Website: testsdmv.com
Effective Date: November 22, 2025
Last Updated: November 22, 2025
Contact: info@testsdmv.com
Table of Contents
- Introduction and Scope
- Definitions
- Information We Collect
- Legal Basis for Processing (GDPR)
- Cookie Consent Management (WPConsent)
- How We Use Your Information
- Sharing of Your Information
- Data Retention
- International Data Transfers
- Your Data Protection Rights
- California Privacy Rights (CCPA / CPRA)
- Data Security
- Personal Data Breach Notification
- Automated Decision-Making and Profiling
- Children’s Privacy (COPPA)
- Multilingual Functionality
- Third-Party Links and Embedded Content
- Changes to This Privacy Policy
- Contact and Data Protection Inquiries
1. Introduction and Scope
We at testsdmv.com (“We,” “Us,” or “Our”) respect your privacy and are firmly committed to protecting your personal data. This Privacy Policy is a comprehensive legal document that explains how We collect, use, disclose, store, and safeguard your information when you visit our website testsdmv.com (the “Site”) or use any services offered therein.
This Policy applies to all users of the Site regardless of their geographic location, with specific provisions for users in the European Economic Area (GDPR), California (CCPA/CPRA), and other jurisdictions with applicable privacy legislation. By accessing or using the Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, please discontinue use of the Site immediately.
This Privacy Policy should be read in conjunction with our Terms of Service and Cookie Policy, which together form the complete legal framework governing your use of the Site. In cases of conflict, the more specific document prevails.
2. Definitions
For the purposes of this Privacy Policy, the following terms have the meanings set out below:
| Term | Definition |
|---|---|
| Personal Data | Any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, or online identifier. |
| Processing | Any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, or erasure. |
| Controller | testsdmv.com, the entity that determines the purposes and means of processing personal data. |
| Processor | A natural or legal person who processes personal data on behalf of the Controller. |
| Consent | Freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by which they signify agreement to the processing of personal data relating to them. |
| Data Breach | A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data. |
| GPC | Global Privacy Control — a technical signal sent by a browser or browser extension indicating the user’s preference to opt out of the sale or sharing of personal data. |
| WPConsent | The consent management platform used on this Site to collect, record, and manage user cookie consent preferences. All consent data is stored solely on our own servers and is never transmitted to external consent services. |
3. Information We Collect
We collect personal data through two primary channels: information you actively provide to us, and information collected automatically through your interaction with the Site. We apply the principle of data minimization and collect only what is necessary for the stated purposes.
3.1 Information You Provide Directly
3.1.1 Account Registration
When you register for an account (Free or Premium), we collect:
- Email address — used as your unique identifier and for account communications
- Password — stored in hashed form; we never store plain-text passwords
- Account type preference (Free or Premium)
We do not collect your full name, date of birth, or any government-issued identification at registration unless specifically required and disclosed.
3.1.2 Comments and User-Generated Content
When you submit a comment or other content on the Site, we collect:
- The text of your comment
- Your IP address — used for spam detection and abuse prevention
- Browser user agent string — used for technical fraud prevention
- Timestamp of submission
Comments are subject to pre-moderation. By submitting a comment, you grant us a non-exclusive, royalty-free license to display and distribute it in connection with the Site’s services, as described in our Terms of Service.
3.1.3 Support and Communications
When you contact us via email or any support channel, we collect:
- Your email address
- The content of your message
- Any attachments you voluntarily provide
- Metadata such as date, time, and subject line
We retain support communications for up to 3 years to facilitate follow-up and resolve recurring issues.
3.2 Information Collected Automatically
3.2.1 Usage and Technical Data
When you visit the Site, our servers and analytics tools automatically collect certain technical information:
- IP address (anonymized where technically feasible and required by applicable law)
- Browser type, version, and language settings
- Operating system and device type
- Referring URL and exit page
- Pages visited, time spent on each page, and navigation path
- Date and time of visit
- Screen resolution and viewport size
This data is collected primarily through server logs and the Google Analytics service (with IP anonymization enabled). It is used in aggregated, anonymized form to improve Site performance and user experience.
3.2.2 Cookies and Similar Technologies
We use cookies, local storage, and similar tracking technologies to enhance functionality and analyze usage. Our cookie management is handled through WPConsent, our self-hosted consent management platform. All consent decisions are stored on our own servers and are never transmitted to third-party consent management services.
