GemstoneX is in pre-launch. We're onboarding verified suppliers and professional jewellers by invitation.

Privacy Policy

Gemstonex Privacy Policy

Updated: 1 June 2026

1. Introduction

1.1 This Privacy Policy explains how Gemstonex Pty Ltd (ACN 692 780 117) (Gemstonex, we, us) handles personal information. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1.2 By using the Platform, you consent to the handling of personal information as described here.

2. What we collect

2.1 We collect personal information necessary to verify users, operate transactions, and run the Platform, including:

(a) identity and contact details (name, business name, address, email, phone);

(b) verification (KYC) information and supporting documents;

(c) payment and payout details (processed through our payment provider);

(d) transaction and account activity; and

(e) technical data such as IP address and usage information.

2.2 We collect personal information directly from you, and from service providers used to verify identity or process payments.

3. Why we collect it

3.1 We use personal information to:

(a) verify your eligibility and identity;

(b) operate the Platform and process transactions;

(c) communicate with you about your account and orders;

(d) meet legal, tax, and anti-money-laundering obligations; and

(e) maintain the security and integrity of the Platform.

3.2 We do not sell personal information.

4. Who we share it with

4.1 We share personal information with service providers who help us operate the Platform, including payment processing, identity verification, email delivery, hosting, and analytics.

4.2 We may disclose personal information where required by law or to a regulator.

4.3 Suppliers' identities are not disclosed to buyers through the Platform.

4.4 Where payment is processed through our integrated payment provider, limited transaction information may appear on a buyer's payment statement or receipt as generated by that provider.

5. Overseas disclosure

5.1 Some of our service providers and group entities are located outside Australia, including in the United States and Colombia. Where we disclose personal information overseas, we take reasonable steps to ensure it is handled consistently with the APPs.

6. Security and retention

6.1 We take reasonable steps to protect personal information from misuse, loss, and unauthorised access.

6.2 We retain personal information for as long as needed for the purposes above and to meet legal obligations, then take reasonable steps to destroy or de-identify it.

7. Access and correction

7.1 You may request access to, or correction of, the personal information we hold about you by contacting us. We will respond within a reasonable time.

8. Complaints

8.1 If you have a privacy concern, contact us at [contact email]. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (oaic.gov.au).

9. Changes

9.1 We may update this Policy by posting a revised version. Material changes will be notified through the Platform.