Privacy Policy

Strobe LLC (operating Pokemart, referred to as "we", "us", "our") is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your personal information when you visit https://pokemart.com(the "Website"), and describes your privacy rights.

1. Consent

By using our Website, you consent to this Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our service. Continued use of our service following modifications of our Privacy Policy will be considered your consent to the respective changes.

2. Scope

This privacy policy describes how we collect and process your personal data through your use of this Website. This Website is not intended for children under 13, and we do not knowingly collect data relating to children under 13. If you believe we have collected data from a child under 13, please contact us at [email protected].

3. Data We Collect

We collect the minimum data necessary to operate our Website and fulfill orders. Specifically, we collect:

• (a) Contact Data: your email address (provided at checkout and optionally for order updates, rewards program enrollment, and support).
• (b) Order Data: items purchased, order dates, any game-specific codes or delivery information you provide at checkout, and order notes.
• (c) Technical Data: IP address, browser type and version, device information, and similar data collected automatically when you use our Website. This is used for security, analytics, and fraud prevention.
• (d) Session Data: authentication tokens and session cookies used to keep you signed in to the Pokemart Club rewards program or your cart.
• (e) Rewards Data: points balance, lifetime points, and redemption history tied to your order email address.

What we do NOT collect: We do not store full payment card details on our servers. Payment information is handled by our payment processors (see Section 5). We do not collect sensitive categories of data such as race, religion, health, biometric, or government identification numbers.

4. How We Use Your Data

We use your personal data only for the following purposes:

• (a) To fulfill and deliver your orders.
• (b) To process payments and prevent fraud.
• (c) To send order confirmations, delivery updates, and service-related emails.
• (d) To operate and manage the Pokemart Club rewards program.
• (e) To respond to your inquiries and provide customer support.
• (f) To comply with legal obligations, such as tax and financial reporting.
• (g) To detect, prevent, and respond to security incidents, fraud, and abuse.
• (h) To send marketing communications, but only if you have opted in.

5. Third-Party Service Providers

We use the following third-party services to operate our Website. These providers have their own privacy policies and may process your data on our behalf:

• (a) Payment processors — to handle card payments securely. They receive your payment details directly and we never store full card numbers.
• (b) Postmark — to send transactional emails (order confirmations, sign-in links, gift card codes).
• (c) Cloudflare — for content delivery, DDoS protection, and bot detection (including Cloudflare Turnstile for captcha verification).
• (d) Google — for analytics and reCAPTCHA where applicable.
• (e) Hosting and infrastructure providers — to run and store our Website and database.

We do not sell your personal data to third parties. We only share data with these providers as necessary to operate our Website.

6. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your personal data under the following legal bases:

• (a) Performance of a contract — to fulfill your orders and deliver services.
• (b) Legitimate interests — for fraud prevention, security, and improving our service.
• (c) Legal obligation — for tax, accounting, and regulatory requirements.
• (d) Consent — for marketing communications, which you can withdraw at any time.

7. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

• (a) Essential cookies — required for the Website to function (cart session, rewards session, authentication).
• (b) Security cookies — for fraud prevention and bot detection via Cloudflare.
• (c) Analytics cookies — to understand how visitors use our Website (aggregated, non-identifying).

You can disable cookies through your browser settings, but some Website features may not work correctly without them.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes we collected it for, including tax, accounting, and legal requirements. Typically, this means:

• (a) Order records and associated email: retained for up to 7 years for tax and legal compliance.
• (b) Rewards program data: retained as long as your account remains active.
• (c) Session tokens: automatically expired after 30 days.
• (d) Magic link tokens: automatically expired after 15 minutes.

You may request deletion of your data at any time (see Section 10), subject to our legal retention obligations.

9. Marketing and Opt-Out

You can opt out of marketing emails by clicking the unsubscribe link in any marketing email or by emailing us at [email protected]. Opting out of marketing does not affect transactional emails related to your orders or rewards.

10. GDPR Rights (EU/EEA Residents)

If you are in the European Economic Area, you have the following rights under the GDPR:

• (a) Access — request a copy of your personal data.
• (b) Rectification — correct inaccurate or incomplete data.
• (c) Erasure — request deletion of your data, subject to legal retention requirements.
• (d) Restriction — limit how we process your data.
• (e) Objection — object to processing based on legitimate interests.
• (f) Portability — receive your data in a portable format.
• (g) Withdraw consent — where we rely on consent, withdraw it at any time.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

11. CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

• (a) Right to know — what personal information we collect about you and how we use it.
• (b) Right to delete — request deletion of your personal information, subject to legal exceptions.
• (c) Right to correct — request correction of inaccurate personal information.
• (d) Right to opt out of sale/sharing — we do not sell or share your personal information for cross-context behavioral advertising, so no action is required.
• (e) Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, email us at [email protected]. We will respond within 45 days.

12. Data Security

We take reasonable precautions to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. We use encryption in transit (HTTPS), hashed storage for sensitive tokens (such as gift card codes), and access controls on our systems.

However, no method of transmission or storage is 100% secure. If we become aware of a data breach that materially affects your personal data, we will notify you in accordance with applicable law (including state breach notification laws).

13. Third-Party Links and Services

Our Website may contain links to third-party websites and services. When you follow a link or request a service from a third party, this Privacy Policy no longer applies. Your interaction with any other website or service is subject to that provider's own privacy policy. We do not monitor, control, or endorse the privacy practices of any third parties.

14. International Transfers

Our servers and service providers are primarily located in the United States. If you access our Website from outside the United States, your data may be transferred to, stored, and processed in a country other than your own, including the United States. By using our Website, you consent to such transfers.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the "last updated" date and, where appropriate, notify you by email. We encourage you to review this Privacy Policy periodically.

16. Contact Us

For questions about this Privacy Policy, to exercise your rights, or to report a privacy concern, contact us at:

• Email: [email protected]
• Mailing address: Strobe LLC, 312 W 2nd St Unit A2008 Casper, WY 82601-2412