Open Book ChronicleOpen Book Chronicle

    Privacy Policy

    Effective Date: 18.09.2025

    Welcome to Open Book Chronicle ("we", "our", or "us"). We are committed to protecting your personal information and ensuring transparency in how we collect, use, and share your data in compliance with the General Data Protection Regulation (GDPR).

    1. Information We Collect

    When you visit and interact with our website, openbookchronicle.com (the "Site"), we may collect the following types of information:

    1.1 Personal Information You Provide

    • Contact Information: Your name, email address, and any other information you provide when signing up for newsletters or creating an account.
    • User-Generated Content: Any information you submit via comments, posts, or interactions with community features.

    1.2 Automatically Collected Information

    • Usage Data: Information about your interactions with our Site, including IP address, browser type, and pages viewed.
    • Cookies and Tracking Technologies: We use cookies and similar technologies to enhance your browsing experience. You can manage cookies via your browser settings. More details are in our Cookie Policy.

    1.3 Authentication Data

    When you create an account, we collect and process:

    • OAuth Provider Data: If you sign in with Google or Discord, we receive your email address, name, and profile image from these providers.
    • Session Information: We store session tokens, IP addresses, and user agent information for security purposes.
    • Account Information: User ID, email verification status, account creation date, and role assignments.

    1.4 Contact Form Data

    When you contact us through our contact form, we collect:

    • Name and surname
    • Email address
    • Country
    • Message content

    1.5 User-Generated Content and Interaction Data

    When you interact with our platform, we may collect:

    • Comments and Posts: Content you submit, timestamps, and voting data
    • Gaming Data: Game statistics, scores, guild memberships, and tutorial progress (Music OBC only)
    • Bug Reports: When you submit bug reports, we collect the report content and associate it with your user account

    1.6 Third-Party Service Data

    We integrate with the following third-party services:

    • LastFM API: Used to gather music-related information for our Music OBC platform (no personal data shared)
    • PostHog Analytics: Used for anonymous usage analytics when you consent to analytics cookies. PostHog is hosted in the EU (eu.i.posthog.com) and processes data according to GDPR requirements
    • Discord and Google OAuth: For authentication purposes when you choose to sign in with these services

    2. Legal Basis for Processing Personal Data

    • Consent: Analytics cookies, newsletter subscriptions
    • Contract: Account creation, authentication, and platform services
    • Legitimate Interest: Security monitoring, bug fixing, and service improvement
    • Legal Obligations: Compliance with applicable laws and regulations

    3. How We Use Your Information

    We use the information we collect for the following purposes:

    • To Communicate with You: To send newsletters, article notifications, and other updates you have opted in to receive.
    • To Improve Our Services: To analyze how users interact with our Site and improve our content.
    • For Advertising and Marketing: To deliver personalized ads and marketing materials (with your consent).

    3.1 Detailed Processing Purposes

    • Authentication Data: To provide secure access to your account and personalize your experience
    • Contact Form Data: To respond to your inquiries and provide customer support
    • Gaming Data: To track your progress, enable multiplayer features, and provide personalized gaming experiences
    • Analytics Data: To understand user behavior and improve our services (only with your consent)

    4. Sharing Your Information

    We do not sell your personal information. However, we may share it in the following cases:

    • Service Providers: We may share your information with third-party vendors (e.g., hosting providers, analytics services) who assist us in operating our Site.
    • Legal Requirements: We may disclose your information if required by law or in response to legal requests.
    • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a new owner.

    5. Your Rights Under the GDPR

    As a user based in the European Union, you have the following rights regarding your personal data:

    • Right of Access: You can request access to the personal data we hold about you.
    • Right to Rectification: You can request corrections to any inaccurate or incomplete personal data.
    • Right to Erasure: You can request that we delete your personal data ("Right to be Forgotten"), subject to certain legal exceptions.
    • Right to Restrict Processing: You can request that we restrict the processing of your personal data in certain circumstances.
    • Right to Data Portability: You can request to receive your personal data in a structured, machine-readable format and have it transferred to another data controller.
    • Right to Object: You can object to the processing of your personal data in certain situations, such as direct marketing.
    • Right to Withdraw Consent: If we process your data based on consent, you have the right to withdraw consent at any time.

    To exercise any of these rights, please contact us at the Contact Page.

    6. International Data Transfers

    As part of our operations, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure that such transfers comply with GDPR requirements by implementing appropriate safeguards, such as standard contractual clauses.

    7. Security of Your Information

    We take reasonable measures to protect your personal information from unauthorized access, use, or disclosure. However, no method of transmission over the internet is completely secure, and we cannot guarantee the absolute security of your data.

    8. Cookies and Tracking Technologies

    We use cookies and similar technologies to track your use of our Site and improve your experience. For more details, please see our Cookie Policy

    9. Data Retention

    We retain different types of data for varying periods:

    • Account Data: Until you delete your account or request data deletion
    • Contact Messages: For up to 2 years for customer service purposes
    • Analytics Data: PostHog retains data according to their retention policy
    • Session Data: Until session expiry or logout

    10. Children's Privacy

    Our Site is not intended for children under the age of 13. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.

    11. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. When we make changes, we will update the "Effective Date" at the top of this policy.

    12. Contact Us

    If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at the Contact Page.