PRIVACY POLICY

We, Grimcraft Games LLC (the “Company”), are a company admitted to selling various products, including but not limited to gaming books, board games and digital products, to our customers. While you visit our Website or/and make purchases via [https://www.grimcraftgames.com] (the “Website”), our Company is dedicated to safeguarding your personal information. On this basis, this policy applies only to transactions made and data gathered on our Website, and the same does not to offline contact between the Company and our customers. If you have entered into a separate agreement with the Company that agreement may include additional relevant information.

​

Each time you visit the Website or provide us with information, you are accepting the practices as described in the policy at that time. Please review this policy from time to time as we may update it periodically.

​

TABLE OF CONTENTS

1. Information We Collect From You

2. Automatically Received Data

3. Children Under the Age of 16

4. How We Use Your Personal Data

5. How We Share Your Personal Data

6. How Long We Keep Your Personal Data

7. How Do We Keep Your Information Safe

8. Do-not Track Features

9. Your Rights

10. Changes to This Policy

11. Contact

​

1. Information We Collect From You

The General Data Protection Regulation (“GDPR”) defines the personal data as any information relating to an identified or identifiable natural person, whilst; California Consumer Privacy Act (“CCPA”) defines the personal information as a piece of information which identifies, relates to, describes, is capable of being associated with, or could reasonably linked, directly or indirectly, with a particular consumer or household. Kindly note that “Personal Data” refers to both these definitions, under this Privacy Policy.

​

As an initial note, we do not process any personal data that has not been provided by you. We only process personal data for providing you with our products. In this process, we may collect;

1. Personal information (i.e., name & surname, shipping address, phone number, e-mail address),

2. Financial information (i.e., credit card numbers and billing addresses), and

3. Demographic information (i.e., zip code, age).

​

Kindly be aware that we do not process any special categories of personal data of you (e.g., data on race, ethnicity, political opinion, religion, membership in associations, foundations or unions, health, sexual life, criminal convictions etc.). 

​

2. Automatically Received Data

For the purpose of maintaining the security and operation of our Website and determining internal analytics, we automatically collect certain data when you visit our Website or/and make purchases thereof. We would like to kindly note that this sort of data does not reveal your identity [e.g., your name or contact information], but may contain specific information such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information how and when you use our Website and other technical information, which makes you identifiable under privacy laws.

​

We also collect information through cookies and similar technologies, which may identify your browser or your account on our Website. Cookies are small, often encrypted text files, located in browser directories which are used by web developers to help users navigate their websites efficiently and perform certain functions. There are various cookies including strictly necessary, functional, analytics as well as advertisement and marketing cookies and similar tracking technologies to access or store information. Kindly be informed that you may prevent this by adjusting your browser settings to disallow cookies from the Website, via the panel which shows up once you reach our Website or via the link given under [https://www.grimcraftgames.com/cookie-policy], containing detailed information about the cookies that we use and how and for what purposes we use them. Please note that certain cookies that we use enable our Website to function properly; disabling of which may severely limit your ability to use our Website.

​

3. Minors Under the Age of 16

We do not offer our Website specifically intended for use by minors and, therefore, we do not on purpose collect personal data from, and/or about children under the age of 16. Indeed, you represent that you are at least 16 or that you are the parents or the guardian of such a minor and consent to such minor’s use of our Website to purchase our products. In the case we are informed that the personal data of minors has been collected, we will promptly take reasonable measures to delete such information from our records. If you become aware of any personal data that we have collected from minors under age 16, please contact us at [●], in order for us to remove such personal data from our records.

​

4. How We Use Your Personal Information

We use information you provide (i) to deliver the products you have requested, (ii) to contact you when necessary in connection with those product requests, and (iii) to send you information regarding the situation of your order.

​

If you are opt-in to e-mails about the Company’s products, offers, updates, and events, the Company may send you emails about these topics on behalf of ourselves and/or publishers of official licensed products. You can opt-out of non-transactional e-mails at [the relevant link enabling customers to opt-out of the e-mail list should be inserted here<]. Please be aware that this opt-out opportunity is only provided for the Company’s products, offers, updates, and events, and it is not possible to opt out of transactional e-mails such as e-mails confirming your order and/or providing information regarding your order.

​

Your information may be stored and processed in the United States or any other country in which our Company or its affiliates, subsidiaries or agents maintain facilities. By using this Website, you consent to any such transfer of information outside of your country.

​

5. How We Share Your Personal Information

In some cases, it is necessary for us to provide information of you to a third party.

• Billing address or credit card information is provided to the credit card processor to check your qualifications and to charge you for the products that you ordered. By making a purchase or engaging in another activity on the Website that requires financial information, you consent to provide your financial information to third parties as necessary to process your transactions. If you do not provide this information or withdraw consent to our sharing it for the above purpose, it is not possible for us to process your orders.

• Your address and full name are provided to the shipping company located in Turkey in order for us to duly realize your order, in which we will require them strictly to comply with terms and conditions specified under this Privacy Policy to provide utmost protection for your data processed. Kindly be aware that all shipping procedures are carried out in Turkey, which obliges us to share only (i) name & surname, (ii) the address, (iii) phone number and (iv) email of you in order to process the shipping. If you do not provide this information or withdraw your consent as to our sharing for the above purpose, it is not possible for us to process your orders.

• For the purpose of storing your personal data safely, we work with certain cloud service providers, in which we will require them to strictly comply with terms and conditions specified under this Privacy Policy, where these will ensure necessary technical and appropriate measures to protect your data. To that end, we might share your personal data with them.

