Skip to main content
Back to Legal

Legal

Privacy Policy

Last Updated: March 30, 2026

PocketDex (“we,” “our,” “us”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, and share information when you use PocketDex (the “Service”). By using PocketDex, you agree to the practices described in this policy. PocketDex operates from Toronto, Ontario, Canada.

Table of Contents

1.Information We Collect

1.1 Account Information. When you register, we collect your email address, display name, and password (stored as a one-way hash — we never store your plaintext password).

1.2 Profile Information. Optionally: avatar photo, location (city/region — see Section 3), bio, and preferred currency.

1.3 Collection Data. The cards you add to your collection, their condition, purchase price, lot information, and associated metadata.

1.4 Scanner Data. Images captured during card scanning are processed to identify cards and are not retained beyond the session unless you explicitly save the scan result to your collection.

1.5 Marketplace Data. Listings you create, offers you make or receive, messages with other users, transaction history, and ratings.

1.6 Usage Analytics. App usage patterns, feature interactions, error reports, and performance data — collected in aggregate to improve the Service.

1.7 Device Information. Device type, operating system version, and app version for compatibility and support purposes.

1.8 Communications. Messages sent through the in-app messaging system between users, which are retained to support dispute resolution and moderation.

2.How We Use Your Information

We use the information we collect to:

  • Provide and operate the Service, including portfolio tracking and the marketplace
  • Display your collection to other users based on your privacy settings
  • Power leaderboard rankings and community features
  • Show your city-level location for local marketplace matching (only if you opt in)
  • Send notifications (new messages, friend requests, vendor posts from accounts you follow)
  • Improve the Service through analytics and usage data
  • Respond to support requests and resolve disputes
  • Enforce our Terms of Service and Community Guidelines
  • Comply with legal obligations and protect the rights of our users

3.Location Data

Location is entirely optional. You are not required to provide any location information to use PocketDex.

3.2 City-Level Only. We only store and display your location at the city or region level. We never collect, store, or transmit your precise GPS coordinates.

3.3 Opt-In. Location is collected only when you explicitly set it in Profile → Settings → Location.

3.4 Uses. Your location is used for local marketplace matching (showing listings nearby) and regional leaderboard filtering.

3.5 Removal. You can remove your location at any time from Profile → Settings → Location.

4.Information Sharing

4.1 We Do Not Sell Your Data.

We do not sell, rent, trade, or otherwise transfer your personal information to third parties for marketing or advertising purposes.

4.2 Other Users. Your profile information and collection (based on your privacy settings) may be visible to other PocketDex users. You control your visibility through Privacy Settings.

4.3 Service Providers. We share data with trusted service providers who help us operate the Service (e.g., hosting, email delivery, payment processing). These providers are bound by confidentiality agreements and may only use your data to perform services on our behalf.

4.4 Third-Party Services.

pokemontcg.io: We query their API for card data and pricing. Your card lookups may be included in API requests to their service. See their privacy policy at pokemontcg.io.

Push notification services: Used to deliver push notifications to your device. Device tokens are shared only as required for delivery.

Cloud hosting: Your data is stored on encrypted servers operated by our hosting provider under data processing agreements.

4.5 Legal Requirements. We may disclose information if required by law, court order, or government authority, or when we believe in good faith that disclosure is necessary to protect our rights or prevent fraud.

4.6 Business Transfer. In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, with continued privacy protections consistent with this policy.

5.Data Retention

We retain your account data for as long as your account is active. Collection and portfolio data is retained for the life of your account and for 30 days after account deletion, after which it is permanently deleted. Marketplace transaction records may be retained for a longer period as required by applicable law. Anonymized, aggregate analytics data may be retained indefinitely. You can request deletion of your data at any time (see Section 6).

6.Your Rights

You have the right to:

AccessRequest a copy of the personal data we hold about you.
CorrectionRequest correction of inaccurate or incomplete data.
DeletionRequest deletion of your account and associated personal data (processed within 30 days).
ExportDownload your collection data in CSV or JSON format at any time from Account Settings → Export Data.
Opt-OutOpt out of non-essential analytics data collection in Settings → Privacy → Analytics Opt-Out.

To exercise these rights, contact privacy@pocketdex.app. We will respond within 30 days.

7.Cookies and Analytics

We use session cookies for authentication and user preference storage. We use analytics tools (cookies or SDKs) to understand how users interact with the Service and to improve it over time. You can disable non-essential cookies in your browser settings or through our in-app opt-out. See our Cookie Policy for full details.

8.Children's Privacy

PocketDex is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete it promptly. If you believe a child has provided us with personal information without appropriate consent, please contact privacy@pocketdex.app.

9.PIPEDA Compliance

Canadian Privacy Law (PIPEDA)

As a Canadian company, PocketDex complies with the Personal Information Protection and Electronic Documents Act (PIPEDA).

This means we:

  • Collect only the personal information we need for the purposes identified in this policy
  • Use personal information only for the purposes for which it was collected, or for consistent purposes
  • Obtain meaningful consent where required by law
  • Maintain appropriate administrative, technical, and physical security safeguards
  • Provide individuals with access to their personal information upon request
  • Allow individuals to challenge the accuracy of their information and have it corrected

10.GDPR (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including:

  • The right to data portability (receive your data in a structured, machine-readable format)
  • The right to restrict processing of your personal data
  • The right to object to processing based on legitimate interests
  • The right to lodge a complaint with your local data protection supervisory authority

Our lawful basis for processing your data is primarily contract performance (to provide the Service you have signed up for) and legitimate interests (analytics, security, fraud prevention). For GDPR-specific requests, contact privacy@pocketdex.app.

11.Security

We use industry-standard security measures to protect your data, including TLS encryption for all data in transit, encryption at rest for sensitive data, and regular security reviews. We restrict access to personal data to employees and contractors who need it to operate and improve the Service. No method of transmission or storage is 100% secure — we cannot guarantee absolute security, but we are committed to maintaining strong protections and will notify you promptly in the event of a qualifying security breach as required by applicable law.

12.Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the Service, applicable law, or our practices. We will notify you of material changes by updating the “Last Updated” date and, where required by law or where changes are significant, by sending you an in-app notification or email. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

13.Contact Us

For privacy concerns, questions, or to exercise your rights:

PocketDex Privacy Team

privacy@pocketdex.app

Toronto, Ontario, Canada

← Back to LegalTerms of ServiceCookie Policy