Privacy Policy
Last updated: July 4, 2026
1. The short version
Your gem designs never leave your device. The GemDiagram design application runs entirely in your web browser. The cuts, facet data, and files you create are not uploaded to or stored on our servers.
The personal data we hold is what we need to run and secure your account and billing: your email, a hashed password, a record of your subscription, and a log of activity on your account that we also show you in your dashboard. We use no third-party analytics, no advertising trackers, and no third-party pixels, and we never sell or share your personal information. The rest of this policy explains the details.
2. Who we are
GemDiagram.com is the controller of the personal data described here. For any privacy question or request, contact us at .
3. Data we collect
We keep our data collection to the minimum needed to operate the Service. Here is everything we store on our servers:
| Data | What it is | Why we hold it |
|---|---|---|
| Account | Your email address, a securely hashed password, and your plan and account status. | To create and run your account (contract). Kept while your account is active. |
| Billing sync | Your Stripe customer and subscription identifiers and current period end date. Card numbers never touch our servers — Stripe is the source of truth. | To keep your subscription status in sync (contract). |
| Verification & reset tokens | Hashed, expiring tokens for email verification and password reset. | To verify your email and let you reset your password (contract / security). |
| Sign-in codes | One-time email codes, stored only as a hash, expiring after about 10 minutes, with an attempt counter. | For email-based two-factor sign-in (security). |
| Login attempts | The email tried and a hashed form of the IP address, with a success/fail flag. | To detect and slow down abuse (legitimate interest). Deleted after 30 days. |
| Account & activity log | A timestamped log of events on your account: sign-ins and failed sign-ins, device and session changes, password and email-verification changes, billing events (subscription, plan, and payment changes), and in-app activity such as creating, viewing, finalizing, or deleting client previews and design-app actions like saving a file, creating a gemstone, exporting a PDF, taking a screenshot, or recording a video. Security-related entries also store a hashed IP address and browser user-agent string. The log records that an action happened, never the contents of your gem designs. | To keep your account secure, sync your billing, and show you your own recent activity in your dashboard (legitimate interest / contract). Deleted after 90 days, capped at your most recent 250 entries. |
| Abuse rate-limit records | A hashed IP address and the action attempted (e.g. contact form, signup). | To slow down automated abuse (legitimate interest). Deleted after 2 days. |
| Newsletter subscription | Your email address and subscription status (pending confirmation, confirmed, or unsubscribed). | To send the newsletter you signed up for, with double opt-in (consent). Kept until you unsubscribe. |
If you use our contact form, your name, email, and message are queued in our database for delivery to our support address, then deleted within 30 days of being sent (or 90 days if delivery fails).
4. What we don't collect
- Your designs. Gem designs and facet data stay in your browser and are never sent to us.
- No third-party analytics or ad tracking. We do not use Google Analytics or any similar product, advertising pixels, or cross-site trackers. We do keep a first-party activity log tied to your account, which we show you in your dashboard and describe in section 3.
- No card numbers. Payment card details are handled entirely by Stripe; we never receive or store them.
- No selling of data. We do not sell or rent your personal information to anyone.
5. Why we may process your data (legal bases)
Where the GDPR or UK GDPR applies, we rely on these legal bases:
- Contract — to create your account, run your subscription, and provide the Service.
- Legitimate interest — to keep the Service secure and prevent abuse, which is why our login and audit records store IP addresses only as a hash.
- Legal obligation — where we must keep records to comply with the law.
Because we set no analytics or advertising cookies, we do not rely on consent to operate the Service.
6. How we handle IP addresses
When we need an IP address for security — rate-limiting sign-ins and recording account events — we store it only as a one-way SHA-256 hash, never in raw form. The hash lets us recognize repeated activity from the same source without keeping the address itself.
7. Service providers
We share the limited data above only with providers that help us run the Service, under agreements that require them to protect it:
- Stripe — payment processing and subscription billing. See the Stripe Privacy Policy.
- Account and support email (verification, sign-in codes, notifications) is sent from our own mail server — we do not use a third-party email processor.
- ColoCrossing — hosting the website and database.
8. How long we keep data
- Account data — for the life of your account, plus a reasonable wind-down period after you close it.
- Login attempts — deleted after 30 days.
- Security audit log — deleted after 90 days, capped at your most recent 250 entries.
- Verification, reset, and sign-in codes — expire and are cleared shortly after they are issued.
- Transactional email queue — delivered messages deleted after 30 days; failed messages after 90 days.
- Abuse rate-limit records — hashed IP only, deleted after 2 days.
- Newsletter subscriptions — kept until you unsubscribe or ask us to delete them.
9. International data transfers
GemDiagram is based in the United States and our servers are hosted there. If you access the Service from the EU, the UK, or elsewhere, the data described above is processed in the United States. Where required, we rely on appropriate safeguards for such transfers.
10. Your rights
Depending on where you live, you may have the right to access, correct, delete, or receive a copy of your personal data, to object to or restrict certain processing, and to withdraw consent where we rely on it. To exercise any of these, email . If you are in the EU or UK, you also have the right to complain to your local data-protection supervisory authority.
11. U.S. state privacy (CCPA and similar)
We do not sell or share your personal information as those terms are defined under the California Consumer Privacy Act or comparable U.S. state laws. California and other eligible residents may exercise their access and deletion rights using the same contact address above, and we will not discriminate against you for doing so.
12. Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has given us personal information, contact us and we will delete it.
13. How we protect your data
We use industry-standard measures to protect your data, including hashing passwords and sign-in codes, storing IP addresses only as hashes, HttpOnly session cookies, a Content Security Policy, and single-active-session enforcement that signs out other devices when you log in. No system is perfectly secure, but we work to keep your data safe.
14. Cookies and browser storage
We use only a handful of strictly necessary and functional cookies and browser-storage items — no analytics cookies, no advertising cookies, and no cross-site trackers. This is the complete list:
| Name | Type | Purpose | Lifetime |
|---|---|---|---|
| gdsid | First-party cookie (HttpOnly, SameSite=Lax) | Keeps you signed in during your session. | Cleared when your browser session ends. |
| gd_kicked | First-party cookie | Shows a one-time "you were signed out because your account was used on another device" notice. | Transient; cleared once you reach the login page. |
| gemdiagram-theme | Browser localStorage | Remembers your light/dark theme preference. | Until you clear it. |
| gd_consent | First-party cookie (SameSite=Lax) | Remembers your cookie-consent choice so we don't ask again on every visit. | 12 months. |
| Stripe cookies | Third-party, set only on Stripe-hosted checkout and billing pages | Payment processing and fraud prevention, handled by Stripe. | Per Stripe's own policy. |
Everything above is strictly necessary or functional — keeping you signed in, protecting your account, and remembering basic preferences. We still show a short cookie banner that records whether you choose “Allow all” or “Decline”; that choice is stored in the gd_consent cookie above. We do not set any analytics or advertising cookies today, so declining changes nothing about how the Service works right now. If we ever introduced non-essential cookies, a declined choice would be honored and those cookies would not be set.
When you go to checkout or manage your subscription, those pages are hosted by Stripe on stripe.com, and Stripe sets its own cookies there under the Stripe Privacy Policy.
You can clear or block cookies and site data through your browser settings; your theme preference is removed when you clear site data for gemdiagram.com. Blocking our strictly necessary cookies will stop you from staying signed in.
15. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you.
16. Contact
For any privacy question or request, email .