Koelling.co.uk

Privacy and Cookie Policy

This Policy sets out information about how we use, store and transfer personal data which we receive through our websites (the Sites, for example mtg-forum.de) and otherwise. We are a data controller in relation to that personal data, which means we determine the purposes and means of the processing of that personal data.

This Policy also contains information about our use of cookies. We will ask you to consent to our use of cookies in accordance with the terms of this Policy when you first visit our websites.

We are N. Koelling, a sole trader whose registered offices are at 2 Hinksey Court, Church Way, Oxford, England, OX2 9SX.

  1. Personal Data we Collect

    In this Section we have set out the kinds of personal data that we may collect, use, store and transfer. We have grouped that data together into different categories based on its subject matter, and based on the kinds of individuals to whom they relate.

    1. We may process data about your use of our Sites (usage data), which we obtain through our analytics tracking systems. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
    2. We may process information contained in or relating to any enquiry or communication that you send to us or that we send to you (correspondence data). This could for example include customer support queries from our users, or correspondence with suppliers, partners or anyone else with whom we deal. The correspondence data may include the communication content and metadata associated with the communication, as well as any contact details you may provide to us such as your name, email address, phone number, job title, address or social media username.
    3. We may process the account data (account data) which you provide to us when registering to use our Sites, which may include your username, email address, password or social media username. If you use a third-party application or service like OpenID to log into your account on our website then we may receive and process account data from the relevant third party.
    4. We may process any personal data which you include in any comment, forum post or other submission you upload or post to our Sites, including private messages between users. We call all of this forum data. We do not pre-moderate or have any control over what you include in forum data, so we ask that you carefully consider your own privacy in deciding what to include in forum data. Because forum data is determined by you, it could potentially include special categories of data, such as data about race, ethnic origin, politics, religion, health, sex life or sexual orientation and if you post that data you consent to our processing it. We will also record your IP address in relation to each forum post – this means that users who post unlawful or abusive content can be banned, and, if necessary, their ISP or law enforcement can be provided with an IP address for investigation.
    5. We may process deck lists, or card collections which are associated with your account (which together we’ll call card data). We may also collect and process card data on an aggregated or anonymised basis (in which case it will not be personal data at all and will not be governed by this Privacy Policy).
  2. Our purposes and legal bases of processing

    1. We have set out below, in table format, a description of all the ways we may use your personal data. We’re also required by law to identify the legal basis on which we handle personal data. These legal bases are set out in Article 6 of the General Data Protection Regulation (GDPR). When we process personal data on the basis of our legitimate interests then we also need to identify those legitimate interests and have done so below.
    2. Note that we may process your personal data on more than one legal basis depending on the specific purpose for which we are using your data. Feel free to contact us for further information.
    Type of Data Purpose/Activity Legal Basis for Processing
    Usage dataAnalysing the use of, and improving, our Sites and services, security monitoring.Our legitimate interests (Art 6.1(f) GDPR), namely delivering and improving our Sites and ensuring their security.
    Correspondence dataTo communicate with you and to provide you with occasional news about our Sites and marketing communications (although you will be free to unsubscribe at any time).Our legitimate interests, namely properly administering our business.
    Where correspondence relates to registered users, the performance of a contract with you, or to take steps at your request prior to entering into a contract with you (Art 6.1(b) GDPR).
    Account data and Forum dataOperating our Sites, providing our services, ensuring the security of our Sites and services, verifying logins, and communicating with you. Performance of a contract with you (delivering our services through the account).
    Our legitimate interests, namely properly administering our business and services.
    Special category data contained in Forum dataOperating our forums.Your consent (Art. 6.1(a) GDPR, Art. 9.2(a) GDPR)
    Card dataOperating our Sites, providing our services, conducting data analysis for our or others’ research purposes.Performance of a contract with you (delivering our services through the account).
    Our legitimate interests, namely the provision of our services and our interest in conducting research and making data available to others for research and analysis.
    Any personal dataFor the purposes of legal compliance (e.g. maintaining tax records).Compliance with our legal obligations (Art 6.1(c) GDPR)
    Any personal dataFor the purposes of bringing and defending legal claims.Our legitimate interests, namely preserving our legal rights.
  3. Providing your personal data to others

    1. Our advisors. We may disclose your personal data to our insurers and/or professional advisers to take professional advice and manage legal disputes.
    2. Our service providers. We may disclose personal data to our service providers or subcontractors in connection with the uses we’ve described above. For example, we may disclose:
      1. any personal data in our possession to suppliers which host the servers on which our data is stored;
      2. communication data to providers of email or email marketing services;
      3. usage data to providers of analytics services or advertising partners.
    3. Third party research: We may share card data with third parties who wish to conduct research and analysis of such data. You can prevent this sharing by setting your deck or collection to “private”.
    4. Compliance. We may also disclose your personal data to comply with law.
    5. Restructuring. If any part of our business is sold or transferred, your personal data may be disclosed to the new owner.
  4. International transfers of your personal data

