PokéRestore

Privacy Policy

Last updated: 1 July 2026

Privacy Policy

This policy explains how PokéRestore, operated by [Your legal name / company] ("data controller"), handles your personal data under the GDPR.

What we collect

  • Account data: your email address (used for passwordless sign-in).
  • Order data: the cards you list, notes, order status, and photos we take of your cards.
  • Payment data: processed by Stripe. We do not store your card numbers.
  • Waitlist data: your email, if you ask to be notified when we reopen.

Why we use it

  • To provide the service and fulfil your order (contract).
  • To send transactional emails such as sign-in links and order updates (contract).
  • To notify you if you joined the waitlist (consent).

Who we share it with

We use a small number of processors to run the service:

  • Stripe: payments
  • Resend: transactional email and, if you opt in, the waitlist
  • Our hosting provider: to run the website and database

We do not sell your data.

Retention

We keep order data for as long as needed to provide the service and meet legal/accounting obligations. You can ask us to delete your account data where no legal obligation requires us to keep it.

Your rights

You have the right to access, rectify, delete, restrict and port your data, and to object to certain processing. To exercise these rights, email [email protected]. You may also lodge a complaint with the CNIL (France).