Privacy Policy


This Upper Deck Company Privacy Policy (the “Privacy Policy”) discloses The Upper Deck Company’s (“UDC”) privacy practices and use of data collected from you by UDC, its agents, or affiliates (if applicable). The Privacy Policy applies to all of UDC’s services and activities including but not limited to, its websites, stores, applications, promotional events and contests (collectively the “Website”).

1. Information UDC Collects. In order to allow you to use the Website in the best possible way, UDC may request and/or collect information (such as name, e-mail address, country of residence, and date of birth) from you on a voluntary basis. UDC collects the following types of information about users: Personally Identifiable Information and Non-Personally Identifiable Information (collectively “your information”).

“Personally Identifiable Information” is information that identifies you and may be used to contact you online or offline. UDC only collects Personally Identifiable Information from you on a voluntary basis, through registration, downloads, contest or sweepstakes entries, mailing/newsletter subscriptions, purchases, and technical support or customer service requests. The information UDC collects and stores will depend on the activity, but may include your first and last name, age and birthdate, shipping and billing address(es), e-mail address, and phone number. UDC does not collect any Personally Identifiable Information about you unless you voluntarily provide it to UDC. If you make a purchase from the Website, as applicable, UDC may also collect a credit or debit card number or other financial information, CVV, and billing address. Any credit card information that you provide will only be used as is necessary to process payments and prevent fraud during processing. If you make any purchases associated with or on the Website, as applicable, using any third-party payment processor, that third-party payment processor will collect your email address as well as the billing and payment information it needs to process your charges. UDC and its third party payment processor do not use credit card information for any other purposes, and UDC does not store any credit card information without prior authorization or request to do so. Except as provided herein, when you ask for help from UDC customer service, UDC will collect and store the contact information you give them (generally, your name and e-mail address, and information about your activity on the Website). To participate as a user on the Website, or in online activities, special events, contests, sweepstakes, or blog comment areas, you may be required to provide Personally Identifiable Information.

“Non-Personally Identifiable Information” is information that cannot be used to personally identify you. The Non-Personally Identifiable Information UDC may collect includes the time and date of access, device information, location information, anonymous usage data while you are using the Website, preferences you submit and preferences that are generated based on the data you submit and/or number of clicks, referring/exit pages, a website’s Uniform Resource Locator (“URL”) that you just came from or the URL you go to next, and your Internet Protocol (“IP”) address. However, to the extent that any of the aforementioned identifiers or similar identifiers are considered personal information by law, UDC also treats these identifiers as Personally Identifiable Information.

The Website may contain chat functions, forums, message boards, links to social media websites, and/or personal websites. UDC collects information about your communication and any information you choose to provide. Please remember that any information that is disclosed on any of the aforementioned mediums is public information and you should exercise caution when deciding to disclose your Personally Identifiable Information.

2. How UDC Uses and Shares Information.

Personally Identifiable Information: UDC will use your Personally Identifiable Information internally to: provide you with access to the Website, enhance the operation of the Website, process orders and notify you based on the status of your order, send you products you may have ordered, notify the winners of UDC contests and sweepstakes, address fraud concerns, communicate with you and respond to questions and issues, provide technical support, send you promotional materials and push notifications where opted-into, solicit feedback from users, conduct marketing and user preference related research, and let you know about upcoming changes or improvements to the Website UDC shares your Personally Identifiable Information to its third party licensors pursuant to its agreements and including, without limitation, for their direct marketing purposes including by mail and email. UDC provides some services through contractual arrangements with third-party service providers, including a payment processor and a card fulfillment processor. UDC will share your Personally Identifiable Information as necessary for that certain third party to provide these services and operate the Website. However, you may request more information on the use and storage of your Personally Identifiable Information as expressed in Section 4 of this Privacy Policy.

Non-Personally Identifiable Information: UDC will use Non-Personally Identifiable Information to help enhance the operation of the Website customize the user experience and the Website’s content and layout, and improve UDC marketing and promotional efforts. UDC also aggregates Non-Personally Identifiable Information, including your IP address, in order to track trends and analyze use patterns on the Website, for the purposes of system administration, to report aggregate information to its affiliates, business partners, third party vendors, advertisers, licensors, and other third-parties at UDC’s discretion, and to audit the use of the Website. UDC can and will use IP addresses to identify a user and to gather broad demographic information. This Privacy Policy does not in any way limit UDC’s use or disclosure of Non-Personally Identifiable Information to UDC affiliates, partners, third party vendors, advertisers, licensors, and other third-parties at UDC’s discretion. Please review each service prior to use.

