Privacy Policy

Last updated: March 2026

1. Data Controller

The data controller for personal data collected through this website is:

GEMCO di Paolo Cerruti Via Al Ponte Reale 2/7 16124 Genova — Italy Email: info@gemmoprice.com

GemmoPrice.com is a service operated by GEMCO di Paolo Cerruti, a sole proprietorship registered in Italy.

2. Scope of this Policy

This Privacy Policy describes how GemmoPrice.com collects, uses, and protects personal data of users who access and use the platform. It applies to all pages and services available at www.gemmoprice.com and is intended to comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), the Brazilian Lei Geral de Proteção de Dados (LGPD), and other applicable international privacy regulations.

3. Data We Collect

GemmoPrice collects only the personal data strictly necessary for the operation of the service:

Account and billing data — collected at registration and subscription:

  • Full name
  • Email address
  • Billing address and payment information (processed securely by our payment provider)
  • Subscription plan and transaction history

Usage preferences — stored via technical cookies:

  • Language preference
  • Session authentication token (to maintain your login)
  • Cookie consent choices

Contact form data — when you submit a message via our contact form:

  • Full name
  • Email address
  • Subject and message content

Analytics data — collected automatically via Google Analytics:

  • Pages visited and time spent on the platform
  • Approximate geographic location (country/region level)
  • Device type, browser, and operating system
  • Referral source and navigation paths

This data is collected in anonymised or pseudonymised form and is used exclusively for improving the platform. No personally identifiable information is linked to analytics data without your explicit consent.

We do not collect sensitive personal data, biometric data, or any data relating to minors.

4. Cookies

GemmoPrice uses the following categories of cookies:

Strictly necessary cookies — essential for the operation of the platform. These cookies enable basic functions such as user authentication and language preference. They cannot be disabled without compromising the functionality of the service.

Preference cookies — used to remember your choices (such as language and display settings) across sessions.

Cookie consent cookies — set by our Consent Management Platform (Cookiebot by Usercentrics) to record and honour your cookie preferences.

Analytics cookies — set by Google Analytics (Google LLC) to collect anonymised usage statistics about how visitors interact with the platform. These cookies are only activated after you have given your explicit consent via our cookie banner. Google Analytics is configured with IP anonymisation enabled.

We do not use advertising cookies or behavioural tracking cookies for commercial profiling purposes.

You can review and manage your cookie preferences at any time by clicking the cookie settings link in the footer of this page.

We process your personal data on the following legal bases:

  • Contract performance — processing necessary to provide the subscription service you have purchased, including account management and billing
  • Legitimate interest — processing necessary to operate and maintain the platform, respond to support requests, and ensure security
  • Consent — for analytics cookies (Google Analytics) and any other non-essential processing, where your explicit consent has been obtained via our cookie banner
  • Legal obligation — where processing is required to comply with applicable law, including tax and accounting obligations

6. How We Use Your Data

Your personal data is used exclusively for the following purposes:

  • Creating and managing your GemmoPrice account
  • Processing subscription payments and issuing invoices
  • Personalising your platform experience (language, preferences)
  • Responding to enquiries submitted via the contact form
  • Sending transactional communications related to your subscription (renewal notices, receipts, important service updates)
  • Analysing platform usage in anonymised form via Google Analytics to improve the service
  • Complying with legal and fiscal obligations applicable to GEMCO di Paolo Cerruti

We do not use your data for marketing profiling, behavioural advertising, or automated decision-making.

7. Data Sharing and Third Parties

We do not sell, rent, or share your personal data with third parties for commercial purposes under any circumstances.

Personal data may be shared only in the following limited cases:

  • Payment processors — your payment information is handled by our payment provider in accordance with PCI-DSS standards. GemmoPrice does not store credit card data.
  • Subscription management — user accounts and subscription data are managed through aMember, our access management system, operating on our own server infrastructure.
  • Email delivery — transactional emails (receipts, notifications) are sent via our own SMTP server.
  • Google Analytics — anonymised usage data is shared with Google LLC for platform analytics purposes, strictly subject to your prior consent. Google Analytics is configured with IP anonymisation. Data may be processed by Google on servers outside the EU under Standard Contractual Clauses. For more information, see Google’s Privacy Policy.
  • Consent management — cookie consent records are managed by Cookiebot (Usercentrics A/S), which processes this data in accordance with its own privacy policy.
  • Legal requirements — we may disclose data if required to do so by law, court order, or regulatory authority.

All personal data is stored on servers located within the European Union.

8. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this policy:

  • Account and billing data — retained for the duration of your subscription plus 10 years, in accordance with Italian fiscal law requirements
  • Contact form data — retained for up to 12 months from the date of the enquiry
  • Cookie consent records — retained for 12 months in accordance with GDPR requirements
  • Analytics data — retained by Google Analytics for 14 months (default retention setting)
  • Session and preference data — deleted upon account closure or session expiry

9. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

Under GDPR (EU/UK):

  • Right of access — to obtain a copy of your personal data
  • Right to rectification — to correct inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interest
  • Right to withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal
  • Right to lodge a complaint with your national data protection authority

Under CCPA (California):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt out of the sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising your rights

Under LGPD (Brazil):

  • Rights equivalent to GDPR, including access, correction, deletion, and portability

To exercise any of these rights, please contact us at: info@gemmoprice.com

We will respond within 30 days of receiving your request. Identity verification may be required before processing certain requests.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • Encrypted HTTPS connections for all data transmission
  • Server-side access controls and authentication
  • Restricted access to personal data on a need-to-know basis
  • Regular security monitoring of our server infrastructure

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform affected users without undue delay.

11. International Data Transfers

GemmoPrice is operated from Italy. All personal data is stored on servers located within the European Union. Where data processing involves service providers outside the EU — specifically Google LLC for analytics purposes — appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

12. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date of the most recent update is indicated at the top of this page. Continued use of the platform following any update constitutes acceptance of the revised policy. For significant changes, we will notify registered users by email.

13. Contact and Complaints

For any questions, requests, or complaints regarding this Privacy Policy or our data practices, please contact:

GEMCO di Paolo Cerruti — GemmoPrice Via Al Ponte Reale 2/7 16124 Genova — Italy info@gemmoprice.com

If you are located in the EU and are not satisfied with our response, you have the right to lodge a complaint with the Italian data protection authority:

Garante per la protezione dei dati personali Piazza Venezia 11 — 00187 Roma, Italy www.garanteprivacy.it