As used herein, “Digital Asset” means a digital asset (also called a “cryptocurrency,” “virtual currency,” “digital currency,” or “digital commodity”), such as bitcoin or ether, which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.
Information We Collect
Section 326 of the USA PATRIOT ACT requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account. This federal requirement applies to all new customers. This information is used to assist the United States government in the fight against the funding of terrorism and money-laundering activities. What this means for you: when you open an account, we ask you for your name, address, date of birth, and other identifying information. For more details, please see below:
Verification Information — We collect information that you provide during a completed, incomplete, or abandoned registration. This may include the following information:
Individual customer — we attempt to collect, verify, and authenticate the following information:
- Email address;
- Mobile phone number;
- Full legal name;
- Social Security Number (“SSN”) or any comparable identification number issued by a government;
- Date of birth (“DOB”);
- Proof of identity (e.g., driver’s license, passport or government-issued ID);
- Home address (not a mailing address or P.O. Box); and
Additional information or documentation at the discretion of our Compliance Team.
Institutional customer — we attempt to collect, verify, and authenticate the following information:
- Institution legal name;
- Employer Identification Number (“EIN”) or any comparable identification number issued by a government;
- Full legal name (of all account signatories and beneficial owners);
- Email address (of all account signatories);
- Mobile phone number (of all account signatories);
- Address (principal place of business and/or other physical location);
- Proof of legal existence (e.g., state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument, or other comparable legal documents as applicable);
- Contract information of owners, principals, and executive management (as applicable);
- Proof of identity (e.g., driver’s license, passport or government-issued ID) for each individual beneficial owner that owns 10% or more, as well as all account signatories; and
- Identifying information for each entity beneficial owner that owns 10% or more (see individual customer information collected above for more details).
You will be allowed to access, review, correct, and ensure the accuracy of the information you have submitted from time to time. We will also do our part to ensure the accuracy of your information.
Device Information – Information that is automatically collected about your device (such as, but not limited to, hardware, operating system, browser, etc.).
Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us.
Log Information – Information that is generated by your use of Gemini that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to Gemini pages that you visit.
Account Information – Information that is generated by your account activity including, but not limited to, trading activity, order activity, deposits, withdrawals, and account balances.
Correspondence – Information that you provide to us in correspondence, including opening an account, and with respect to ongoing customer support.
When you access Gemini, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used to visit Gemini. Cookies are small bits of information that are automatically stored on the web browser of your device that can be retrieved by us. The type of information we collect includes, but is not limited to, uniquely identifying visitor information and information related to your usage preferences. We use these technologies to help us recognize you as a user, collect information about your use of Gemini to better customize our services and content for you, and collect information about your computer or other access devices to (i) ensure compliance with our BSA/AML Program and (ii) ensure that your account security has not been compromised by detecting irregular or suspicious account activities. By using Gemini, you acknowledge and agree that we may collect and/or transmit any data collected to our third-party service providers, such as analytics providers, which may also make use of such technologies described above. Please note that if you block or delete cookies you will not be able to use some or all of Gemini. If you do not consent to the placing of Cookies on your device, please do not visit, access, or use Gemini.
How We Use Information We Collect
The information collected and the practices described above are done in an effort to provide you with the best experience possible, protect you from risks related to improper use and fraud, and help us maintain and improve Gemini.
We may share information with trusted and contracted third-party service providers (including those that may be located outside of the United States or your country), who help us operate our platform and systems, and detect fraud and security threats throughout the normal course of our business. Such third-party service providers are subject to strict confidentiality obligations. In addition, we may be compelled to share information with law enforcement, government officials, and regulators.
For example, we may use your information to:
- Provide you with Gemini, including customer support for Gemini;
- Optimize and enhance Gemini, for all users, or for you specifically;
- Conduct anti-fraud and identity verification and authentication checks (you authorize us to share your information with our third-party service providers, who may also conduct their own searches of publicly available information about you);
- Monitor the usage of Gemini, and conduct automated and manual security checks of our service; and
- Create aggregated and anonymized reporting data about Gemini.
We do not sell customer information to third parties for the purposes of marketing.
Be aware that bitcoin, ether, and other Digital Assets are not necessarily truly anonymous. Generally, anyone can see the balance and transaction history of any public Digital Asset address. We, and any others who can match your public Digital Asset address to other information about you, may be able to identify you from a blockchain transaction. This is because, in some circumstances, information published on a block chain (such as your Digital Asset and IP address) can be correlated with information that we and others may have. This may be the case even if we, or they, were not involved in the blockchain transaction. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other information about you. As part of our security, anti-fraud and/or identity verification and authentication checks, we may conduct such analysis to collect and process such information about you. You acknowledge and agree to allow us to perform such practices.
We take your privacy very seriously and work hard to protect Gemini and you from unauthorized access to or unauthorized alteration, disclosure, or destruction of information we collect and store. In particular we encrypt the Gemini website with SSL; we require two-factor authentication for all sessions; we review information collection, storage, and processing practices; and we restrict access to your information on a need-to-know basis for our employees, contractors, and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Accuracy and Retention of Information
We take reasonable and practicable steps to ensure that your information held by us (i) is accurate with regard to the purposes for which it is to be used, and (ii) is not kept longer than is necessary for the fulfillment of the purpose for which it is to be used, which is when your business relationship with us ends, unless the further retention of your information is otherwise permitted or required by applicable laws and regulations.
Access to and Correction of Information
You have the right to ascertain whether we hold your accurate and current information, to obtain a copy of your personal data that you submitted as permitted by law, and to correct any of your data that is inaccurate. You may also request that we inform you of the type of information we hold with regard to you. For data access requests, please contact firstname.lastname@example.org.
When handling a data access or correction request, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. A reasonable fee may be charged to cover our administrative costs incurred for complying with your data access request.
Subject to applicable laws and regulations, we may from time to time send direct marketing materials promoting services, products, facilities, or activities to you using information collected from you. An opt-out channel will be provided to enable you to exercise your right to opt out of such direct marketing.
We will not provide your information to third parties for direct marketing or other unrelated purposes without your written consent.
We cannot agree to obligations of confidentiality or nondisclosure with regard to any unsolicited information you submit to us, regardless of the method or medium chosen. By submitting unsolicited information or materials to us or any Gemini Service Provider, you or anyone acting on your behalf, agree that any such information or materials will not be considered confidential or proprietary.
We do not provide any facility for sending or receiving private or confidential electronic communications. You should not use Gemini to transmit any communication for which you intend only you and the intended recipient(s) to read. Notice is hereby given that all messages and other content entered using Gemini can and may be read by us, regardless of whether we are the intended recipients of such messages. Nevertheless, access to messages and other content will be accessible only by employees and Gemini Service Providers that reasonably need such access.