Privacy Policy

Last Updated: 09.04.2026

Who we are

When we say we, us or our in this privacy notice, we mean Fabled Games Ltd, a company incorporated and registered in England and Wales with company number 14120148, and whose registered office is at Fabled Games Limited, Town Hall Chambers, High Street East, Wallsend, NE28 7AT, United Kingdom.

For the purposes of the Data Protection Legislation, we are the controller of your personal data. This means that we are responsible for deciding how we hold and use personal information about you.


Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.

  • Business refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of the processing of Consumers’ personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers’ personal information, that does business in the United Kingdom.

  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Fabled Games Limited, Town Hall Chambers, High Street East, Wallsend, NE28 7AT, United Kingdom. For the purpose of the GDPR, the Company is the Data Controller.

  • Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

  • Country refers to: United Kingdom

  • Data Controller, for the purposes of the GDPR (General Data Protection Regulation), refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.

  • Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.

  • Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.

  • Personal Data is any information that relates to an identified or identifiable individual. For the purposes for GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.

  • Sale means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer’s personal information to another business or a third party for monetary or other valuable consideration.

  • Service refers to the Website.

  • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. For the purpose of the GDPR, Service Providers are considered Data Processors.

  • Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.

  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

  • Website refers to The Witch’s Lantern accessible from www.thewitchslantern.com

  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable. Under GDPR (General Data Protection Regulation), You can be referred to as the Data Subject or as the User as you are the individual using the Service.

Personal data we collect

Personal data means information which relates to an identified or an identifiable individual.

Types of Personal Data we may collect

  • Identity Data
    i.e. Name, title; social media username; forum username

  • Contact Data
    i.e. Contact address; shipping address; billing address; email address; telephone number

  • Transaction Data
    i.e. Details of orders placed and purchases made; details of payments to and from you

  • Financial Data
    i.e. Payment card details

  • Crowdfunding Project Data
    i.e. Account name; amount pledged on our projects; rewards selected; project related communication with you

  • Usage Data
    i.e. Services you signed up to (e.g. our blogs); events you attended or expressed interest in

  • Enquiries Data
    i.e. Details of enquiries submitted via our website or emailed to us

  • Professional Data
    i.e. Job title; name of business or organisation; professional credentials; professional contact details

  • Technical Data
    i.e. Internet protocol (IP) address; your login data; browser type and version; time zone setting and location; browser plug-in types and versions; operating system and platform and other technology on the devices you use to access this website

We do not routinely collect any special categories of personal data about You (meaning information about Your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, your health, and genetic and biometric data), nor do We collect any data relating to criminal convictions and offences.

We do not provide goods/services directly to children or collect their personal data. If you believe that We have received information relating to or from persons under the age of 18 please contact Us. If we become aware that a person under the age of 18 has provided Us with personal information we will take steps to delete such information.

We may also collect, use and share anonymised, aggregated data such as statistical or demographic data for any purpose. Anonymised data may be derived from Your personal data but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate information on how You use Our website to calculate the percentage of users accessing a specific website feature.


Information from Third-Party Social Media Services

The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:

  • Google

  • Meta 


If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal data that is already associated with Your Third-Party Social Media Service’s account, such as Your name, Your email address, Your activities or Your contact list associated with that account.

You may also have the option of sharing additional information with the Company through Your Third-Party Social Media Service’s account. If You choose to provide such information and Personal Data, during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.

Before You disclose to Us the personal information of another person you must ensure that you have a lawful basis to do so. For information on when and how You can lawfully disclose personal data, please see the Information Commissioner’s Office Guide to the General Data Protection Regulation.

How we collect your data

Type of Data Source

  • Your use of Our website
    i.e. When You purchase products through our website; sign up to Our mailing list; submit an online enquiry; subscribe to Our blogs; complete a survey; or give Us Your feedback.

  • Direct interactions with You
    i.e. When You first contact us (e.g. by contact form or email); when You interact with us through our social media profiles (e.g. on Instagram or TikTok); when You sign up or attend our retreats and community events; when you register interest in Our products; when you give Us Your business card.

