Updates to the Privacy Policy - May 17, 2018

We restructured the Privacy Policy to clearly set out what data we collect, how we use it and your rights in connection with your personal data.

Our updated policy complies with the new requirements under the EU General Data Protection Regulation coming into force on May 25, 2018.

This policy is applicable to all clients and all visitors to our sites and apps from May 17, 2018

Explanation of the Privacy Policy:

Rapaport takes the privacy of your personal information very seriously and will use your information only in accordance with the terms of this Privacy Policy. We will not sell or rent your personally identifiable information or a list of our customers to third parties.

Sections 1 and 2 define the Rapaport Group of Companies and the services we provide as well as how the policy will be updated. We will never sell or rent your personal data.

Section 3 sets out the type of data we collect.

Section 4 explains out how we use the data we collect, including our approach to marketing, spam and when we will share your data with 3rd parties

Section 5 details out your rights with regard to your personal data

Section 6 explains our approach to data security.

Rapaport Privacy Policy

– Updated - May 17, 2018

1 Overview

1.1 The Rapaport Group of Companies (any company owned at least 51% by Martin Rapaport or any trust settled by Martin Rapaport, and its subsidiaries and affiliates) ("Rapaport" or "we") offers services to the international diamond, gem and jewelry industry, including information, pricing, trading, auction, laboratory and grading services ("Services"). In order to operate the Services and to be in compliance with United States and other laws and regulations, including the USA PATRIOT ACT, OFAC and GDPR requirements, Rapaport may ask you to provide us with company, personal, credit card and/or bank account details. This Privacy Policy applies to all Rapaport websites, apps and Services and describes the information we collect and how we use that information. Rapaport will be the controller of your personal data provided, collected, or processed in connection with our Services.

1.2 Rapaport takes the privacy of your personal information very seriously and will use your information only in accordance with the terms of this Privacy Policy. We will not sell or rent your personally identifiable information or a list of our customers to third parties. There are limited circumstances in which some of your information will be shared with third parties as described below.

1.3 This Privacy Policy applies to Rapaport clients who use the Services and, where applicable, to non-clients (visitors) who view and interact with content and data on some of our websites, apps or Services. By using our websites, apps or Services, you agree to accept the provisions of this Privacy Policy. By applying for any of the Services, you expressly consent to our use and disclosure of your personal information in the manner described in this Privacy Policy. This Privacy Policy forms a part of and is incorporated into the terms of the relevant Agreement between you and Rapaport governing the provision of the Services.

1.4 Rapaport will hold and transmit your personal information in a safe, confidential and secure environment in accordance with applicable laws and regulations. If you object to your personal information being transferred or used as described in this Privacy Policy, please do not register, subscribe for, or use the Services.

2 Notification of Changes

2.1 This policy may be revised over time as new features are added to the Services or as we incorporate suggestions from our customers. If we are going to use or disclose your personally identifiable information in a manner materially different from that stated at the time we collected the information, you will have a choice as to whether or not we use or disclose your information in this new manner. Any material changes will be effective only 30 days after we post an amended Privacy Policy.

2.2 We will post the amended Privacy Policy on our websites and apps so that you can always review what information we gather, how we might use that information, and whether we will disclose it to anyone. Please check this website at any time for the most current version of our Privacy Policy.

2.3 Our Services may include links to third party websites. These sites are governed by their own privacy statements, and Rapaport is not responsible for their operations, including but not limited to their information practices. By submitting your information to or through these third party websites you should review the privacy statement of these sites before providing them with personally identifiable information.

3 WHAT DATA WE COLLECT

3.1 Required Information

To subscribe or use the Services, you must provide personal and company details, address, phone number, and e-mail address. In order to trade through our Trading Division or RapNet trading systems, you may be required to provide trade references, credit card, debit card or bank account information. This information is necessary for us to approve your membership and to process transactions or to contact you should the need arise in administering your membership.

If you choose to register or apply for certain optional/additional features, products or Services offered through Rapaport, you may be required to provide additional information to establish that you qualify for such features or products.

