Legal

Privacy & Cookies Policy

Last updated: {{effective_date}}

This Privacy & Cookies Policy explains how How To Find The Source handles information for How To Find The Source, including the website at http://howtofindthesource.com, account features, study tools, public forms, cookies, analytics choices, and brand-specific services.

1. Who controls this site

How To Find The Source operates How To Find The Source. For privacy questions, requests, or brand-specific notices, contact [email protected].

This platform is whitelabel-ready. If a brand publishes its own legal file, that brand file replaces this default policy for that brand. If no brand override exists, this default policy applies.

2. Information we collect

2.1 Information you provide

  • Account details such as name, email address, password credentials, and profile preferences.
  • Study activity such as bookmarks, highlights, reading progress, comments, questions, and saved study interactions.
  • Support or contact messages you send through forms, email, or account tools.
  • Invitation and email-preference details when you ask us to send or manage communications.
  • Payment and subscription records. Payment card details are handled by the payment processor and are not stored by this site.

2.2 Information collected automatically

  • Log data such as IP address, browser type, device type, requested URLs, timestamps, and diagnostic events.
  • Session and security data needed to keep the site working, protect forms, prevent abuse, and maintain account access.
  • Optional analytics data only when analytics cookies are accepted.

3. How we use information

  • Operate the site, accounts, Bible study tools, public forms, subscriptions, and support workflows.
  • Maintain session security, remember preferences, and protect against fraud or abuse.
  • Respond to contact, support, privacy, unsubscribe, and Do Not Sell or Share requests.
  • Send account, service, and requested email communications.
  • Improve the site using optional analytics when the visitor has accepted analytics cookies.
  • Comply with legal obligations and enforce our terms and security rules.

4. Cookies, local storage, and similar technologies

We use necessary cookies and browser storage to make the site work. Optional analytics storage is off unless you accept analytics cookies through the cookie banner or Cookie Settings.

4.1 Necessary cookies and storage

  • PHPSESSID - session cookie used to maintain site and account state. On HTTPS it is set with Secure, HttpOnly, and SameSite=Lax.
  • findingthis_trusted - remember-me cookie when a user chooses trusted device behavior.
  • CSRF/session tokens - security values used to protect forms and account actions.
  • Theme and interface preferences - local preferences used to keep the selected display mode and interface state.
  • sfy_cookie_preferences_v1 - localStorage preference record that remembers whether analytics was accepted or rejected.

4.2 Optional analytics cookies

If you accept analytics cookies, Google Analytics may set cookies such as _ga and _ga_*. We use analytics to understand aggregate site usage and improve the service. We do not use advertising cookies or tracking pixels as part of the default site.

4.3 Managing choices

You can use the cookie banner buttons to Accept all, Reject analytics, or Manage choices. You can reopen Cookie Settings from the footer at any time. Your browser may also let you block or delete cookies. Blocking necessary cookies can break login, forms, preferences, or account tools.

5. Global Privacy Control and Do Not Sell or Share

We do not sell personal information as a default practice. We also do not share personal information for cross-context behavioral advertising as a default practice. If your browser sends a Global Privacy Control or similar opt-out preference signal, we treat that as an opt-out of sale or sharing for the current browser and keep optional analytics disabled unless you later choose otherwise.

You can also submit a formal request at Do Not Sell or Share My Personal Information.

6. How we share information

We share information only as needed to operate the service, protect the site, respond to requests, comply with law, or support features you use.

  • Service providers that host infrastructure, deliver email, process payments, provide security tools, or help operate support workflows.
  • Other users when you intentionally collaborate, share study content, send invitations, or publish content through a feature.
  • Authorities or legal parties when required by law or needed to protect rights, safety, security, or property.
  • Successors if a brand or service is transferred, merged, reorganized, or assigned, subject to continued protection of personal information.

7. Third-party services

The default platform may use these providers depending on the brand configuration and the features you use:

  • Google Analytics - optional analytics only after analytics consent.
  • Google reCAPTCHA - form-abuse protection on public forms when configured for the brand.
  • Stripe - payment processing for subscriptions or paid services.
  • Mailgun or configured email provider - email delivery and unsubscribe workflows.
  • Cloudflare or hosting/security providers - network, security, caching, and availability services.

A brand override may add or remove providers when that brand uses a different stack.

8. Your privacy rights

Depending on where you live, you may have rights to know, access, correct, delete, export, restrict, object to, or withdraw consent for certain processing of your personal information. You may also have the right to opt out of sale, sharing, targeted advertising, or certain uses of sensitive personal information.

To exercise a privacy right, email [email protected] or use the public contact and Do Not Sell or Share pages. We may need to verify your identity before fulfilling access, correction, deletion, or account-specific requests.

9. Email preferences

Marketing or invitation emails should include an unsubscribe or email-preference path. You can also visit Unsubscribe. Transactional messages such as account, security, payment, or password-reset notices may continue when needed to provide the service.

10. Children under 13

The default service is not directed to children under 13, and we do not knowingly collect personal information from children under 13 without appropriate consent. Some public Bible-study content may be family-friendly, but that does not make the account or data-collection features child-directed. If you believe a child under 13 provided personal information, contact [email protected] so we can review and delete it where appropriate.

11. Data retention and security

We keep personal information for as long as needed to provide the service, maintain security, comply with law, resolve disputes, and enforce agreements. We use administrative, technical, and physical safeguards designed to protect personal information, but no system can be guaranteed completely secure.

12. International access

The default platform is operated from the United States. If you access the service from another country, your information may be processed in the United States or other locations where service providers operate.

13. Changes

We may update this policy as the service, brand configuration, technology, or legal requirements change. When we update it, we will revise the last-updated label and provide additional notice where required.

14. Contact

Questions or requests can be sent to [email protected]. Mailing address: SearchForYahwah, 450 West 33rd Street, Suite 12F, New York, NY 10001.

Meet Barnabas

Barnabas is your personal Torah study assistant โ€” helping you explore scripture, understand Hebrew roots, and deepen your walk. This feature is available to registered members.

Join the Waitlist →