Non-essential cookies — including analytics cookies — are activated only after you provide explicit opt-in consent through the cookie banner displayed on your first visit. You may review and modify your consent choices at any time by visiting
our Cookie Policy page.
For a complete list of all cookies used on this Site, their purposes, and retention periods, please refer to our Cookie Policy.
3.2.3 Consent Records
In accordance with GDPR accountability requirements (Article 5(2)), we maintain a record of each consent decision made by visitors to this Site. The consent log includes:
- Timestamp of the consent event
- Anonymized IP address or session identifier
- The specific consent choices made (accepted/rejected per category)
- Version of the Privacy Policy and Cookie Policy in effect at the time of consent
These records are stored solely on our servers (via WPConsent Pro) and are used exclusively to demonstrate compliance with applicable law. They are not shared with third parties. You may request a copy of your consent record by contacting us at info@testsdmv.com.
3.3 Payment Information
We do not collect, store, or process any financial data directly. All payments are processed exclusively by PayPal, our third-party payment processor. When you complete a purchase, you are redirected to PayPal’s secure payment interface, which is governed by PayPal’s own Privacy Policy.
Upon successful payment, we receive only the following from PayPal:
- A payment confirmation status (success/failure)
- A PayPal transaction ID
- The purchase amount and currency
We never have access to your credit card numbers, bank account details, CVV codes, or other financial credentials. For details on how PayPal handles your financial data, please consult PayPal’s Privacy Policy.
4. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), we are required under the General Data Protection Regulation (GDPR) to identify a lawful legal basis for each processing activity involving your personal data. We rely on the following legal bases:
| Legal Basis | Processing Activities | GDPR Reference |
|---|---|---|
| Contract (Art. 6(1)(b)) | Account creation, providing access to purchased content, sending password resets and transactional emails | Processing is necessary for the performance of a contract to which the data subject is party |
| Legitimate Interests (Art. 6(1)(f)) | Fraud prevention, spam detection, abuse monitoring, security logging, site performance improvement | We balance our interests against your rights and freedoms; you may object to this processing at any time |
| Consent (Art. 6(1)(a)) | Analytics cookies (Google Analytics), optional personalization features, non-essential cookies | You may withdraw consent at any time via Cookie Settings without affecting the lawfulness of prior processing |
| Legal Obligation (Art. 6(1)(c)) | Retaining transaction records for accounting and tax compliance, responding to lawful requests from authorities | Processing required to comply with applicable EU and national law |
Where processing is based on legitimate interests, we conduct a balancing test to ensure our interests do not override your fundamental rights. You may request information about this balancing test by contacting us at info@testsdmv.com.
5. Cookie Consent Management (WPConsent)
We use WPConsent Pro as our consent management platform (CMP). WPConsent is a fully self-hosted solution, meaning all consent preferences and records are stored exclusively on our own servers and are never transmitted to external consent management services or third parties.
5.1 How WPConsent Works
When you first visit the Site, a cookie consent banner is displayed. This banner allows you to:
- Accept all cookies (including analytics and preference cookies)
- Reject all non-essential cookies
- Customize your preferences by category using the detailed settings panel
Non-essential cookies and tracking scripts are technically blocked from loading until you provide explicit consent. This blocking is enforced at the script level — third-party tracking services cannot set cookies or collect data prior to your consent decision.
5.2 Cookie Categories
We use the following standardized consent categories, consistent with the WP Consent API standard:
| Category | Status | Description | Examples |
|---|---|---|---|
| Functional | Always active | Strictly necessary for the Site to operate. Cannot be disabled. | Session cookies, login tokens, security cookies |
| Statistics-Anonymous | Active without consent | Used for anonymous statistical purposes only; placed on our own domain; cannot identify individual users. | Anonymized page view counters |
| Statistics | Requires consent | Full analytics cookies. Activated only after explicit opt-in consent. | Google Analytics (_ga, _gid) |
| Preferences | Requires consent | Store non-essential user preferences. | Language selection, display settings |
| Marketing | Not currently used | Cookies for advertising or cross-site user tracking. | Not applicable |
5.3 Google Consent Mode v2
We have implemented Google Consent Mode v2 through WPConsent. When you decline statistics cookies, Google Analytics operates in a restricted mode and does not set any tracking cookies. Google may use modeled (aggregated) data for reporting purposes, but no cookies identifying your device are placed without your explicit consent.
