Last updated: 2026

Data Controller Information

Arcane Portal Play (hereinafter "Data Controller") is responsible for the processing of your personal data. Our full contact details are:

• • Company Name: Arcane Portal Play
• • Email: [email protected]

1. Introduction

Welcome to Arcane Portal Play ("we," "our," or "us"). We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) (EU) 2016/679 and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, as well as your rights and choices regarding your personal data.

2. Information We Collect

We may collect and process the following types of information:

2.1. Information You Provide

• • Contact information when you communicate with us (name, email)
• • Feedback and suggestions you provide
• • Any other information you voluntarily provide

2.2. Automatically Collected Information

• • IP address and browser type
• • Device information and operating system
• • Pages visited and time spent on our site
• • Referring website information

3. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

• • Consent: For the use of cookies and similar technologies, and for marketing communications where you have given explicit consent.
• • Legitimate Interest: To improve our website functionality, analyze usage patterns, and respond to your inquiries (our legitimate interests do not override your fundamental rights and freedoms).
• • Performance of a Contract: If you enter into any agreement with us, to fulfill our contractual obligations.
• • Legal Obligation: To comply with applicable laws and regulations.

4. How We Use Your Information

We use the collected information for the following purposes:

• • To provide and maintain our services
• • To improve user experience and website functionality
• • To analyze usage patterns and trends
• • To respond to your inquiries and support requests
• • To send you important updates and announcements

5. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods are as follows:

• • Contact information and communication records: Retained for 2 years after the last interaction.
• • Website usage data (analytics): Retained for 12 months.
• • Cookie data: Retained for the period specified in our cookie policy (typically 12 months, unless you delete them earlier).
• • Data required for legal compliance: Retained for the period required by applicable laws (typically 7 years).

After the retention period expires, your personal data will be anonymized, deleted, or securely destroyed.

6. Cookies

We use cookies and similar technologies (such as web beacons, pixels, and local storage) to enhance your browsing experience. Cookies are small text files stored on your device that help us:

• • Remember your preferences
• • Understand how you use our website
• • Provide personalized content

We use the following types of cookies:

• • Necessary Cookies: Essential for the website to function (cannot be disabled).
• • Analytics Cookies: Help us analyze website traffic and usage patterns.
• • Functional Cookies: Remember your preferences (e.g., language settings).
• • Marketing Cookies: Used to deliver personalized advertising (only with your consent).

You can control cookies through your browser settings, but disabling necessary cookies may affect website functionality. By clicking "Accept" on our cookie consent banner, you consent to our use of non-necessary cookies.

7. Your Rights (GDPR/CCPA)

7.1. GDPR Rights (EU/EEA Residents)

You have the following rights under the GDPR, which you can exercise at any time:

• • Right to Access: Request a copy of the personal data we hold about you.
• • Right to Rectification: Request correction of inaccurate or incomplete personal data.
• • Right to Erasure (Right to be Forgotten): Request deletion of your personal data, where lawful.
• • Right to Restriction of Processing: Request that we limit the processing of your personal data.
• • Right to Data Portability: Request a copy of your personal data in a machine-readable format.
• • Right to Object: Object to processing based on legitimate interest or direct marketing.
• • Right to Withdraw Consent: Withdraw your consent to processing at any time (does not affect lawfulness of processing before withdrawal).

7.2. CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the CCPA:

• • Right to Know: Request information about the personal data we collect, use, disclose, and sell.
• • Right to Delete: Request deletion of your personal data (subject to certain exceptions).
• • Right to Opt-Out: Opt out of the sale of your personal data (we do not sell your personal data).
• • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security audits, and staff training. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. Third-Party Services

Our website may contain links to third-party websites and may use third-party service providers (e.g., analytics providers, payment processors). We are not responsible for the privacy practices or content of these external sites or services. We only share your personal data with third parties where necessary to provide our services, with your consent, or as required by law. All third-party processors are contractually obligated to protect your personal data in accordance with applicable laws.

10. Children's Privacy

Our services are not directed to children under 13 (or 16 in some jurisdictions). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us to request deletion of such information.

11. Data Protection Officer (DPO)

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection compliance. You can contact our DPO at:

• • Email: [email protected]

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new policy on this page, updating the "Last updated" date, and where appropriate, by email or other direct communication. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us:

• • General Inquiries: [email protected]
• • Privacy Inquiries: [email protected]
• • Data Protection Officer: [email protected]

You also have the right to lodge a complaint with a supervisory authority if you believe we have processed your personal data in violation of applicable data protection laws.