This notice explains how Geminus.ai, Inc. and our affiliates (“Geminus”, “we”, “our” or “us”) collect, store, use, disclose and otherwise process information about you in the course of our business, including through our websites that link to this Notice (such as https://www.geminus.ai) (the “Sites”), our AI-driven, predictive intelligence hybrid modeling platform (the “Platform”) and through other interactions you might have with us, such as through email newsletters, online and in-person events, and other communications and marketing activities (collectively, “Geminus Services”). It also sets out more information about your privacy rights.

1. About the Geminus Services

We make the Platform available to our customers and users (collectively, “Customers”) under our Master Subscription Agreement or another agreement with them and solely for their benefit and the benefit of their personnel and other personnel authorized by them as users of the Platform (“Authorized Users”). Our processing of data from Authorized Users is governed by our agreement with the relevant Customer. This Privacy Notice does not apply to (a) any data that our Customers or Authorized Users upload, submit or otherwise make available to the Platform and other data that we process on their behalf, as defined in our agreement with the Customer; (b) any products, services, websites, or content that are offered by third parties or that have their own privacy notice; or (c) information that we collect and process if you are applying to work with Geminus.

2. The Information We Collect.

The information that we collect from or about you includes information: (a) you provide; (b) we collect automatically; and (c) we receive from other sources.

(a) Information you provide: When accessing or using Geminus Services, we may collect certain information, such as your name, email address, phone number, postal address, job title, and company name. We may also collect other information that you provide through your interactions with us, for example, if you request information about our Platform, interact with our sales team or contact customer support, complete a survey, provide feedback or post comments, register for an event, or take part in marketing activities. We may keep a record of your communications with us and other information you share during the course of the communications.

(b) Information we collect automatically: We use standard automated data collection tools, such as cookies, web beacons, tracking pixels, tags, and similar tools, to collect information about how people use our Geminus Services and interact with our emails.

For example, when you visit our Sites or use the Geminus Services we (or an authorized third party) may collect certain information from you or your device. This may include information about your computer or device (such as operating system, device identifier, browser language, and Internet Protocol (IP) address), and information about your activities on our Sites or Geminus Services (such as how you came to our Sites, access times, the links you click on, and other statistical information). For example, your IP address may be used to derive general location information. We use this information to help us understand how you are using our Sites and Geminus Services, and how to better provide the Geminus Services to you. We may also use web beacons and pixels in our emails. For example, we may place a pixel in our emails that notifies us when you click on a link in the email. We use these technologies to improve our communications.

The types of data collection tools we use may change over time as technology evolves. You can learn more about our use of cookies and similar tools, as well as how to opt out of certain data collection, by visiting our Cookie Policy.

We may also use the information we collect automatically (for example, IP address, and unique device identifiers) to identify the same unique person across Geminus Services to provide a more seamless and personalized experience to you.

When using the SaaS version of our Platform: We automatically collect certain data relating to the performance and configuration of our Platform and our Customers’ and Authorized Users’ consumption, use of, and interaction with the Platform (collectively, “Platform Analyses“). While Platform Analyses usually does not involve personal information, it may include such data in the following instances:

• technical information, or data obtained from APIs, software or systems hosting the products and services and devices accessing these products and services, log files generated during such use;
• data and metadata about an Authorized Users, such as user ID, email, IP address, other data about the user’s computer or other device, browser and connecting software (e.g., OS and software versions); and
• data and metadata about an Authorized Users’ activities and behavior within our Platform, such as click-patterns and feature utilization.

Platform Analyses is used by Geminus for: (i) providing, supporting, operating and improving our products and services; (ii) network and information security; and (c) to analyze, develop and enhance the features, functionality and performance of our products and services.

When you use the on-premise version of our Platform: We can only use Platform Analyses as authorized by the Customer.

