Last updated: 21 April 2026
The data controller within the meaning of the General Data Protection Regulation (GDPR) is: Bryan Tüscher databryan, trading as KeepsakeDeck In den Herrengärten 15 35510 Butzbach Germany Email: hello@keepsakedeck.com We have not appointed a Data Protection Officer; we are not subject to a statutory obligation to do so under § 38 German Federal Data Protection Act (BDSG). Please direct requests under Articles 15–22 GDPR to the email address above. This is an English translation for information purposes. The German version is authoritative; German law applies.
We operate a platform for personalized playing-card decks at keepsakedeck.com. This policy explains what personal data we collect, for which purposes, on what legal basis, to whom we disclose it and what rights you have. Particular notice: To create personalized cards we process uploaded photos using AI services (Azure OpenAI, Azure Face API). See section 5 for details.
Depending on how you use the service, we process the following categories of personal data: • Contact data: email address (waitlist, order confirmation, pre-order); optionally name and phone for B2B enquiries. • Order and payment data: order number, billing address, shipping address, amount, payment status. Card details are processed exclusively by our payment provider Stripe; we do not see or store complete card or bank data. • Product data: photos you upload for personalization, and any text or layout input (e.g. names to be printed on the cards). • Communication data: contents of emails and support tickets. • Technical data: IP address, user-agent, referrer, timestamps, device and browser information, requested URL, error logs. • Consent data: your consent choices and timestamps (cookie/consent banner).
We process the data listed above for the following purposes and on the following legal bases: • Pre-contractual steps and performance of the contract (waitlist signup, pre-order, order fulfilment, production, shipping, invoicing, support): Art. 6(1)(b) GDPR. • Legal obligations (commercial and tax retention, bookkeeping, defence against legal claims): Art. 6(1)(c) GDPR. • Legitimate interests (abuse and fraud prevention, platform stability and security, product improvement, assertion of legal claims): Art. 6(1)(f) GDPR. • Consent (optional analytics and error-tracking services, marketing newsletter via double opt-in, cautionary consent for the borderline processing via Azure Face API): Art. 6(1)(a) GDPR; for Face API additionally Art. 9(2)(a) GDPR. • Non-essential cookies and comparable storage technologies only with your consent: § 25(1) German Telecommunications-Telemedia Data Protection Act (TTDSG) in conjunction with Art. 6(1)(a) GDPR.
When you configure a personalized deck, you upload photos from which we create card artwork. We use two Azure services for this, each in the West Europe region (Netherlands).
The Azure Face API is used only for face localization. Technically, we call the service with the parameters `returnFaceId=false` and the detection model `detection_03` (with `recognition_04` used only for internal consistency checks, not for re-identification). The service returns only rectangle coordinates (`faceRectangle`) indicating where a face is located in the image. No biometric template, no FaceID and no persistent identifier is created or stored at Azure. The image transits Azure West Europe solely for this localization. Legal basis: Art. 6(1)(b) GDPR (performance of the contract: producing the ordered deck) in conjunction with Art. 9(2)(a) GDPR. We obtain your explicit consent as a precaution because this processing sits at the border of the special category of biometric data; in fact, no biometric templates are generated on our side.
To generate the card artwork we transmit your photos together with a prompt to the Azure OpenAI endpoints `gpt-image` (image generation) and `gpt-4o` (image analysis for prompt tuning) in the West Europe region. Microsoft / OpenAI processes these contents exclusively on our instructions and does not use them to train its own models (contractually agreed via the Azure OpenAI processor and supplementary terms). Legal basis: Art. 6(1)(b) GDPR (performance of the contract: producing the ordered deck).
The card artwork is generated automatically from your uploads and your inputs. This automated processing does not produce any decision with legal effect and has no similarly significant impact on you within the meaning of Art. 22(1) GDPR. It merely produces the graphical output of the service you ordered. You have the opportunity to review and reject the result before production is released (proof step).
To deliver our services we engage the following providers as processors (Art. 28 GDPR) or as independent controllers. For all EU-US transfers we rely on standard contractual clauses under Art. 46(2)(c) GDPR in combination with the EU-U.S. Data Privacy Framework (adequacy decision of the European Commission of 10 July 2023), where the provider is self-certified.
We only store personal data for as long as necessary for the respective purpose or as required by statutory retention obligations. • Waitlist entries: until you unsubscribe (link in every email) or for 24 months after last interaction. • Pre-order data and orders: for the duration of contract performance and afterwards pursuant to § 147 German Fiscal Code / § 257 German Commercial Code (six and ten years respectively for invoices and commercially relevant records). • Deck session data: session expiry follows the `expires_at` value in our database (currently 48 hours from creation); final deletion runs via a cleanup job. • Uploaded photos: processed only during card creation. Once payment is successfully confirmed (Stripe webhook), the originals are deleted automatically, typically before the printed cards are dispatched. SAS URLs (temporary access tokens for Azure Blob) are technically limited to 24 hours. • Technical logs (Sentry, Vercel): 30 days for error events at Sentry, 90 days for request logs at Vercel. • Consent choices: until you withdraw; afterwards for up to three years for accountability purposes (Art. 5(2) GDPR). Longer retention is possible if necessary to establish, exercise or defend legal claims (Art. 17(3)(e) GDPR).
We use cookies and comparable storage technologies. Non-essential cookies are only set after your consent (§ 25(1) TTDSG). You can change your choices at any time via 'Cookie settings' in the footer.
These services are required for operation and are used without consent: Stripe (payment security), Cloudflare Turnstile (abuse protection) and the application's session management. Legal basis: Art. 6(1)(f) GDPR and § 25(2) no. 2 TTDSG (strict necessity).
Only after your explicit consent do we load PostHog (product analytics) and Sentry (error tracking). Without your consent these services are not loaded and no corresponding cookies are set. Legal basis: Art. 6(1)(a) GDPR, § 25(1) TTDSG.
This category is reserved for future campaign tools. No marketing services are loaded today. Should we enable any in the future, they will only run after your prior consent.
Under the GDPR you have the following rights. An informal email to hello@keepsakedeck.com is sufficient to exercise them. Please identify yourself clearly so that we do not disclose data to unauthorized persons.
You may withdraw a given consent at any time with effect for the future (Art. 7(3) GDPR). The lawfulness of processing carried out prior to withdrawal remains unaffected.
You can also request access or erasure directly via our form.
Our service is directed at persons aged 18 and above. We do not knowingly process data of persons under 16 without the consent of the holders of parental responsibility (Art. 8 GDPR). When uploading photos showing minors, by accepting our Terms you warrant that you have obtained the required consent from the holders of parental responsibility (see Terms & Conditions).
We apply technical and organizational measures pursuant to Art. 32 GDPR, in particular TLS encryption in transit, encrypted storage of sensitive data, access controls, least-privilege access to photo uploads, audit logs and regular reviews of our processors.
We adjust this privacy policy when processing activities change or new legal requirements apply. The version indicated above ('Last updated') is authoritative. We will inform you of material changes in good time by email or via a notice on the platform.