Privacy Policy

Last Modified: July 27, 2018

Introduction

Welcome! Thanks for visiting Gemini, a digital asset exchange and custodian operated by and proprietary to Gemini Trust Company, LLC (d/b/a Gemini Exchange, LLC in AK, AZ, DE, ID, KY, KS, MA, MI, MN, NC, ND, NM, OH, OR, SD, UT, and VA). By visiting, accessing, or using Gemini, you consent to the policies and practices of our privacy policy (the “Privacy Policy”) so please read them carefully. If any policies or practices of this Privacy Policy is unacceptable to you, please do not visit, access, or use Gemini. Use of the words “we,” “us,” or “our” in this Privacy Policy refers to Gemini Trust Company, LLC and any or all of its affiliates.

General Terms

This Privacy Policy explains what Personal Information (as defined below) we collect, why we collect it, and how we treat it.

By visiting, accessing, or using Gemini, you have affirmed that you are at least 18 years old, have the legal capacity to consent to this Privacy Policy, and to agree to be bound by the policies and practices of this Privacy Policy in their entirety.

Your privacy matters to us so whether you are new to Gemini or a long-time customer, please do take the time to get to know and familiarize yourself with our policies and practices. Feel free to print and keep a copy of this Privacy Policy, but please understand that we reserve the right to change any of our policies and practices at any time. But don’t worry, you can always find the latest version of this Privacy Policy here on this page. Visiting, accessing, or using Gemini following any change to this Privacy Policy is considered to be your acceptance of any such changes. You should, therefore, read this Privacy Policy from time to time. If you do not agree to be bound by this Privacy Policy, you should not visit, access or use Gemini.

Definitions
Personal Information

As used herein, “Personal Information” means any information relating to an identified or identifiable natural person (each, a “Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of that natural person.

Personal Information We Collect

Section 326 of the USA PATRIOT ACT requires all financial institutions to obtain, verify, and record Personal Information that identifies each person who opens an account. This federal requirement applies to all new customers. This Personal Information is used to assist the United States government in the fight against the funding of terrorism and money-laundering activities. What this means for you: when you open an account, we ask you for your name, address, date of birth, and other identifying Personal Information.

In addition, we are a global company and thus may collect Personal Information from individuals and institutions located within the European Economic Area (“EEA”) or the Channel Islands. We are required to protect Personal Information processed in the EEA and the Channel Islands in accordance with the General Data Protection Regulation (“GDPR”) and equivalent local legislation. To understand more about how we protect the data we collect from individuals and institutions located within the EEA or the Channel Islands, please see the ‘Privacy Statement for Data Subjects Whose Personal Information May Be Collected in or from the EEA or the Channel Islands’ section below.

Personal Information we collect may include the following:

Individual Customer – We attempt to collect, verify, and authenticate the following:

  • Email address;
  • Mobile phone number;
  • Full legal name;
  • Social Security Number (“SSN”) or any comparable identification number issued by a government;
  • Date of birth (“DOB”);
  • Proof of identity (e.g., driver’s license, passport or government-issued ID);
  • Home address (not a mailing address or P.O. Box); and
  • Additional Personal Information or documentation at the discretion of our Compliance Team, including in relation to criminal records or alleged criminal activity (which is special category data as defined in applicable data protection legislation).

Institutional Customer – We attempt to collect, verify, and authenticate the following:

  • Institution legal name;
  • Employer Identification Number (“EIN”) or any comparable identification number issued by a government;
  • Full legal name (of all account signatories and beneficial owners);
  • Email address (of all account signatories);
  • Mobile phone number (of all account signatories);
  • Address (principal place of business and/or other physical location);
  • Proof of legal existence (e.g., state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument, or other comparable legal documents as applicable);
  • Contract information of owners, principals, and executive management (as applicable);
  • Proof of identity (e.g., driver’s license, passport or government-issued ID) for each individual beneficial owner that owns 10% or more of the institutional customer entity, as well as all account signatories; and
  • Personal Information for each entity beneficial owner that owns 10% or more of the institutional customer entity (see the “Individual Customer” section above for details on what Personal Information we collect for individuals).

Device Information – Information that is automatically collected about your device (such as, but not limited to, hardware, operating system, browser, etc.).

Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us.

Log Information – Information that is generated by your use of Gemini that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to Gemini pages that you visit.

Account Information – Information that is generated by your account activity including, but not limited to, trading activity, order activity, deposits, withdrawals, and account balances.

Correspondence – Information that you provide to us in correspondence, including opening an account, and with respect to ongoing customer support.

You will be allowed to access, review, correct, and ensure the accuracy of the Personal Information you have provided from time to time. We will also do our part to ensure the accuracy of your Personal Information.

Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned. If you are located within the EEA or the Channel Islands, your Personal Information will not be retained without your consent.

Cookies

When you access Gemini, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used to visit Gemini. We use Cookies to help us recognize you as a customer, collect information about your use of Gemini to better customize our services and content for you, and collect information about your computer or other access devices to (i) ensure compliance with our Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) program (“BSA/AML Program”) and (ii) ensure that your account security has not been compromised by detecting irregular or suspicious account activities. When you log on to the Gemini website, you will be provided with the option to accept or reject cookies. Please note that if you reject cookies, you will not be able to use some or all of Gemini. If you do not consent to the placing of Cookies on your device, please do not visit, access, or use Gemini.

How We Use and Share Personal Information We Collect

The Personal Information we collect and the practices described above are done in an effort to provide you with the best experience possible, protect you from risks related to improper use and fraud, and help us maintain and improve Gemini.

We may share Personal Information with third-party service providers (including those that may be located outside of the United States or your country), who help us operate our platform and systems, and detect fraud and security threats throughout the normal course of our business. Such third-party service providers are subject to strict confidentiality obligations. In addition, we may be compelled to share Personal Information with law enforcement, government officials, and regulators.

For example, we may use your Personal Information to:

  • Provide you with our services, including customer support for Gemini;
  • Optimize and enhance our services for all customers or for you specifically;
  • Conduct anti-fraud and identity verification and authentication checks (you authorize us to share your Personal Information with our third-party service providers, who may also conduct their own searches of publicly available Personal Information about you);
  • Monitor the usage of our services, and conduct automated and manual security checks of our services; and
  • Create aggregated and anonymized reporting data about our services.

If we decide to modify the purpose for which your Personal Information is collected and used, we will amend this Privacy Policy.

If we propose to sell or buy any business or assets, we may disclose your Personal Information in an anonymized form to the prospective buyer or seller of such business or assets. In the event of a merger, acquisition, or asset sale of Gemini, we will give you notice if, and before, your Personal Information is transferred in a non-anonymized form or becomes subject to a different privacy policy.

We do not sell customer Personal Information to third parties for the purposes of marketing.

Be aware that bitcoin, ether, and other Digital Assets are not necessarily truly anonymous. Generally, anyone can see the balance and transaction history of any public Digital Asset address. We, and any others who can match your public Digital Asset address to other Personal Information about you, may be able to identify you from a blockchain transaction. This is because, in some circumstances, Personal Information published on a blockchain (such as your Digital Asset address and IP address) can be correlated with Personal Information that we and others may have. This may be the case even if we, or they, were not involved in the blockchain transaction. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other Personal Information about you. As part of our security, anti-fraud and/or identity verification and authentication checks, we may conduct such analysis to collect and process such Personal Information about you. You agree to allow us to perform such practices and understand that we do so.

Information Security

No security is foolproof, and the Internet is an insecure medium. We cannot guarantee absolute security, but we work hard to protect Gemini and you from unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption of the Gemini website communications with SSL; required two-factor authentication for all sessions; periodic review of our Personal Information collection, storage, and processing practices; and restricted access to your Personal Information on a need-to-know bases for our employees, contractors and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

Accuracy and Retention of Personal Information

We take reasonable and practicable steps to ensure that your Personal Information held by us (i) is accurate with regard to the purposes for which it is to be used, and (ii) is not kept longer than is necessary for the fulfillment of the purpose for which it is to be used, which is when your business relationship with us ends, unless the further retention of your Personal Information is otherwise permitted or required by applicable laws and regulations.

Access, Correction, Restriction, Deletion and Portability of Personal Information

You have the right to ascertain whether we hold your accurate and current Personal Information, to obtain a copy of your Personal Information that you submitted as permitted by law, and to correct any of your data that is inaccurate. You may also request that we inform you of the type of Personal Information we hold with regard to you, subject to restrictions on our providing copies of certain data pursuant to our obligations under BSA and AML regulations and/or data provided to our legal counsel in defense of a claim against us. You may also request that we restrict or delete your Personal Information, subject to the restrictions on data deletion pursuant to relevant data retention and destruction restrictions under applicable laws and regulations, such as those related to the BSA and AML. Finally, in certain circumstances, you have the right to receive the Personal Information you have provided to us in an electronic format and to transmit that Personal Information to another data controller. For data access, correction, restriction, deletion, or portability requests, please email datarequest@gemini.com.

When handling a data access, correction, restriction, deletion, or portability requests, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. While we maintain a policy to respond to these requests free of charge, should your request be repetitive or unduly onerous, we reserve the right to charge you a reasonable fee for compliance with your request.

