Privacy Policy

Effective Date: 09/09/2025 
Last Updated: 09/09/2025 

1. Scope 

This Privacy Policy (“Policy”) describes how GemSource Capital, LLC (“GemSource,” “we,” “us,” or “our”) collects, uses, discloses, and protects your information when you access www.gemsourcecapital.com (the “Website”) or use our services (the “Services”), including communications via email, text, or other electronic means. 

By using the Website or Services, you consent to this Policy and represent that you are authorized to act on behalf of yourself or your business. This Policy may be updated periodically, and continued use constitutes acceptance of any changes. 

 

2. Definitions 

PII (Personally Identifiable Information): Information that can identify an individual or business representative (e.g., name, email, SSN, EIN). 

Non-PII: Non-identifiable data (e.g., device info, browser type, usage data). 

Services: Any offerings provided by GemSource via the Website or other channels. 

 

3. Information We Collect 

We may collect: 

PII: Name, address, phone number, email, EIN, SSN (if applicable), financial data, collateral information, and identity verification documents. 

Non-PII: Browser type, IP address, device ID, referral URLs, geolocation data, and Website usage data. 

Third-Party Data: Information about co-borrowers, guarantors, or business partners. 

KYC/AML Note: We may collect and process identity documentation and related information to comply with Know Your Customer (KYC), Anti-Money Laundering (AML), and other regulatory obligations. 

We do not share mobile-originated text messaging opt-in data with third parties for marketing purposes. 

4. How We Collect Information 

Directly from you: When you complete forms, applications, or communications. 

Automatically: Through cookies, pixels, analytics tools, and similar technologies. 

From third parties: Including service providers, credit agencies, and business partners. 

 

5. Legal Basis for Processing 

We process your data based on: 

  • Your consent; 

  • Contractual necessity; 

  • Legal or regulatory obligations; 

  • Legitimate business interests, such as fraud prevention and business analytics. 

 

6. How We Use Information 

We may use your information to: 

  • Deliver and improve the Services; 

  • Evaluate financing applications and collateral; 

  • Comply with regulatory obligations (including AML/KYC checks); 

  • Communicate updates, support, and account notices; 

  • Prevent fraud, monitor security, and enforce agreements; 

  • Offer new products or services relevant to your business. 

 

7. Disclosure of Information 

We may share your information: 

  • With affiliates, vendors, and service providers supporting our operations; 

  • With custodians, evaluators, and other third parties necessary for collateralized transactions; 

  • In connection with mergers, acquisitions, or asset transfers; 

  • To fulfill your requests or transactions; 

  • To comply with legal or regulatory obligations; 

  • To protect the rights, safety, or security of GemSource, its users, or the public. 

We may also share aggregated or anonymized data for analytics or business purposes. 
We do not sell PII to third parties for marketing purposes. 

8. Third-Party Analytics & Advertising 

We may use analytics tools (e.g., Google Analytics, Meta Pixel) to measure usage and performance. 

You can opt out of interest-based advertising via: 

  • Network Advertising Initiative 

  • Digital Advertising Alliance 

 

9. Your Privacy Choices 

You may: 

  • Opt out of marketing communications by emailing privacy@gemsourcecapital.com; 

  • Disable cookies through browser settings; 

  • Request access, correction, or deletion of your data by contacting us. 

 

10. Data Security 

We implement administrative, technical, and physical safeguards, including encryption, firewalls, and access controls, to protect your information. 

Although GemSource is not a “financial institution” as defined under the Gramm-Leach-Bliley Act (GLBA), we adopt safeguards consistent with GLBA and the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR 500). 

Breach Notification Commitment: In the event of unauthorized access to your personal information, we will notify you and applicable regulators in accordance with New York law and other applicable requirements. 

 

11. Data Retention 

We retain information as long as necessary to: 

  • Deliver the Services; 

  • Comply with legal and regulatory obligations; 

  • Prevent fraud or misuse; 

  • Resolve disputes and enforce agreements. 

  • When information is no longer required, it will be securely deleted or anonymized. 

 

12. Do Not Track Signals 

Our website does not currently respond to browser “Do Not Track” signals. 

 

13. State-Specific Rights 

California (CCPA/CPRA): You have the right to know what data we collect, request deletion, opt out of sale/sharing of personal information, and not face discrimination for exercising these rights. 

Nevada: You may opt out of the sale of certain personal information by emailing legal@gemsourcecapital.com

 

14. Children Under 18 

Our Website and Services are not directed toward, and we do not knowingly collect information from, individuals under 18 years of age. 

 

15. International Data Transfers 

If personal data is transferred outside the United States, we implement appropriate safeguards. For transfers involving individuals in the European Economic Area (EEA) or United Kingdom, we rely on Standard Contractual Clauses (SCCs) or other approved mechanisms. 

 

16. Changes to This Policy 

We may update this Policy periodically. Material changes will be posted with an updated effective date. 

 

17. Contact Information 

GemSource Capital, LLC 
legal@gemsourcecapital.com