General information

1. The Operator of this website and store service owned by Board and Dice Sp. z o.o. Publishing Company is NSKN Games, LLC, registered under this data: street: 16192 Coastal Highway; city, state, and ZIP: Lewes, DE 19958; country: United States.
2. Personal data – all information about a physical person identified or identifiable by one or more specific factors determining physical, physiological, genetic, psychological, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technology.

The purpose of personal data processing and the method of obtaining them

1. Provision of services and sale of products offered in the online store.
2. Implementation and processing of orders.
3. Direct marketing (only with the user’s consent), including sending newsletter by e-mail.
4. Direct communication with the user to process their complaint claims.
5. The website performs the functions of obtaining information about users and their behavior in the following way:
   • By gathering information voluntarily entered in the forms – at the time of the purchase process.
   • By saving cookies in the user’s devices.
   • By collecting web server logs by the hosting operator: GoDaddy.

The basis of data processing

1. to provide services electronically in the field of content available to Users collected on the Website, sales of products and services – then the legal basis for processing is the necessity of processing to perform the contract (Article 6 paragraph 1 letter b of the GDPR).
2. In order to handle purchases made without registration on the Website – then the legal basis for processing is the necessity of processing to perform the contract (Article 6 paragraph 1 letter b. of the GDPR).
3. In order to handle the complaint – then the legal basis for processing is the necessity of processing to perform the contract (Article 6 paragraph 1 letter b of the GDPR);
4. For analytical and statistical purposes – then the legal basis for processing is the Operator’s legitimate interest (Article 6 paragraph 1 letter f of the GDPR) which involves analyzing the Users’ activity, as well as their preferences to improve the functionalities and services of the Website.
5. In order to possibly establish and enforce claims or defend them – the legal basis of the processing is the legitimate interest of the Operator (Article 6 paragraph 1 letter f of the GDPR) to protect its rights.
6. For marketing purposes of the Operator and other entities, in particular, related to the presentation of advertising and newsletter subscriptions.

Remember that our goal is to fully protect your personal data, that’s why we use all kinds of technical and encryption solutions, such as encryption of connections via SSL certificate, authorized and registered access to administrative accounts, a record of administrators and users in system logs.

PERIOD OF PROCESSING OF PERSONAL DATA

1. The period of data processing by the Operator depends on the type of service provided and the purpose of the processing. As a rule, the data is processed by the time the service is provided, or the order is being processed until the consent is withdrawn or the effective opposition to data processing is filed in cases where the legal basis for data processing is the Administrator’s legitimate interest.
2. The data processing period may be extended if the processing is necessary to establish and assert any claims or defend against them, and after that time only in the case and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.

Information in the forms

1. The Service gathers information provided voluntarily by the user.
2. Furthermore, the Service may save information about the connection parameters (time markers, IP address).
3. The data provided in the form are not made available to third parties without the user’s consent.
4. The data provided in the form might constitute the collection of potential customers, registered by the Service Operator in the registry maintained by the General Inspector of Personal Data Protection.
5. The data provided in the form are processed for the purpose resulting from the function of a given form, for instance, for the purpose of the process of handling a service request or a contract.
6. The data provided in the form might be handed over to entities which technically provide some services – it particularly concerns handing over the information about the owner of the registered domain to entities being Internet domain operators, services handling payments, or other entities with whom the Service Operator cooperates in this area.

The effect of not providing data and the possibility of withdrawing consent for data processing

1. If the user does not provide data, then these processes will not be possible:
   1. registration on the Website
   2. use the services and products offered on the website
   3. no possibility to buy on the Website
   4. Additionally, the lack of consent to receive marketing and commercial materials results in the inability to receive the newsletter.
2. The user may at any time withdraw consent to the processing of data. Data processing until the withdrawal of consent is in accordance with applicable law. You can withdraw your consent by sending us the notification at contact@boardanddice.com or by our Customer Service.