  • Directly from a third party
    i.e. When You back Our crowdfunding project on Kickstarter, Backerkit, Gamefound or any other crowdfunding platftorm

  • Automated technologies or interactions
    i.e. As You interact with our website, We may automatically collect technical data about Your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. 

How and why we use personal data

Under the Data Protection Legislation, ΅e can only use Υour personal data if ΅e have a proper reason for doing so. For example, because:

  • You have given us Your consent;

  • it is necessary for the performance of a contract; or

  • it is necessary for Our legitimate interests & or those of a third party.

Consent

Generally We do not rely on consent as a legal basis for processing Your personal data other than:

  • to place cookies on Your device;

  • to enable to You to take part in our events;

  • to send You our newsletters; and

  • to send You electronic marketing communication (if You are not Our existing customer).

Where Your permission is required, We will ask You for such consent separately and clearly. You have the right to withdraw consent to marketing at any time by contacting Us or using the ‘unsubscribe’ link in Our marketing emails. Even if we are not required to obtain Your consent for marketing purposes, You can still opt-out of receiving marketing communications at any time, so You are still in control.

If You submit personal information for publication on Our website or another location, We will publish and otherwise use that information in accordance with the permission which You grant to Us.

Contract

We will use Your personal data if We need to do it to perform Our obligations under a contract with You, or if it is necessary for a contract which We are about to enter with You. For example, if we need to:

  • register You as a new customer or administer Your account;

  • manage Our relationship with You (e.g. to respond to Your enquires or to notify You about changes to Our services);

  • process or deliver Your order; and

  • enable You to partake in a competition or a prize draw.

Legitimate interests

A legitimate interest is when We have a business or commercial reason to use Your information, so long as this is not overridden by Your own rights and interests. We rely on Our own, and/or or a third party’s legitimate interests, when We process Your data for the following purposes:

  • to administer and protect Our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);

  • to manage Our relationship with You;

  • to manage payments;

  • to deal with Your enquiries;

  • to ask You to leave a review or complete a survey;

  • to send You Our updates or other electronic marketing communications (when You are Our existing customer or have enquired about Our products;

  • to engage with You though Our social media profiles;

  • to fund Our projects through crowdfunding campaigns run of Kickstarter and any other crowdfunding/ pledge manager service we use to which You sign up;

  • to run Our community events (e.g. retreats and women’s circles);

  • to increase Our business or promote Our brand through delivering relevant website content and advertisements to You and marketing communication;

  • to measure or understand the effectiveness of the advertising We provide to You;

  • to improve Our website, products, services, marketing, and customer relationships and understanding;

  • to conduct web analytics;

  • for the prevention and detection of fraud; and

  • to interact with You professionally (if You represent our supplier or other business party);

  • for the establishment, exercise or defence of legal claims.

We may ask you to confirm or update Your marketing preferences if You instruct us to provide further services in the future, or if there are changes in the law, regulation, or structure of Our business.

Detailed Information on the Processing of Your Personal Data

The Service Providers We use may have access to Your Personal Data. These third-party vendors collect, store, use, process and transfer information about Your activity on Our Service in accordance with their Privacy Policies.

Analytics

We may use third-party Service providers to monitor and analyze the use of our Service.

  • Google Analytics
    Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of Οur Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.You can opt-out of having made Υour activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.
    For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy

Email Marketing

We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us.

We may use Email Marketing Service Providers to manage and send emails to You.

  • Shopify
    Shopify offers to all its stores an integrated newsletter services. This is the one that We are using for Our marketing communications. 

Payments

We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors).

We will not store or collect Your payment card details. That information is provided directly to Our third-party payment processors whose use of Your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Behavioral Remarketing

The Company uses remarketing services to advertise to You after You accessed or visited our Service. We and Our third-party vendors use cookies and non-cookie technologies to help Us recognize Your Device and understand how You use Our Service so that We can improve Our Service to reflect Your interests and serve You advertisements that are likely to be of more interest to You.

