Legal

Privacy Policy

Last updated: April 2026

This Privacy Policy explains how Collect N Trade ("we", "us", "our") collects, uses, stores and protects your personal data when you use our website at collectntrade.co.uk. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Collect N Trade is a UK-based TCG pricing and marketplace platform. We are the data controller responsible for your personal data.

If you have any questions about this policy or how we handle your data, please contact us at:

Collect N Trade

Based in: United Kingdom

Email: collectntrade.tcg@gmail.com

2. What Data We Collect

We collect only the minimum data necessary to provide our service. Currently this is limited to:

  • Email address — when you sign up to our mailing list or waitlist
  • Consent record — the date and time you gave us permission to contact you
  • Technical data — basic analytics such as pages visited, browser type and approximate location (country level only). This data is anonymous and cannot identify you personally.

We do not collect your name, phone number, payment details or any sensitive personal data at this stage.

3. Why We Collect Your Data (Legal Basis)

Under UK GDPR we must have a lawful basis for processing your personal data. We rely on the following:

  • Consent — when you tick the consent checkbox and submit your email address, you are giving us explicit consent to contact you with updates about Collect N Trade. You can withdraw this consent at any time.
  • Legitimate interests — for basic anonymous analytics to understand how our website is being used and to improve it.

4. How We Use Your Data

We use your email address solely to:

  • Send you updates about the Collect N Trade platform launch
  • Notify you when new features or games go live
  • Occasionally share relevant TCG pricing news and content

We will never use your data for anything other than what you consented to. We will never sell your data to third parties.

5. Who We Share Your Data With

We use a small number of trusted third-party services to operate our platform. These act as data processors on our behalf and are contractually bound to handle your data securely and in accordance with UK GDPR:

  • Brevo (Sendinblue) — our email marketing platform, used to store your email address and send communications. Brevo is GDPR compliant and headquartered in the EU. You can view their privacy policy at brevo.com/legal/privacypolicy.
  • Vercel — our website hosting provider. Vercel processes basic request data to serve our website. You can view their privacy policy at vercel.com/legal/privacy-policy.

We do not share your data with any other third parties.

6. How Long We Keep Your Data

We will keep your email address on our mailing list until you unsubscribe. Once you unsubscribe your email is moved to a suppression list to ensure we never contact you again — it is not deleted immediately as this suppression list is necessary to honour your unsubscribe request.

If you request complete deletion of your data we will remove you from all systems within 30 days.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right to access — you can request a copy of the personal data we hold about you
  • Right to rectification — you can ask us to correct inaccurate data
  • Right to erasure — you can ask us to delete your personal data
  • Right to restrict processing — you can ask us to limit how we use your data
  • Right to data portability — you can request your data in a machine-readable format
  • Right to object — you can object to us processing your data
  • Right to withdraw consent — you can withdraw your consent at any time by clicking unsubscribe in any email we send you

To exercise any of these rights, please contact us at the email address above. We will respond within 30 days.

8. Unsubscribing

Every email we send contains a one-click unsubscribe link. Clicking it will immediately remove you from our mailing list. You will never receive another marketing email from us after unsubscribing.

You can also email us directly to unsubscribe or request data deletion at any time.

9. Cookies

Our website currently uses only essential cookies necessary for the site to function. We do not use advertising cookies, tracking cookies or third-party marketing cookies.

We may add analytics in future — if we do we will update this policy and request your consent before setting any non-essential cookies.

10. Data Security

We take the security of your personal data seriously. Our website is served over HTTPS and your data is stored with trusted providers who maintain industry-standard security practices including encryption at rest and in transit.

In the event of a data breach that is likely to affect your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours as required by UK GDPR.

11. International Data Transfers

Our email provider Brevo is based in the EU and stores data on EU servers. Our hosting provider Vercel may process data in the United States — they are certified under the EU-US Data Privacy Framework which provides appropriate safeguards for international transfers.

12. Changes to This Policy

We may update this privacy policy from time to time as our platform evolves. When we make significant changes we will notify subscribers by email. The date at the top of this page shows when it was last updated.

13. How to Complain

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator.

Information Commissioner's Office

Website: ico.org.uk

Helpline: 0303 123 1113

We would always prefer to resolve any concerns directly first — please contact us before raising a complaint with the ICO.