3.2 Use of Services Information

We log all usage data including chats and communications when you visit or otherwise use our Services, including our sites, app and platform technology (e.g., our off-site plugins), such as when you view or click on content (e.g., news article) or ads (on or off our sites and apps), perform a search, install or update one of our mobile apps, share articles or list diamonds. We use log-ins, cookies, device information, location and internet protocol (“IP”) addresses to identify you and log your use.

3.3 Transaction Information

When you list an item for sale (for example, a diamond), purchase or sell an item, or use any of the Services in any way, we record all information related to each transaction.

3.4 Information About You From Third Parties

In order to protect us and our customers against potential fraud or in order to perform compliance obligations, we may verify with third parties the information you provide. In the course of such verification, we receive personally identifiable information about you from such services. This may include background and credit check from a credit bureau or a business information service such as Dun & Bradstreet, as well as OFAC and FBI or other law enforcement information. Rapaport, at its sole discretion, also reserves the right periodically to retrieve and review a business and / or consumer credit report for any account, and reserves the right to close an account based on information obtained during this credit review process or for any reason whatsoever.

3.5 Additional Verification

If we cannot verify the information that you provide we may ask you to send us additional information (such as your drivers' license, credit card statement, and/or a recent utility bill or other information linking you to the applicable address), or to answer additional questions.

3.6 Website Traffic Information

We automatically receive the web address of the site that you came from or are going to. We also collect information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our Services from a mobile device, that device will send us data about your location based on your phone settings. We record which pages of our website you visit and what links or buttons you click on. We also may record screen videos of your mouse movements and data input while you are on the site. We use this information for analytical purposes and to understand our customers' preferences and usage patterns, so as to improve our Service and your experience with Rapaport.

3.7 Rapaport Inbox and messages

Messages sent to you and from you through any inbox, message center, chat or other Rapaport communication tools are kept and maintained by Rapaport.

3.8 Our Use of "Cookies", Web Beacons and Similar Technology

We use cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to recognize you and/or your device(s) on, off and across different Services, websites and apps.Cookies will allow you to revisit without losing many of your settings. You can set your web browser to warn you about attempts to place cookies on your computer, limit the type of cookies you allow or refuse cookies altogether; however, you may not be able to use some or all of the features of the Services if you refuse/disable cookies. A more detailed explanation of different types of cookies and our use of such cookies is set out at the end of this Privacy Policy.

3.9 Customer Service Correspondence

We may retain any correspondence you send us and our replies to you. Such information is often placed in the records of your account. We may also record phone calls to or from our various offices. We retain these records in order to measure and improve our customer service, maintain a history of your relationship with us and to investigate potential fraud and violations of our Agreement. We may, over time, delete these records if permitted by law.

3.10 Questionnaires, Surveys and Profile Data

From time to time, we offer optional questionnaires and surveys to our clients for such purposes as collecting demographic information or assessing clients' interests and needs. The use of the information collected will be explained in detail in the survey itself. If we collect personally identifiable information from our clients in these questionnaires and surveys, the clients will be given notice of how the information will be used prior to their participation in the survey or questionnaire.

4 HOW WE USE YOUR DATA

4.1 Internal Uses

We collect, store and process your personal information on servers located in the United States. We use the information we collect about you in order 1) to provide our services and process your transactions, 2) to provide customer service, 3) to determine your eligibility to receive special trading privileges or products 4) to improve our products and services and 5) for the marketing of our Services to you and others.

We process this information given our legitimate interest in providing and improving our Services, and for the adequate performance of our contract with you.

4.2 Disclosure to Other Rapaport Customers

If you are a registered Rapaport customer, information in your profile (for example your name, company name, telephone numbers) and other personal information, may be displayed to other Rapaport customers via our Services. Should you be expelled or excluded as a member/customer, your name and member details may be posted online. However, your credit card number will NEVER be revealed to anyone other than 3rd party PCI compliant payment processors, except with your express written permission or if we are required to do so pursuant to a subpoena or other legal process. We process this information given our legitimate interest in providing the Services.