These third-party vendors collect, store, use, process and transfer information about Your activity on Our Service in accordance with their Privacy Policies and to enable Us to:

  • Measure and analyze traffic and browsing activity on Our Service

  • Show advertisements for Our products and/or services to You on third-party websites or apps

  • Measure and analyze the performance of Our advertising campaigns

Some of these third-party vendors may use non-cookie technologies that may not be impacted by browser settings that block cookies. Your browser may not permit You to block such technologies. You can use the following third-party tools to decline the collection and use of information for the purpose of serving You interest-based advertising:

You may opt-out of all personalized advertising by enabling privacy features on Your mobile device such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (Android). See Your mobile device Help system for more information.

We may share information, such as hashed email addresses (if available) or other online identifiers collected on Our Service with these third-party vendors. This allows Our third-party vendors to recognize and deliver You ads across devices and browsers. To read more about the technologies used by these third-party vendors and their cross-device capabilities please refer to the Privacy Policy of each vendor listed below.

The third-party vendors We use are:

  • Google Ads (AdWords)
    Google Ads (AdWords) remarketing service is provided by Google Inc.You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
    Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
    For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy

  • TikTok

TikTok remarketing service is provided by TikTok. You can opt-out from TikTok’s interest-based ads by following their instructions: https://www.tiktok.com/support/faq_detail?id=7543597461764397624&category=web_account
You can learn more about the privacy practices and policies of TikTok by visiting their Privacy Policy page: https://www.tiktok.com/legal/page/us/privacy-policy/en

  • Instagram
    Instagram remarketing service is provided by Meta. You can opt-out from Instagram’s interest-based ads by following their instructions: https://help.instagram.com/911879456838933
    You can learn more about the privacy practices and policies of Instagram by visiting their Data Policy page: https://help.instagram.com/155833707900388

  • Facebook
    Facebook remarketing service is provided by Meta.You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
    To opt-out from Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217
    Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
    For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation

Usage, Performance and Miscellaneous

We may use third-party Service Providers to provide better improvement of our Service.

  • Invisible reCAPTCHA
    We use an invisible captcha service named reCAPTCHA. reCAPTCHA is operated by Google.The reCAPTCHA service may collect information from You and from Your Device for security purposes.
    The information gathered by reCAPTCHA is held in accordance with the Privacy Policy of Google: https://www.google.com/intl/en/policies/privacy/

Who we share personal data with

We may share your information with third parties for the purposes set out in this notice. For example, we may:

  • share Your personal data with Our suppliers which we use to operate Our business (for example our e-commerce platform provider, online inventory and order processing provider, accounting software provider, shipping software provider, payment processing providers, carrier services providers, website data analytics providers, loyalty programmes and marketing software providers). We have contracts in place with these providers to ensure that they can only use Your personal data to provide services to Us and to You;

  • disclose Your personal data to professional advisers (e.g. lawyers, accountants, auditors or insurers) who provide professional services to Us;

  • disclose Your personal data to certain third parties if specifically requested or agreed with You (e.g. if you ask us to introduce you to a third party);

  • disclose and exchange certain information with law enforcement agencies and regulatory bodies to comply with Our legal obligations; and

  • share some personal data with other parties, such as potential buyers of some or all of Our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

International transfers

We may transfer your personal data to a destination outside of the United Kingdom. Transfers of data outside the European Economic Area (EEA) are subject to special rules under the Data Protection Legislation. You can find information in this regard at the European Commission’s website.

We use cloud-based platforms and tools for the purpose of running our website, selling our products and our marketing activities. The providers of these tools are based either in the EEA, Canada or the US. Those who are based in the US subscribe to the EU-US Privacy Shield framework. Transfers of personal data to commercial organisations based in Canada and to organisations subscribing to the Privacy Shield framework are deemed by the European Commission to provide an appropriate level of protection.

We safeguard the international transfers of personal data to that provider by means of contractual obligations based on the standard provisions approved by the European Commission.

How long we keep personal data

We will only retain Υour personal data for as long as necessary to fulfil the purposes we collected it for. For example, if You:

  • subscribe to Our updates, we will hold Your data for that purpose until You unsubscribe or otherwise tell us that You no longer wish to receive such communications; and

  • are Our customer, we will hold Your data for the purposes set out in this privacy policy for up to six years after the end of Our relationship with you.

