Privacy Policy

Created: 10 February 2021, 00:29:51 EST
Last updated: 12 March 2022, 20:46:02 EST

Baltic Sled Association Privacy Notice

 

Thank you for taking interest in our community here at the Baltic Sled Association (“we”. “us”, “our”, “BSA”). As the balticsledassociation.com (our “website”) website is tailored for the community, we take a vested interest in protecting your privacy. Before diving into the rest of this privacy notice, if you have any questions, concerns, inquiries, or any problems in regards to this notice or your personal information, please feel welcome to contact us at admin@balticsledassociation.com or by reviewing the contact list at the end of this notice.

To preface, this website is based off of a Lorekeeper framework. Lorekeeper is a framework for deviantART art roleplay groups, built off of a PHP web framework called Laravel. However, many parts of this framework have been customized, including the ability for us to reduce the amount of information we require. In this privacy notice, we look to explain what information we use and how we use it. By understanding this, we will also inform you of your rights as a user of this site. Please note, it is important you read through this in its entirety. We understand this is a lot of legal speak, but this has been created using the GDPR compliance template with as simplest terms as possible. If there are any terms in this notice that you do not agree with, please stop using our site immediately and contact us so we can discuss your concerns, including the removal of your information.

This notice will apply to all information collected throughout our website.  

Topics:

  • What data do we collect, and how do we collect it?
  • How will we use your data?
  • How do we store your data?
  • What are your data protection rights?
  • What are cookies and how do I manage them?
  • How do we use cookies and what kinds do we use?
  • Privacy policies of other websites
  • Children’s privacy
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities

What data do we collect, and how do we collect it?

Baltic Sled Association will only collect information that you provide. In order to properly interact with this site, we use these bits of data in order to make the website functional.  There are a couple main aspects of this.

            Information provided directly by you, such as: Your username for the site, the email address you would like to use, the password you would like to use, and your birthdate. If you choose to provide, this will also include a section to provide general user profile information, links to approved social media sites, and an avatar (all of these are entirely optional and are used to publicly personalize your profile in the way another general forum or general social media site would). When you provide this information, such as your birthday, you acknowledge that it is accurate, and that if there are any changes you must notify us.

            Information automatically collected, such as: Information collected through cookies (and similar browser technology), general device information (IP address, browser, operating system, language, location, and how you use the website). This information is only seen by the administrator for our website through our website hosting service and is used for security and reporting purposes.

            Information collected elsewhere or indirectly, such as: Since updating the master list requires utilizing some information off the Chicken Smoothie website, please note we will use this site to obtain information about you from public sources. The main purpose of this section is so that we can verify your username, use the images for your BSA adopts, and do non-invasive tasks such as verify rewards off-site. In essence, any information collected will already be public and easily accessible by others in order to help the site function and verify users. We will not collect or seek information such as addresses, job information, phone numbers, marketing data, or other potentially invasive data that may otherwise identify your legal information.

TL: We try to require as little data as possible, and any data not provided directly by you will be information one can find publicly. Any automatically collected information such as device information will be done off-site through the website’s website hosting service in order to ensure the best privacy practices.

How will we use your data?

Now that you know what sort of data we collect, here is why we collect such types of information. We process your information in order to properly have the website function, and to comply with legal obligations. By using our website, you acknowledge we use such data in the following ways:

  • To create your account and assist in account recovery. In order to make the site secure so that no one else can access your information, therefore we ask for an email address for contact and login name, as well your password for the site.
  • Verify we meet legal requirements for consent. Your birthday is utilized to make sure we adhere to the EU GDPR laws and for US COPPA laws.
  • To enforce our terms and to comply with legal requirements. The above information is used so that we can make sure we are complying with regulations, and to be able to provide information to you for any legal requests.
  • To facilitate user connections. Public information such as your username and information collected publicly is used to allow others to interact with you and to help manage user accounts.
  • Protect the website and other users. Automatically collected information may be used to prevent unauthorized access, and to provide general security (such as fraud monitoring).
  • To fulfill the website’s services. In order to approve information such as prompts or claims.
  • For other BSA purposes. We may also use such data for other purposes, such as to improve your experience using the website overall, contact you through email for matters such as account resets, or determining best BSA practices.

