Privacy Policy

Poke AI App — Last updated: May 8, 2026

These terms govern how we collect, use, and protect your information when you use the Poke AI app. We keep this policy short on purpose — we don't collect what we don't need.

1. Information We Collect

Account Information (when backend ships):

  • Email address (via Sign in with Apple or Google Sign-In)
  • First name (optional, for personalized greetings)
  • Country of residence (optional, for currency display)
  • Subscription tier — your active subscription type (weekly or yearly). Used solely for service provisioning.

When you use Sign in with Apple, you may choose to hide your email address. We respect Apple's private relay email system.

At launch, Poke AI is a local-first app. Your vault, scans, wishlist and alert configuration live on your device. Backend sync (and the data points listed above) ships in a later update.

Collection Data:

  • Cards you scan and add to your vault
  • Binders, decks, and wishlists you create
  • Per-card alert configurations
  • Onboarding survey responses (experience level, era of focus, goals)

Camera and Photo Library Access:

  • Camera access is used to scan physical Pokemon cards. Frames are processed on-device or sent to our recognition service for identification only — they are not retained or used to train models without your explicit consent.
  • Photo library access is optional and only used if you choose to add photos to a Sell-on-eBay listing.

Usage Data:

  • Which features you interact with
  • Anonymized scan / vault / alert engagement signals to improve recognition accuracy and product priority
  • Crash reports (no personal content included)

Device Information:

  • APNs device token (for push notifications, if you grant permission)
  • Device type and iOS version (for compatibility)

2. How We Use Your Information

  • To provide the service: scan recognition, vault management, price lookups, alert delivery
  • To improve the app: understanding which features are used to prioritize development
  • To send notifications: alerting you when a card crosses a threshold you set
  • To process subscriptions: managing your Poke AI subscription via Apple StoreKit
  • To assist with eBay listings (when you initiate a Sell-on-eBay flow): handing your card metadata and photos to eBay's API on your behalf

3. Third-Party Services

Poke AI uses the following third-party services. Each is contracted to handle your data only for the listed purpose.

  • Apple StoreKit — processes subscription payments. We do not store your payment information; Apple handles all billing.
  • Apple Push Notification service (APNs) — delivers push notifications.
  • Card recognition pipeline — scan frames are processed for identification. Frames are not retained beyond what is needed for the immediate scan unless you explicitly opt in to a quality-improvement contribution.
  • Pricing data providers (e.g. TCGplayer comp data) — we surface market prices sourced from public secondary-market data; we do not share your collection with these providers.
  • eBay — only when you initiate a Sell-on-eBay listing flow. Poke AI hands the listing metadata and photos to eBay's API on your behalf.

4. Data Storage and Security

Your data is protected by the following measures:

  • Local-first architecture: vault, scans, alerts, and survey responses live on your device until you opt into cloud sync
  • Encrypted connections (TLS/SSL) for all data in transit
  • Apple's native iOS sandboxing for any on-device data
  • When backend sync ships: row-level isolation so you can only access your own data

5. Data Sharing

We do not sell, rent, or trade your personal information to third parties. Your collection is yours.

Anonymized, aggregated market signals (e.g. “the Poke AI community scanned this card 4,200 times today”) may surface in the Discover feed. These never contain personally identifying information.

6. Data Retention

  • Account data: retained until you delete your account
  • Vault, binders, decks, alerts: retained until you delete them or delete your account
  • Scan-frame transient cache: deleted within 24 hours of recognition
  • Aggregated analytics: anonymized and rotated after 90 days

7. Your Rights

You have the right to:

  • Access your data — your full vault, binders, decks, and wishlist are visible in the app
  • Delete your account — available in Settings. This permanently removes all your data from our servers
  • Export your collection — share any card or vault as an image or CSV
  • Opt out of notifications — disable in iOS Settings or in-app
  • Decline camera or photo library permissions at any time in iOS Settings (some features will require them to function)

When you delete your account, we also revoke your Sign in with Apple token if applicable, as required by Apple.

8. Children's Privacy

Poke AI is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the app after changes constitutes acceptance.

10. Contact Us

Email: bruno@pokeaiapp.com