In some circumstances We may anonymise Your personal data (so that it can no longer be associated with You) for research or statistical purposes, in which case We may use this information indefinitely without further notice to You.

Your rights

You have a number of rights in relation to Your personal data, which allow you to access and control Your information in certain circumstances. You can exercise these rights free of charge, unless Your request is manifestly unfounded or excessive (in which case We may charge a reasonable administrative fee or refuse to respond to such request).

Under certain circumstances, You have the following data protection rights:

  • Access
    This enables You to receive a copy of the personal data We hold about You and to check that We are lawfully processing it.

  • Rectification
    The right to require Us to correct any inaccuracies in Your personal data.

  • Erasure (to be forgotten)
    The right to require Us to delete Your personal data in certain situations.

  • Restriction of processing
    The right to require Us to restrict processing of Your personal data in certain circumstances (e.g. if You contest the accuracy of the data We hold).

  • Data portability
    The right to receive, in certain situations, the personal data You provided to Us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.

  • To object
    The right to object at any time to Your personal data being processed for direct marketing (including profiling) or, in certain other situations, to Our continued processing of Your personal data (e.g. processing carried out for the purpose of our legitimate interests)

  • Not to be subject to automated individual decision-making
    The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning You, or similarly significantly affects You.

If You would like to exercise any of those rights, please contact Us. Please let Us know what right You want to exercise and the information to which Your request relates.

For further information on your rights, please see the Information Commissioner’s Office Guide to the General Data Protection Regulation.

Keeping personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to Your personal data to those who have a genuine business need to access it. Those processing Your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify You and any applicable regulator of a suspected data security breach where We are legally required to do so.

Complaints

We hope that We can resolve any query or concern You may raise about our use of Your information. You may contact us by using the contact methods set out in the How to contact us section of this policy.

The Data Protection Legislation also gives You a right to lodge a complaint with a supervisory authority, in particular in the European Union (or the European Economic Area) state where You work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns or by telephone on: 0303 123 1113. We would, however, appreciate the chance to deal with Your concerns before You approach the Information Commissioner’s Office, so please contact Us in the first instance.

How to contact us

If you have any questions about this privacy notice, (including any requests to exercise your legal rights) please contact us by either:

  • using our website contact form; or

  • sending us an email at witchslantern@gmail.com

Cookies

Our website uses cookies to distinguish You from other users of our websites. This helps Us to provide You with a good experience when you browse our websites. It also allows us to improve our websites and services.

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

  • Cookies or Browser Cookies.
    A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of Our Service. Unless You have adjusted Your browser setting so that it will refuse Cookies, Our Service may use Cookies.

  • Flash Cookies.
    Certain features of Our Service may use local stored objects (or Flash Cookies) to collect and store information about Your preferences or Your activity on Our Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies. For more information on how You can delete Flash Cookies, please read “Where can I change the settings for disabling, or deleting local shared objects?” 

  • Web Beacons.
    Certain sections of Our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. You can learn more about cookies here: All About Cookies by TermsFeed.

We use the following types of cookies:

  • Strictly necessary cookies
    These are cookies that are required for the operation of Our websites. They include, for example, cookies that enable you to log into secure areas of our websites.

  • Analytical/performance cookies
    They allow Us to recognise and count the number of visitors and to see how visitors move around Our websites when they are using them. This helps Us to improve the way Our websites work, for example, by ensuring that users are finding what they are looking for easily.

  • Functionality cookies
    These are used to recognise You when You return to our websites. This enables Us to personalise our content for You, greet You by name and remember Your preferences (for example, Your choice of language or region).

  • Targeting cookies
    These cookies record Your visit to Our websites, the pages you have visited and the links You have followed. We will use this information to make Our websites and the advertising displayed on them more relevant to Your interests. We may also share this information with third parties for this purpose.

  • For more information regarding the management of Your cookies please visit the About Cookies (aboutcookies.org.uk) website.