User rights

Each user of the website has the right to:

1. access their personal data,
2. correct their personal data,
3. remove their data,
4. limit data processing,
5. request to transfer data to another administrator,
6. submit any objection to the processing of your data at any time:
   1. For reasons related to your particular situation – to the processing of personal data concerning you, based on art. 6 par. One letter. F of the GDPR (i.e., on legally justified interests carried out by the administrator),
   2. if personal data are processed for direct marketing purposes, to the extent that the processing is related to such direct marketing.

If the user wants to use any of their rights, they may provide such information to the Operator at contact@boardanddice.com.

In accordance with the applicable regulations, you also have the right to submit a complaint to the supervisory body if you believe that your data is being used in a manner inconsistent with legal regulations.

Information about cookie files

1. The service uses cookie files.
2. Cookie files constitute IT data, in particular, text files which are stored on the Service User‘s device and their purpose is to be able to use the websites offered by the Service. Cookies usually contain the name of the website which they come from, the time of their storage on the user’s device and the unique number.
3. The entity who places cookie files on the Service User’s device and who gains access to them is the Service Operator.
4. Cookie files are used for the following purposes:
   • The creation of statistics that help to understand in what way the Service Users use websites, which enables the improvement of their structure and content;
   • The maintenance of the Service User’s session (after logging), thanks to which the User does not have to enter the login and the password on each subpage;
   • The determination of the user’s profile in order to display suitable advertising network materials, in particular from Google Network.
5. Within the framework of the Service, there are two basic kinds of cookie files: session cookies and persistent cookies. Session cookies are temporary files which are stored on the User’s device until he/she logs out, leaves the website or turns off the software (the Internet browser). Persistent cookies are stored on the User’s device the entire time specified in cookie files parameters or until the User deletes them.
6. The software enabling to browse websites (the Internet browser) usually allows, by default, the storage of cookie files on the User’s device. The Service Users may introduce changes in settings in this area. The Internet browser enables the users to delete cookie files. It is also possible to block cookie files automatically. Detailed information on this topic can be found in the ‘Help’ section or in the Internet browser documentation.
7. Restrictions on the use of cookies may affect some of the functionalities available on the Website.
8. Cookies placed on the Website User’s end device may also be used by advertisers and partners cooperating with the Website operator.
9. Cookies may be used by advertising networks, in particular, the Google network, to display advertisements tailored to the manner in which the user uses the Website. For this purpose, they can save information about the user’s navigation path or the time of staying on a given page.
10. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/

Server logs

Information about several behaviors of the users is subject to logging in the server layer. These data are used exclusively in order to administer the Service and to guarantee the provision of the most effective provision of hosting services.

The resources which are browsed are identified through URL addresses. Moreover, the following information may be subject to logging:

• Request arrival time
• Reply sending time
• The name of the Client’s station – identification carried out via HTTP Protocol,
• Information about the errors which occurred during the execution of an HTTP transaction,
• The URL address of the website visited previously by the user (referer link) – in the case when entering the Service resulted from the link.
• Information about the User’s browser,
• Information about IP address.

The data referred above are not associated with particular visitors on the website. It is used solely for the purposes of Server administration.

DATA SHARING

1. Data is made available to third parties only within legally permitted limits.
2. Data enabling the identification of a single person is made available only with the consent of that person.
3. The operator may be required to provide information collected by the Website to authorities, to the extent resulting from the law.
4. Entities to whom personal data necessary for the provision of services are provided:
   • entity supplying goods (packaging, packaging, parcel processing)
   • payment provider (PayPal, payment cards operators according to the users’ indications, banks)
   • accounting office that deals with Operator’s bookkeeping
   • the entity providing a mailing system (in this case, MailChimp)
   • appropriate public authorities if the Operator is obliged to provide them particular data under applicable law.

Cookie files management – how to grant and withdraw consent in practice?

1. If the User does not want to receive cookie files, they can change the browser’s settings.
2. We declare that disabling the operation of cookie files necessary for the processes of authentication, safety, maintenance of user preferences might make it difficult, and in extreme cases, impossible to use our website.

How to contact the Website Operator?

Just send us an email at contact@boardanddice.com. We try to respond to every message within 1 working day. In case of any doubts, we remain at your disposal.