Effective date: Juin 8, 2025
Company: Gemmintly (“Gemmintly,” “we,” “us,” or “our”)
Website: gemmintly.shop (the “Site”)
Contact: contact@gemmintly.shop | +1 (408) 297-2615
Address: 859 W Knickerbocker Dr, Sunnyvale, CA 94087, USA

This Privacy Policy explains how we collect, use, disclose, and safeguard information about you when you visit our Site, create an account, purchase trading card game (TCG) products, or otherwise interact with us (collectively, the “Services”).

We may update this Policy from time to time. If we make material changes, we will notify you by posting the updated Policy on the Site and updating the “Effective date” above. Your continued use of the Services indicates your acceptance of the updated Policy.

1) Scope & Who This Policy Covers

This Policy applies to personal information we collect from customers, visitors, and account holders located in any jurisdiction where we offer the Services. Additional disclosures for residents of certain U.S. states and the EU/UK appear below.

2) Information We Collect

We collect information you provide directly to us, information we collect automatically, and information from third parties.

A. Information You Provide

  • Account & profile: name, username, email, password, phone number, shipping and billing addresses.
  • Orders & support: order history, contents of your cart/wishlist, return and warranty details, messages you send to support.
  • Payments: we use third‑party payment processors (e.g., card networks, payment gateways) to process payments. We do not store full payment card numbers on our systems. Processors may collect card number, expiration date, and security code directly from you.
  • Community & marketing: product reviews, Q&A submissions, contest entries, survey responses, marketing preferences.

B. Information Collected Automatically

When you use the Services, we may automatically collect:

  • Device & usage data: IP address, browser type/version, device identifiers, operating system, referring URLs, pages viewed, links clicked, and timestamps.
  • Cookies & similar technologies: cookies, pixels, and local storage to remember preferences, enable core functionality (e.g., cart, checkout), and measure performance/marketing. See Section 9 (Cookies & Tracking).

C. Information From Third Parties

  • Payment & fraud prevention partners: to verify identity, prevent fraud, and complete transactions.
  • Shipping & address validation providers: to deliver orders and prevent misdelivery.
  • Analytics & advertising partners: aggregated insights about how users find and engage with the Site.
  • Social/Single Sign-On providers (if enabled): limited profile info per your settings with those providers.

We do not knowingly collect information that reveals your precise geolocation unless you grant permission.

3) How We Use Information

We use personal information to:

  • Provide the Services: register accounts, process and fulfill orders, provide customer support, and manage returns.
  • Secure and prevent fraud: detect and prevent fraudulent transactions and abuse.
  • Improve the Site: monitor performance, debug, and develop new features and products.
  • Personalize: tailor content, recommendations, and offers, including remembering your cart and preferences.
  • Marketing & communications: send transactional emails (e.g., order/shipping updates) and, with your consent where required, send newsletters or promotions. You can opt out at any time (see Section 8).
  • Legal & compliance: comply with applicable laws, enforce our Terms, and protect our rights.

Legal Bases (EU/UK)

Where GDPR applies, our processing is based on one or more of: performance of a contract; legitimate interests (e.g., security, fraud prevention, improvement); consent (for certain cookies/marketing); and legal obligations (e.g., tax/recordkeeping).

4) How We Share Information

We may share personal information with:

  • Service providers that perform services on our behalf (e.g., payment processing, hosting, shipping, email delivery, analytics, advertising, customer support). These parties are contractually obligated to protect your data and use it only as instructed.
  • Business partners for joint promotions or events (if applicable and with your consent where required).
  • Analytics & advertising partners to measure performance and, where permitted, to deliver or measure ads. See Section 9 for controls.
  • Law enforcement or lawful requests when required by law or to protect rights, safety, and property.
  • Corporate transactions: in connection with a merger, acquisition, financing, or sale of all/part of our business, subject to reasonable confidentiality.

We do not sell personal information for money. Where U.S. state laws define “sale” or “sharing” to include certain online advertising or analytics practices, you may have the right to opt out—see Section 11.

5) Data Retention

We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Typical periods include: order/transaction records up to 7 years; support records up to 3 years; marketing preferences until you opt out or your account is deleted; and cookie data per the cookie’s lifespan (see Section 9).

6) Security

We implement administrative, technical, and physical safeguards designed to protect personal information (e.g., HTTPS, access controls, encryption at rest/in transit where appropriate). While no method is 100% secure, we strive to continuously improve our protections. Payment card data is handled by PCI‑DSS‑compliant processors.

7) International Data Transfers

We are located in the United States and may transfer, store, and process information in the U.S. and other countries. Where required, we implement appropriate safeguards for cross‑border transfers (e.g., Standard Contractual Clauses). By using the Services, you understand that your information may be processed outside your country of residence.

8) Your Choices & Rights

  • Account information: You can review and update certain account details by logging in. To delete your account, contact us (see Section 14).
  • Marketing communications: You can opt out of marketing emails by using the “unsubscribe” link or contacting us. Transactional emails (e.g., order/shipping updates) are not marketing and will continue as needed.
  • Cookies & tracking: Manage preferences via your browser settings and our cookie banner/controls (where available). See Section 9.

EU/UK Data Subject Rights

Where GDPR applies, you may request: access, correction, deletion, portability, restriction, objection to processing (including profiling and direct marketing), and to withdraw consent at any time. We will respond per applicable law.

9) Cookies & Tracking Technologies

We use the following types of cookies/technologies:

  • Strictly necessary: required for core functionality (e.g., cart, checkout, authentication). You cannot disable these via our cookie tools.
  • Performance/analytics: help us understand usage and improve the Site.
  • Functional: remember preferences and enhance features.
  • Advertising/retargeting: show relevant offers and measure campaign effectiveness.

You can control cookies via: (i) our on‑site cookie banner/controls (where available); (ii) browser settings; and (iii) platform‑specific opt‑outs (e.g., Google Analytics/Ads opt‑outs, device settings for mobile advertising). Disabling some cookies may affect the Site’s functionality.

10) Children’s Privacy

Our Services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child under 13 has provided personal information, contact us and we will take appropriate steps to delete it.

11) U.S. State Privacy Disclosures (including California)

Depending on your state of residence (e.g., CA, CO, CT, UT, VA), you may have some or all of the following rights, subject to verification and exceptions:

  • Right to know/access the categories and specific pieces of personal information we collected about you.
  • Right to delete personal information.
  • Right to correct inaccurate personal information.
  • Right to opt out of: (a) “sale” of personal information, (b) sharing for cross‑context behavioral advertising, and/or (c) targeted advertising (terms vary by state law).
  • Right to data portability and to be free from discrimination for exercising rights.

California Notice at Collection

Categories collected (as defined by the CPRA) may include: identifiers (e.g., name, email, IP), customer records (addresses, phone), commercial information (purchases, preferences), internet/usage data, geolocation (approximate), inferences (preferences), and, if you choose to provide them, user‑generated content (reviews). We do not intentionally collect sensitive personal information except where required for identity verification or fraud prevention (e.g., last 4 digits of a card by processors) and we do not use sensitive personal information for inferring characteristics.

Purpose of collection: to provide and secure the Services, process transactions, deliver orders, support customers, personalize, market where permitted, and comply with law.

Retention: see Section 5.

Sale/Sharing: We do not sell personal information for money. Some analytics/advertising activities may be considered a “sale” or “sharing” under California law. You can opt out as described below.

Submitting Requests & Opt‑Outs

To exercise your rights or to opt out of sale/sharing/targeted advertising, contact us at contact@gemmintly.shop or call +1 (408) 297-2615 with the subject line “Privacy Request” (for rights) or “Do Not Sell/Share” (for opt‑out). We will verify your request (e.g., by confirming access to your account email and recent order details). Authorized agents may submit requests with written permission and proof of identity.

Appeals (CO/CT/VA): If we deny your request, you may appeal by replying to our decision email with “Appeal” in the subject within 45 days. If your appeal is denied, you may contact your state attorney general.

Shine the Light (CA): California residents may request a list of third parties to whom we disclosed personal information for their own direct marketing in the prior calendar year and the categories disclosed. Submit requests to the contact information below.

12) Third‑Party Services & Links

The Services may link to third‑party websites or apps (e.g., payment gateways, social media). We are not responsible for their privacy practices. We encourage you to review their policies.

13) Do Not Track

Some browsers transmit Do Not Track (DNT) signals. Because there is no industry standard, we do not respond to DNT at this time. We will update this Policy if standards emerge.

14) How to Contact Us

If you have questions or requests regarding this Policy or your personal information, contact us at:

Gemmintly
859 W Knickerbocker Dr
Sunnyvale, CA 94087, USA
Email: contact@gemmintly.shop
Phone: +1 (408) 297-2615

15) Additional Disclosures for EEA/UK Residents

  • Controller: Gemmintly, 859 W Knickerbocker Dr, Sunnyvale, CA 94087, USA, contact@gemmintly.shop.
  • Data protection rights: access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with your local supervisory authority.
  • International transfers: we rely on appropriate safeguards (e.g., Standard Contractual Clauses) where required.
  • Automated decision‑making: we do not engage in decisions producing legal or similarly significant effects based solely on automated processing.

16) Your Responsibilities

Please keep your account credentials confidential and ensure the information you provide is accurate and up to date. If you suspect unauthorized access to your account, notify us immediately.