Search

Email Us

User Agreement
Privacy Policy
Custody Agreement

    Privacy Policy

    Last updated December 17th, 2019

    Welcome! Thanks for visiting Gemini, a digital asset platform operated by and proprietary to Gemini Trust Company, LLC (d/b/a Gemini Exchange, LLC in AZ, CA, DE, FL, ID, IL, KS, KY, MA, MI, MN, NC, ND, NM, OH, OR, SC, SD, UT, and VA; d/b/a Gemini Exchange in AK and WA). Use of the words “Gemini,” “we,” “us,” or “our” refer to Gemini Trust Company, LLC and any or all of its affiliates. This Privacy Policy explains what Personal Information (as defined below) we collect, why we collect it, how we use and disclose it.

    Your privacy matters to us so whether you are new to Gemini or a long-time customer, please do take the time to get to know and familiarize yourself with our policies and practices. Feel free to print and keep a copy of this Privacy Policy, but please understand that we reserve the right to change any of our policies and practices at any time. But don’t worry, you can always find the latest version of this Privacy Policy here on this page.

    1. Personal Information We Collect

    As used herein, “Personal Information” means information that identifies or is reasonably capable of identifying an individual, directly or indirectly, and information that is being associated with an identified or reasonably identifiable individual.

    A. Personal Information we collect from you

    We may collect the following categories of Personal Information directly from you:

    • Identification Information, such as name, email, phone number, postal address, government identification numbers (which may include Social Security Number or equivalent, driver’s license number, passport number);
    • Commercial Information, such as trading activity, order activity, deposits, withdrawals, account balances;
    • Financial Information, such as bank account information, routing number;
    • Correspondence, such as information that you provide to us in correspondence, including account opening and customer support;
    • Sensory Information, such as images collected for identity verification, audio recordings left on answering machines;
    • Employment Information, such as job title, source of wealth; and
    • Institutional Information, such as for institutional customers, we may collect additional information, including: institution’s legal name, Employer Identification Number (“EIN”) or any comparable identification number issued by a government, and proof of legal existence (which may include articles of incorporation, certificate of formation, business license, trust instrument, or other comparable legal document).
    B. Personal Information we collect automatically

    We may collect the following categories of Personal Information automatically through your use of our services:

    • Online Identifiers, such as IP address; domain name;
    • Device Information, such as hardware, operating system, browser;
    • Usage Data, such as system activity, internal and external information related to Gemini pages that you visit, clickstream information; and
    • Geolocation Data.
    • Our automatic collection of Personal Information may involve the use of Cookies, described in greater detail below.

      C. Personal Information we collect from third parties

      We may collect and/or verify the following categories of Personal Information about you from Third Parties:

    • Identification Information, such as name, email, phone number, postal address, government identification numbers (which may include Social Security Number or equivalent, driver’s license number, passport number);
    • Financial Information, such as bank account information, routing number;
    • Transaction Information, such as public blockchain data (bitcoin, ether, and other Digital Assets are not truly anonymous. We, and any others who can match your public Digital Asset address to other Personal Information about you, may be able to identify you from a blockchain transaction because, in some circumstances, Personal Information published on a blockchain (such as your Digital Asset address and IP address) can be correlated with Personal Information that we and others may have. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other Personal Information about you); and
    • Additional Information, at the discretion of our Compliance Team to comply with legal obligations, which may include criminal records or alleged criminal activity.

    Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned.

    D. Accuracy and retention of Personal Information

    We take reasonable and practicable steps to ensure that your Personal Information held by us (i) is accurate with regard to the purposes for which it is to be used, and (ii) is not kept longer than is necessary for the fulfillment of the purpose for which it is to be used.

    2. How We Use Your Personal Information

    The Personal Information we collect and the practices described above are done in an effort to provide you with the best experience possible, protect you from risks related to improper use and fraud, and help us maintain and improve Gemini. We may use your Personal Information to:

    1. Provide you with our services. We use your Personal Information to provide you with our Services pursuant to the terms of our User Agreement. For example, in order to facilitate fiat transfers into and out of your account, we need to know your financial information.
    2. Comply with legal and regulatory requirements. We process your Personal Information as required by applicable laws and regulations. For example, we have identity verification requirements to fulfill our obligations under the anti-money laundering laws of numerous jurisdictions.
    3. Detect and prevent fraud. We process your Personal Information to detect and prevent fraud on your account, which is especially important given the irreversible nature of cryptocurrency transactions.
    4. Protect the security and integrity of our services. We use your Personal Information to further our security-first mentality. Maintaining the security of your account and the Exchange requires us to process your Personal Information, including information about your device and your activity on the Exchange, and other relevant information.
    5. Provide you with customer support. We process your Personal Information anytime that you reach out to our Customer Support team with issues arising from your account.
    6. Optimize and enhance our services. We use your Personal Information to understand how our products and Services are being used to help us improve our Services and develop new products.
    7. Market our products to you. We may contact you with information about our Products and Services. We will only do so with your permission, which can be revoked at any time.
    8. Other business purposes. We may use your information for additional purposes if that purpose is disclosed to you before we collect the information or if we obtain your consent.

