies:

Cookie nameCategoryPurposeDuration
PHPSESSIDEssentialKeeps you logged in during a browser sessionSession (deleted when browser closes)
remember_meEssentialRestores your session without re-entering your password (“Keep me signed in”)30 days
cookie_consentEssentialRemembers your cookie consent choice1 year
_ga, _ga_*Analytics (opt-in)Google Analytics — measures aggregate usage patterns (page views, session duration)2 years (Google-controlled)

Analytics cookies are only set after you explicitly click “Accept” in our cookie banner. Essential cookies are set regardless of consent because they are strictly necessary for the site to function.

5. Google Analytics & Data Transfers

If you consent to analytics, we use Google Analytics 4 (provided by Google LLC, USA). Google may transfer data to servers in the United States. This transfer is covered by Google’s adherence to the EU-US Data Privacy Framework (adequacy decision of the European Commission, July 2023).

You can withdraw your consent at any time by clicking “Cookie settings” in the footer or by installing the Google Analytics Opt-out Browser Add-on.

Google’s privacy policy: policies.google.com/privacy

6. Data Retention

Data categoryRetention period
Account data (email, password hash, timestamps)Until account deletion is requested
Learning progress (completions, saves, ratings)Until account deletion is requested
CommentsUntil you delete the comment or request account deletion
Password-reset tokens1 hour after generation (then invalidated)
Remember-me tokens30 days from creation

7. Your Rights Under the GDPR

If you are located in the European Economic Area (EEA), you have the following rights:

  • Right of access (Art. 15): Request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): Request correction of inaccurate data.
  • Right to erasure (Art. 17): Request deletion of your account and all associated data.
  • Right to restriction of processing (Art. 18): Ask us to limit how we process your data in certain circumstances.
  • Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interest.
  • Right to withdraw consent (Art. 7(3)): Withdraw your consent to analytics cookies at any time, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, e-mail hello@get-into-finance.com. We will respond within 30 days. We may ask you to verify your identity before processing sensitive requests.

8. Right to Lodge a Complaint

If you believe we have processed your data unlawfully, you have the right to lodge a complaint with a supervisory data protection authority. In Germany, the lead authority is:

Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153, 53117 Bonn, Germany
www.bfdi.bund.de

9. Security

We implement appropriate technical and organisational measures to protect your personal data:

  • All traffic is encrypted in transit via HTTPS (TLS).
  • Passwords are hashed with bcrypt (cost factor 10+). Plaintext passwords are never logged or stored.
  • Session and remember-me cookies carry the HttpOnly, Secure, and SameSite=Lax flags.
  • Database credentials are stored in files excluded from web access.

10. Children

This service is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has registered without parental consent, please contact us and we will delete the account.

11. Changes to This Policy

We may update this policy. The “Last updated” date at the top reflects the most recent revision. Material changes will be notified via a banner on the site. Continued use after the notification period constitutes acceptance.

12. Contact

For any privacy-related question, contact us at hello@get-into-finance.com.

Get Into Finance

Real case studies, a guided learning path and spaced-repetition flashcards to prepare for finance interviews.

Learn

  • Case Library
  • Learning Path
  • Accounting
  • Valuation

Topics

  • M&A
  • Private Equity
  • Sign up
  • Log in
Educational content only. All cases, model answers, and figures on this site are for interview practice purposes only. They may contain errors or simplifications and should not be relied upon for professional advice. Always verify information with authoritative sources.
© 2026 Get Into Finance. All rights reserved.
Privacy Policy Terms of Service Sitemap