Effective Date: November 12, 2025
Website: https://scrollforge.shop
Contact: info@scrollforge.shop

1. Introduction

Welcome to Scrollforge.shop — the marketplace where creators and adventurers trade digital tools, stories, and role-playing treasures.

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains:

  • What information we collect
  • How and why we use it
  • Your rights under the General Data Protection Regulation (GDPR) and
    related laws
  • How we comply with Strong Customer Authentication (SCA) and
    Payment Services Directive 2 (PSD2) standards

By using our website, you agree to the practices described in this policy.

2. Who We Are

Scrollforge.shop is operated by its parent entity (hereafter “we,” “us,” or “our”). We act as the Data Controller for user and vendor data collected through this website.

For privacy inquiries, you may contact us at: 📧 info@scrollforge.shop

3. Data We Collect

We collect only the data necessary to operate our marketplace and provide a secure experience.

a. Information You Provide Directly

  • Account details: name, email address, username, password
  • Billing and payment information: address, transaction details (processed
    by third-party payment providers; we never store full card details)
  • Vendor information: business name, payout details, and tax information
    (for sellers only)
  • Communications: messages sent via our contact forms or support
    channels

b. Automatically Collected Information

  • IP address, browser type, and device information
  • Site usage data (via cookies or analytics tools)
  • Session data for fraud prevention and performance tracking

c. Third-Party Data

  • Payment confirmations from gateways (e.g., Stripe, PayPal)
  • Analytics data (e.g., Google Analytics, anonymized)
  • Authentication from linked accounts (if used)

4. How We Use Your Data

We process personal data only for legitimate purposes, including:

Purpose
Account creation, login, and marketplace use
Processing orders and payment
Vendor payouts and accounting
Fraud detection and security
monitoring
Email communication and support
Marketing (opt-in newsletters,
promotions)
Improving site functionality and
analytics		Legal Basis under GDPR
Performance of contract
Performance of contract; compliance with
PSD2/SCA
Legal obligation
Legitimate interest
Legitimate interest / Consent
Consent
Legitimate interest

We will never sell your data to third parties.

5. GDPR Rights

Under the General Data Protection Regulation, you have the following rights:

  • Access – Request a copy of your personal data.
  • Rectification – Correct inaccurate or incomplete information.
  • Erasure – Request deletion (“right to be forgotten”).
  • Restriction – Limit how we process your data.
  • Portability – Obtain a copy of your data in a machine-readable format.
  • Objection – Object to processing based on legitimate interests.
  • Withdraw Consent – Withdraw consent for optional features like
    marketing.

To exercise your rights, contact: info@scrollforge.shop

We respond to all verified requests within 30 days.

6. Payments, SCA, and PSD2 Compliance

a. Payment Security

All payments are processed securely through third-party payment processors such as Stripe or PayPal, which comply with:

  • Strong Customer Authentication (SCA) – requiring two-factor verification for transactions.
  • Payment Services Directive 2 (PSD2) – ensuring secure electronic
    payments and protecting against fraud.

We do not store or have access to full credit card numbers. Payment data is encrypted and handled by certified payment institutions.

b. Vendor Payouts

Vendor transactions and withdrawals are verified through PSD2-compliant processes to ensure funds are sent only to authorized recipients.

7. Data Retention

We retain personal data only as long as necessary to:

  • Fulfill purchases and provide services
  • Comply with legal, tax, and accounting requirements
  • Resolve disputes and enforce agreements

Inactive accounts may be anonymized or deleted after 24 months of inactivity.

8. Sharing Your Data

We may share limited data with:

  • Payment processors (for transactions)
  • Hosting providers (for site operation)
  • Analytics services (for site improvement)
  • Regulatory or law enforcement authorities, when required by law

All third parties are bound by data processing agreements that ensure GDPR compliance.

9. International Data Transfers

If data is transferred outside the European Economic Area (EEA), we ensure it is protected under:

  • EU Standard Contractual Clauses (SCCs), or
  • An adequacy decision by the European Commission.

10. Cookies and Tracking

We use cookies to enhance user experience and analyze site traffic.
For details, please see our Cookie Policy.

11. Data Security

We use technical and organizational measures to safeguard your data, including:

  • SSL/TLS encryption
  • Secure password hashing
  • Access control and auditing
  • Regular vulnerability checks

While no system is 100% secure, we continuously improve our security practices.

12. Children’s Privacy

Our services are not intended for users under 18 years of age. We do not knowingly collect data from minors. If we learn that data has been collected inadvertently, it will be deleted promptly.

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect new legal requirements or service changes.
The updated version will always include a new effective date at the top of this page.

14. Contact Us

For questions or to exercise your rights:📧 info@scrollforge.shop

If you believe your data has been mishandled, you may also lodge a complaint with your local Data Protection Authority.

Sign In

Register

Sign up with Google

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.