(c) Information we receive from other sources: We may obtain information about you from third party sources, including resellers, distributors, business partners, event sponsors, security and fraud detection services, social media platforms, and publicly available sources. Examples of information that we receive from third parties include marketing and sales information (such as name, email address, phone number and similar contact information), and purchase, support and other information about your interactions with our Sites and Platform. We may combine such information with the information we receive and collect from you

3. Use of Information We Collect

Our Platform may be used by our Customers to process personal data on behalf of our Customer. Geminus may not have any direct relationship with the individuals to whom the data belongs. Individuals who would like to access, correct or delete personal data processed by us on behalf of our Customers should direct their questions to our Customers, who are the data controllers. We use and disclose this personal data as permitted by our customer agreements and as required by law.

We use personal information collected via the Sites, our Platform and through other means (e.g., in person) for purposes described in this Notice, including using your information to:

• operate, audit and improve our Sites, products and services;
• provide customer service and support;
• provide and to facilitate the delivery of products and services you request;
• send you related information, including confirmations, invoices, technical notices, updates, security alerts, training and support and administrative messages;
• maintain your account;
• enhance security, monitor and verify identity or service access, combat fraud, spam, malware or other network and/or information security risks;
• detect bugs, report errors and perform activities to maintain the quality or safety of our services;
• conduct research and development;
• understand you and your preferences to enhance and personalize your experience and enjoyment when using our Sites, products and services;
• develop and send you marketing, sales and promotional communications (where this is in accordance with your marketing preferences);
• communicate with you about one of our events or our partner events, including webinars and demos;
• respond to your comments or questions or provide information requested by you;
• link or combine it with other personal information we get from third parties, to help understand your needs, provide you with better service and to prevent fraud;
• process and deliver contest entries and rewards;
• display and measure engagement with advertisements across different devices and sites;
• maintain legal and regulatory compliance;
• short-term, transient use, such as customizing content that we or our service providers display on the services; and
• process your information for other legitimate business purposes, such as customer surveys, data analysis, audits, collecting and assessing feedback, identifying usage trends, determining the effectiveness of our marketing campaigns and to evaluate and improve our products, services, marketing and customer relationships.
• for our enterprise Customers, we may identify and analyze your information and refine models based on your usage of the Platform and report this data back so that you can maximize your company’s use of our Platform to generate predictive intelligence to make our enterprise Customer’s business, products, and processes more resilient and sustainable.

We may store and process personal information in the United States and other countries.

4. How We May Share Your Information

We do not share or disclose your personal information with third parties other than as follows:

• where it has been de-identified, including through aggregation or anonymization;
• when you instruct us to do so;
• with your consent, for example, when you agree to our disclosing your information with other third parties for their own marketing purposes subject to their separate privacy policies;
• with Geminus affiliates for the purposes described in this Notice;
• with third party vendors, consultants and other service providers who work for us and need access to your information to do that work. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis, fraud prevention, network and information security, technical support and customer service;
• with third party business partners, such as distributors, and/or referral partners, who are involved in providing services to our prospects and/or customers, to fulfill product and information requests and to provide Customers and prospective customers with information about Geminus and its products and services. We may also engage with third party partners who are working with us to organize or sponsor an event to which you have registered to enable them to contact you about the event or their services (but only where we have a lawful basis to do so, such as your consent where required by applicable law);
• to comply with laws or to respond to lawful requests and legal process, to protect our rights and property and that of our agents, customers, members and others including to enforce our agreements, policies and terms of use or in an emergency to protect the personal safety of any person;
• in order to protect any individual’s vital interests, but only where we believe it necessary in order to protect the vital interests of any person; and
• in connection with or during negotiation of any business transfer, merger, financing, acquisition, or dissolution transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.

Third Party Services. The Geminus Services may contain links to third party websites, applications, services, or social networks (including co-branded websites or products that are maintained by one of our business partners). We may also make available certain features that allow you to sign into our Sites using third party login credentials (such as LinkedIn, Facebook, Twitter and Google+) or access third party services from our Platform. Any information that you choose to submit to third party services is not covered by this Privacy Notice. We encourage you to read the terms of use and privacy notices of use of such third party services before sharing your information with them to understand how your information may be collected and used.