Please be aware that, to the extent permitted by law, UDC may access and disclose your information if UDC (a) is required to do so by law or court order or (b) has a good faith belief that such access or disclosure is reasonably necessary to (i) comply with applicable laws, regulations, or legal process; (ii) enforce the UDC Terms and Conditions of Use for the Website (the “Terms”); (iii) respond to claims that your use of the Website has violated rights of UDC or third parties; (iv) respond to your requests for customer service; (v) share such information with its third party licensors, third party vendors, advertisers, licensors, and other third-parties at UDC’s discretion per any agreement or obligation; and (vi) troubleshoot software bugs and operational problems. UDC may transfer the information collected through the Website if UDC is acquired by, sold to, or merged with another entity. UDC may also share the information with subsidiaries and affiliated and related entities that provide services on UDC’s behalf or in connection with UDC, including allowing UDC to share participant data with applicable third party licensors and data recipients for direct marketing purposes.  

Additionally, UDC may use your information to (a) resolve any disputes with regard to other users, your accounts, third parties, or use of the Website, (b) enforce the Terms, (c) detect, prevent, and ameliorate fraud, spam, abuse, security incidents, and other harmful activity, (d) verify or authenticate information or identifications provided by you, (e) send you service or support messages, such as updates, security alerts, and account notifications, (f) provide customer service, (g) enable you to communicate with other Website users, and (h) operate, protect, improve, and optimize the Website. You may opt-out of receiving information from UDC by clicking the “unsubscribe” button in any e-mail you receive or by contacting UDC using the contact information available in Section 14.

3. Cookies. “Cookies” are small bits of information that are stored by your computer’s web browser. Cookies may tell UDC whether you have visited the Website before and what pages on the Website you have viewed. Generally, Cookies allow UDC’s websites, services, applications, and tools to store relevant information in your browser or device and later read that information in order to identify you to UDC’s servers or internal systems and improve the user experience on the Website. UDC uses Cookies, pixel tags, local shared objects (“Flash Cookies”), and similar technologies to automatically collect this information. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. Flash Cookies are similar to Cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. UDC may allow other UDC websites and third parties to place and read Cookies, web beacons, Flash Cookies, and similar technologies to collect information through the Website. For example, UDC’s third-party service providers may use these technologies to collect information that helps UDC with traffic measurement, research, and analytics. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain online products, services, or features on the Website. Please note that you may need to take additional steps beyond changing your browser settings to refuse or disable Flash Cookies and similar technologies. Flash Cookies can be controlled through the instructions on Adobe’s setting manager page which can be found here: If you choose to refuse, disable, or delete these technologies, some of the functionality of the Website may no longer be available to you. You may occasionally receive cookies from UDC’s advertisers. UDC does not control these cookies and they are not subject to this privacy policy. Please consult such third-party advertisers’ o privacy policies to learn how they collect and use information. You can also learn more about cookies by visiting, which includes additional, useful information on cookies and how to block cookies using different types of browsers. For more information on advertising using cookies and how to opt-out of advertising cookies specifically, please see Section 4 herein.

UDC uses Google Analytics, a web analytics service provided by Google, Inc., located at 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) Google Analytics uses Cookies, and UDC processes your data based on UDC’s overriding legitimate interest to provide easy-to-use website access statistics in a cost-effective manner (pursuant to Article 6 of the General Data Protection Regulation). Google uses this information on UDC’s behalf to evaluate your use of the Website, to compile reports on the Website’s activity, and to provide UDC with other services related to activity on the Website and internet usage. The IP address sent by your browser as part of Google Analytics will not be merged with other data on Google. You can prevent such storage of Cookies by following the direction above. You may also opt-out of Google Analytics and prevent Google from collecting your data in connection with Google Analytics by downloading and installing the browser plug-in available at the following link:

UDC may use the following social media plug-ins including, without limitation, Facebook, Instagram, Pinterest, YouTube, Discord,  Twitter, and other applications. If you visit the Website initially, no Personally Identifiable Information will be transmitted to the provider of the plug-in. UDC gives you the opportunity to communicate directly with the provider of the plug-in via the corresponding button. By clicking on the button, the social plug-in will be activated and the plug-in provider receives the information that you have visited UDC’s online service. By activating the plug-in, personal data will be transmitted by you to the respective plug-in provider and stored there. Since the plug-in provider carries out the data collection in particular via Cookies, UDC recommends that you delete all Cookies via the security settings of your browser before clicking on the plug-in. UDC has no influence on the collected data and data processing operations, nor is UDC aware of the full extent of the data collection, the purpose of the processing, or the storage periods. UDC does not have the ability delete the data collected by the plug-in provider. For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of the plug-in providers.