    3. How We Share Your Personal Information

    We will not share your Personal Information with third parties, except as described below:

    1. Service Providers. We may share your Personal Information with third-party service providers for business or commercial purposes. Your Personal Information may be shared so that they can provide us with services, including identity verification, fraud detection and prevention, security threat detection, payment processing, customer support, data analytics, Information Technology, advertising, marketing, data processing, network infrastructure, storage, transaction monitoring, and tax reporting. We share your Personal Information with these service providers only so that they can provide us with services, and we prohibit our service providers from using or disclosing your Personal Information for any other purpose. Our third-party service providers are subject to strict confidentiality obligations.
    2. Law Enforcement. We may be compelled to share your Personal Information with law enforcement, government officials, and regulators.
    3. Corporate Transactions. We may disclose Personal Information in the event of a proposed or consummated merger, acquisition, reorganization, asset sale, or similar corporate transaction, or in the event of a bankruptcy or dissolution.
    4. Professional Advisors. We may share your Personal Information with our professional advisors, including legal, accounting, or other consulting services for purposes of audits or to comply with our legal obligations.
    5. Consent. We may share or disclose your information with your consent.

    If we decide to modify the purpose for which your Personal Information is collected and used, we will amend this Privacy Policy.

    4. Cookies

    When you access Gemini, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used to visit Gemini. We use Cookies to help us recognize you as a customer, collect information about your use of Gemini to better customize our services and content for you, and collect information about your computer or other access devices to: (i) ensure compliance with our Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) program (“BSA/AML Program”) (ii) ensure that your account security has not been compromised by detecting irregular, suspicious, or potentially fraudulent account activities; (iii) assess and improve our services and advertising campaigns.

    You also can learn more about cookies by visiting http://www.allaboutcookies.org, which includes additional useful information on cookies and how to block cookies on different types of browsers and mobile devices. Please note that if you reject cookies, you will not be able to use some or all of Gemini. If you do not consent to the placing of Cookies on your device, please do not visit, access, or use Gemini.

    5. Direct Marketing

    Subject to applicable laws and regulations, we may from time to time send direct marketing materials promoting services, products, facilities, or activities to you using information collected from or about you. You may opt-out of such communications at any time by visiting the Exchange tab of your Account Settings page. You may also opt-out of such communications by following the directions provided in any marketing communication. It is our policy to not provide your Personal Information for those third parties’ direct marketing purposes without your consent.

    6. Information Security

    No security is foolproof, and the Internet is an insecure medium. We cannot guarantee absolute security, but we work hard to protect Gemini and you from unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption of the Gemini website communications with SSL; required two-factor authentication for all sessions; periodic review of our Personal Information collection, storage, and processing practices; and restricted access to your Personal Information on a need-to-know basis for our employees, contractors and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

    7. Information For California Residents

    We are required under the California Consumer Privacy Act of 2018 (“CCPA”) to provide certain information to California residents about how we collect, use and share their personal information, and about the rights and choices California residents may have concerning their personal information. For purposes of this section, “personal information” has the meaning provided in the CCPA.

    Personal information that we collect, use, and share

    For ease of reference, we have compiled the chart below to demonstrate how we use the categories of personal information we have collected, used, and disclosed in the past 12 months. We do not “sell” any personal information, as “selling” is defined under the CCPA.

    Category of Personal InformationSource(s) of Personal InformationWhy We Collect Your Personal InformationHow We Share Your Personal Information
    Identifiers such as Personal Identification InformationSections 1.A, 1.B, 1.CSections 2.A, 2.B, 2.C, 2.D, 2.E, 2.F, 2.G, 2.HSections 3.A, 3.B, 3.C, 3.D, 3.E
    Commercial information such as records of products or services purchased, obtained, or consideredSections 1.A, 1.CSections 2.A, 2.B, 2.C, 2.E, 2.FSections 3.A, 3.B, 3.C, 3.D, 3.E
    Internet or other electronic network activity information, including browsing history and search historySection 1.BSections 2.A, 2.B, 2.C, 2.FSections 3.A, 3.B, 3.C, 3.D, 3.E
    Geolocation data that is sufficient to identify a precise physical locationSections 1.B, 1.CSections 2.A, 2.B, 2.CSections 3.A, 3.B, 3.C, 3.D, 3.E
    Usage DataSection 1.BSections 2.C, 2.D, 2.FSections 3.A, 3.B, 3.C, 3.D, 3.E
    Sensory data, such as audio, electronic, visual, or other similar informationSection 1.ASections 2.A, 2.ESections 3.A, 3.B, 3.C, 3.D, 3.E
    Professional or employment-related informationSection 1.A, 1.CSections 2.A, 2.B, 2.CSections 3.A, 3.B, 3.C, 3.D, 3.E
    Inferences about preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudesSections 1.A, 1.B, 1.CSections 2.A, 2.C, 2.F, 2.GSections 3.A, 3.B, 3.C, 3.D, 3.E
    California privacy rights

    California consumers have the following rights under the CCPA with respect to their Personal Information. Please understand, however, that these rights are not absolute, and we may decline requests as permitted under applicable law.