5. International Transfers

Geminus may transfer your personal information to countries other than your country of residence. In particular, we may transfer your personal information to the United States and other countries where our affiliates, business partners and services providers are located. These countries may not have equivalent data protection laws to the country where you reside. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Notice. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information between us and our business affiliates and associates to whom we transfer the information which require these companies to protect personal information they process from the EEA, United Kingdom, or Switzerland in accordance with applicable data protection law. Our Standard Contractual Clauses can be provided on request. We implement similar appropriate safeguards with our third-party service providers and further details can be provided upon request. 

6. Security of Your Personal Information

We take all reasonable and appropriate steps to protect your personal information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration and destruction. We use appropriate technical and organizational measures to protect your personal information which may include: physical access controls, encryption, internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. Our staff who may have access to your information are required to keep that information confidential.

7. Your Information Choices and Changes

You may opt out of receiving promotional emails from us by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations. You may also send requests about your contact preferences and changes to your information by emailing privacy@geminus.ai

8. California Users 

The California Consumer Privacy Act of 2018 (“CCPA”) as amended by the California Privacy Rights Act of 2020, effective as of January 1, 2023, requires businesses that collect personal information of California residents to make certain disclosures regarding how they collect, use, retain and disclose such information. If you are a California resident, the CCPA requires us to provide you with additional information regarding your rights with respect to your “personal information. This information is described in our Supplemental Privacy Notice to California Residents.

9. European Residents

If you are located in the European Economic Area, Switzerland, or United Kingdom, you have additional data privacy rights that include the right to:

• Access, correct update or request deletion of your personal information
• Object to the processing of your personal information, ask us to restrict processing of your personal information, or request portability of your personal information
• Opt out of marketing communications we send you at any time
• Withdraw your consent for processing, if we are processing your personal data based on consent. Note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal; and
• Make a complaint to a data protection authority about or collection and use of your personal data.

To exercise these rights, please contact us as provided in the Contact Us section below.

10. Data Retention and Deletion 

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements, to enforce our agreements or comply with our legal obligations). When we have no ongoing legitimate business need to process your personal information, we may either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will store your personal information and isolate it from any further processing, until deletion is possible.

11. Security

We are committed to protecting your information. We use a variety of technical, physical, and organizational security measures designed to protect against unauthorized access, alteration, disclosure, or destruction of information. However, no security measures are perfect or impenetrable. As such, we cannot guarantee the security of your information.

12. Children’s Data

The Sites and our Geminus Services are not directed to children under 18 years of age and Geminus does not knowingly collect personal information from children under 18. If we learn that we have collected any personal information from children under 18, we will promptly take steps to delete such information. If you are aware that a child has submitted us such information, please contact us using the details provided below.

13. Changes to this Notice

We may change this Notice from time to time. If we make any changes to this Notice, we will change the Last Updated date below. If such changes are material in nature, we will use commercially reasonable efforts to provide you with additional notice (such as adding a statement to the main website page, providing notice through the Platform login screen or sending you an email notification). If you disagree with any changes to this Privacy Notice, you should stop using the Geminus Services.

14. Contact Us

If you have any questions about this Notice or privacy-related issues, please contact us at privacy@geminus.ai

Supplemental Privacy Notice for California Residents

We provide the following information to California residents pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”). This information supplements the Geminus Privacy Notice.  For a description of all of our data collection, use and disclosure practices, please read our Privacy Notice in its entirety. Terms that are capitalized but not defined below have the meanings set forth in our Privacy Notice.

The CCPA establishes that California residents may have certain data privacy rights, such as the right to be notified about what Personal Information categories we collect about you, and our intended use and purpose for collecting such Personal Information. This California Notice describes the Personal Information we may have collected directly from you or indirectly about you if you use our Sites or the Geminus Services, or if you otherwise interact with us, and how we have used and/or disclosed your Personal Information. It also describes the Personal Information that we will collect and the purposes for that collection, as well as your rights under the CCPA.

Categories of Personal Information Collected

We may collect the following categories of Personal Information from or about you, with the type of information collected varying depending on how you use our Sites and/or Geminus Services:

• Identifiers
• Personal information described in Section 1798.80(e) of the California Civil Code
• Characteristics of protected classifications under California or federal law
• Commercial information
• Internet or other electronic network activity information
• Geolocation data
• Audio, electronic, visual, or similar information
• Professional or employment-related information
• Education information
• Inferences drawn from the above categories of Personal Information
• Certain Sensitive Personal Information, including certain information associated with due diligence reviews conducted for legitimate business purposes and any Sensitive Personal Information you may disclose to us voluntarily.

Within these categories of Personal Information, we may also collect the following categories of Sensitive Personal Information (as defined in the CCPA): Account log-in, financial account, debit card, or credit card number, in combination with any required security or access codes, password, or credentials allowing access to the account

Categories of Recipients of Personal Information

For each category of Personal Information (including Sensitive Personal Information) listed above, we disclose this information as described in the How We May Share Your Information section of our Privacy Notice. In addition, we disclose Identifiers and Internet or other similar network activity to advertising providers that tailor online ads to your interests based on information they collect about your online activity (known as interest-based advertising).

Sources of Personal Information

We obtain the categories of Personal Information listed above directly from you, Authorized Users or from devices on which you or Authorized Users use the Geminus Services, as well as from the following categories of sources: our corporate affiliates, publicly-available databases, third-party business partners, social media sites, and other third-party sources, and as described in The Information We Collect section of the Privacy Notice.

Purposes for Which We Use Personal Information

We use Personal Information for a variety of business and commercial purposes, as described in the Use of Information We Collect section of our Privacy Notice. 

Selling and Sharing under the CCPA

As defined by the CCPA, we do not Sell and/or Share Personal Information. We do not have actual knowledge of Selling or Sharing Personal Information of minors under 16.  

Retention Policy

Geminus retains the Personal Information described above: (a) for as long as you use the Geminus Services; (b) as may be required by law (for example, to comply with applicable legal tax or accounting requirements); (c) as necessary for other legitimate business or commercial purposes described in our Privacy Notice (for example, to resolve disputes or enforce our agreements); or (d) as otherwise communicated to you.

CCPA Rights and Requests

You may make the following types of requests under the CCPA with respect to Personal Information that we process on our own behalf. Note: If you wish to make a CCPA request with respect to Personal Information uploaded, submitted to or otherwise made available to the Platform, please direct your request to the relevant Customer directly, as that data is governed by the terms of our agreement with our Customer:

Requests to Know, Correct, and Delete: You may request:

 (i) Access to a copy of the specific pieces of Personal Information that we have collected about you; 

 (ii) Correction of Personal Information that we maintain about you, if it is inaccurate; and/or

 (iii) Deletion of Personal Information, subject to certain exceptions.

You can submit a request online by or emailing us at privacy@geminus.ai. We will respond to your request consistent with the CCPA, and subject to any exceptions that may apply under the CCPA. We may need to request additional Personal Information from you, such as email address, state of residency, or mailing address, in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information.

Requests to Opt-Out of Sale or Sharing: You also may opt out of the “sale” or “sharing” of your Personal Information, as “sale” and “sharing” are defined under CCPA.

We do not sell Personal Information in the traditional sense of exchanging information for monetary payment. However, because the definitions of “sale” and “sharing” under the CCPA may include the disclosure of your information to certain types of advertising and marketing partners, we provide California residents with the right to opt-out of any such sale or sharing of their Personal Information. As noted above, we may disclose or make available Identifiers or Internet or other similar activity to advertising partners. We allow you to opt out of such disclosures, as they may constitute “sale” or “sharing” as defined under the CCPA. We do not knowingly “sell” or “share” the Personal Information of individuals under 16 years of age.

You may opt-out of the Sale or Sharing of Personal Information for purposes of online analytics and advertising by visiting Your Information Choices and Changes section of our Privacy Notice. We also recognize opt-out preference signals as required by the CCPA.

Authorized Agents

To make a request as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable, proof concerning your status as an authorized agent. 

If you are making a Request to Know, Correct, or Delete on behalf of a California resident and have not provided us with a qualifying power of attorney from the resident, we may also require the resident to verify their own identity directly with us; or directly confirm with us that they provided you permission to submit the request.

Nondiscrimination: You have the right to be free from unlawful discriminatory treatment for exercising any of your CCPA rights.