Change location:

Privacy Policy

This privacy policy describes how we process personal data about you as a visitor on our website and user of our apps.

The privacy policy also describes your rights about our collection, processing, and retention of your data.

When you visit and use our website and/or:

  • Dragon Shield – MTG Card Manager,
  • Dragon Shield – Yu-Gi-Oh! Card Manager,
  • Dragon Shield – Poké Card Manager,
  • MTG Manager,
  • BigAR Yu-Gi-Oh! Manager,
  • BigAR Poké TCG Manager,

or one of our BigAR Scanner Apps:

  • MTG Manager,
  • BigAR Yu-Gi-Oh! Manager,
  • BigAR Poké TCG Manager,
  • BigAR YGO Card Scanner,
  • BigAR Poké Card Scanner,
  • BigAR Buddyfight – Card Scanner,
  • BigAR DBZ TCG – Card Scanner,
  • BigAR Dragoborne – Card Scanner,
  • BigAR FF – Card Scanner,
  • BigAR FoW – Card Scanner,
  • BigAR My Little Pony – Card Scanner,
  • BigAR SW Destiny – Card Scanner,
  • BigAR Vanguard – Card Scanner,
  • BigAR World of Warcraft – Card Scanner,
  • UFS – Card Scanner,
  • Weiss Schwarz – Card Scanner,
  • BigAR – Vanguard Card Scanner,
  • BigAR – Weiss Card Scanner,
  • BigAR – FoW Card Scanner

(collectively referred to as the "Apps"), Arcane Tinmen ApS, Company reg. no (CVR): 24234703, Ørvadsvej 55G, Årslev, 8220 Brabrand, Denmark (in the following referred to as "Arcane Tinmen”, “we” or “us") may collect and process personal data about you. Arcane Tinmen is the data controller for such processing activities.

What data do we collect and how?

We collect and process personal data about you when you interact with us, for instance, via e-mail about your use of and access to the website and/or our apps. In this respect, we process ordinary personal data you have provided to us, e.g. your name, e-mail address, phone number, address, display name, customer ID, etc.

Further, we will collect your data, such as your display name and/or username, country, gender, date of birth, email address, and password, when you create an account, upgrade your services, change your subscription, and when you participate in certain activities, e.g. to receive newsletters. This also entails the processing of information regarding your subscription, purchase history and payment details.

We collect payment or transactional information that we use when you buy products or use online services (e.g. postal address, phone number or credit card number). Any information you’ve shared publicly on our forums, or information you’ve sent to an individual or group using our messaging or chat services is also collected, including information you provide when you use our online channels or third-party channels (such as social networks) or if you link your Dragon Shield registration account to a third-party platform.

Lastly, we also automatically collect personal data from you through cookies when you visit our website as described below. In this regard, we collect information about your online behaviour, such as your IP address, information about your computer's operating system, your mobile device, your chosen internet browser and your online activities on the website, provided you have accepted the website's use of cookies. Similarly, we collect personal data about you through technical measures when using our apps, i.e. data regarding your mobile device (such as your device type, installed software and language preference), and in this relation, we may create a unique device or user ID. We also receive information via a third party when you visit our page on social media sites or channels (e.g. Facebook, Twitter, Youtube, Instagram, Snapchat, etc). We do not process special categories of personal data (sensitive personal data) about you.

We may share some of the data we collect with third parties like Firebase, Microsoft Azure, Voyado, Google and Apple, to access behavioral analytics, assess service performance, and improve the overall quality of our services.

How do we use your data?

We limit our collection, storage and processing of personal data to situations where it is necessary for a specific purpose.

Our processing of your data is necessary to perform a contract to which you are a party, cf. Article 6 (1) (b) of the General Data Protection Regulation ("GDPR"), and for the legitimate interests pursued by us, which are regarded not to be overridden by your interests or fundamental rights, cf. Article 6 (1) (f) of the GDPR.
Such legitimate interests are for instance:

  • Providing you with the products you bought from our online Dragon Shield Shop and have them delivered to the address you provided,
  • Allow you to register in our account system and use our services,
  • Providing you with services and the display of customized content, integration to our partner apps and targeted advertising both on our apps/websites and on other websites that we advertise through,
  • Communicating with you about our products and services, including sending marketing communications that we believe may be of interest to you, including product and service promotions and marketing campaigns, asking you to fill out surveys and/or feedback requests and aiding with customer service issues,
  • Determining when you link from our app to one of our partner apps or services, so that we can monitor the level of traffic that we generate for our partner apps or services,
  • Ensuring the technical functionality of the website and/or apps,
  • Use the online and offline Dragon Shield experiences we’ve created,
  • Allow you to share information on our public forums,
  • To create statistics about the general use of our website and apps based on encrypted and/or aggregate user data, to help us develop new products and services,
  • Protecting Arcane Tinmen's intellectual property rights.

