Politik om beskyttelse af persondata
Privacy Policy
Last updated: 5 July 2026
This Privacy Policy describes how PokePoint ("we", "us", or "our") collects, uses, and protects your personal information when you visit or make a purchase from pokepoint.shop (the "Site"). We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (Datenschutzgesetz, DSG).
Data Controller: Thomas Leitner (PokePoint) Bahnhofstraße 21, 4400 Steyr, Austria Email: info@pokepoint.shop
1. Information We Collect
When you use our Site or place an order, we may collect the following categories of personal data:
Information you provide to us:
- Contact details (name, email address, phone number)
- Billing and shipping addresses
- Order details (products purchased, including pre-orders)
- Communications you send us (support requests, messages)
Information collected automatically:
- Device and browser information (IP address, browser type, operating system)
- Approximate location derived from your IP address
- Pages viewed, time on site, and referring website
- Cookies and similar tracking technologies (see Section 6)
Payment information: We do not store your full card details. Payments are processed securely by our third-party payment providers (e.g. Shopify Payments, PayPal, Stripe). These providers handle your card data in accordance with PCI-DSS standards.
2. How We Use Your Information
We use your personal data for the following purposes:
- To process and fulfil your orders, including pre-orders and restocked items
- To send order confirmations, shipping updates, and restock or pre-order notifications
- To provide customer support and respond to your enquiries
- To detect and prevent fraud or abuse
- To improve our Site, products, and services
- To send marketing communications, where you have consented
- To comply with our legal and regulatory obligations
3. Legal Bases for Processing (GDPR)
We rely on the following legal bases under Article 6 GDPR:
- Contract (Art. 6(1)(b)): to process and deliver the orders you place with us.
- Legitimate interests (Art. 6(1)(f)): to run and improve our business, prevent fraud, and secure our Site — provided these are not overridden by your rights.
- Consent (Art. 6(1)(a)): to send marketing emails and to set non-essential cookies. You may withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)): to keep records for tax, accounting, and consumer-protection purposes.
4. Sharing Your Information
We share your personal data only as necessary, with:
- Suppliers and fulfilment partners who ship products to you on our behalf (see our Shipping Policy). Some orders are sourced from third-party suppliers who require your shipping details to deliver your items.
- Payment processors to take payment securely.
- Shipping and logistics providers (couriers, postal services) to deliver your order.
- Technology providers (e.g. our e-commerce platform, email and analytics services).
- Authorities or advisors where required by law.
We do not sell your personal data.
5. International Transfers
Some of our suppliers and service providers may be located outside the European Economic Area (EEA). Where we transfer your data internationally, we ensure appropriate safeguards are in place, such as a European Commission adequacy decision or the EU Standard Contractual Clauses (SCCs).
6. Cookies
We use cookies and similar technologies to operate the Site, remember your cart, understand how visitors use the Site, and (with your consent) for marketing. You can manage or disable cookies through your browser settings or our cookie banner. Disabling essential cookies may affect Site functionality.
7. Data Retention
We keep your personal data only for as long as necessary to fulfil the purposes described above, including to satisfy legal, accounting, or reporting requirements. Under Austrian law, order and transaction records are generally retained for 7 years for tax purposes (§ 132 BAO).
8. Your Rights
Under the GDPR, you have the right to:
- Access the personal data we hold about you (Art. 15)
- Request correction of inaccurate data (Art. 16)
- Request erasure of your data (Art. 17)
- Restrict or object to processing (Art. 18 & 21)
- Data portability (Art. 20)
- Withdraw consent at any time (Art. 7)
- Lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40–42, 1030 Vienna, dsb.gv.at
To exercise any of these rights, contact us at info@pokepoint.shop. We will respond within one month.
9. Data Security
We use appropriate technical and organisational measures to protect your data, including encryption (SSL/TLS) and access controls. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
10. Children's Privacy
Our Site is not directed at children under 14 (the age of digital consent in Austria). We do not knowingly collect personal data from children below this age without parental consent. If you believe a child has provided us with personal data, please contact us and we will delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be communicated where appropriate.
12. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, contact:
PokePoint — Thomas Leitner Email: info@pokepoint.shop Address: Bahnhofstraße 21, 4400 Steyr, Austria