The website is individually paid for by Global Administrator, Maecius. All server donations are used exclusively to help pay for the server, the website, and related expenses.
Questions about data collection and deletion should be addressed to the Global Administrators, Endelyon and Maecius, or to the Forum Developer, Zanniej.
II. What Personal Data Do We Collect?
Baldur's Gate: The Sword Coast Chronicles may collect information about you when you visit this website.
This may include the following:
Email Address: We will collect your email address when you create a new account for the forum. This email address will be used to send you registration information and to confirm you are a real person. This email address will not be used for sending you mass emails (except in the event of a security breach, see section X. below), nor will it be sold or transferred to third parties. The forum host company, one.com, and global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto) will be the only parties who have access to your email address.
Username and Password: Your chosen username and password will be utilized by the website as a means to log into your personal account. This information will only be used to grant you access to your account. Your username will be visible to all forum users, including nonregistered users. Your password cannot be accessed by anyone on staff, but it can be reset if needed by forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto).
IP Address: Whenever you utilize a website, you are leaving a digital fingerprint called an IP Address. This address can be used to identify your ISP (Internet Service Provider) and rough geospatial location. BG:TSCC logs and uses this address to ban forum users who are out of compliance with the forum's rules, and to establish access to the service. Your IP Address will be shared with one.com, the forum host, as part of establishing access to the forum, but will not be shared with any other parties. One.com, the forum host, and global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto) will have access to your IP Address.
Date of Birth: Users may voluntarily opt-in to listing their birthday on their user profile. This may be changed or turned off at any time by the user. If you opt-in to this feature, your age will be visible to all users who view your profile. Your birth month and day will display at the bottom of the forum on the day of your birth, as well, as a "happy birthday" message. Again, this will only happen if you voluntarily list your birthdate.
Social Media, Contact, Website, and Location Information: Users may voluntarily opt-in to listing their social media and contact information, as well as personal websites and other personal information (such as hobbies and interest and location) on their user profile. This information is stored on the database at one.com for as long as you have it in your profile. This information is visible to all users who view your profile. You may delete it at any time by adjusting your profile.
Forum Activity Logs: The forum will log when you join or leave usergroups, when you delete posts, when you are warned by forum moderators, when you change your preferred email, when you change your password, when you take a moderator action (as a forum moderator or a guild forum moderator), and so on. This information is stored on the database at one.com and will be accessible to global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto). Forum moderators will have access to user warnings and action logs as well.
Personal Posts: Anything you post to the forum will be visible to other forum users. Private forums will be visible to the users in that usergroup, as well as DMs and global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto). You may request that all of your posts be deleted using the "right to be forgotten" process described below. Your private messages (PMs) are stored on an internal website server database, and can be accessed by forum account administrators (currently: Maecius, Endelyon, and Zanniej). These will not be shared with others.
Disciplinary Logs, Character Notes, Player Requests, and Other Information: Information about your trends and behavior on the server, both in and out of character, may be retained in logs and records as a means to track behavior and protect server and forum users from hostile behavior. In character notes may be kept to ensure that your character's actions in regards to the game environment (and NPC attitudes towards them) are accurately kept. This information may be accessible to senior forum staff, ADMs, DMs, and, or, Forum Moderators.
Third-Party Data: Information about you from third-party sources may be processed by BG:TSCC (for example, Maecius will be able to see your PayPal email if you make a donation to the server through PayPal).
Other Information Related to Your Use of BG:TSCC's Forum or Services: We may collect additional information from or about you when you communicate with us, contact staff groups, we run activity logs, or when you respond to a survey or poll.
III. Why Do We Retain Personal Data?
We retain data only to enable access to BG:TSCC's services, to track behavior in order to protect the majority of users from hostile or unfriendly users, to log and understand user trends, and to ensure that the game world has a continuity of experience for players (for example, if your character becomes an outlaw in a storyline event, we may retain a note on that so that other characters and storytellers know that your character is a wanted man or woman).
We may retain data even after a user stops using our services (historical posts, former notes, usernames in the database so that they can be recovered should the user return to the game, etc.). Users may request that this data (posts, user accounts, etc.) be deleted, with the understanding that once the data is gone we will be unable to recover it for you.
