Privacy Policy

Last updated: Feb 25, 2026

1. Company Information

Shinebrothers
Swaandrift 11
2678BZ De Lier
The Netherlands
KvK: 91615666
VAT ID: NL004903473B33
IOSS: IM5282577297
Contact: info@pokecardmaker.net

Shinebrothers operates https://PokeCardMaker.net (“the Website”).

2. Scope

This Privacy Policy explains how personal data is collected, used, stored, and protected when you use https://PokeCardMaker.net.

We process personal data in accordance with the General Data Protection Regulation (GDPR).

3. Data We Collect

3.1 Information You Provide

Email address (account registration)
Username
Uploaded content (card designs and images)
Order information (for physical purchases)
Communications sent to us

3.2 Automatically Collected Data

When you use the Website, we may automatically collect certain technical data, including:

IP address
Browser type and version
Device information
Pages visited and interaction data
Referral source
Cookies and similar technologies

See Section 14 (Cookies) for detailed information.

3.3 Payment Information

Payments are processed by Stripe. We do not store full payment card details. Stripe processes payment data in accordance with its own privacy policy.

4. How We Use Your Data

We use personal data to:

Provide and operate the Website
Enable account functionality
Store and display uploaded content
Process orders and payments
Provide customer support
Send transactional emails (e.g., order confirmations, password resets)
Send occasional marketing emails (only where permitted by law)
Improve and analyze Website performance
Prevent abuse and fraud

5. Legal Basis for Processing

Under GDPR, processing is based on:

Performance of a contract (account, orders)
Legitimate interests (security, improvement, moderation)
Consent (analytics cookies, marketing emails)
Legal obligations (tax and accounting requirements)

6. User-Generated Content

Uploaded cards are stored indefinitely unless deleted by the user.

Users may choose to mark content as public or private:

Public content is visible to others.
Private content is accessible to anyone with the direct link.

You are responsible for the content you upload, including ensuring you have the necessary rights.

7. Data Retention

Uploaded content: stored indefinitely until deleted by the user.
Accounts: retained indefinitely unless deleted by the user.
Order data: retained as required by tax and accounting laws.
Analytics data: retained according to Google Analytics settings.

8. Sharing of Data

We share data only with necessary service providers:

Stripe (payment processing)
Google Analytics (usage analytics)
Google Tag Manager (tag management)
OpenAI (content moderation)

Uploaded content (images, text, or other media) may be sent to OpenAI’s moderation API to help detect illegal, abusive, or infringing content. OpenAI may store or log the content according to its own policies.

We do not sell personal data. We do not use advertising networks.

9. International Transfers

Some service providers (e.g., Stripe, Google) may process data outside the European Economic Area. Where applicable, appropriate safeguards such as Standard Contractual Clauses are used.

10. Your Rights (GDPR)

You have the right to:

Access your personal data
Rectify inaccurate data
Erase your data
Restrict processing
Object to processing
Data portability
Withdraw consent
Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

Requests can be sent to info@pokecardmaker.net.

11. Security

We implement reasonable technical and organizational measures to protect personal data. No system can guarantee absolute security.

12. Children

The Website is not intended for individuals under 16 years of age. Users under 16 may not create accounts or upload content.

13. Copyright and Takedown

Users are responsible for ensuring that uploaded content does not infringe third-party rights.

If you believe your rights are being infringed, contact info@pokecardmaker.net with sufficient detail. Verified requests will be reviewed and, where appropriate, content will be removed.

14. Cookies and Similar Technologies

14.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites function properly and provide information about how the site is used.

14.2 Types of Cookies We Use

We use the following categories of cookies:

Essential Cookies (Required)

These cookies are strictly necessary for the Website to function. They enable core features such as:

Account login and authentication
Security and fraud prevention
Saving cookie preferences
Payment processing

These cookies cannot be disabled.

Analytics Cookies (Optional)

With your consent, we use analytics cookies to understand how visitors use the Website and to improve our services.

We use:

Google Analytics
Google Tag Manager (to manage analytics scripts)

Analytics cookies may collect:

Pages visited
Time spent on pages
Interaction events
Device and browser information
IP address (processed in accordance with Google’s policies)

Analytics cookies are only placed after you provide consent through our cookie banner.

14.3 Legal Basis

Essential cookies are processed under our legitimate interest in providing a functioning website.
Analytics cookies are processed based on your consent.

You may withdraw your consent at any time by clicking “Manage” in the cookie banner.

14.4 Managing Cookies

You can:

Accept or reject analytics cookies via our cookie banner.
Change your preferences at any time by clicking “Manage”.
Disable cookies through your browser settings.

Please note that disabling essential cookies may affect Website functionality.

14.5 Third-Party Providers

For more information, see:

Google Privacy Policy: https://policies.google.com/privacy
Stripe Privacy Policy: https://stripe.com/privacy
OpenAI Privacy Policy: https://openai.com/policies/us-privacy-policy/

15. Changes

We may update this Privacy Policy from time to time. Continued use of the Website after changes constitutes acceptance of the revised policy.