Privacy Policy

Last updated: April 28, 2026

1. Who are we?

Pocket Experiences is the controller for the processing of personal data as described in this privacy policy.

• Company: Pocket Experiences
• Address: Monnikenpad 21, 5505 KR Veldhoven, The Netherlands
• Email: info@pocketexperiences.com
• KVK: 97971286
• VAT: NL005369928B06

We do not have a Data Protection Officer (DPO). For questions about your privacy, you can contact us at the email address above.

2. What personal data do we process and why?

A. Orders in our webshop

• What data: Email address
• Purpose: We use your email address to confirm your order and to deliver the digital products (such as coupons and codes).
• Legal basis: The processing is necessary for the performance of the contract you enter into with us.
• Obligation: You are required to provide your email address. Without this information, we cannot complete the purchase and deliver the products.

B. Contact form and email

• What data: The data you provide yourself via the contact form or direct email contact (such as your name and email address).
• Purpose: We use this data to answer your question or comment.
• Legal basis: The processing is necessary to handle your request, which falls under the performance of a contract or pre-contractual measures.

C. Website and app analytics

• What data: When you grant analytics consent, we collect data about how you use our website and mobile app — pages and screens visited, clicks and taps, time on page, device and browser information, and approximate location based on your IP address — using Firebase Analytics, which is built on Google Analytics 4 and includes Google Signals for cross-device measurement when you are signed in to a Google account with ads personalization enabled. This data is pseudonymized and is not directly identifiable on its own.
• Purpose: We analyze this data to understand how visitors use our website and app, measure the performance of our marketing, and improve our products and the user experience.
• Legal basis: Your consent, which you can withdraw at any time by changing your cookie preferences.

D. Session replay and product research (Microsoft Clarity)

• What data: When you grant analytics consent, we use Microsoft Clarity to record how you interact with our website and mobile app. Clarity captures mouse movements, scrolling, taps and clicks, page or screen content (with sensitive form fields automatically masked), browser and device information, and approximate location based on your IP address. If you submit your email address through a form, we may link your session to that email so we can analyze the experience of identified users.
• Purpose: We use these recordings and heatmaps to diagnose usability problems, debug issues, and improve our website and mobile app.
• Legal basis: Your consent, which you can withdraw at any time by changing your cookie preferences.

E. Marketing and advertising

• What data: When you grant marketing consent, we share information about your visits with our advertising and social media partners — Meta (Facebook/Instagram) Pixel and Metricool. This may include the pages you visit, actions such as starting a checkout or completing a purchase, your IP address, a browser identifier, and a hashed identifier derived from your email address when you submit it.
• Purpose: We use these tools to measure the effectiveness of our advertising campaigns, retarget visitors with relevant ads, and report on conversions.
• Legal basis: Your consent, which you can withdraw at any time by changing your cookie preferences.

F. App install attribution

• What data: When you click a link from our website to install our mobile app, we use Airbridge and (on iOS) Apple’s SKAdNetwork to match the click to the install. This involves processing your IP address, device information, and a click identifier in a privacy-preserving way; we do not receive your name or email through this process.
• Purpose: We use this to measure how visitors discover and install our mobile app, and to attribute installs to the campaigns that drove them.
• Legal basis: Our legitimate interest in measuring the performance of our marketing channels in a way that does not directly identify you.

3. Who do we share your data with?

We only share your personal data with third parties if it is necessary for our services. We have concluded processing agreements with these parties to ensure the security of your data.

• Payment processor: we use Stripe for handling payments.
• Email service: we use Resend for sending order confirmations.
• Analytics and hosting: we use Google services (Firebase, Google Analytics 4, Google Signals, BigQuery, Looker Studio) for hosting and for analyzing our website and mobile app.
• Session replay: we use Microsoft Clarity (Microsoft Corporation) to record and analyze how visitors use our website and mobile app.
• Marketing and advertising: we use Meta Platforms, Inc. (Facebook/Instagram Pixel) and Metricool Software, S.L. for advertising measurement and retargeting.
• App install attribution: we use AB180 Inc. (Airbridge) and Apple Inc. (SKAdNetwork) to attribute mobile app installs to marketing campaigns.

4. Transfer of data outside the EEA

Some of our service providers (Stripe, Resend, Google, Microsoft, Meta, Airbridge, Apple) are based outside the European Economic Area (EEA), particularly in the United States and South Korea. This means that personal data may be transferred outside the EEA. For these transfers we rely on the legal safeguards of the EU-U.S. Data Privacy Framework (where applicable), the Standard Contractual Clauses (SCCs) approved by the European Commission, and adequacy decisions where these have been issued.

5. How long do we keep your data?

• Order data: at the moment, we do not store order data ourselves after the transaction is completed. Our partners, such as the payment processor, may be legally required to retain this data for a longer period.
• Contact information: data received via email or the contact form is kept as long as necessary to fully handle your request.
• Analytics and session replay data: this data is stored according to the configuration of our analytics tools. Microsoft Clarity stores session recordings for up to 30 days and aggregated heatmap and dashboard data for up to 13 months. Firebase Analytics data is retained for up to 14 months by default. None of this data is personally identifiable on its own.

6. Your privacy rights

You have the following rights regarding your personal data:

• The right to access your personal data
• The right to rectification (correction) or completion
• The right to erasure of your personal data
• The right to restrict processing
• The right to object to processing
• The right to data portability

You can exercise these rights by sending an email to info@pocketexperiences.com.

7. Withdrawing consent

If you have given consent for a specific processing (for example, for marketing), you always have the right to withdraw this consent. You can do this by sending an email to info@pocketexperiences.com.

8. Filing a complaint

If you believe that we are not handling your personal data correctly, you have the right to file a complaint with the national supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (AP).

9. Automated decision-making

We do not use automated decision-making or profiling that has legal or significant consequences for you.

10. Changes to this policy

We may change this privacy policy from time to time. The most current version can always be found on this page.