IV. How Do We Process Your Data?
We may process your information for the following reasons:
- To operate the forum website and offer you game services, including to:
- - enable user access to personal accounts;
- - authenticate your access to your personal account;
- - to communicate with you about your account, the forum, BG:TSCC's services, or relevant PayPal transactions;
- - create an account connection between your account and a third-party account or platform if necessary.
- To manage your access to BG:TSCC's website and services. To utilize this website, you must enable cookies. These technologies allow the website to function, to keep you automatically logged in on computers you trust, and so on. Web traffic and data generated through BG:TSCC is not sold to third parties.
- To comply with our obligations to our hosts, and to enforce the terms of our services, by initiating user bans, etc., where appropriate or necessary.
- To respond to your requests, for example to contact the server's volunteer staff about a question you have.
V. Do We Share Your Data?
We may share your data or other information for the following reasons:
- With volunteer staff members: We may share data generated in-house (such as public CD keys and behavior logs, not emails, for example) between and with staff members in order to ensure that services can be provided, to enable Dungeon Masters (DMs) to track character information, and so on.
- With the other parties or service providers as necessary to ensure their services: We may, for example, share information with our host website in order to ensure your access to their services.
- With other third parties as permitted or required by law: We will comply with authorized law enforcement requests and legal requirements as necessary. To date, we have never had one of these requests, but in the interest of transparency, we would be required to comply with them.
- With your consent: We also share your data and other information with your consent or direction, for example if you personally place it on your public user profile.
VI. How Do We Work with Other Services and Platforms?
We only use your data to connect to and enable the other services and platforms we rely upon to provide you the services you sign up for here. Namely, our host website to grant you access to the website and wiki.
VIII. What Privacy Choices Are Available To You?
The first choice, is, of course, in whether you decide to use these services in the first place.
You also have a "right to be forgotten" choice. If you would like your username and all of your posts deleted, you may contact the global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto) to request that they delete your account and user posts. Keep in mind that if they are deleted they are not recoverable and you have given up all future access to them.
Deletions will not occur when the data in question is needed for a legitimate purpose, such as the consistency and continuity of DM campaigns. Legitimacy of purpose will be determined on a case-by-case basis. If ruled legitimate, the post in question may be moved to a more private area of the forum (such as where the DMs discuss campaigns and share event notes), or the post's author may be changed to a neutral placeholder account to divorce the message from the original author, but these things may also not occur if doing either would damage the continuity of the server's public storyline.
You may request a copy of the personal data we have on you (e.g., email address on file, IP address on file, etc.) by contacting the global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto).
Please note that to request data or to request the deletion of data, you must demonstrate control over the account you are contacting us about, and over the email address associated with that account. This two-step (by Private Message and by email) verification requirement is to protect users against data loss and privacy violations.
IX. How Do We Protect Your Personal Data?
We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls at the hosting data centers, and information access authorization controls. While we are dedicated to securing our systems and services, you are responsible for securing and maintaining the privacy of your password(s) and account/profile registration information and verifying that the data we maintain about you is accurate and current. We are not responsible for protecting any data that we share with a third-party based on an account connection that you have authorized. We are also not responsible for protecting any data that you elect, voluntarily, to share with others in a public forum.
X. What Happens If We're Breached?
If we detect a security breach, or unauthorized loss of data, we have 72 hours to notify you (from the time when we first become aware of the security issue). We will likely do this through a mass email, in the event that it becomes necessary. This will be the only time we send out a mass email (i.e., if there's a breach of the website or the server), and this will only be done to ensure that you are aware of the issue. A breach announcement will also be posted to the forum as a "state of the server" message, with information on what you can do to protect yourself (changing passwords, emails, etc.).
XI. Can Children Use Our Services?
The sites and services are not directed to children under the age of 13. We do not knowingly collect information from children or other individuals who are not legally able to use our sites and services. To sign up for website services, users must affirm that they are 13 years of age or older. If we obtain actual knowledge that we have collected data from a child under the age of 13, we will promptly delete it, unless we are legally obligated to retain such data. Contact the global forum administrators (currently: Maecius, Endelyon, Zanniej, DM Boo, DM Theophanies, and DM Ditto) if you believe that we have mistakenly or unintentionally collected information from a child under the age of 13.