• Business Transfers may require us to share or transfer your information in connection with, or during negotiations of, any possible merger, sale of company assets, financing, or acquisition of all or portion of our business to another company.

• The Company may disclose your personal information to other parties if required to do so by law or in the good faith belief that such action is necessary to: (i) comply with the applicable law; (ii) protect and defend the rights or property of the Company and the Website, or (iii) act in urgent circumstances to protect the personal safety of users of the Company, the Website or the public.

​

We store your personal data sent or collected via or by us in the United States or Turkey, in the cloud, our servers, the servers of our affiliates or the servers of our service providers carrying out shipping and printing services for our products. To facilitate our global operations, we may transfer, store and access such information from the locations where our Company has operations. Kindly note that, when transferring your personal data, we rely on rules foreseen by GDPR and CCPA, and supervisory authorities. For such cases, we rely on international transfer mechanisms such as the European Commission approved Standard Contractual Clauses, adequacy decisions about certain countries, or we will ask you for your prior consent for the transfer of your personal data, as applicable. In any case, we promptly take any supplemental measures and appropriate safeguards to prevent any third-parties who are not authorized to access your personal data, and provide requisite protection for your personal data. For more information, please contact us at hello@grimcraftgames.com.

​

6. How Long We Keep Your Personal Data

We retain personal information no longer than is necessary for business purposes or legal requirements. We then erase your personal data immediately, unless we still need these until expiry of the period of limitation or prescription, for the evidentiary purposes in civil claims or due to statutory duties of storage. In the case where we have no legitimate business needs or legal requirements to process your personal data, then we will either delete or anonymize such information.

​

7. How Do We Keep Your Information Safe? 

We have been taking appropriate and reasonable technical and organizational security measures designed to protect the security of your personal data we process including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.

​

8. Do-Not-Track Features

Most web browsers and some mobile applications and operating systems include a Do-Not-Track (“DNT”) feature or setting which enables you to signal your privacy preference for not to monitor or process your personal data about your online browsing activities. To date, however, uniform technology standard for recognizing and implementing DNT signals has not been finalized yet. As such, we do not currently respond to DNT browser signals or any other mechanisms that automatically communicate your choice not to be tracked online. If a standard for online tracking will be adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

​

9. Your Rights

​

9.1. For EU Citizens and non-EU Citizens: If you are a resident of the European Union, you have certain data protection rights under the GDPR. Our Company will take reasonable steps to allow you to access, review, update, rectify, or delete any personal data we keep about you. Kindly note that, we are glad to provide you with the rights under GDPR, even if you are not an EU citizen. In certain circumstances, you have the following data protection rights:

• Right to Information and Transparency. Data subjects have the right to be informed about the processing of the personal data including details on the purposes of processing, the categories of personal data being processed, the recipients or categories of recipients of the data, and the rights of the data subject.

• Right of access. The right to have access to your personal data being processed by the data controller and, if so, receive a copy of it.

• Right of rectification. The right to request correction of inaccurate or incomplete personal data.

• Right to erasure. The right to request the erasure your personal data under certain circumstances. This includes situations where the data is no longer necessary for the purposes it was collected for, when the data subject withdraws their consent, or when the processing is unlawful.

• Right to portability. The right to receive the personal data in a structured, commonly used, and machine-readable format and to request that the personal data be transmitted directly from one data controller to another, provided that this is technically possible. 

• Right to restriction of processing. The right to request the restriction of processing of the personal data under certain circumstances, meaning that the personal data may only be stored and not processed further.

• Right to withdraw your consent, either expressed or implied. You hold the right to withdraw your consent at any time.

• Right to object. In certain circumstances, the right to object at any time to the processing of personal data based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.

• Automated Individual Decision-Making, Including Profiling. The right not to be subject to a decision based solely on automated processing, including profiling.

• Right to complain to the supervisory authority. You have the right to file a complaint to the supervisory authority responsible for data protection if you believe that your personal data is being processed in violation of applicable data protection legislation.

 

If you wish to exercise one of these rights, please contact us at hello@grimcraftgames.com.

​

9.2 For California Residents: If you are a resident of California, United States, you are granted specific rights regarding access to your personal data under CCPA & CRPA;

• Right to Disclosure. The right to request a disclosure of categories and specific pieces of personal data processed, the sources where these are collected, the purposes for collecting the personal data, the information with whom the personal data are shared.

• Right to Deletion. The right to request a deletion of the personal data belonging to data subjects from the data controller that has collected the data,

• Right to Opt-Out of Sale & Sensitive Information. The right to opt-out of the sale of the personal data and processing of sensitive personal data. Please be informed that, we neither sell your personal data nor process your sensitive personal data!

• Right to Non-Discrimination: Right not to be discriminated against for exercising the privacy rights.

• Right to Opt-In for Minors. For data subjects under the age of 16, the obligation of the data controllers to obtain opt-in consent from minors to sale their personal data, whilst parental consent is required for minors under the age of 13. Please be informed that, we do not sell personal data of minors!

• Right to Correct: The right to request the correction of inaccurate personal information held by businesses.

If you are a California resident and would like to make such a request, please submit your request in writing email to hello@grimcraftgames.com

​​

10. Changes to This Policy

Our Company may from time to time update this privacy policy. When we do, we will revise the "last updated" date located at the top of this policy.

​​

11. Contact

If you have questions or concerns about this privacy policy, or the processing of your personal data, please contact our Data Protection Officer via the following contact information: