Gem Software Privacy Policy

This Privacy Policy covers our treatment of personally identifiable information (“Personal Information”) that we gather when you are accessing or using our websites and service offered at www.gem.com ("Services"), but not to the practices of companies we don’t own or control, or people that we don’t manage. We may also share some Personal Information with third parties, but only as described below.

This Privacy Policy also covers our treatment of Personal Information about our customers’ users and other third parties that we receive from our customers and others. If you provide us with any Personal Information about another person, you represent and warrant that you have that person’s consent to do so and that such person has given explicit consent for us to collect, process, use and store their Personal Information for the purpose for which you have sent it to us and as set forth in this Privacy Policy and the Terms of Use.

We do not knowingly collect personal information from anyone under the age of 16. If we learn that we have collected the information from a minor under the age of 16, we will delete that information as soon as possible.

For the purposes of any applicable data protection law ("Data Protection Law"), Gem Software, Inc. (“Gem Software”) is the data controller (i.e., the company who is responsible for, and controls the processing of, your Personal Information) for visitors to our website. Gem commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.

What information do we collect and for what purpose?

We gather various types of Personal Information from our users and others, as explained in more detail below, and we use this Personal Information internally in connection with our Services, for example, to personalize, provide, and monitor and improve our Services, to allow you to set up a user account and profile, to contact you, allow others to contact you, and allow you to contact others through the Services, to respond to customer care and other inquiries, to process and fulfill your requests for certain products and services, and to analyze how you use the Services.

Information You Provide to Us

When you create a new account to use the Services we will solicit your consent to connect your email account to your new Gem account (using the OAuth authentication method), thereby providing us with access to your email account, including but not limited to email, contacts, and calendar. Gem accesses and stores a limited subset of data from your account, including name and email address, to provide you with our Services.

For users authenticating via Google accounts; Gem Software’s use of information received, and Gem Software's transfer of information to any other app, from Google APIs will adhere to Google's Limited Use Requirements.

We receive and store any information that you provide to us during your use the Services. For example, through your account settings, sending emails and InMail, creating lists of contacts, inputting contact information, requests for support through customer care, and otherwise using the Services, we may collect Personal Information such as your name, email address, location, phone number, payment information, and third-party account credentials (for example, your log-in credentials for Google Mail or other third party sites). Certain information may be required to register with us or to take advantage of some of our features.  

In addition, we collect Personal Information you submit to us, for example by completing a form on our website or participating in a Gem event. In that case, we may communicate with you, for example by calling you at the phone number you provide or emailing you about your use of the Services. If you do not want to receive communications from us but believe we have your Personal Information, please indicate your preference by sending an email to support@gem.com.

Information Collected Automatically

Whenever you use the Gem website or our Services, we automatically receive and record information in our server logs from your browser, which may include your IP address, information about your web cookies, and the page or feature you were interacting with. Cookies are web identifiers we, and other services, transfer to your browser to allow us to recognize your browser when you visit our site. We also use data from your cookies to track when and how often pages on our site and part of our Services are visited. We use this data to customize your experience with our Services and to generally improve our website and Services. You may be able to change the preferences within your browser to limit your acceptance of cookies, but this will prevent you from using some or all features of our Services. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.

Through cookies we place on your browser or device or through our browser extension, we may collect information about your online activity after you leave our Services. Just like any other usage information we collect, this information allows us to improve the Services and customize your online experience, and otherwise as described in this Privacy Policy.  

Our advertising partners or customers may also transmit cookies to your browser or device, when you click on ads that appear on or through the Services. Also, if you click on a link to a third party website or service, a third party may also transmit cookies to you. Again, this Privacy Policy does not cover the use of cookies by any third parties, and we aren’t responsible for their privacy policies and practices. Please be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services, and those third parties may not honor “Do Not Track” requests you have set using your browser or device.

We also automatically receive information about communications sent and received using our Services.

Our customers and other third parties may also provide us with Personal Information about our customers’ contacts and others. For example, we may receive Personal Information and other information from our customers, email senders, databases with information relevant to profile URLs and emails submitted to our Services, and other third parties. This information may include, without limitation, contact and other information.

In connection with your use of the Services, we may also collect information created or provided by you, or that we otherwise receive, in connection therewith. For example, if your contacts send messages to you, we may collect and maintain the message data, which may include Personal Information.

Information Collected Automatically

We use third party analytics services in order to better understand how our users are engaging with our Services. When a user browses our website or uses the Services, these services may collect the user’s IP address, browser type, and approximate location (based on the IP address). They may also set and access cookies on your computer or other device. In order to refine our understanding of user engagement, we provide these services with a user’s email address (which we collected as part of the user’s account registration process).

We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you; for example, data storage services, marketing services, and payment processing companies to receive and process your financial transactions for us. In addition, by submitting information on our Site or otherwise using our Services, Personal Information that we process and collect may be transferred between companies, business units and employees affiliated with us and you hereby explicitly consent to trans-border transmission of such information.

We may choose to buy or sell assets, and may share and/or transfer customer and other user information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, merged, reorganized, or if we go out of business, enter bankruptcy, or go through some other change of control or similar event, you acknowledge and explicitly consent that Personal Information could be one of the assets transferred to or acquired by a third party.

We reserve the right to access, read, preserve, and disclose any information that we believe is reasonably necessary to comply with law, legal obligations, regulations, law enforcement, governmental and other legal requests, or court order; enforce or apply our Terms of Use and other agreements; address fraud, security or technical issues; or protect the rights, property, or safety of Gem Software, our employees, our users, or others.

How do we store and protect your information?

We care about the security of your information and uses commercially reasonable physical, administrative, and technological safeguards to preserve the integrity and security of all information collected through our Service. However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

For individuals based in the EU or Switzerland, we store Personal Information for as long as necessary to fulfill the purposes for which we collect the data (see above under "What information do we collect and for what purpose?"), except if required otherwise by law.

Data storage and transfer

We currently use datacenter facilities located exclusively in the United States. Your information will be stored and processed in the United States or other countries where we decide to maintain datacenter facilities in the future. Regardless of what country you reside or supply information from, you authorize us to use, process and store your information in the United States and any other country where we operate, which may have different rules, regulations and protections regarding privacy than those in your jurisdiction.

When transferring data from the European Union, the European Economic Area, and Switzerland, Gem Software relies upon a variety of legal mechanisms, including contracts with our users. Gem Software complies with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the European Economic Area, and Switzerland to the United States. You can find Gem Software’s Privacy Shield certification https://www.privacyshield.gov/list. You can also learn more about Privacy Shield at https://www.privacyshield.gov.  

Gem Software is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance — free of charge to you. We ask that you first submit any such complaints directly to us via privacyshield@gem.com. If you aren't satisfied with our response, please contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.

Gem Software is responsible for the processing of Personal Information it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Gem Software complies with the Privacy Shield Principles for all onward transfers of Personal Information from the EU and Switzerland, including the onward transfer liability provisions.

Within the scope of our authorization to do so, and in accordance with our commitments under the Privacy Shield, Gem Software will provide individuals access to Personal Information about them. Gem Software also will take reasonable steps to enable individuals to correct, amend, or delete Personal Information that is demonstrated to be inaccurate.

Your data rights

  1. Customer Data - Customers provide us with instructions on what to do with Customer Data. A Customer has many choices and control over Customer Data. Since these choices and instructions may result in the access, use, disclosure, modification or deletion of certain or all Customer Data, please review the Help Center pages for more information about these choices and instructions.
  2. Individual rights - You have the following rights in respect of your Personal Information that we hold:
  • Right of access - You can request more information about the Personal Information we hold about you and request a copy of such Personal Information, which includes the categories of Personal Information, the categories of sources from which the Personal Information was collected, what the business or commercial purpose is for the collecting or selling of the Personal Information, and the categories of third parties that the we share your Personal Information with.
  • Right to rectification - If you believe that any Personal Information we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • Right to erasure - The right to obtain the erasure of your Personal Information without undue delay.
  • Right to restriction - The right to obtain the restriction of the processing undertaken by us on your Personal Information in certain circumstances, such as where the accuracy of the data is contested by you, for a period enabling us to verify the accuracy of that data.
  • Right to portability - You can ask for a copy of your Personal Information in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  • Right to object - You have a right to object to processing of your Personal Information based on legitimate interests and direct marketing.
  • Right to file a complaint - You have the right to lodge a complain about our practices with respect to your Personal Information with the supervisory authority of your country or state.

If you wish to exercise one of these rights, please contact us using the contact details at the end of this Privacy Policy.

Providing your Personal Information may be a requirement necessary to enable your use of the Services, including for the performance of certain services and functionalities offered by our website, such as replying to and managing of request of information, questions, communication or feedback. In the above referenced circumstances, refusal to provide your Personal Information would make it impossible for us to provide the requested services. However, providing your Personal Information for survey, marketing and other profiling purposes is optional; refusal to provide your Personal Information for these purposes will not have any impact on the entering into or performance of the contract. When requested under Data Protection Laws, we will collect your prior consent before proceeding to processing your Personal Information for these purposes.

Retention period

We retain Personal Information for as long as you have an open account with us and for 3 years after you close your account. In some cases we retain Personal Information for longer, if doing so is necessary to comply with any legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify any individual personally.

Legal basis for processing in the EU

In the EU, the purposes for which we process your personal data are:

  1. where we need to perform the contract we are about to enter into or have entered into with you for the Service;
  2. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  3. Where we need to comply with a legal or regulatory obligation in the EU.

Please contact us at info@gem.com if you need details about the specific legal basis we are relying on to process your personal data where more than one legal basis has been set out.

Will we change the Privacy Policy?

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. We post any changes we make to our Privacy Policy on this page. The date the Privacy Policy was last updated is identified at the bottom of this page. You are responsible for periodically visiting the Gem Software website and this Privacy Policy to check for any changes. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used.

How should you contact Gem?

If you have any questions about our privacy policy or wish to exercise your rights as an individual, please do so by emailing us at support@gem.com.

Last Modified: November 19, 2020