Your donations keep RPGWatch running!

Privacy Statement

Introduction

This page provides a privacy statement detailing how RPGWatch handles your information and our compliance to GDPR.

Who are we?

RPGWatch is the organisation that is running the site RPGWatch and all connected sites; IndieWatch and LocusInn.
RPGWatch is located in The Netherlands. The server we use is located in Germany.

Myrthos is the responsible person for the protection of personal information for RPGWatch and can be reached via PM (to: Myrthos) or via our contact page.

How we use your information

RPGWatch stores your information, which you have supplied or which RPGWatch needs for correct operation of the site in a database. This database is only used by RPGWatch to keep the site operational. The contents of that database is not shared with any third party.

RPGWatch uses your account information to ensure that you can log in to those parts of the RPGWatch network that require a login and to tailor functionality based on your account. This is accomplished by using server sessions that have a short lifetime (20 minutes). RPGWatch also stores cookies on your local machine to keep you logged in for longer periods of time (if you have enabled cookies). These cookies will store the required information needed to automatically log you in to any part of RPGWatch when needed. This and other cookies that are used are described in the next section

The information we use with cookies

The following overviews shows what cookies we use on the sites hosted by RPGWatch.

On all RPGWatch hosted sites the following cookies are used:

Name Expiration Type Description
RPGWatch_Session NA Functionality necessary Session identifier, which remains active during your session on RPGWatch
bbsessionhash NA Functionality necessary A randomly generated hexadecimal string used for security purposes of your session
bblastvisit 1 year Functionality necessary The date/time you last visited the site, so you can receive updates since then
bblastactivity 1 year Functionality The date/time you were last active to update your public profile
style 1 year Functionality The selected style (dark/light)
_pk_id.1.xxxx 13 months Analytical Identifier to uniquely identify you (or actually your browser) for analytics purposes on RPGWatch only, where xxxx is an alphanumeric identifier
_pk_ses.1.xxxx 30 minutes Analytical Session identifier for Analytics purposes, where xxxx is an alphanumeric identifier
piwik_ignore 1 year Functionality When enabled the option to not being tracked on RPGWatch has been set

On all sites on the rpgwatch.com domain the following cookies are used:

Name
Expiration
Type
Description
_cfduid
1 year Functionality Cloudfare cookie, used to identify individual clients behind a shared IP address and apply security settings on a per-client basis

On www.rpgwatch.com the following cookies are used:

Name
Expiration
Type
Description
bbuserid
1 year Functionality
Your RPGWatch user ID, Enables auto-login on subsequent visits. Your User Name is stored if ‘Remember me’ is checked on login
bbpassword 1 year Functionality
Your RPGWatch password,  enables auto-login on subsequent visits. Your password is stored only if ‘Remember me’ is checked on login
bbcpsession NA Functionality Session identifier for your control panel
bbdbtech_security_session 1 month
Functionality necessary The date/time you were last active to update your public profile

It might be that if you have visited RPGWatch before May 2019, that your browser has stored cookies named: _ga or _gac. These cookies can be deleted as they are leftovers from the time we still used Google analytics. Other google Analytics cookies should have expired by now (like _gat and _gid).

The information we use in our database

In our database we store the following personal and related information about registered users, needed for operation of the site:

  • Registration information
    • Account name
    • E-mail address
    • Password (stored in an encrypted form)
    • IP address
    • Date and time of registration
    • Date and time of last visit
    • Forum groups you are a member of. In case of being a member of the banned user group, also the reason of the ban and the time of the ban are being logged
  • Posts
    • Contents of the posts, inluding links, references and images
    • Number of posts made
    • Forum for which this post was made
    • Date and time of each post
    • IP address used when making the post
    • Posts in which your posts are quoted
    • In case of polls, the vote you have made
  • Threads
    • The threads you have created
    • The thread you are visiting
    • The last post of the thread you potentially have seen
  • Thumbs up
    • The posts you have given a thumbs up
    • The posts where you received a thumbs up
  • PMs
    • The contents of the PMs you have sent and received and which are not deleted by you
    • The date and time of each PM you have sent and received and which are not deleted by you
    • Each recipient of a PM you have sent that have a copy of that PM
  • Mentions
    • The posts where you are mentioned
  • Infractions
    • The time of the infraction
    • The post for which the infraction is given
    • The reason for the infraction
    • The duration of the infraction. When the infraction expires all infraction information is deleted.
  • Contests
    • For the contests you have particpated in, the votes you have made as part of that contest
  • Wiki
    • The pages you have changed or added, the actual modifications to a Wiki page (for showing the history) and the time of those events
  • Donations
    • Your PayPal email address and other transaction information provided by PayPal, such as date of the transaction and the amount.
  • Tracking
    • For registering your visits the IP address is logged, although the last two bytes of the IP address are removed, so that it is anonymized.

Next to the above there is additional information you can enter in your profile on the forums. This information is not needed for correct operation of the site. It is your own responsibility to manage the contents of that information. You have full access to it and can choose to change or delete it.

At the forums and the RPGWatch home page you also have the option, as a registered user, to configure several options on the forums and RPGWatch home page. The selections you make are stored, but are not used for anything else than letting the site behave according to your selections.

