Privacy

Gem Privacy Policy

Last Updated: 4/1/2015

 
Introduction

Protecting your privacy is really important to us. With this in mind, we’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information that we receive through (i) our websites to which this Privacy Policy is posted, including without limitation, https://gem.co and https://gem.io, (ii) our mobile device applications, (iii) use of our API, and (iv) access to and use of our Bitcoin payment security-related and wallet services (collectively, the “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

Revisions to this Privacy Policy

Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them to the Services or by sending you an email or other notification, and we’ll update the “Last Updated Date” above to indicate when those changes will become effective.

Collection and Use of Information

Our primary goals in collecting information are to provide and improve our Services and to administer use of the Services (including your Account, if you are an Account holder).

Account Information

It is not necessary to create a Gem account (“Account”) to use certain features of our Services, although some features will require you to create an Account. If you do create an Account, we’ll collect certain information that can be used to identify you (“Personally Identifiable Information” or “PII”), such as your name, email address and telephone number. If you create an Account using your login credentials from a third party service, like a social network such as Facebook (“SNS Service”), we’ll be able to access and collect your name and email address and other PII that your privacy settings on the SNS Services permit us to access. We may also collect certain information that is not PII because it cannot be used by itself to identify you, such as a postal address. If you create an Account on behalf of an organization or company, we’ll collect your name and the organization’s or company’s name, address and telephone number.

Transaction Information Received through Use of the Services

If you access and use our Bitcoin payment security-related and wallet services directly via one of our mobile applications, or indirectly, through a third party’s product or solution, we will collect information about the transaction in which you engage using those services (“Transaction”), which will include PII about you relating to the transaction in question (“Transaction Information”). We do not store any PII with the Transaction Information; rather the Transaction Information is stored with a non-personally identifiable identification tag which is associated with your Transaction but not with your PII. That said, you will be able to access all of your Transaction Information via the functionality of the Services. We may offer a Bitcoin blockchain explorer which allows people to search Transactions on an aggregate basis only and record statistics relating to Transactions however, such a blockchain explorer will not enable access to your PII.

Identity Verification and Fraud Detection.

We use third party services providers to assist us with identity verification and fraud detection with respect to your Transactions. We may receive PII about you from these third parties and we’ll combine that PII with PII that we receive about you through your use of the Services in connection with running identify verification and fraud detection checks as we make our Services available. For example we may use this PII to verify that you are the person requesting access to your Account, or that you are the person engaging in a Transaction.

Information Collected Using Cookies and other Web Technologies.

Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.

“Cookies” are small text files that are placed on your hard drive by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Services. Some third- party services providers that we engage may also place their own Cookies on your hard drive. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services and to monitor how many visitors access our Services. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

Information Related to Use of the Services.

Our servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”), including both Account holders and non-Account holders (either, a “User”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, Transaction frequency and history, the links on our Services that a User clicked on and other statistics. With exception of IP addresses, Log Data will be collected in aggregate form and will not identify Users. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We’ll also use Log Data for the purposes of preventing fraud or abuse and protecting Transaction Information.

We’ll combine your PII with aggregate information we collect to attempt to provide you with a better experience, to improve the quality and value of the Services and to analyze and understand how our Services are used.

Information Sent by Your Mobile Device.

We collect certain information that your mobile device sends when you use our Services, like a device identifier, user settings and the operating system of your device, as well as information about your use of our Services.

Location Information.

When you use our mobile device applications, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s GPS coordinates or location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.

Information that We Share with Third Parties

We will not share any PII that we have collected from, or that we receive about, you except as described below:

Information Shared with Our Services Providers.

We may engage third-party services providers to work with us to administer and provide the Services. For example, we’ll engage third party consultants to advise us in security-related matters. These third-party services providers have access to your PII only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose.

Information Shared with Third Parties.

We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes. In addition, if you authorize third parties to access the information we store about you, we’ll share that information, including PII, with such third parties identified and authorized by you. For example, if you are an application developer using our API, you may authorize your co-branding partner to access your Account information.

Information Disclosed in Connection with Business Transactions.

Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.

Information Disclosed for Our Protection and the Protection of Others.

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

Your Choices

We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.

Opt-Out.

We may use your PII to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. When you receive such communications from us, you will have the opportunity to “opt-out” (either through your Account or by following the applicable unsubscribe instructions). We do need to send you certain communications regarding the Services and your Transactions and you will not be able to opt out of those communications – e.g., communications regarding updates to this Privacy Policy.

Modifying Your Information.

You can access and modify the PII associated with your Account by using the features available on the Services. If you want us to delete your PII and your Account, please contact us atsupport@gem.co with your request. We’ll take steps to delete your information as soon we can, but some information, including Transaction Information, may remain in archived/backup copies for our records or as otherwise required by law.

Responding to Do Not Track Signals

Our websites do not have the capability to respond to “Do Not Track” signals received from various web browsers.

The Security of Your Information

We take administrative, physical and electronic measures designed to protect the information that we collect and receive from or about you (including your PII) from unauthorized access, use or disclosure. For more information on how we protect your information, please visit https://gem.co/security. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure.

Links to Other Sites

Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-party Services that you access.

International Transfer

Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there.

Our Policy Toward Children

Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.

Your California Privacy Rights

California residents may request and obtain from us, once a year, free of charge, a list of third parties, if any, to which we disclosed their PII for direct marketing purposes during the preceding calendar year and the categories of PII shared with those third parties. If you are a California resident and wish to obtain that information, please submit your request by sending us an email at support@gem.co with “California Privacy Rights” in the subject line or by writing to us at 1410 Abbot Kinney Blvd, Penthouse 2, Venice, CA 90291.

Questions?

Please contact us at support@gem.co if you have any questions about our Privacy Policy.