Privacy Policy

Effective Date: October 6, 2025

Important: This website is not affiliated with, endorsed by, or connected to The Pokémon Company International, Nintendo, Game Freak, Creatures Inc or PokeXGames. All Pokémon-related names, characters, and imagery are the property of their respective owners.

1. Introduction

PokeXGuides ("we," "our," or "us") operates the website pokexguides.com (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and explains your privacy rights under GDPR and CCPA.

2. Information We Collect

Account Information

  • Email Address: For authentication and communication
  • Username: For identification within the platform
  • Password Hash: Securely encrypted for account protection
  • Preferred Language: For user experience personalization
  • Registration Date: For account management

Session and Technical Data

  • IP Address: For security monitoring and rate limiting
  • User Agent: Browser and device detection
  • Device Information: Device type, browser, operating system
  • Location Data: Approximate location based on IP (for session identification)
  • Last Activity: Timestamp of user interactions

Game Progress Data

  • Task States: Progress tracking for in-game tasks
  • Pokemon States: Records of captured Pokémon
  • Profile Settings: Character names, clan affiliations, professions
  • Local Storage Data: Temporary game state before account creation (migrated to database upon registration)

Payment and Subscription Data

  • Stripe Customer ID: For payment processing
  • Subscription Status: Active, canceled, or trial status
  • Subscription Period: Current billing period end date
  • Price ID: Subscription plan identifier
  • Note: We do NOT store payment card information. All sensitive payment data is handled by Stripe.

Discord Integration Data

  • Discord ID: For role assignment and community features
  • Discord Username: For identification in our Discord server
  • Discord Avatar: For profile display purposes
  • Important: We do NOT access your Discord messages, servers, friends list, or any other Discord data beyond what is explicitly listed above.

Local Storage (Browser)

  • Theme Preference: Dark/light mode selection
  • Completed Tasks: Game progress before account creation
  • Caught Pokemon: Pokémon data before account creation
  • Note: Local storage data is migrated to our secure database when you create an account.

3. How We Use Your Information

Service Operation

  • User authentication and account management
  • Game progress tracking and synchronization
  • Session management across devices
  • Premium feature access control

Communication

  • Email verification and account security
  • Password reset requests
  • Subscription and billing notifications
  • Service updates and announcements

Security & Analytics

  • Fraud prevention and security monitoring
  • Rate limiting and abuse prevention
  • Service performance optimization
  • Usage analytics (anonymized)

Third-Party Integrations

  • Discord role assignment and community features
  • Stripe payment processing
  • Email delivery via Resend

5. Data Sharing and International Transfers

Neon (PostgreSQL Database)

Our primary database is hosted on Neon, which uses servers located in the United States.

Data Transferred: All user data except payment card information

Legal Mechanism: Standard Contractual Clauses (SCCs) for EU-US data transfers

More info: Neon Privacy Policy

Stripe (Payment Processing)

Stripe processes all payments and stores payment information securely in compliance with PCI DSS standards.

Data Processed: Payment method information, billing details, transaction history

Location: United States (with global data centers)

Important: We do NOT store payment card information on our servers

More info: Stripe Privacy Policy

Resend (Email Delivery)

We use Resend for transactional emails (verification, password reset, notifications).

Data Processed: Email address, name, email content

Location: United States

Legal Mechanism: Standard Contractual Clauses (SCCs)

More info: Resend Privacy Policy

Discord (OAuth Integration)

When you connect your Discord account, we receive limited profile information.

Data Accessed: Discord ID, username, avatar URL only

Data NOT Accessed: Messages, servers, friends, or any other Discord data

More info: Discord Privacy Policy

No Sale of Personal Information

We do NOT sell, rent, or trade your personal information to third parties for marketing or advertising purposes. Data is only shared with service providers necessary to operate our Service.

6. Data Retention

Data Category Retention Period Reason
Account Information Until account deletion + 30 days Service operation and grace period for account recovery
Session Data 30 days Security monitoring and abuse prevention
Payment Records 7 years after subscription ends Legal and tax compliance requirements
Discord Integration Data Until disconnected by user User-controlled integration
Game Progress Data Until account deletion Core service functionality
Email Tokens (verification, reset) 1-24 hours Security purposes, single-use tokens

7. Your Data Protection Rights

GDPR Rights (EU/UK)

  • Right of Access: Obtain confirmation and copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Delete your personal data
  • Right to Restriction: Limit processing of your data
  • Right to Data Portability: Receive your data in machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Revoke consent at any time

CCPA Rights (California)

  • Right to Know: What personal information is collected and how it's used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Not be discriminated against for exercising rights

How to Exercise Your Rights

Account Deletion

You can delete your account at any time through your account settings. This will permanently remove:

  • Your profile information and preferences
  • All game progress and saved data
  • Session history and activity logs
  • Discord integration data

Note: Payment records are retained for 7 years for legal compliance.

Data Export (Portability)

Request a complete export of your data in JSON format, including:

  • Account information
  • Game progress and Pokémon data
  • Session history
  • Subscription information

Discord Integration Control

You can disconnect your Discord account at any time through your profile settings. This immediately removes our access to your Discord data.

To exercise any of these rights, contact us at:
pokexguides@outlook.com

We respond to all legitimate requests within 30 days.

8. Cookies and Local Storage

Cookies We Use

Authentication Cookies

Secure session tokens for maintaining your login state

Preference Cookies

Remember your theme selection and language preferences

Security Cookies

CSRF protection and rate limiting

Local Storage Usage

We use browser local storage to enhance your experience. Here's what we store locally:

  • theme: Your dark/light mode preference
  • completedTasks: Game progress before account creation (migrated to database upon registration)
  • caughtPokemon: Pokémon data before account creation (migrated to database upon registration)

You can clear local storage through your browser settings at any time.

9. Data Security

Technical Measures

  • Passwords hashed with industry-standard bcrypt
  • HTTPS encryption for all data transmission
  • Regular security updates and patches
  • Secure session management with expiration
  • Database encryption at rest

Organizational Measures

  • Limited access to personal data
  • Regular security awareness training
  • Incident response procedures
  • Data protection impact assessments
  • Vendor security assessments

10. Children's Privacy

Our Service is not directed to children under the age of 13 (16 in the EU). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at pokexguides@outlook.com and we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "effective date" at the top
  • Sending email notifications to registered users for material changes
  • Displaying a prominent notice on our website for significant updates

Changes become effective immediately upon posting. We recommend reviewing this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or want to report a privacy concern, please contact us:

Email: pokexguides@outlook.com

Response Time: We aim to respond to all legitimate requests within 30 days

Supervisory Authority: EU residents have the right to lodge a complaint with your local data protection authority

This document was last updated on October 6, 2025

Legal Disclaimer: This privacy policy is provided for informational purposes. For specific legal advice, consult with a qualified attorney.