    1. Some of the third parties to whom we may transfer your personal data, discussed above, may be located outside the EEA or may transfer your personal data to their own service providers located outside the EEA. If so, then we will ensure that transfers by our appointed data processors will only be made lawfully. You may contact us if you would like further information.
    2. Personal data that you make visible to other users may be available, via the internet, to others around the world. We cannot prevent the use (or misuse) of such personal data by others.
  5. Retaining and deleting personal data

    1. We keep personal data only as long as is necessary for the relevant purposes. In particular:
      1. account data (excluding card data) will be kept during the life of the account and then deleted immediately, or within a reasonable time, after account closure;
      2. if you have an account with us, you may delete card data whenever you wish. Card data is not otherwise deleted when an account is closed, and we may continue to process card data if it has been made public, is no longer associated with an account, or if it has been anonymized or aggregated;
      3. information posted in public forums may be deleted by us on request, but we cannot guarantee deletion (e.g. if other posts referencing it have been created). Private messages will be retained unless deleted by both users;
      4. any data which is anonymized or aggregated, and therefore not personal data, may be retained by us indefinitely. Typically this will be derived from usage data and card data;
      5. we regularly back up our servers to prevent data loss. It may be possible that old versions of your data may remain on our servers for a while, even after they have been deleted from the main Sites. However, these backups will normally not be used and will be deleted after a certain retention period.
    2. We may retain your personal data longer than set out above where necessary to comply with law or in connection with any actual or potential legal claim.
  6. Your rights

    1. You have rights under data protection law – they are complex, and subject to exemptions, and you can read guidance from the Information Commissioner’s Office at www.ico.gov.uk for a fuller explanation of your rights. In summary, though:
      1. the right to access: you have the right to confirmation as to whether or not we process your personal data and, where we do, to access to the personal data, together with certain additional information;
      2. the right to rectification: you have the right to have any inaccurate or incomplete personal data about you rectified or completed;
      3. the right to erasure: in some circumstances you have the right to the erasure of your personal data;
      4. the right to restrict processing: you have the right to restrict the processing of your personal data to limit its use. Where processing has been restricted, we may continue to store your personal data and will observe the restrictions on processing except to the extent permitted by law;
      5. the right to object to processing: you have the right to object to our processing of your personal data on the basis of legitimate interests (discussed above); and
      6. the right to complain to a supervisory authority: if you consider that our processing of your personal data is unlawful, you have a legal right to lodge a complaint with a supervisory authority.
  7. About cookies

    1. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
    2. Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
    3. Cookies do not typically contain any information that personally identifies a user (except for IP addresses in some cases), but personal information that we store about you may be linked to the information stored in and obtained from cookies.
    4. We use these kinds of cookies:
      1. Strictly Necessary Cookies: these cookies are essential to provide you with services available through our Site and to enable you to use some of its features. For example, they allow you to log into secure areas of the Sites. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
      2. Functionality Cookies: These cookies allow our Site to remember choices you make when you use our Site, such as remembering your login details and remembering the changes you make to other parts of our Sites which you can customise. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Sites.
      3. Analytical/Performance Cookies: These cookies are used to collect information about traffic to our Sites and how users use our Sites. The information gathered does not identify any individual visitor. The information is aggregated and therefore anonymous.
      4. Targeting Cookies: These cookies track your browsing habits to enable us to show advertising which is more likely to be of interest to you. If you choose to remove targeted or advertising cookies, you will still see adverts but they may not be relevant to you.
      5. Social Media Cookies: These cookies are used when you share information using a social media sharing button or “like” button on our Sites or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter. The social network will record that you have done this.
      6. Google Analytics: The Sites use Google Analytics (an analytical/performance cookie) to help analyse how users use the Sites, collecting standard internet log information and visitor behaviour information in an anonymised form from which no user is identifiable. This information is transmitted to Google and processed to compile statistical reports on activity on the Sites. These reports allow us to optimise our user experience. Google provide a browser add-on for users who wish to prevent their data from being used by Google Analytics. Further information is available at https://tools.google.com/dlpage/gaoptout/.
      7. Third Parties: Third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.
    5. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can obtain up-to-date information about blocking and deleting cookies via the support pages made available by your browser operator.
  8. Third Parties

    The Sites may contain links to third party websites. If you follow a link to any third party website, then they may have their own privacy and cookie policies, and we are not responsible for their use of any personal data which you may provide to them.

  9. Amendments

    We may update this Policy from time to time by publishing a new version on the Sites. You should check occasionally to ensure you are happy with any changes to this Policy, although we may notify you of material changes to this Policy through an announcement on our forums.

  10. Contact Us

    If you have any questions, comments or requests regarding this Privacy and Cookie Policy or our use of any personal data you provide to us, please contact us through our contact form linked below.

Last updated: 2020-03-17

Contact

Privacy and Cookies