Privacy Policy

This privacy policy sets out how Tabletop Scotland uses and protects any information that you give Tabletop Scotland when you use this website.

Tabletop Scotland is committed to ensuring that your privacy is protected.

Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Tabletop Scotland may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

This policy is effective from 5th January 2019

What personal data we collect and why we collect it

Contact forms

We use multiple contact forms on the website and those ask for your name, email address and in 1 case also for a contact number.

This information is stored in the website that we can respond to you and for record keeping in relation to future events.


If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Services provided on this website

Events Manager:

  • We collect and store information you submit to us when making an event booking, for the purpose of reserving your requested spaces at our events and maintaining a record of attendance.
  • We may use cookies to temporarily store information about a booking in progress as well as any error or confirmation messages whilst submitting or managing your events and locations.


  • We collect information about you during the checkout process on our store.
  • While you visit our site, we’ll use cookies to keep track of cart contents while you’re browsing our site.
  • When you purchase from us, we’ll ask you to provide information including your name and email address which will be used to create your account information like username and password. We use this information for purposes, such as, to:
    • Send you information about your account and order
    • Respond to your requests, including refunds
    • Process payments and prevent fraud
    • Set up your account for this website
  • We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it.

Third Party services we use

Mailchimp provides our Newsletter. Their Privacy Policy is here.

There is no integration between this website and Mailchimp’s services and so the only information they have access to is the information you provide as part of signing up for our newsletter.

PayPal provides our payment services. Their Privacy Policy is here.

Note that our website does not hold any of your payment information, this is all done via PayPal. powers some of the security features of this website through their JetPack service.  Their Privacy Policy is here.

Information they have access to includes –

  • IP Address you are connecting to the website via
  • Web browser you are using

How long we will retain your data

For users that register on our website, we store your name and email address.
Users can see, edit, or delete their personal information at any time (except they cannot change their username).
Website administrators can also see and edit that information.

We retain that information for a maximum of 6 years.

What rights you have over your data

If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Our contact information

If you have any questions about the above please email us on

Additional information

How we protect your data


  • We use a certificate for encrypting all information exchanged between our website and your browser.
  • Our web host uses various Security services including but not limited to firewalls (both hardware and web application based).
  • All admin passwords are Strong Alphanumeric using letters, numbers and symbols.
  • Checks are routinely made on the website and 3rd party scanning activity is conducted daily.
  • We use Akismet anti-spam services as well as other 3rd party security applications.


  • All emails and other digital correspondence are stored within secure cloud based services and access is limited to the convention team.
  • All physical materials are stored within secure storage and held by David Wright.

What data breach procedures we have in place

  • The website is used almost daily by the convention team and checks are made on log files and other alerts to ensure that if a breach has occurred we will be aware of it.
  • Procedures are in place to notify the ICO and others in the event of any such breach.

If you have previously agreed to us using your personal information, you may change your mind at any time by emailing us at

We will not sell, distribute or lease your personal information to third parties.

You may request details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you please contact us via email at

If you believe that any information we are holding on you is incorrect, incomplete or you wish us to remove it please contact us via email at

If you have any questions about anything above please get in touch.