4. Your Information. In addition to the aforementioned mechanisms, you have the ability to manage the use of your information in the following ways:

(a) If you wish to modify, verify, correct, or update any of your Personally Identifiable Information collected through the Website, you may edit your registered user information in your account settings or contact us using the contact information in Section 14. In accordance with UDC’s routine record keeping, UDC may delete certain records that contain Personally Identifiable Information you have submitted through the Website. UDC is under no obligation to store such Personally Identifiable Information indefinitely and expressly disclaims any liability arising out of, or related to, the destruction of such Personally Identifiable Information. It may not always be possible to completely remove or delete all of your information from UDC’s databases without some residual data because of backups and other reasons.

(b) You may direct UDC not to share your Personally Identifiable Information with third parties (other than UDC’s service providers), not to use your Personally Identifiable Information to provide you with information or offers, and not to send you newsletters, e-mails, or other communications by modifying your registered user information on your account or contacting us using the contact information in Section 14.

(c) Please note that while you may have the opportunity to opt-out of targeted advertising and you may be able to control the use of Cookies through your web browser as described above, some web browsers may also give you the ability to enable a “do not track” setting. This setting sends a special signal to the websites you encounter while web browsing. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, UDC currently does not take action in response to these signals, but when a final standard is established and accepted, UDC will reassess how to respond to these signals.

5. Collection and Use of Data in Promotional Activities, Contests, Sweepstakes, and Special Events. UDC may produce certain promotional activities, contests, sweepstakes, and/or special events with the support of affiliated or non-affiliated sponsors and/or promotional partners in connection with the Website or products featured on the Website. By participating in promotional activities, contests, sweepstakes, or special events and providing any personal contact information, you agree to UDC’s collection and usage of your Personally Identifiable Information and acknowledge that you have fully read and accepted this Privacy Policy and the Terms of the promotion, contest, sweepstake, or special event. For each contest, sweepstakes, and/or special event, UDC will post on the applicable website applicable rules for the event, and if necessary, post any supplemental terms and conditions or privacy provisions. Any person who wins a prize (a “Winner”) is required to provide their consent to the use of certain additional Personally Identifiable Information, including, but not limited to, use of the Winner’s full name, image, voice, likeness and/or biographical information for advertising, trade, and promotional purposes without payment or additional consideration, and without review, approval, or notification. Such information may also be used for advertising, marketing, trade and promotional purposes without further payment or additional consideration, and without review, approval or notification. In order to be awarded a prize, you may be asked to sign a declaration and release that permits UDC and other third parties to use such information. By participating in promotional activities, contests, sweepstakes, or special events and providing any personal contact information, you agree UDC may share your Personally Identifiable Information with UDC’s affiliates, partners, third party vendors, advertisers, licensors, and other third-parties at UDC’s discretion.

6. Children’s Privacy. UDC does not direct the Website to users under eighteen (18) years of age (“children”). UDC does not knowingly collect or maintain Personally Identifiable Information or Non-Personally Identifiable Information from children, other than as permitted by law in support of the internal operations. If UDC becomes aware that Personally Identifiable Information of children has been collected, other than for support of the internal operations, UDC will take reasonable steps to remove such information. If a parent or legal guardian believes that his or her child has submitted personal information to UDC, he or she may contact UDC Customer Service at the addresses provided in Section 14 herein.

If you are a citizen of a European Country and under the age of 18, or a citizen of the United States or Canada and under the age of 13, if applicable, any account must be under the supervision of a parent or legal guardian who agrees to be bound by this Privacy Policy and the applicable Website terms and conditions.  

7. How UDC Protects Information. To protect your information, UDC follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity, and privacy of the information you have provided. UDC has standard security measures in place, including a firewall-protected server and use of encryption, designed to protect against the loss, misuse, and alteration of the information under UDC’s control. Unfortunately however, no system or data transmission over the Internet can be guaranteed to be 100% secure; human errors do occur, so there is always a possibility that there could be unauthorized access to your information. Although UDC strives to protect your information, you acknowledge that: (a) there are security and privacy limitations of the Internet that are beyond UDC’s control; (b) the security, integrity, and privacy of any and all information and data exchanged between you and UDC through the Website cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party. Canadian residents: Canadian residents should be aware that their Personally Identifiable Information will be stored on servers located in the United States of America.

8. Public Safety. UDC may share your Personally Identifiable Information with necessary agencies or persons in the event UDC, in good faith, believes it will a) prevent physical injury or harm to yourself or members of the public; b) protect the rights, property, or safety of UDC or third parties; and/or c) report a crime or other offensive behavior.

9. GDPR.  The European Union General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) provides data subjects within the European Union (“EU”) with certain access rights with respect to their personal data. For purposes of the GDPR “personal data” refers to any information that identifies a natural person existing or residing in the EU (“data subject”), or may be used to identify a data subject, such as name, an identification number, location data, an online identifier, or factors specific to a data subject’s physical, physiological, genetic, mental, economic, cultural, or social identity. Please note that UDC is the data controller of your personal data. Data subjects’ GDPR rights are provided herein and summarized briefly below:

  • Basic Information – the right to understand who UDC is and how UDC processes a data subject’s personal data.
  • Access – the right to request a summary of the data subject’s personal data that is processed by UDC, along with a copy of such personal data.
  • Portability – the right to request UDC provide a copy of a data subject’s personal data in machine readable form for transportation to another controller/processor.
  • Rectification – the right to request that UDC correct errors or update a data subject’s personal data.
  • Erasure – the right to request that UDC erase personal data in UDC’s possession.
  • Restriction on Use – the right to request that UDC stop processing a data subject’s personal data.
  • Objection to Use – the right to object to UDC’s assertion that UDC has a legitimate interest in processing a data subject’s personal data.
  • Objection to Direct Marketing – the right to object to receiving direct marketing materials from UDC and/or its subsidiaries and affiliates.
  • Objection to Automated Processing – the right to object to UDC’s use of personal data to make automated decisions that affect the data subject.

All of the aforementioned requests and objections may be directed to Please note that the data subject access rights described above are not absolute, and in many cases are subject to exceptions or other restrictions. If UDC determines that a request is invalid or does not correspond with the data subject access rights provided by GDPR, UDC will inform the data subject of such determination promptly upon reaching that conclusion.

Pursuant to the GDPR, as a data subject, you may request UDC erase the personal data held by UDC by contacting us through , along with the requirements stated in Section 4(b). Under Article 17 of the GDPR, data subjects have the right to request the erasure of their personal data if one of the following grounds applies:

  • The personal data is no longer necessary for the purpose collected;
  • The data subject withdraws consent to UDC’s processing activities and no other legal justification for processing applies;
  • The data subject is objecting under Article 21(1) of the GDPR to;
    • Processing that is necessary for UDC to perform a task in the public interest under Article 6(1)(e) of the GDPR or in the exercise of UDC’s official authority; and
    • There are no overriding legitimate grounds to process the personal data.
  • The data subject is objecting under Article 21(1) of the GDPR to;
    • Processing that is necessary to pursue UDC’s or a third party’s legitimate interests under Article 6(1)(f) of the GDPR; and
    • There are no overriding legitimate grounds to process the personal data.
  • The data subject is objecting under Article 21(2) of the GDPR to processing for direct marketing purposes;
  • UDC unlawfully processed a data subject’s personal data;
  • EU law requires UDC to erase a data subject’s personal data to comply with a legal obligation; or
  • UDC collected the personal data in the context of offering online services to children under Article 8(1) of the GDPR.

However, the right to erasure is not required under the GDPR, to the extent that data processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by EU or EU member state law to which UDC is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in UDC;
  • for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) GDPR as well as Article 9(3) GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph 8.3.1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  • for the establishment, exercise or defense of legal claims.

Pursuant to the GDPR, data subjects may request confirmation from UDC regarding whether or not UDC has processed their personal data. If your personal data has been processed, as a data subject you may request the following information:

  • The purposes for which the personal data have been processed;
  • The categories of personal data that have been processed;
  • The recipients and/or the categories of recipients to whom your personal data have been or are still being disclosed;
  • The planned duration of storage of your personal data or, if specific information is not available on this, criteria for specifying the duration of storage;
  • The existence of the right to lodge a complaint to a supervisory authority;
  • All available information on the origin of the personal data, if the personal data was not collected from you; and
  • The existence of automated decision-making including profiling as per Article 22(1) and (4) of the

GDPR, and at least in these cases, meaningful information on the logic involved and the consequences and intended effects of this kind of processing for you.

Data subjects also have the right to request information about whether or not their personal data has been transmitted to another country or an international organization. Such requests may be directed to

Data subjects shall have the right to request UDC to restrict processing of personal data if one of the following conditions is met:

  • the data subject contests the accuracy of the personal data for a period enabling UDC to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the personal data, but wants it to be restricted;
  • UDC no longer needs the personal data for the purposes of the processing, but the data subject requires it the establishment, exercise or defense of a data subject’s legal claims; or
  • The data subject objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of UDC override those of the data subject.

As the data controller, UDC may process and retain your personal information on UDC’s servers in the United States. In order to provide data subjects with access to and use of the Website and the ability to make purchases, and utilize other functionality on the Website, and allow third party data processors have access to and process your personal data. Third party data processors include service providers, hosting providers, data storage providers, and other technical partners who help UDC administer the Website, or process the data submitted to the Website.

Where a data subject requests the erasure of their personal data pursuant to the terms in this Privacy Policy, all related accounts and the contents in each account will be permanently unrenderable and inaccessible. Following such requests, UDC is not responsible for any damages or loss pursuant to the deletion or loss of your personal data or account contents.

10. Privacy Notice for California Residents

Effective Date: January 1, 2020

Last Revised: May 29 2020

This California Privacy Notice (“Notice”) explains what data UDC and its agents and affiliates (if applicable) collect from you through our interactions with you and through our products, services, events, and programs, including our websites, apps and digital platforms. This Notice applies only to California consumers as required by the California Consumer Privacy Act of 2018 (“CCPA”) and supplements UDC’s privacy policies.

UDC may change this Notice. Any changes will become effective when posted and your use of any service provided by UDC following these changes means that you accept them. We recommend that you regularly review this Notice when using UDC’s services.  

Personal Information We Collect

When we say “Personal Information” in this Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you. It does not include publicly available information, deidentified, or aggregated consumer information, or information that cannot reasonably be linked to you.

The following categories of personal information may have been collected by us from our consumers within the last twelve (12) months:

  • Identifiers: A name, alias, postal address, online identifier like usernames or screennames, Internet Protocol address, email address, Social Security number, driver’s license number, passport number, or other similar identifiers, insurance numbers, bank and credit card numbers.
  • Commercial information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
  • Geolocation data: Physical location or movements.
  • Professional or employment-related information: Current or past job history or performance evaluations.
  • Inferences drawn from other personal information: Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Our website may obtain the categories of personal information listed above from the following categories or sources:

  • Directly from you. For example, from forms you complete or products you purchase, receive, or redeem.
  • From your devices (i.e. passively from you). For example, from observing your actions on our websites.
  • From third parties. For example, from our licensors, vendors, suppliers, and advertisers; from social media or other websites.

Use of Personal Information

We may use, sell, or disclose the personal information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the information. For example, if you provide your personal information to redeem a product, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our website and products.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your  experience with our websites and to deliver content and product offerings relevant to your interests, including targeted offers and ads through our websites, third-party sites, and via email or text message (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our websites, products, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our websites and products.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website and/or consumer is among the assets transferred.

Sharing Personal Information

For business purposes, we may disclose your personal information to third parties. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the personal information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.

We may share your personal information with the following third parties: third party vendors, contractors, advertisers, licensors, service providers, business partners, and affiliated entities.

Your Rights and Choices

This section describes California residents’ rights under the CCPA and how you can exercise them with UDC.

Right to Know

You can request what personal information we have collected, used, disclosed, and sold about you in the preceding 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our purpose for collecting or selling that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • The categories of third parties with whom we share that personal information.
  • The categories of information sold to any third parties.