Furthermore, certain processing activities are necessary to comply with a legal obligation, cf. Article 6 (1) (c) of the GDPR, namely retaining bookkeeping material under applicable bookkeeping rules and compliances with laws and requests from government bodies and/or courts.

Always keep in mind, that if you’re using a Dragon Shield service through a third-party channel like social media, your data may also be processed by that third- party according to their privacy processes. We may use automated decision-making in processing your personal information for some services and products. An example is our fraud prevention and detection efforts on https:// You can request a manual review of the accuracy of an automated decision if you are unhappy with it.

We’ll keep your personal information as long as your account is active or as long as it’s needed to provide a service. We have so-called retention policies for each of the categories of personal information that we process. If you’d like to cancel your account or for us to delete your data, we’ll only keep information that we need for legal reasons, to resolve disputes or to enforce our agreements.

Recipients of your data

Where relevant, we may disclose or transfer your data to our affiliates, vendors, business partners, or other collaborators for business purposes, or when we’re asking other companies e.g. couriers, shipping and warehouse service providers, payment providers, IT platform providers, fraud detection and prevention providers, survey providers, product catalogue providers and customer service suppliers to deliver services on our behalf; We have contracts with the companies to make sure they only use your personal information for agreed services and meet legal requirements.

Certain recipients process personal data on behalf of Arcane Tinmen and may only process your data under the instructions given by us. Generally, these third parties are not permitted to process your data for their own purposes. To the extent we disclose or transfer your data to third parties who may use your data for their own purposes, such disclosure or transfer will only take place if it is under applicable law and with prior consent obtained from you, where such consent is required.

When updating your subscription on our apps, your data, i.e. information regarding your bank, order number, payment, card type and purchase amount, is disclosed to Google and Apple Inc. which is an online payment service used by us to complete purchases.

Our subsidiaries (the other companies in our Group) may sometimes need to access your information to provide services to you on our behalf. Legally, other Group companies will then be acting as ‘data processors’ and will be subject to data processing laws. They need your data so they can:

  • Deliver the products and services you’ve requested.
  • Get in touch with you about your account or transactions.
  • Send you information about our sites, applications and policies.
  • Send you any newsletters you’ve signed up for (you can unsubscribe at any time).
  • Process information that the subsidiary is formally contracted to process on our behalf, e.g. carry out a purchase placed by you.
  • Identify, review and stop any activities that could breach our policies or break the law Sharing information on Social Media (Features) and Widgets.

If the ownership of Arcane Tinmen changes as a result of a merger, acquisition, or transfer to another company, your data may be transferred. If such a transfer results in a material change in the use of your data, then Arcane Tinmen will provide you with appropriate notice.

In certain cases, your data may be transferred to a country outside of EU/ EEA, e.g. USA and India, for instance, to one or multiple of our affiliates and/or vendors. We ensure that such transfer will be carried out under the applicable data protection laws. This entails that any party outside of EU/EEA that comes in possession of your data must ensure an adequate level of protection, for example, by entering into the EU standard contractual clauses. You can obtain a copy of the relevant information on third-country transfers by contacting us as stated below.

Your Right to Opt-Out

You can opt out of our Marketing communications any time you wish to. We’ll provide a link for you to Unsubscribe at the end of each email communication. Additionally, you can opt out of your Dragon Shield Card Manager account by visiting the website

Children under 18

We take our responsibilities to the online community very seriously. As such, if you are under the age of 18, we ask you not to use our apps and/or website in any way. We don’t knowingly collect data from anyone under the age of 18.

Data Security, Integrity and Retention

The security, integrity and confidentiality of your information are extremely important to us. We have implemented technical, administrative and physical security measures that are designed to protect your data from unauthorized access, disclosure, use and modification.

All external transfers that contain personal information are done using encrypted technology. Credit card information is handled by approved service providers that meet PCI (Payment Card Industry) standards and have appropriate safeguards in place. Although we regularly review our security procedures and evaluate new technology and methods to make our online channels safer, no security measures are perfect or impenetrable.