While most data will be localized towards the site and not shared, we may provide some of this personal information in the following situations:

  • With our website host. For the website to function and have good accessibility through uptime and services, we utilize a website host. Your data will be shared to a database that is run through MySQL, and as a result will be processed through our current website host.
  • With our third-party website services. While we will not provide your information for purposes of selling or marketing, we will use some services such as our mail client in order to provide account resets or important information regarding your usage of the site.
  • With a legal entity. In the rare event some form of information is requested by law enforcement or other legal entities, our website host and our website will provide information to comply with our legal requirements.
  • With other users. When you provide public information such as your username, or social media links, this will become public to other users. As a result, such information that is provided may be viewed by other users on the website and may have the potential to be distributed by users. Similarly, you will also be able to view other user information that is public.
  • With your consent. We may also disclose information with your consent.

TL: Information is used to help the site function in terms of your account security, to meet legal requirements, and to help fulfill website’s intended services. Such data will be shared with services directly involved with the website (such as the website host), with legal entities, in some capacity with other users, and with your consent.

How do we store your data?

Our website stores your data within the United States, specifically in Ashburn, Virginia. Both the website and MySQL database are in the same data center.  Our email client is run through Google, and uses Google Data Centers. Please be aware that this is still the case even if outside of the United States, and that information on these databases may be utilized by third parties (read above). This information may be transferred, stored, and processed in this location primarily. Any website host we use will be GDPR compliant, but please note that if you are residing in the European Economic Area or the United Kingdom that laws will vary based off location. However, we will make sure we are following procedures to protect your personal information and to inform you of such data.

In terms of how long your data will be stored, we will keep your data for the duration of when you have an account with us. If you no longer wish to have an account, please reach out to Morgan or admin@balticsledassociation.com so that we can delete your data manually or anonymize such information.

TL: We store your data in United States and Google servers until you request for us to delete your account.

What are your data protection rights?

Every user is entitled to the following:

The right to access – You have the right to request BSA for copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that BSA correct any information you believe is inaccurate. You also have the right to request BSA to complete the information you believe is incomplete.

The right to erasure – You have the right to request that BSA erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that BSA restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to BSA processing personal data, under certain conditions.

The right to data portability – You have the right to request that BSA transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email admin@balticsledassociation.com with as much information as possible so that we can fully comply with your request. However, please note some information may be kept in order to still be able to comply with legal requests.

TL: You have a lot of rights regarding your data. If you request to exercise one of these rights, please reach out and we will respond to your request within a month!

Cookies and how to manage them

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology. Most web browsers are set to automatically allow all cookies – however, you can utilize specific browsers or browser settings that remove or reject the usage of cookies. However, please note upon doing so, this may affect services.

For further information, visit allaboutcookies.org.

How do we use cookies and what kinds do we use?

Due to the framework we utilize in order to set up our website services, we use cookies in a range of ways to improve your experience, including:

  • Necessary cookies, such as those for cross-site request forgery prevention (CSRF)
  • Session cookies that allow authentication of users and prevent fraudulent accounts
  • Functionality cookies that allow your browser to remember choices, such as login details
  • Web beacons that allow is to count how many visitors have seen a page, or for other statistics seen by administrators

Privacy policies of other websites

The BSA website contains links to other websites, primarily through crediting and through links to related sites (such as Chicken Smoothie, toyhou.se, Discord, etc). Our privacy policy applies only to our website, so if you click on a link to another website, their policy privacy may be entirely different!

Children’s privacy

In order to comply with GDPR and COPPA laws, we will not work with anyone who is under the age of 13. We will never knowingly collect information from anyone who is under the age of 13. If you, a parent or guardian, or someone else is aware that someone under the age of 13 has provided us with data, please contact us immediately. Please note even with parental consent, we will not allow anyone who is under the age of 13 to use this website. By using this website, you are agreeing to these terms, and agree that you are at least 13 years of age.  

Changes to our privacy policy

Baltic Sled Association keeps its privacy policy under regular review and places any updates on this web page. We may update this from time to time, ranging from smaller updates to larger changes to conform with new laws. The updated version will be indicated by the updated date (located at the top of this page), with the updated policy being effective as soon as possible. If we make material changes to this policy, we may notify you either by posting a notice or directly sending you a notification. Generally, this will be done by making a news announcement.

How to contact us

If you have any questions about Baltic Sled Association’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Currently, the only individual with administrative access to this information is Morgan / Venatici. If you would like to contact on an informal basis with any questions, you are welcome to contact him through the Baltic Sled Association Discord. However, if you have any form of legal request, please email us at admin@balticsledassociation.com so we can best assist!