Commander Decks, Analysis & Table FitCommander Decks, Analysis & Table Fit

Privacy Policy

Spanish

Last Updated: 2025-12-20

This Privacy Policy explains how Marc Dalmau Ballester, a self-employed professional (“Autónomo”) established in Spain (the “Owner”, “we”, “us”, or “our”), collects, uses, shares, and protects personal data when you use the website and services available at ** MTGMASTER.AI ** (the “Service”).

We are committed to complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and Spanish data protection law (Organic Law 3/2018, LOPDGDD).

If you have any questions, you can contact us at:
Email: contact@mtgmaster.ai
Address: Sant Roc 2, 08340, Vilassar de Mar, Barcelona, SPAIN
Tax ID (NIF): 38834346L

1. Data Controller

The data controller responsible for processing your personal data is:

** Marc Dalmau Ballester **
Professional address: Sant Roc 2, 08340, Vilassar de Mar, Barcelona, SPAIN
Email: contact@mtgmaster.ai

2. What Data We Collect

We may collect and process the following categories of personal data when you use the Service:

2.1 Data You Provide Directly

  • Account data: username, email address, password (hashed), profile information.
  • Content data: decklists, card preferences, comments, saved collections, and any other data you choose to upload or generate in the Service.
  • Communication data: messages sent via contact forms, support requests, feedback, or email communications.
  • Billing data: if you purchase credits, subscriptions, or paid features, we may collect limited billing-related information (e.g. billing address, transaction ID). Full payment card details are typically processed by our payment provider (e.g., Stripe) and not stored by us.

2.2 Data Collected Automatically

When you access or use the Service, we may automatically collect:

  • Technical data: IP address, browser type and version, operating system, device type, language settings.
  • Usage data: pages visited, time and date of visits, features used (e.g., deckbuilder, AI tools), clickstream data, error logs, and performance diagnostics.
  • Cookies and similar technologies: as described in section 5 (Cookies and Tracking Technologies).

3. Purposes and Legal Bases for Processing

We process your personal data for the purposes and on the legal bases described below:

3.1 Provision of the Service

  • Purpose: to create and manage your account, enable you to build and store decks, manage collections, use AI tools, and access all features of the Service.
  • Legal basis:
    • Art. 6(1)(b) GDPR – performance of a contract or steps prior to entering into a contract.

3.2 Customer Support and Communication

  • Purpose: to respond to your inquiries, support requests, bug reports, and feedback.
  • Legal basis:
    • Art. 6(1)(b) GDPR – performance of a contract (support related to your account or services).
    • Art. 6(1)(f) GDPR – legitimate interest in providing good customer service.

3.3 Service Maintenance, Security, and Improvement

  • Purpose: to monitor performance, fix errors, maintain security, prevent abuse, and improve the Service (e.g. usage analytics, technical logs, fraud detection).
  • Legal basis:
    • Art. 6(1)(f) GDPR – legitimate interests in ensuring security, stability, and improvement of the Service.

3.4 Payments and Invoicing

  • Purpose: to process payments for credits, subscriptions, or other paid features, and to comply with tax and accounting obligations.
  • Legal basis:
    • Art. 6(1)(b) GDPR – performance of a contract.
    • Art. 6(1)(c) GDPR – compliance with legal obligations (accounting, tax).

3.5 Marketing Communications (If Applicable)

  • Purpose: to send you information about updates, new features, or offers relating to the Service (e.g. newsletters), if you have opted in.
  • Legal basis:
    • Art. 6(1)(a) GDPR – your consent (opt-in).
      You can withdraw your consent at any time by using the unsubscribe link or contacting us.

3.6 Legal Compliance and Enforcement

  • Purpose: to comply with legal obligations, respond to lawful requests from authorities, and enforce our Terms of Service.
  • Legal basis:
    • Art. 6(1)(c) GDPR – compliance with legal obligations.
    • Art. 6(1)(f) GDPR – legitimate interests in asserting or defending legal claims.

4. How We Share Your Data

We do not sell your personal data. We may share your data with:

4.1 Service Providers (Processors)

We may use third-party service providers to operate and improve the Service, such as:

  • Hosting providers (e.g., cloud infrastructure).
  • Analytics providers (e.g., web analytics tools).
  • Payment processors (e.g., Stripe).
  • Email delivery providers (e.g., transactional email services).

These service providers process personal data on our behalf and only under our instructions, in accordance with data processing agreements compliant with GDPR.

4.2 Legal and Regulatory Authorities

We may disclose your data if required by law, court order, or governmental authority, or if necessary to protect our rights or the rights of others.

4.3 Business Transfers (If Applicable)

If we are involved in a merger, acquisition, or asset sale, your personal data may be transferred as part of that transaction, in accordance with data protection laws.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Service.

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help the site recognize your browser and remember certain information.

5.2 Types of Cookies We Use

  • Strictly necessary cookies: required for the basic functioning of the Service (e.g. login, security).
  • Preference cookies: to remember your settings (e.g. language).
  • Analytics cookies: to analyze usage of the Service and improve performance.
  • (Optional) Advertising cookies: if used, to show relevant ads or sponsored content.

5.3 Legal Basis for Cookies

  • Necessary cookies: Art. 6(1)(f) GDPR – legitimate interests in providing a functional, secure Service.
  • Non-essential cookies (analytics, advertising): Art. 6(1)(a) GDPR – your consent.

When required by law, we will use a cookie consent banner to collect your preferences and allow you to accept or reject non-essential cookies.

5.4 Managing Cookies

You can:

  • Adjust cookie preferences via our cookie banner or settings (if implemented).
  • Configure your browser to block or delete cookies.
    Blocking some cookies may affect the usability of certain features of the Service.

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA), for example in the United States.

Where such transfers occur, we will ensure that:

  • The destination country has an adequacy decision from the European Commission; or
  • We implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission; or
  • Another appropriate safeguard under GDPR is in place.

You may request more information about international transfers and a copy of applicable safeguards by contacting us.

7. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, in particular:

  • Account data: for as long as your account is active. If you delete your account, we will delete or anonymize your personal data, except where retention is required by law (e.g. invoices, transaction records).
  • Content data (e.g. decks, collections): for as long as your account exists or until you delete that content.
  • Billing and transaction data: retained for the period required by tax and accounting laws (usually several years under Spanish law).
  • Technical logs and security data: retained for a limited period necessary for security, troubleshooting, and auditing, unless a longer period is required for investigating incidents.

We may store anonymized or aggregated data that no longer identifies you, for statistical and analytical purposes.

8. Your Rights under GDPR

As a data subject in the EU/EEA (and Spain), you have the following rights:

  1. Right of access – to obtain confirmation whether we process your data and receive a copy of such data.
  2. Right to rectification – to have inaccurate or incomplete data corrected.
  3. Right to erasure (“right to be forgotten”) – to request deletion of your personal data, where legally possible.
  4. Right to restriction of processing – to request that we limit processing of your data in certain circumstances.
  5. Right to data portability – to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller, where technically feasible and legally required.
  6. Right to object – to object to processing based on legitimate interests, including profiling, in which case we will stop processing unless we have compelling legitimate grounds.
  7. Right to withdraw consent – where processing is based on consent, you can withdraw it at any time (without affecting prior lawful processing).
  8. Right not to be subject to automated decision-making – including profiling, where such decisions have legal or similarly significant effects, unless certain conditions are met.

To exercise your rights, please contact us at [EMAIL] and clearly state which right you wish to exercise. We may need to verify your identity before fulfilling your request.

9. Right to Lodge a Complaint

If you believe that we are processing your personal data in violation of GDPR or Spanish law, you have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) or your local supervisory authority in the EU:

Agencia Española de Protección de Datos (AEPD)
Website: https://www.aepd.es/

We encourage you to contact us first, so we can address your concerns directly.

10. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or destruction.

However, no online service is completely secure. We cannot guarantee absolute security, but we strive to use commercially reasonable safeguards to protect your data.

If we become aware of a personal data breach that poses a risk to your rights and freedoms, we will act in accordance with GDPR, including notifying you and/or the relevant authority where required.

11. Children’s Privacy

The Service is not intended for children under the age of 16, and we do not knowingly collect personal data from children under that age.

If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at [EMAIL] so we can take appropriate action (e.g., delete such data).

12. Links to Other Websites

The Service may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices or content of those third-party sites.

We recommend that you review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page with a new “Last Updated” date.

If changes are material, we may also notify you through the Service or by email, where appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.

14. Contact

If you have any questions, requests, or concerns about this Privacy Policy or our data protection practices, please contact:

Marc Dalmau Ballester
Email: ** contact@mtgmaster.ai **
Address: ** Sant Roc 2, 08340, Vilassar de Mar, Barcelona, SPAIN **

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

MTG Master is free to use. Optional Pro features are available through credits or subscriptions.

Magic: The Gathering, Wizards of the Coast, and all related trademarks are the property of Wizards of the Coast LLC in the U.S. and other countries. © 1993–2026 Wizards. All rights reserved.

MTG Master is an independent, fan-made project and is not affiliated with, endorsed, sponsored, or approved by Wizards of the Coast. MTG Master uses certain Wizards-owned intellectual property under the terms of the Wizards Fan Content Policy. To learn more about Wizards of the Coast and their policies, please visit company.wizards.com.

Card data, images, and some pricing information are sourced from Scryfall. Scryfall provides this information without warranty; always check local stores for final prices and availability.

© 2026 MTG Master·Terms of Service·Privacy Policy·Cookie Policy·Payment Terms·AI Use & Limitations·Legal Notice·Affiliate Disclosures·About·Commander Guides·

We use cookies for analytics to improve the site.

Analytics only runs if you choose “Accept”. You can change your choice anytime.