5.4 Global Privacy Control (GPC)
We honor Global Privacy Control (GPC) signals where technically feasible. If your browser or browser extension sends a GPC signal, WPConsent will automatically treat this as an opt-out of non-essential cookies and data sharing for your session. No manual action is required on your part.
5.5 Managing Your Consent
You may review, change, or withdraw your consent choices at any time through the following methods:
- Click the “Cookie Settings” link in the footer of any page on the Site
- Use your browser settings to block or delete cookies (note: this may affect Site functionality)
- Configure a browser extension or browser setting that sends a GPC signal
Withdrawal of consent does not affect the lawfulness of any processing that occurred prior to withdrawal.
6. How We Use Your Information
We use personal data collected from you for the following specific, explicit, and legitimate purposes. We do not process your data in any manner incompatible with the purposes described below.
6.1 Providing and Managing Services
- Creating and maintaining your user account
- Providing access to practice tests, exam simulators, and study materials
- Tracking and displaying your progress statistics within the Site
- Enabling premium features for users who have purchased a Premium Pass
6.2 Processing Transactions
- Verifying payment status received from PayPal
- Activating and managing Premium Pass access based on confirmed payment
- Maintaining transaction records for legal and accounting purposes
6.3 Communications
- Sending transactional emails such as password resets, account notifications, and policy change notices
- Responding to support inquiries submitted to info@testsdmv.com
We do not send marketing or promotional emails unless you have explicitly opted in. You may unsubscribe from any optional communications at any time.
6.4 Site Improvement and Analytics
- Using aggregated, anonymized data from Google Analytics to understand user behavior and improve content
- Identifying technical issues, errors, and performance bottlenecks
- Improving navigation, content structure, and user experience
All analytics data used for this purpose is anonymized and never used to make decisions about individual users.
6.5 Security and Fraud Prevention
- Monitoring for automated access, scraping, and bot activity
- Detecting and preventing fraudulent payment disputes and chargeback abuse
- Identifying and blocking spam comments
- Maintaining access logs for security auditing purposes
6.6 Legal Compliance
- Complying with applicable laws, regulations, and binding court or government orders
- Maintaining records required by accounting and tax law
- Enforcing our Terms of Service and other agreements
7. Sharing of Your Information
We do not sell, rent, or trade your personal data. We do not share your personal information with third parties for their own marketing or advertising purposes. We may share your data only in the limited circumstances described below.
7.1 Service Providers (Data Processors)
We engage carefully selected third-party service providers who process personal data on our behalf, subject to data processing agreements and confidentiality obligations:
| Provider | Purpose | Data Shared / Notes |
|---|---|---|
| PayPal | Payment processing | Payment amount, transaction ID, and payment status only. We never receive or store financial credentials. Governed by PayPal’s Privacy Policy. |
| Google Analytics | Site usage analytics | Anonymized usage data (IP anonymization enabled, Google Consent Mode v2 active). Data processed by Google under their terms. No personally identifiable data shared. |
| Hosting & Infrastructure Providers | Server operation, CDN, DDoS protection | Server logs may contain IP addresses. Providers are bound by confidentiality agreements. |
| Cloudflare Turnstile | Spam and bot prevention on contact forms | Browser and interaction data processed by Cloudflare. No cookies set. Governed by Cloudflare’s Privacy Policy. |
7.2 Legal Requirements
We may disclose personal data to competent authorities, regulators, courts, or law enforcement agencies when we are legally required to do so, including:
- Complying with binding court orders or subpoenas
- Responding to legitimate requests from law enforcement agencies
- Fulfilling reporting obligations under applicable financial regulations
- Protecting the legal rights, property, or safety of testsdmv.com, its users, or the public
We will notify you of such disclosures to the extent permitted by applicable law.
