Last update: 17/03/2021, with further information on third party companies including delivery and courier companies
The Mystery Agency Ltd., 62 Shaftesbury Avenue, London W1D 6LT (“We”, “our”, “us”) manage and administer the Website. For the purposes of the Data Protection Act 1988 (as amended) and the General Data Protection Regulation 2016/679 (the “GDPR”), we are the “data controller” in respect of the Personal Data (as defined in the GDPR) submitted by you when you visit our website themysteryagency.com (the “Website”).
What type of information do we collect?
Personal data is also received, collected and stored through sign up to our mailing list – when you consent to receive marketing concerning The Mystery Agency. This includes your first name and email address.
- Information you provide by completing a purchase on our site via Stripe or signing up to The Mystery Agency include your name, email and postal addresses, telephone number, country of residence, login, password details, Unique payment identifier and payment provider identifier.
- The Mystery Agency may also retain payment information apart from the last four digits of your credit card or bank account (as applicable), expiration date, and country, which we require for tax, government regulatory, and security purposes.
- You may decline to provide The Mystery Agency with your information. However, this will limit your ability to register for an account or use our Services. You may pledge to a project as a guest by providing only an email address.
We may also use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
Once you have purchased a product, if you would like to request a refund, please see below:
- Ordered through Kickstarter – message us through Kickstarter, stating the reason for the refund request
- Ordered on themysteryagency.com – email firstname.lastname@example.org with the subject line Refund, followed by your order number (i.e. “Refund: XXX”) and reason
How do we store your data?
How long we keep your personal data
We will store your personal data for as long as we actually need it for, concerning the purpose it was originally collected for. For personal data collected for marketing purposes through sign up, our data retention period is three years. At the end of that retention period, we will confirm if you would like to remain subscribed or unsubscribe to receive further communications.
Why do we collect and what do we do with the information?
Personal data which you provide to us is used to:
• Provide you with the information, products and services you request from us
• Send you marketing, in accordance with your marketing preferences
• Manage and administer our business
• Review and improve our products and services
How we use your personal data for marketing purposes?
If you sign up to receive marketing from us, we will add your details to our marketing database (currently managed and administered through Mailchimp, correct as of 6 July 2020). If you tell a third party (for example, when you purchase a product) that you would like them to pass us your contact details, we can then send you updates about our goods and services. You can withdraw your consent for marketing at any time.
What are Cookies?
Cookies are small, often encrypted text files, located in browser directories. They are used to help you navigate the websites efficiently and perform certain functions.
Cookies are created when a user’s browser loads a particular website. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website’s server. For Managing cookies for different browsers see here.
- To provide a great experience for visitors.
- To monitor and analyze the performance, operation and effectiveness of the website
- To ensure the website is secure and safe to use.
To manage your Cookies and preferences, you can find out more relevant to your specific browser here: allaboutcookies.org
Types of Cookies
First-party cookies: Cookies that we place on your site.
Third-party cookies: Cookies that are placed and used by third parties.
Session (transient) cookies: These cookies are erased when site visitors close their browsers and are not used to collect information from their computers. They typically store information in the form of a session identification that does not personally identify the user.
Persistent (permanent or stored) cookies: These cookies are stored on a site visitor’s hard drive until they expire (at a set expiration date) or until they are deleted. These cookies are used to collect identifying information about the user, such as web surfing behavior or user preferences for a specific site.
Strictly necessary cookies: These are the cookies that let your visitors browse through your site. They are also necessary for security reasons.
Functional cookies: These cookies “remember” registered visitors/customers in order to improve their user experience.
Third Party Cookies
TS*: Session, Functional
TS01*******: Session, Functional
TSxxxxxxxx (where x is replaced with a random series of numbers and letters): Session, Functional
TSxxxxxxxx_d (where x is replaced with a random series of numbers and letters): Session, Functional
Third Party Websites
- Mailchimp: https://mailchimp.com/legal/cookies/
The Mystery Agency also uses a number of third parties that may use data provided through our website. These include:
- Google Analytics (website statistics):
We try to be as open as we reasonably can about the Personal Data that we process. If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at email@example.com.
You have legal rights (i) to make a “subject access request” to access your Personal Data; (ii) to request and be given your Personal Data in machine readable format for the purposes of your passing such data to third parties; (iii) to request rectification or removal of your Personal Data; and (iv) to object to processing of your Personal Data and/or to have its processing restricted. You can withdraw your consent to receive marketing messages at any time. If you would like to use any of these rights, or otherwise have any questions about how we handle data, please contact us at firstname.lastname@example.org, with details of your request. In the case of subject access requests please ensure that you add “subject access request” into the subject line of your email.
We will store and process your Personal Data only for as long as is reasonably necessary for us to perform the services/activities we are undertaking and to comply with our legal obligations.
Please note that our Website will, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
As you probably know, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data once transferred to us; any transmission is at your own risk. Once we have received your Personal Data, we will use strict procedures and security features to try to prevent unauthorised access.
If you have complaints relating to our processing of your Personal Data, you should contact us in the first instance at email@example.com. You may also raise complaints with the Information Commissioner who is the statutory regulator.