Should you notice any flaws or concerns in our security, please contact our Customer Service team as soon as possible. In the event of a data breach affecting personal information, we will take appropriate steps to notify you of the breach. If necessary, we’ll also contact data protection authorities.

Use of Cookies

What are cookies

Like most websites and mobile applications, we use cookies to track site usage. A cookie is a tiny text or graphics file that resides on your computer, mobile phone, or other device, and allows us to recognize you as a user. For more details on how businesses use cookies on websites, please see

The purpose of cookies

We collect information via cookies to improve the website experience for you and to conduct website analysis and website performance reviews.

When you visit our website for the first time, you will be asked to accept the use of cookies. We encourage you to accept the cookies used on our website because it will help us improve the user experience for you and others. If you decline the use of cookies, there may be a variety of functionalities on the website which you cannot utilize.

Cookies on the website

When you use our website, we do not register any information that can identify you directly. However, we register how you navigate the site, so we can learn more about how our site is used. We only use this information to improve the website's content and functionalities.

Use of the website without your explicit consent or refusal of cookies is regarded as an acceptance of the use of cookies unless your browser preferences are set otherwise.

For how long are cookies stored?

Cookies delete themselves after a certain period (which can vary) but are automatically updated when you visit the website again. On our website cookies are stored for a period that varies according to the type of cookie.

Cookie declaration

The website stores the following cookies on your system:

Cookie nameOperatorPurposeRetention Period
YouTube CookiesYSC*
We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.VSC - *expires at the end of your session VISITOR_INFO1_LIVE - *expires after eight months remote_sid - *expires at the end of your session
Universal Analytics (Google)_ga* _gat*
These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited._ga - *expires after 2 years
_gat - *expires after 1 day
_gid - *expires after 1 day
_gcl_au - *expires after 3 months
collect - *expires at the end of your session
ads/ga-audiences - *expires at the end of your session
Facebook Cookiesfr*
These cookies are set by Facebook to show relevant advertisements to the users and measure and improve the advertisements. The cookies also track the behavior of the user across the web on sites that have Facebook pixel or Facebook social - *expires after 3 months from creation time
xs - *expires after 3 months from creation time
datr - *expires after 2 years
sb - *expires after 2 years
spin - *expires after 1 day
The cookie is set by Google to show relevant advertisements to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.IDE - *expires after 1 year
pagead/landing - *expires at the end of your session
test_cookie - *expires after 1 day
CDN Cookies__cfduidThe cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.Expires after 1 month
Consent CookiesCookieConsentStores the user's cookie consent state for the current domain.Expires after 1 year

Removal of cookies

Generally, web browsers are set up to accept cookies. Although you can reset your browser to refuse all cookies or to indicate when a cookie is being sent.

If you wish to reject the use of cookies or remove cookies that are already stored on your computer, you may visit the support sites of your specific browser for further guidance:

Guidance - Firefox

Guidance - Google Chrome

Guidance - Safari

Guidance - Explorer

Links to other websites

We may display links to third-party websites, such as card marketplaces. Please note that we cannot control and cannot be held responsible for the content or activities of such websites and apps. You should always read the privacy policy of a website or app to find out more about how personal data is collected and processed.

Your rights as a data subject

We have taken all necessary and adequate steps to protect your data and ensure the rights you are granted as a data subject, which include the right to:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records. If we are legally obligated to keep the information or if it is impossible or unproportionate, we won’t delete it but we will only keep it for as long as it is needed and we have time limits on our data systems.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organization.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right not to have a computer make decisions about you directly (this doesn’t include general marketing based on your age or gender).
  • Right to judicial review – if we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain.

The Danish Data Protection Agency has issued guidelines on the data subjects' rights. If you want to read more about your rights, please click here. Please note that the guidelines are in Danish.

If you wish to exercise any of the abovementioned rights, you are welcome to contact us by using the contact details mentioned below.

Questions and complaints

In case If you have any questions about the processing of your data or wish to file a complaint in this regard, you can contact us at:

Arcane Tinmen ApS
Ørvadsvej 55G,
Årslev, 8220 Brabrand, Denmark
Phone number:(+45) 82 30 38 38
E-mail address: [email protected]

Further, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) at any time:

Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby, Denmark
Telephone number: +45 33 19 32 00
E-mail address: [email protected]

Changes to this Privacy Policy

This Privacy Policy will be updated regularly and when necessary due to changes in applicable law and practice and, thus, we recommend that you keep yourself updated in this Privacy Policy regularly.