Privacy Policy:

Barrett Publishing LLC ("Barrett Publishing") operates boardgamedesignlab.com and may operate other websites. It is Barrett Publishing's policy to respect your privacy regarding any information we may collect while operating our websites.

Website Visitors

Like most website operators, Barrett Publishing collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Barrett Publishing's purpose in collecting non-personally identifying information is to better understand how Barrett Publishing's visitors use its website. From time to time, Barrett Publishing may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.

Barrett Publishing also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on boardgamedesignlab.com blogs/sites. Barrett Publishing only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that commenter IP addresses and email addresses are visible and disclosed to the administrators of the blog/site where the comment was left.

Gathering of Personally-Identifying Information

Certain visitors to Barrett Publishing's websites choose to interact with Barrett Publishing in ways that require Barrett Publishing to gather personally-identifying information. The amount and type of information that Barrett Publishing gathers depends on the nature of the interaction. For example, we ask visitors who sign up at boardgamedesignlab.com to provide a username and email address. Those who engage in transactions with Barrett Publishing are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, Barrett Publishing collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor's interaction with Barrett Publishing. Barrett Publishing does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Aggregated Statistics

Barrett Publishing may collect statistics about the behavior of visitors to its websites. Barrett Publishing may display this information publicly or provide it to others. However, Barrett Publishing does not disclose personally-identifying information other than as described below.

Protection of Certain Personally-Identifying Information

Barrett Publishing discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on Barrett Publishing's behalf or to provide services available at Barrett Publishing's websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using Barrett Publishing's websites, you consent to the transfer of such information to them. Barrett Publishing will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, Barrett Publishing discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when Barrett Publishing believes in good faith that disclosure is reasonably necessary to protect the property or rights of Barrett Publishing, third parties or the public at large. If you are a registered user of an Barrett Publishing website and have supplied your email address, Barrett Publishing may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what's going on with Barrett Publishing and our products. If you send us a request (for example via email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Barrett Publishing takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.

Cookies

A cookie is a string of information that a website stores on a visitor's computer, and that the visitor's browser provides to the website each time the visitor returns. Barrett Publishing uses cookies to help Barrett Publishing identify and track visitors, their usage of Barrett Publishing website, and their website access preferences. Barrett Publishing visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Barrett Publishing's websites, with the drawback that certain features of Barrett Publishing's websites may not function properly without the aid of cookies.

Business Transfers

If Barrett Publishing, or substantially all of its assets, were acquired, or in the unlikely event that Barrett Publishing goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Barrett Publishing may continue to use your personal information as set forth in this policy.

Ads

Ads appearing on any of our websites may be delivered to users by advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This Privacy Policy covers the use of cookies by Barrett Publishing and does not cover the use of cookies by any advertisers.

Privacy Policy Changes

Although most changes are likely to be minor, Barrett Publishing may change its Privacy Policy from time to time, and in Barrett Publishing's sole discretion. Barrett Publishing encourages visitors to frequently check this page for any changes to its Privacy Policy. If you have a boardgamedesignlab.com account, you might also receive an alert informing you of these changes. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

Data Protection Policy

Last updated May 27, 2018

Definitions

BGDL means Board Game Design Lab
GDPR means the General Data Protection Regulation.
Responsible Person means Gabe Barrett
Register of Systems means a register of all systems or contexts in which personal data is processed by the BGDL.

1. Data protection principles

The BGDL is committed to processing data in accordance with its responsibilities under the GDPR.

Article 5 of the GDPR requires that personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to individuals;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”

2. General provisions

  1. This policy applies to all personal data processed by the BGDL.
  2. The Responsible Person shall take responsibility for the BGDL’s ongoing compliance with this policy.
  3. This policy shall be reviewed at least annually.
  4. The BGDL shall register with the Information Commissioner’s Office as an organisation that processes personal data.

3. Lawful, fair and transparent processing

  1. To ensure its processing of data is lawful, fair and transparent, the BGDL shall maintain a Register of Systems.
  2. The Register of Systems shall be reviewed at least annually.
  3. Individuals have the right to access their personal data and any such requests made to the BGDL shall be dealt with in a timely manner.

4. Lawful purposes

  1. All data processed by the BGDL must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests (see ICO guidance for more information).
  2. The BGDL shall note the appropriate lawful basis in the Register of Systems.
  3. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
  4. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the BGDL’s systems.

5. Data minimisation

  1. The BGDL shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

6. Accuracy

  1. The BGDL shall take reasonable steps to ensure personal data is accurate.
  2. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.

7. Archiving / removal

  1. To ensure that personal data is kept for no longer than necessary, the BGDL shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
  2. The archiving policy shall consider what data should/must be retained, for how long, and why.

8. Security

  1. The BGDL shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
  2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
  3. When personal data is deleted this should be done safely such that the data is irrecoverable.
  4. Appropriate back-up and disaster recovery solutions shall be in place.

9. Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the BGDL shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO (more information on the ICO website).

END OF POLICY