4.3 Disclosure to Third Parties Other Than Rapaport Customers

Rapaport will not sell, rent or share any of your personally identifiable information to third parties, except in the limited circumstances described below, or with your express permission (or with other Rapaport customers as described above). We disclose information we collect in response to a law enforcement request, subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action.

We disclose information we collect in circumstances in which Rapaport believes the Services are being used in the commission of a crime; when we have a good faith belief that there is an emergency that poses a threat to the safety or security of you or another person; or when necessary either to protect the rights or property of Rapaport, the Services or our subsidiaries, or affiliates in the Rapaport Group, or for us to render the Services provided. We disclose information we collect to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).

Where permissible according to applicable law, we may use certain limited personal information about you, such as your email address, to hash it and to share it with social media or advertising platforms, such as Facebook or Google, to generate leads, drive traffic to our websites or otherwise promote our Services. These processing activities are based on our legitimate interest in undertaking marketing activities to offer you and others products or services that may be in your or their interest.

The social media platforms with which we may share your personal data are not controlled or supervised by Rapaport and they are considered data processors.

Please note that you may, at any time ask Rapaport to cease processing your data for these direct marketing purposes by sending an e-mail to opt-out@Rapaport.com.

We share aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our clients have addresses in New York. However, this aggregated information is not tied to personally identifiable information. We share your information with our parent, subsidiaries, affiliates and joint ventures to help coordinate the Services we provide to you, enforce our terms and conditions, and promote trust and safety.

We share your information with third party companies that perform services on our behalf, including payment and subscription processing, order fulfillment, data analysis, marketing services, e-mail campaigns, hosting services, and customer service. While providing services for us, these companies act as Data Processors and may access your personal information, and are required to use it solely as directed by us for the purpose of our requested service. We may also share your information with third party companies that we partner with to provide certain services to you in connection with the Services. We only share the minimum data needed for Data Processors to perform the services for which they are contracted.

We process this information for the purposes listed in this section given our legitimate interest in undertaking marketing activities to offer you and others our Services. You may opt out of marketing communications by following the unsubscribe instructions in our marketing communications.

4.4 Our Contacts with Rapaport Customers

We will contact you through email, mobile phone, notices posted on our websites or apps, messages to your Rapaport Inbox, and other ways through our Services, including text messages and push notifications. We will send you messages about the availability of our Services, security, or other service-related issues. We also send messages about how to use the Services, network updates, reminders and promotional messages from us. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices, as doing so would prevent us from providing the Services to you. We use your information to contact you given our legitimate interest in providing the Services.

We also enable communications between you and others through our Services, including for example Rapaport Inbox.

4.5 Your Use of Information and Our Services

Where applicable, in order to facilitate the transactions between Rapaport clients, our Services may allow you limited access to other clients' contact or shipping information. In such circumstances, as a member you may have access to the member information, email address or other contact or shipping information of other members. By consenting to the applicable License Agreement, you agree that you will not share Rapaport access logins and you will only use this information for: (a) Rapaport-related communications that are not unsolicited commercial messages, (b) using services offered through Rapaport (e.g. diamond sales, shipping or insurance), and (c) any other purpose that such client expressly agrees to after adequate disclosure of the purpose(s). In all cases, you must provide clients with the opportunity to remove themselves from your database and review any information you have collected about them. In addition, under no circumstances, except as defined in this Section, can you disclose personally identifiable information about another Rapaport client to any third party without our consent and the consent of such other client after adequate disclosure. Note that law enforcement personnel and other rights holders are given different rights with respect to information they access.

4.6 Spam Prohibited

Rapaport does not tolerate spam. You may not add a Rapaport client to your marketing lists (email, phone, physical mail or any other electronic or physical form of communication) without their express consent after adequate disclosure, even if that client has previously made a purchase from you. We strictly enforce our Anti-Spam Policy. To report Rapaport-related spam, please send an email to: info@diamonds.net.