7.3 Business Transfers
In the event of a merger, acquisition, asset sale, restructuring, or insolvency proceeding, your personal data may be transferred as part of the business assets involved. In such cases, the acquiring entity will be bound by the terms of this Privacy Policy or a substantially equivalent policy, and you will be notified of the transfer and any material changes via email or a prominent notice on the Site.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.
| Data Category | Retention Period | Legal Basis / Reason |
|---|---|---|
| Account data (email, hashed password) | Duration of account activity + 90 days after deletion request | Contract performance; allows recovery in case of accidental deletion |
| Transaction records (payment confirmation, transaction ID) | 7 years from the date of transaction | Legal obligation — accounting and tax law requirements |
| Support communications | 3 years from last correspondence | Legitimate interests — dispute resolution and quality assurance |
| User comments | Indefinitely, unless deletion is requested | Legitimate interests — content integrity and moderation |
| Analytics data (Google Analytics) | 26 months (Google Analytics standard retention) | Consent; aggregated statistical analysis |
| Server and security logs | 12 months | Legitimate interests — security, fraud prevention, and abuse detection |
| Cookie consent records (WPConsent) | 3 years from the date of consent | Legal obligation — GDPR accountability (Art. 5(2)) |
Upon expiration of the applicable retention period, we securely delete or anonymize personal data in accordance with industry-standard practices.
9. International Data Transfers
testsdmv.com serves a global audience. Our primary servers are located in the United States. If you are accessing the Site from within the European Economic Area, the United Kingdom, or other regions with laws governing data transfers, please be aware that your information may be transferred to, stored, and processed in the United States or other countries that may not provide the same level of data protection as your home jurisdiction.
Where required by applicable law, we implement appropriate safeguards for such transfers, which may include:
- Standard Contractual Clauses (SCCs) approved by the European Commission, incorporated into our data processing agreements with processors
- Adequacy decisions by the European Commission in respect of certain recipient countries
- Binding Corporate Rules where applicable
By using the Site, you acknowledge that your data may be processed in jurisdictions outside your home country. If you have questions about the specific safeguards applied to your data, please contact us at info@testsdmv.com.
10. Your Data Protection Rights
Depending on your location and applicable law, you may have some or all of the rights described below. We are committed to honoring these rights and will respond to verified requests within 30 calendar days. We may request identity verification before processing your request.
| Right | What It Means | How to Exercise |
|---|---|---|
| Right of Access (Art. 15 GDPR) | Obtain confirmation of whether we process your data and receive a copy | Email info@testsdmv.com with subject: “Data Access Request” |
| Right to Rectification (Art. 16 GDPR) | Correct inaccurate or incomplete personal data we hold about you | Email info@testsdmv.com or update via account settings |
| Right to Erasure (Art. 17 GDPR) | Request deletion of your personal data (“right to be forgotten”) | Use account deletion in profile settings or email info@testsdmv.com |
| Right to Restriction (Art. 18 GDPR) | Request that we limit processing of your data in certain circumstances | Email info@testsdmv.com with subject: “Restriction Request” |
| Right to Portability (Art. 20 GDPR) | Receive your data in a structured, machine-readable format | Email info@testsdmv.com with subject: “Data Portability Request” |
| Right to Object (Art. 21 GDPR) | Object to processing based on legitimate interests or for direct marketing | Email info@testsdmv.com with subject: “Objection to Processing” |
| Right to Withdraw Consent | Withdraw consent for consent-based processing at any time | Use Cookie Settings link in the footer, or email info@testsdmv.com |
| Right to Lodge a Complaint | Lodge a complaint with the supervisory authority in your country | Contact your national Data Protection Authority (e.g., ICO in UK, CNIL in France, AEPD in Spain) |
Please note that some rights are subject to limitations and exceptions under applicable law. For example, the right to erasure may be limited where we are required to retain data for legal compliance purposes. We will always explain our reasoning if we are unable to fulfill a request.
11. California Privacy Rights (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you additional rights regarding your personal information.
11.1 Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information as defined by the CCPA:
- Identifiers — email address, IP address, cookie identifiers
- Internet or other electronic network activity information — browsing history on our Site, interaction with content and tests
- Commercial information — purchase records, transaction IDs
- Inferences — user preferences derived from usage patterns, for the purpose of improving Site experience
11.2 Do Not Sell or Share My Personal Information
We do not sell your personal information for monetary consideration. We do not share your personal information with third parties for cross-context behavioral advertising purposes.
We honor Global Privacy Control (GPC) signals. If your browser or browser extension sends a GPC signal, our consent management system (WPConsent) will automatically treat this as an opt-out of any data sharing that could be considered a “sale” or “sharing” under the CPRA, and will disable non-essential analytics and preference cookies for your session.