Right to Deletion

You can also request that we delete your personal information. We may not delete all of your personal information if one of the following exceptions applies:

  1. Transactional: to complete a transaction for which the personal information was collected, provide a service requested by you, or perform a contract we have with you;
  2. Security: to detect data security incidents;
  3. Error correction: to debug or repair any errors;
  4. Research: Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  5. Internal use: Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  6. Legal compliance: Comply with a legal obligation.
  7. Other: Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will also maintain a record of your CCPA Rights requests.

Right to Opt Out

You have the right to direct us not to sell your personal information at any time.

Right of Nondiscrimination

Exercising any right provided in this Notice will not lead to any discrimination. For example, it will not lead to any denial of any goods or services, different rates or prices for goods or services, and/or different qualities of goods or services.

Exercising Rights

To exercise the various rights described above, please submit a verifiable consumer request to us by either:

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:
    • A power of attorney pursuant to California Probate Code sections 4000-4465 or otherwise sufficient in our discretion to establish your authorized agent’s authority; and/or
    • Your authorized agent’s valid government-issued ID or other proof of identity acceptable to us in our sole discretion.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

10. Promotional E-mails. Where you grant UDC express consent to send you promotional e-mails by opting-in to receive such e-mails, UDC may, from time to time, send you e-mails regarding the Website and or/ UDC’s other websites. Additionally, if you indicated that you are interested in receiving offers or information from UDC and its affiliates and third party licensors, UDC may occasionally send you direct mail about products and services that UDC feels may be of interest to you. UDC shares your Personally Identifiable Information to its third party licensors pursuant to its agreements and including, without limitation, for their direct marketing purposes including by mail and email. You may opt-out of receiving such e-mails at any time by following the directions on the bottom of e-mails to you from UDC or by logging into your account and modifying your account settings. Users must opt-in to receive such e-mails by granting express consent prior to UDC sending commercial electronic messages.

11. Third-Party Sites and Service Providers. Many websites link to the Website and the Website may link to other websites which UDC thinks may be of interest to visitors of the Website. Except as otherwise provided herein, this Privacy Policy only addresses the use and disclosure of information UDC collects from you. Other sites or apps accessible through the Website have their own privacy policies and data collection, use, and disclosure practices. UDC strongly urges you to consult the privacy policy on that site, extension, or app. UDC is not responsible for the policies or practices of third parties and UDC encourages you to read the privacy statements of other sites, extensions, or apps before proceeding to use them. UDC may acquire information from other sources to update or supplement the information that you provide or that UDC collects automatically (such as information to validate or update your address or other demographic information), or when you connect with the company through a third party (including through social networks) based on your registration and privacy settings on those third party sites.

The personal data collected by us may be shared with any of UDC’s affiliated companies. These companies will hold and transmit all personal data in the same safe, confidential and secure environment as set out below. UDC may also share aggregate data with its affiliates, partners, third party vendors, advertisers, licensors, and other third-parties at UDC’s discretion and by accessing and/or using the Website, you expressly consent to such disclosure. This data does not contain any Personally Identifiable Information.

12. Opt-out. If you would prefer not to receive direct communications with regard to UDC products and/or services anymore, you may opt-out by following the directions on the bottom of e-mails to you from UDC.

13. Legal Disclosures; Safety. UDC may transfer and/or disclose the information UDC receives from and about you to comply with a legal obligation, to provide information to law governmental authorities in accordance with applicable law, and when UDC believes in good faith that the law requires it. UDC may collect your information for the internal operations of the Website. UDC also reserves the right to share your information with legal authorities and other companies for fraud protection and credit risk reduction, to detect any technical or security vulnerabilities, to enforce UDC’s Terms or other applicable policies, or to otherwise protect the rights, property, safety, or security of third parties, users of the Website, UDC, or the public.

14. Contact UDC.  For any questions and inquiries regarding this Privacy Policy and UDC’s practices, please contact UDC by mail, telephone, or e-mail.

The Upper Deck Company

5830 El Camino Real

Attn: Customer Service

Carlsbad, California 92008

Phone: 1-800-873-7332


15. Changes to Privacy Policy. UDC reserves the right to makes changes to this Privacy Policy at any time and for any reason, with or without any notice to users. Updated versions of this Privacy Policy will be hyperlinked on the Website.

16. Reservation of Rights. UDC reserves all rights with respect to your compliance with this Privacy Policy and the applicable terms and conditions on the Website.