Direct Marketing

Subject to applicable laws and regulations, we may from time to time send direct marketing materials promoting services, products, facilities, or activities to you using information collected from you. We will provide you with an opportunity to opt-in to such communications and will only send them to you if you consent.

We will not provide your Personal Information to third parties for direct marketing or other unrelated purposes without your written consent.

Questions

If you have questions or concerns, please feel free to email us at privacy@gemini.com. Please note that whenever you send us a message, you will be providing us with Personal Information about yourself, including your email address, your name, if you choose to do so, and any information you choose to include in the text of your message. In some cases, other Personal Information may be required in order for us to be helpful and address your question or concern. Such provided Personal Information will be deemed Personal Information provided under this Privacy Policy and handled pursuant to the provisions hereof.

This Privacy Policy only pertains to our policies and practices with regard to your Personal Information. Websites linked to and/or from our website are not covered by this Privacy Policy.

Submissions

We cannot agree to obligations of confidentiality or nondisclosure with regard to any unsolicited information you submit to us, regardless of the method or medium chosen. By submitting unsolicited information or materials to us, you or anyone acting on your behalf, agree and understand that any such information or materials will not be considered confidential or proprietary.

We do not provide any facility for sending or receiving private or confidential electronic communications. You should not use Gemini to transmit any communication for which you intend only you and the intended recipient(s) to read. Notice is hereby given that all messages and other content entered using Gemini can and may be read by us, regardless of whether we are the intended recipients of such messages.

Changes

We reserve the right to change this Privacy Policy from time to time to meet our changing needs, but don’t worry, you can always find the latest version (as well as all archived older versions) here. We also send an annual notice of this Privacy Policy to all registered customers. By visiting, accessing, or using Gemini] following any change to this Privacy Policy, you are consenting to our new Privacy Policy.

Privacy Statement for Data Subjects Whose Personal Information May Be Collected in or from the EEA or the Channel Islands

While customers who are located in the EEA or the Channel Islands are customers of our US entity, we recognize and, to the extent applicable to us, adhere to relevant EEA or the Channel Islands data protection laws.

Collection and Transfer of Data Outside the EEA

As outlined above, we may collect Personal Information from Data Subjects located in the EEA or the Channel Islands. To facilitate the services we provide to customers located in the EEA or the Channel Islands, we request explicit consent for the transfer of Personal Information from the EEA or the Channel Islands to the US. If you are an individual located in the EEA or the Channel Islands and you decline to consent to such transfer, you will no longer be able to use Gemini and our services. You will have the ability to withdraw Digital Assets and fiat currency; however, all other functionality will be disabled.

Lawful Grounds to Process and Obtain Consent

We process the Personal Information of Data Subjects who are located in the EEA or the Channel Islands for one or more of several lawful purposes, including:

  • With your explicit consent:
    • To provide you with Gemini and our services, including customer service support;
    • To optimize and enhance Gemini for all customers or for you specifically;
  • To comply with legal obligations:
    • To conduct anti-fraud and identity verification and authentication checks (you authorize us to share your Personal Information with our third-party service providers, who may also conduct their own searches of publicly available Personal Information about you);
  • For our legitimate business purposes:
    • To monitor the usage of Gemini, conduct automated and manual security checks of our service, to protect our rights and perform our lawful obligations.

Data Subjects in the EEA or the Channel Islands may withdraw consent at any time where consent is the lawful basis for processing their Personal Information. Should a Data Subject withdraw consent for processing or otherwise object to processing that impedes our ability to comply with applicable laws and regulations, a Data Subject may be unable to avail him or herself of the services we provide.

Automated Decision-Making

We do not engage in automated decision-making.

Non-Disclosure of Personal Information

Our employees are prohibited, either during or after their employment, from disclosing Personal Information to any person or entity outside of our company, including family members, except under the circumstances described above. An employee is only permitted to disclose the Personal Information of a customer to such other employees who need access to such information in order to deliver our services to that customer.

Our Contact Information for Persons Located within the EEA or the Channel Islands

If you are located in the EEA, Switzerland, or the Channel Islands and have questions or concerns regarding the processing of your Personal Information, you may contact us at: support@gemini.com; or write to us at: Gemini Trust Company, LLC, 600 Third Avenue, 2nd Floor, New York, NY 10016.

If, as an EEA or Channel Islands Citizen, you believe that we have not adequately resolved any such issues, you have the right contact your local supervisory authority.

Privacy Policy Archive

July 27, 2018
May 19, 2018
February 1, 2018
October 19, 2017
August 21, 2017
March 29, 2017
December 1, 2016
June 21, 2016
August 10, 2015