To submit a “Do Not Sell or Share” request manually, contact us at info@testsdmv.com.
11.3 Non-Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA rights. Exercising your rights will not result in:
- Denial of goods or services
- Charging different prices or rates
- Providing a different level or quality of service
- Suggesting that you will receive a different price or quality of goods or services
12. Data Security
We implement appropriate technical and organizational measures designed to protect your personal data against unauthorized access, disclosure, alteration, and destruction. Our security measures include:
- HTTPS/TLS encryption for all data transmitted between your browser and our servers
- Access controls limiting data access to authorized personnel with a legitimate need
- Hashed password storage — we never store plain-text credentials
- Regular security monitoring and vulnerability assessments
- Self-hosted consent management (WPConsent Pro) to eliminate external data exposure for consent records
- Anomaly detection for unusual login patterns or automated access
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities as required by applicable law.
13. Personal Data Breach Notification
In the event of a personal data breach, we will take the following steps in accordance with GDPR Articles 33 and 34:
- Supervisory Authority Notification: We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where the breach is likely to result in a risk to the rights and freedoms of natural persons.
- User Notification: We will notify affected data subjects without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
- Notification Content: The notification will describe the nature of the breach, the categories and approximate number of individuals and records affected, the likely consequences, and the measures taken or proposed to address the breach and mitigate its possible adverse effects.
- Documentation: We maintain an internal breach register documenting all incidents, including those not requiring external notification, in accordance with our accountability obligations under GDPR Article 33(5).
14. Automated Decision-Making and Profiling
We do not use automated decision-making processes, including profiling, that produce legal effects or similarly significant effects on you, as described in GDPR Article 22.
We do not create individual user profiles for the purpose of targeted advertising, automated evaluation of personal characteristics, or any other form of profiling that results in decisions affecting you.
The analytics data we collect (e.g., through Google Analytics) is used only in aggregated, anonymized form to improve overall Site usability and is never used to make individual decisions about users.
15. Children’s Privacy (COPPA)
Our Site is not directed to, and we do not knowingly collect personal information from, children under the age of 13. If you are under 13 years of age, please do not use the Site or provide any personal information to us.
If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will take immediate steps to delete that information from our records. If you believe we may have collected data from a child under 13, please contact us immediately at info@testsdmv.com.
Users between 13 and 18 years of age should review this Privacy Policy with a parent or guardian. By using the Site, users aged 13 to 18 represent that their parent or guardian has reviewed and agreed to this Policy.
16. Multilingual Functionality
Our Site is available in multiple languages, including English, Russian, Spanish, Chinese, Korean, Vietnamese, and Tagalog. The consent management system (WPConsent) respects language-specific cookie and preference settings, and the cookie banner is displayed in the appropriate language based on your browser settings.
Please note that this Privacy Policy is the authoritative version in English. Translations of this Policy into other languages are provided for convenience only. In the event of any discrepancy between the English version and a translated version, the English version shall prevail.
17. Third-Party Links and Embedded Content
The Site may contain links to third-party websites (such as official state DMV websites) and may display embedded content (such as videos). When you access third-party websites or interact with embedded content, those third parties may independently collect information about you in accordance with their own privacy policies.
We are not responsible for the privacy practices, content, or data handling of any third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit. The inclusion of a link or embedded content on our Site does not imply our endorsement of the third party’s privacy practices.
18. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The updated Policy will be posted on this page with a revised “Last Updated” date.
For material changes — those that significantly affect your rights or how we use your data — we will provide at least 30 days’ advance notice by:
- Posting a prominent notice on the Site
- Sending an email notification to registered account holders
Your continued use of the Site following the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated Policy, please discontinue use of the Site and, if applicable, request deletion of your account.
We maintain an internal version history of this Privacy Policy. Previous versions are available upon request by contacting info@testsdmv.com.
19. Contact and Data Protection Inquiries
If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us:
| info@testsdmv.com | |
| Website | https://testsdmv.com |
| Subject line for requests | “Privacy / Data Request” |
| Response time | Within 30 calendar days of receipt of a verified request |
| Identity verification | May be required before processing requests involving personal data |
You also have the right to lodge a complaint with the data protection supervisory authority in your country or the country where you believe a violation has occurred. A list of EEA supervisory authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.
This Privacy Policy is effective as of November 22, 2025. Previous versions are available upon request.
