Privacy Policy
Data protection is important to us. And what better way to protect data than not to collect it in the first place? That's why we want to store as little data as possible about our users. But unfortunately we can't do without it.
In the following sections, we therefore explain what data we collect, when and why, and in what way we process them.
1. Responsible person & contact
Responsible for data collection, storage and processing is:
Carsten Ruhr
Schopenhauerstr. 7
41470 Neuss
If you have any questions about data protection, please write to us at mail@mythical.ink
2. Scope of data protection
Data protection concerns personal data as defined in the GDPR, i.e. any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics.
3. Data collection, storage & processing
The following table provides an overview of what personal data we collect, when we collect it and how we store it. All data is deleted immediately when the account is successfully deleted in the account area.
| Data | Time | Reason | Type & Location |
|---|---|---|---|
| Account creation | The email is stored as the primary identifier of an account and is required for further login. | Plain text, Database | |
| Password | Account creation | The password is stored as a secondary identification feature of an account and is required for further login. | Encrypted, Database |
| Session ID | Login | The SessionID is used to uniquely identify a logged-in user as long as the user has the same Session ID stored as a cookie in the browser (see section 4). | Plain text, Database |
4. Cookies & Localstorage
In addition to data on our servers, we also store data as cookies or in the local storage of your browser if this is technically necessary. The following tables provide an overview of which data we store in your browser, when and for what purpose, and when this data is deleted again.
Cookies
| Name | Time | Reason | Deletion |
|---|---|---|---|
| NEXT_LOCALE | Language change | The user's choice of language is stored in this cookie if the user does not want to use the automatically detected language. | - |
| sessionId | Login & Registration | Unique identifier of the user to prevent re-entering the email and password even when closing the browser. | After 48 hours |
Local Storage
| Name | Time | Reason | Deletion |
|---|---|---|---|
| dg_saves | Saving a dungeon | This entry contains all locally stored dungeons of the user | - |
| bookmarkedSpells | Add spells to bookmarks | All D&D spells in the user's "bookmark list" are stored in this entry | - |
| bookmarkedItems | Add item to bookmarks | All D&D items in the user's "bookmark list" are stored in this entry | - |
| bookmarkedMonsters | Add monsters to bookmarks | All D&D monsters in the user's "bookmark list" are stored in this entry | - |
If you wish to delete any of this data, you can use the function of your browser "Delete cookies & page data", which is available in this or a similar way in every common browser. Moreover, only the sessionId cookie is used to identify the user.
Transmission of data for analysis
We record some actions (page visits, errors occurring, use of certain functions) for the purpose of improving the site. All data collected in this regard is completely anonymised and does not allow any conclusion to be drawn about the person. No cookies (or other local data) are stored for analysis purposes.
Data security
Your connections to our website are protected with state-of-the-art encryption technologies. The level of protection also depends on which encryption your internet browser or mobile device supports. You can tell whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the status bar of your browser. We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
Your rights
You have the following rights granted by the European Directives and Regulations. If you wish to exercise any of the following rights, simply write to us at the address above.
Right to confirmation and right to information - we will be happy to confirm whether we are processing your personal data, what data it is and for what purpose it is being processed.
If you have an account, you can also automatically generate a report of your data in your account area at any time with the function "Send my data".Right to rectification - if the data we have stored is incorrect, we will be happy to correct it.
You can change most of your data - provided you have an account on our website - at any time in your account area.Right to deletion - should you wish your personal data to be erased, we will comply with your request to the extent legally possible.
If you have an account, you can delete all your data at any time in your account area.Right to restrict processing - should you wish to restrict use, we will comply with your request where legally possible.
Right of revocation - if you wish to revoke any consent you have already given, we will comply with your request accordingly. A revocation does not affect the permissibility of the previous processing of your data.
In addition, you can object to the further processing of your data if we process your data on the basis of a legitimate interest (Art. 6 (1) sentence 1 lit. f, Art. 21 DSGVO). If we process your data for the purpose of direct advertising, you have a general right to object. If we do not process your data for advertising purposes, the objection must be based on your particular situation.
You also have the right to lodge a complaint with a supervisory authority about the processing of your personal data, such as the data protection supervisory authority responsible for us: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Kavalleriestraße 2 - 4, 40213 Düsseldorf, email: poststelle(at)ldi.nrw.de.
Changes to the privacy policy
We reserve the right to change this privacy policy. The current version of the privacy policy is available on our website at all times.
Last updated: 21. Februar 2024
