Privacy Notice for Geminos Connect

a. What data is processed and for what purpose?

Whenever you access the Geminos Connect website or portal, the following data is collected automatically:

• Date and time of access
• IP address (truncated or hashed depending on the platform area)
• Hostname of the accessing device
• Website from which access occurs
• Subpages accessed
• Status of the request (success/failure)
• Transferred data volume
• Browser type and version
• User operating system

Purposes of processing:

• Ensure technical operation of the website
• Deliver content
• Maintain system security
• Detect abuse and prevent fraud

This data is technically required to display the website and portal.

b. Legal basis

Art. 6(1)(f) GDPR (legitimate interest in providing a secure, functional web offering).

c. Storage duration

• Session data: deleted at the end of the session
• Log files: accessible only to administrators, retained for a maximum of 4 weeks

a. Registration and account data

When registering as a creator or company, we process:

• First and last name
• Company name (for companies)
• Email address
• Country/region of residence or business
• Website URL
• Password (encrypted)
• LinkedIn profile (for creators)
• Gender (creator)
• Language preference
• Tax information (upon first payout)
• Double opt-in confirmation

Purpose: Create user accounts, identify users, and handle the contractual relationship.

Legal basis: Art. 6(1)(b) GDPR (contract performance).

b. Matching profile / questionnaire data

Creators answer questions on:

• Industries
• Topics
• Target groups
• Languages
• Posting frequency
• Personal preferences

Companies provide:

• Industry
• Target groups
• Campaign data and descriptions
• Logo and company profile

Purpose: Run the automated matching process (“Perfect Match”).

Legal basis: Art. 6(1)(b) GDPR.

c. Tracking and click data

For compensation and fraud prevention we process:

• IP hash
• Device fingerprints
• Timestamps
• Click source
• UTM parameters
• Campaign ID
• Association with creator and company

Purpose: Billing, fraud detection, platform functionality.

Legal basis: Art. 6(1)(b) and Art. 6(1)(f) GDPR.

d. Payment data (Stripe & other payment providers)

Geminos Connect uses Stripe for payments and billing. The following may be processed:

• Bank details (IBAN/BIC)
• PayPal address (if chosen)
• Successful/failed transactions
• Payout amounts
• Transaction IDs

Purpose: Execute payments.

Legal basis: Art. 6(1)(b) GDPR. Stripe acts as an independent controller. See Stripe’s privacy notice at https://stripe.com/privacy

e. Support data (AI chat + ticket system)

When using the AI support bot, we process:

• Entered text
• Technical data (browser, time, language)
• Created support tickets

Purpose: Handle support requests and forward them to human support.

Legal basis: Art. 6(1)(b) and Art. 6(1)(f) GDPR.