When you visit and use our website and/or Dragon Shield – MTG Card Manager, Dragon Shield – Yu-Gi-Oh! Card Manager, Dragon Shield – Poké Card Manager, MTG Manager, BigAR Yu-Gi-Oh! Manager, BigAR Poké TCG Manager, or one of our BigAR Scanner Apps: MTG Manager, BigAR Yu-Gi-Oh! Manager, BigAR Poké TCG Manager, BigAR YGO Card Scanner, BigAR Poké Card Scanner, BigAR Buddyfight – Card Scanner, BigAR DBZ TCG – Card Scanner, BigAR Dragoborne – Card Scanner, BigAR FF – Card Scanner, BigAR FoW – Card Scanner, BigAR My Little Pony – Card Scanner, BigAR SW Destiny – Card Scanner, BigAR Vanguard – Card Scanner, BigAR World of Warcraft – Card Scanner, UFS – Card Scanner, Weiss Schwarz – Card Scanner, BigAR – Vanguard Card Scanner, BigAR – Weiss Card Scanner, BigAR – FoW Card Scanner (collectively referred to as the "Apps"), Arcane Tinmen ApS, Company reg. no (CVR): 24234703, Ørvadsvej 55A, Årslev, 8220 Brabrand, Denmark (in the following referred to as "Arcane Tinmen”, “we” or “us") may collect and process personal data about you. Arcane Tinmen is the data controller for such processing activities.
I. What data do we collect and how?
We collect and process personal data about you when you interact with us, for instance, via e-mail in relation to your use of and access to the website and/or our apps. In this respect, we process ordinary personal data you have provided to us, e.g. your name, e-mail address, phone number, address, display name, customer ID, etc.
Further, we will collect your personal data, such as your display name and/or username, country, gender, date of birth, email address, password, when you create an account, upgrade your services, change your subscription, and when you participate in certain activities, e.g. to receive newsletters. This also entails processing of information regarding your subscription, purchase history and payment details.
We collect payment or transactional information that we use when you buy products or use online services (e.g. postal address, phone number or credit card number). Any information you’ve shared publicly on our forums, or information you’ve sent to an individual or group using our messaging or chat services is also collected, including information you provide when you use our own online channels or third-party channels (such as social networks) or if you link your Dragon Shield registration account to a third-party platform.
We may share some of the data we collect with third parties like Firebase, Microsoft Azure, Klaviyo, Google and Apple, in order to access behavioral analytics, assess services performance, and improve the overall quality of our services.
II. How do we use your personal data?
We limit our collection, storing and processing of personal data to situations where it is necessary for a specific purpose.
Our processing of your personal data is necessary in order to perform a contract to which you are a party, cf. Article 6 (1) (b) of the General Data Protection Regulation ("GDPR"), and for the purposes of the legitimate interests pursued by us, which are regarded not to be overridden by your interests or fundamental rights, cf. Article 6 (1) (f) of the GDPR. Such legitimate interests are, for instance:
- providing you the products you bought from our online Dragon Shield Shop and have them delivered to the address you provided,
- allow you to register in our account system and use our services,
- providing you with services and the display of customized content, integration to our partner apps and targeted advertising both on our apps/websites and on other websites that we advertise through,
- communicating with you about our products and services, including sending marketing communications that we believe may of interest to you, including product and service promotions and marketing campaigns, to ask you to fill out surveys and/or feedback requests and to aid with customer service issues,
- determining when you link from our app to one of our partner apps or services, so that we can monitor the level of traffic that we generate for our partner apps or services,
- ensuring the technical functionality of the website and/or apps,
- use the online and offline Dragon Shield experiences we’ve created,
- allow you to share information on our public forums,
- to create statistics about the general use of our website and apps based on encrypted and/or aggregate user data, to help us develop new products and services,
- protecting Arcane Tinmen's intellectual property rights,
Furthermore, certain processing activities are necessary to comply with a legal obligation, cf. Article 6 (1) (c) of the GDPR, namely retaining bookkeeping material pursuant to applicable bookkeeping rules and compliances with laws and requests from a government bodies and/or courts.
Always keep in mind, that if you’re using a Dragon Shield service through a third-party channel like social media, your personal data may also be processed by that third- party according to their own privacy processes. We may use automated decision making in processing your personal information for some services and products. An example is our fraud prevention and detection efforts on https:// www.dragonshield.com/webshop/. You can request a manual review of the accuracy of an automated decision if you are unhappy with it.
We’ll keep your personal information as long as your account is active or as long as it’s needed to provide a service. We have so called retention polices for each of the categories of personal information that we process. If you’d like to cancel your account or for us to delete your data, we’ll only keep information that we need for legal reasons, to resolve disputes or to enforce our agreements.
III. Recipients of your personal data
Where relevant, we may disclose or transfer your personal data to our affiliates, vendors, business partners, other collaborators for business purposes, or when we’re asking other companies like e.g. couriers, shipping and warehouse service provides, payment providers, IT platform providers, fraud detection and prevention providers, survey providers, product catalogue providers and customer service suppliers to deliver services on our behalf; We have contracts with the companies to make sure they only use your personal information for agreed services and meet legal requirements.
Certain recipients process personal data on behalf of Arcane Tinmen and may only process your personal data in accordance with the instructions given by us. Generally, these third parties are not permitted to process your personal data for their own purposes. To the extent we disclose or transfers your personal data to third parties who may use your personal data for their own purposes, such disclosure or transfer will only take place if it is in accordance with applicable law and with prior consent obtained from you, where such consent is required.