    • Right to Request Access. You may submit a request that Gemini disclose the categories and specific pieces of personal information that we have collected, used, or disclosed about you in the past 12 months.
    • Right to Request Deletion. You may submit a request that Gemini delete the personal information that we have about you.
    • Right to Opt out of Sale of Personal Information. You have the right to opt out of the sale of your Personal Information. Gemini does not sell your Personal Information.
    • Right Not to Receive Discriminatory Treatment. You have the right to exercise the privacy rights conferred by the CCPA without discriminatory treatment.

    You may submit a request to access or delete your personal information by following the “Exercise your privacy rights” link on your Account Profile page or by emailing us at privacy@gemini.com. We recommend that you submit your request through the Account Settings page because it is a more secure method than email. We are legally obligated to verify your identity when you submit a request. We may request additional information from you to verify your identity. If you submit a request to delete your personal information, you will also be required to confirm the deletion request by email.

    You may designate an authorized agent to make a request under the CCPA on your behalf. Your authorized agent must submit proof that you have provided them with power of attorney pursuant to Probate Code sections 4000 to 4465. We may deny a request from a purported authorized agent who does not provide proof of authorization to act on your behalf.

    Please understand that we are not obligated to provide you with a copy of your personal information more than twice in a 12-month period.

    8. Information For Persons Subject To EU Data Protection Law

    While customers who are located in the European Union (“EU”), European Economic Area (“EEA”) or the Channel Islands, or other locations subject to EU data protection law (collectively, “Europe”) are customers of our US entity, we recognize and, to the extent applicable to us, adhere to relevant EU data protection laws. For purposes of this section, “personal data” has the meaning provided in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

    Lawful bases for processing

    We process personal data subject to GDPR on one or more of the following legal bases:

    • Legal Obligation: to conduct anti-fraud and identity verification and authentication checks and to fulfill our retention obligations;
    • Contractual Obligation: to satisfy our obligations to you under our User Agreement, including to provide you with our services and customer support services, and to optimize and enhance Gemini;
    • Legitimate Interest: to monitor the usage of Gemini, conduct automated and manual security checks of our service, to protect our rights; and
    • Consent: to market Gemini and our services to you. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before consent is withdrawn.
    European privacy rights

    European residents have the following rights under GDPR, subject to certain exceptions provided under the law, with respect to their personal data:

    • Rights to Access and Rectification. You may submit a request that Gemini disclose the personal data that we process about you and correct any inaccurate personal data.
    • Right to Erasure. You may submit a request that Gemini delete the personal data that we have about you.
    • Right to Restriction of Processing. You have the right to restrict or object to our processing of your personal data under certain circumstances.
    • Right to Data Portability. You have the right to receive the personal data you have provided to us in an electronic format and to transmit that Personal Information to another data controller.

    When handling requests to exercise European privacy rights, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. While we maintain a policy to respond to these requests free of charge, should your request be repetitive or unduly onerous, we reserve the right to charge you a reasonable fee for compliance with your request.

    Collection and transfer of data outside the EEA

    Gemini operates internationally with many of our systems based in the United States. As a result, we may transfer personal data from Europe to third countries outside of Europe, including the United States, under the following conditions:

    • Contractual Obligation. Where transfers are necessary to satisfy our obligation to you under our User Agreement, including to provide you with our services and customer support services, and to optimize and enhance Gemini; and
    • Consent: where you have consented to the transfer of your personal data to a third country.

    Where transfers to a third country are based on your consent, you may withdraw your consent at any time. Please understand, however, that our services may not be available if we are unable to transfer personal data to third countries.

    When we transfer personal data to third countries, we endeavor to ensure adequate safeguards are implemented, for example through the use of standard contractual clauses or Privacy Shield certification.

    Automated decision-making

    We may engage in automated decision-making for purposes of fraud detection and prevention.

    9. Contact Us

    If you have questions or concerns regarding this policy or our processing of your Personal Information, please feel free to email us at: privacy@gemini.com; or write to us at: Gemini Trust Company, LLC, 600 Third Avenue, 2nd Floor, New York, NY 10016.

    If you are a European resident and you believe that we have not adequately resolved any such issues, you have the right contact your local supervisory authority.