5YOUR CHOICES & OBLIGATIONS

5.1 Data Retention

We will store your data until such time when you request us to delete it. In some cases you may need to close your Account with us in addition to requesting data deletion. All other data will be retained for as long as is necessary for the purpose(s) for which we originally collected it. We may also retain information as required by law.

5.2 Rights to Access and Control Your Personal Data

Any requests relating to the following rights should be sent to privacy@diamonds.net

Delete Data: You can ask us to erase or delete all or some of your personal data if it is no longer necessary to provide Services to you.

Change or Correct Data: You can edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate.

Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your personal data is inaccurate or unlawfully held).

Right to Access and/or Take Your Data: You can ask us for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form.

5.3 Account Closure

We keep some of your data even after you close your account.

If you choose to close your account, your personal data will generally stop being visible to others on our Services within 24 hours. We generally remove diamond information and profiles within 24 hours of account closure and this information will no longer be visible to clients of the Services.

We retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our License Agreements, or fulfill your request to “unsubscribe” from further messages from us. We will retain de-personalized information after your account has been closed.

Information you have shared with others (e.g., through Inbox, emails, posts etc…) will remain visible after you closed your account or deleted the information from your own profile or mailbox, and we do not control data that other Members copied out of our Services.

5.4 Lawful Bases for Processing

We will only collect and process personal data about you where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the Services you have requested)) and legitimate interests.

Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your personal data, please contact our Data Protection Officer (privacy@diamonds.net).

6 Information Security

6.1 Rapaport is committed to handling your customer information with high standards of information security. We restrict access to your personally identifiable information to employees who need to know that information in order to provide products or services to you. We maintain physical, electronic and procedural safeguards that comply with federal regulations to safeguard your nonpublic personal information.

6.2 The security of your subscription to any of the Services also relies on your protection of your password. You may not share your password with anyone. Rapaport will never ask you to send your password or other sensitive information to us in an e-mail, though we may ask you to enter this type of information on the website.

6.3 Any e-mail or other communication requesting your password, asking you to provide sensitive account information via email, should be treated as unauthorized and suspicious and should be reported to Rapaport immediately. If you do share your Rapaport password with a third party for any reason, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please contact us immediately on help@diamonds.net.


Defining Cookies and what we use them for:

WHAT ARE COOKIES USED FOR?

Cookies can be used to recognize you when you visit our Services, remember your preferences, and give you a personalized experience that’s in line with your settings. Cookies also make your interactions with our Services faster and more secure. Additionally, cookies allow us to bring you advertising both on and off the Rapaport sites, and bring customized features to you.

Categories of Use

Description

Authentication

If you’re signed in to Rapaport Services, cookies help us show you the right information and personalize your experience.

Security

We use cookies to enable and support our security features, and to help us detect malicious activity and violations of our user License Agreement.

Preferences, features and services

Cookies can store your custom print settings, other custom settings and tell us which language you prefer.

Advertising

We may use cookies to show you relevant advertising both on and off the Rapaport sites. We may also use a cookie to learn whether someone who saw an ad later visited and took an action (e.g. downloaded a white paper or made a purchase) on the advertiser’s site. Similarly, our partners may use a cookie to determine whether we’ve shown an ad and how it performed, or provide us with information about how you interact with ads. We may also work with a partner to show you an ad on or off Rapaport, such as after you’ve visited a partner’s site or application.

Performance, Analytics and Research

Cookies help us learn how well our site and plugins perform in different locations. We also use cookies to understand, improve, and research products, features, and services.


© Copyright 1978-2018 by Martin Rapaport. All rights reserved. Index®, RapNet®, Rapaport®, PriceGrid™, Diamonds.Net™, and JNS®; are TradeMarks of Martin Rapaport.
While the information presented is from sources we believe reliable, we do not guarantee the accuracy or validity of any information presented by Rapaport or the views expressed by users of our internet service.