When updating your subscription on our apps, your personal data, i.e. information regarding your bank, order number, payment, card type and purchase amount, is disclosed to Google and Apple Inc. which is an online payment service used by us in order to complete purchases.
Our subsidiaries (the other companies in our Group) may sometimes need to access your information to provide services to you on our behalf. Legally, other Group companies will then be acting as ‘data processors’ and will be subject to data processing laws. They need your personal data so they can:
- Deliver products and services you’ve requested.
- Get in touch with you about your account or transactions.
- Send you information about our sites, applications and policies.
- Send you any newsletters you’ve signed up for (you can unsubscribe at any time).
- Process information that the subsidiary is formally contracted to process on our behalf, e.g. carry out a purchase placed by you.
- Identify, review and stop any activities that could breach our policies or break the law Sharing information on Social Media (Features) and Widgets.
If the ownership of Arcane Tinmen changes as a result of a merger, acquisition, or transfer to another company, your personal data may be transferred. If such a transfer results in a material change in the use of your personal data, then Arcane Tinmen will provide you with appropriate notice.
In certain cases, your personal data may be transferred to a country outside of EU/ EEA, e.g. USA and India, for instance, to one or multiple of our affiliates and/or vendors. We ensure that such transfer will be carried out in accordance with the applicable data protection laws. This entails that any party outside of EU/EEA that comes in possession of your personal data must ensure an adequate level of protection, for example, by entering into the EU standard contractual clauses. You can obtain a copy of the relevant information on third country transfers by contacting us as stated below.
IV. Your Right to Opt-Out
You can opt-out of our Marketing communications any time you wish to. We’ll provide a link for you to Unsubscribe at the end of each email communication. Additionally, you can Opt-out of your Dragon Shield Card Manager account by visiting the website https://auth.dragonshield.com/Account/Preferences.
V. Children under 18
We take our responsibilities to the online community very seriously. As such, if you are under the age of 18, we ask you not to use our apps and/or website in any way. We don’t knowingly collect data from anyone under the age of 18.
VI. Data Security, Integrity and Retention
The security, integrity and confidentiality of your information are extremely important to us. We have implemented technical, administrative and physical security measures that are designed to protect your personal data from unauthorized access, disclosure, use and modification.
All external transfers that contain personal information are done using encrypted technology. Credit card information is handled by approved service providers that meet PCI (Payment Card Industry) standards and have appropriate safeguards in place. Although we regularly review our security procedures and evaluate new technology and methods to make our online channels safer, no security measures are perfect or impenetrable.
Should you notice any flaws or concerns in our security, please contact our Customer Service team as soon as possible. In the event of a data breach affecting personal information, we will take appropriate steps to notify you of the breach. If necessary, we’ll also contact data protection authorities.
What are cookies
The purpose of cookies
We collect information via cookies to improve the website experience for you and for the purpose of conducting website analysis and website performance review.
Cookies on the website
When you use our website, we do not register any information that can identify you directly. However, we register how you navigate on the site, so we can learn more about how our site is used. We only use this information to improve the website's content and functionalities.
For how long are cookies stored?
Cookies delete themselves after a certain period (which can vary) but are automatically updated when you visit the website again. On our website cookies are stored for a period that varies according to the type of cookie.
The website stores the following cookies on your system:
|Cookie name||Operator||Purpose||Retention period|
|We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.||VSC - *expires at the end of your session VISITOR_INFO1_LIVE - *expires after eight months remote_sid - *expires at the end of your session|
|Universal Analytics (Google)||_ga* _gat*
|These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.||_ga - *expires after 2 years
_gat - *expires after 1 day
_gid - *expires after 1 day
_gcl_au - *expires after 3 months
collect - *expires at the end of your session
ads/ga-audiences - *expires at the end of your session
|These cookies are set by Facebook to show relevant advertisements to the users and measure and improve the advertisements. The cookies also track the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.||fr - *expires after 3 months from creation time
xs - *expires after 3 months from creation time
datr - *expires after 2 years
sb - *expires after 2 years
spin - *expires after 1 day
|The cookie is set by Google to show relevant advertisements to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.||IDE - *expires after 1 year
pagead/landing - *expires at the end of your session
test_cookie - *expires after 1 day
|CDN Cookies||__cfduid||The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.||expires after 1 month|
|Consent Cookies||CookieConsent||Stores the user's cookie consent state for the current domain||expires after 1 year|
Removal of cookies
Generally, web browsers are set up to accept cookies. Although you can reset your browser to refuse all cookies or to indicate when a cookie is being sent.
VIII. Links to other websites
IX. Your rights as a data subject
We have taken all necessary and adequate steps to protect your personal data and ensure the rights you are granted as a data subject, which include a right to:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. If we are legally obligated to keep the information or if it is impossible or unproportionate, we won’t delete it but we will only keep it for as long as it is needed and we have time limits on our data systems.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organization.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to have a computer make decisions about you directly (this doesn’t include general marketing based on your age or gender).
- Right to judicial review – if we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain.
The Danish Data Protection Agency has issued guidelines on the data subjects' rights. If you want to read more about your rights, please click here. Please note that the guidelines are in Danish.
If you wish to exercise any of the abovementioned rights, you are welcome to contact us by using the below-mentioned contact details.
X. Questions and complaints
In case If you have any question about the processing of your personal data or wish to file a complaint in this regard, you can contact us at:
Arcane Tinmen ApS
Årslev, 8220 Brabrand, Denmark
Phone number: (+45) 82 30 38 38
E-mail address: firstname.lastname@example.org
Further, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) at any time:
Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby, Denmark
Telephone number: +45 33 19 32 00
E-mail address: email@example.com