Any supplied information is only used to enable correct operation of the site. No data analytics is performed, beyond the standard functionality provided by our forum software, which is needed for correct operation (counts of: threads, posts, PMs, Thumbs ups). Also when you are visiting the RPGWatch forums, the current thread you are visiting is determined. The historic information of the threads you have visited is not logged.

IP addresses of all those who visit RPGWatch are temporarily stored for 20 minutes to determine the total visitor count and what page is being visited. Next to that IP addresses are also stored by our server to determine the connections that are made with the server for the sole purpose of error detection and hacks/attacks. Access information is stored for up to 3 weeks and site and server error information for up to 10 weeks.

All the above mentioned information that is needed for correct operation of the site, is kept in the database indefinitely, unless it has been requested to be removed as mentioned below in the 'Data removal' section (note that only a full removal is possible, not a selective removal).

Tracking

RPGWatch uses Matomo Analytics, which enables the possibility for RPGWatch to track your activity on its sites for the purpose of site analytics. Matomo is installed on the RPGWatch server and the collected data is hosted on that same server. No tracking data is shared with third parties. The ability to track a visitors is only used to gather analytics on your actions on the RPGWatch hosted sites. When you have configured your browser to not allow tracking, you are not tracked on the RPGWatch sites, but you are counted as a visitor.

The IP address that is used to track visitors on the RPGWatch sites is anonymized by removing the last 2 bytes of the 4 byte IP address before that address is logged and used by Matomo.

RPGWatch also uses embedded YouTube streams, which fall under Googles GDPR statement. You can opt-out on the data collected by Google for interest based advertising by using the NAI or DAA opt-outs (or EDAA for EU).

RPGWatch does not track you when you leave RPGWatch. However advertisers on RPGWatch potentially might  track you when you click on their banner or advertising link.

Tapatalk Plugin

RPGWatch is using the Tapatalk plugin. Tapatalk is GDPR compliant. The following is the statement of Tapatalk on this:

The Tapatalk Plugin does not access any personal information, such as name, email, or cookie information, of forum members. And the Plugin never collects any sensitive information, such as Tax ID numbers, banking or credit card information, or health information.
In some cases, IPs have been sent through the Tapatalk Plugin, and the IPs were used for spam and inappropriate content detection. We are not storing any IP address information. We are now using alternative tools to detect spam and inappropriate posts, and no longer have any need for IPs.
As well as IP address, the Tapatalk Plugin will also not be passing any email address between the Tapatalk server and the plugin when the user login or sign up to your forum.

More details can be found in the privacy policy of Tapatalk.

Data removal

According to GDPR you can request for your Personal Identifiable data to be removed. This will result in the following:

  • Your account is removed from RPGWatch
  • None of your messages and posts will be deleted
  • Your messages and posts on the forum will still have your forum name (without a link and image) and will have the text title 'Guest' under your forum name.
    If this is not what you want, you can request to have the forum name replaced by 'Guest'. This is however a manual database process, so will take some time.

Note that this action cannot be undone.

You must request account deletion by PM, so it is possible for us to uniquely determine that it is actually you asking for this or you should use the same email address in contacting us as we have on record for your account.

If you have lost or forgotten your login information, you can request it by using the same e-mail address associated with your account.

If you cannot do either of these, it is not possible to determine that you are the owner of the account and we cannot delete it.

Requests to remove posts and or PMs will be honored to the extent we can honor it. This means that posts can be deleted, but posts of others in which (part of) your posts are quoted will not.
Your PMs will be deleted.
This is a manual process where several database queries are executed to accomplish this. It might take some time before this process is finalized.

Note that data is not immediately removed from backups. RPGWatch makes a backup for every day of the week. This means that after one week, the backup of one week ago is overwritten. As a result your information is removed from backups one week after the actual deletion.

The data logged by the Matomo Analytics tool, because of your visits, cannot be removed as the data has been anonymized and there is no way that we can determine anymore what data belongs to you (also see the 'Tracking' section).

Access to the information we store

GDPR entitles you to receive the information we have on you. Almost all of this information is already accessible by you by visiting your profile page on the RPGWatch Forums, so RPGWatch provides no means to send you that information.
The only additional information that you will not have access to is your IP address, which you usually know and your PayPal email address in case you made a donation, which you should definitely know yourself. You can request to receive an overview of the IP addresses and/or your donation information, by sending a message, as mentioned in the 'Who are we?' section. it is not possible to send you the information that was logged by the Matomo Analytics tool we use to analyze visits as the IP addresses used are anonymized and it is not possible to determine a relationship with a user anymore (also see the 'Tracking' section).
Note that in order to know that we send the information to the right person you must send a PM from your user account or you should use the same e-mail address in contacting us as we have on record for your account.

Security

RPGWatch takes every precaution to make sure your data is secure. All the software that are being used, including the Operating System on our server are updated on a very regular basis (at least once a week). Furthermore, protections are in place to secure our software, the server and access to that server.

Complaints

If you have a complaint related to how RPGWatch treats your privacy on any of the RPGWatch sites and RPGWatch cannot resolve it to your satisfaction, we would like to make you aware that you can file a complaint with your national authority responsible for privacy. As RPGWatch is located in The Netherlands, you can also file your complaint with:

Autoriteit Persoonsgegevens
Website in Dutch and English.

Duration of this privacy statement

This privacy statement can be changed at any time, at which point all registered members will be informed of said change by means of a forum post visible in all forums.