logo

Privacy Policy

Giraffe Gold Holdings LLC

Effective Date: January 23, 2026

Introduction

Giraffe Gold Holdings LLC ("Giraffe," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and related services (collectively, the "Services").

Our Services enable you to accumulate physical precious metals through automated round-ups on your daily purchases and subscription payments. Because we handle sensitive financial information, we take your privacy seriously and have implemented robust safeguards to protect your data.

Please read this Privacy Policy carefully. By using our Services, you consent to the collection and use of your information as described herein. If you do not agree with this Privacy Policy, please do not access or use our Services.

1. Information We Collect

1.1 Information You Provide Directly

Account Information: When you create an account, we collect your name, email address, phone number, date of birth, mailing address (for gold bar delivery), and password.

Identity Verification Information: To comply with Know Your Customer (KYC) and anti-money laundering (AML) regulations, we collect government-issued identification documents (such as driver's license, passport, or state ID), Social Security Number or Tax Identification Number, and photographs for identity verification purposes.

Financial Information: When you link your bank account to enable round-ups, automatic payments, or other financial features, we use Plaid Inc. ("Plaid") to securely connect to your financial institution and retrieve necessary information, such as account numbers, routing numbers, balances, and transaction history. Plaid acts on our behalf to access and transmit this data from your bank. By linking your account, you consent to us sharing your financial information with Plaid for these purposes, and to Plaid collecting, using, storing, and processing that information as described in Plaid's End User Privacy Policy (available at https://plaid.com/legal/#end-user-privacy-policy).

Communication Information: When you contact us for support or provide feedback, we collect the content of your communications, including emails, chat messages, and phone call recordings (where permitted by law).

1.2 Information Collected Automatically

Device Information: We automatically collect information about your device, including device type, operating system, unique device identifiers, IP address, browser type, and mobile network information.

Usage Information: We collect information about how you use our Services, including features accessed, time spent on the app, click patterns, and navigation paths.

Location Information: With your consent, we may collect approximate location information based on your IP address. We do not collect precise GPS location data.

Cookies and Similar Technologies: We use cookies, pixels, and similar tracking technologies to collect information about your browsing activities and to distinguish you from other users. You can control cookie preferences through your browser settings.

1.3 Information from Third Parties

Financial Data Providers: We receive transaction data and account information from Plaid, Inc. when you link your bank accounts or payment cards. Plaid's use of your information is governed by Plaid's own privacy policy, available at https://plaid.com/legal.

Identity Verification Services: We use third-party identity verification services to confirm your identity and comply with KYC/AML requirements. These services may provide us with verification results and risk assessments.

Payment Processors: Our payment processor, Stripe, Inc., provides us with transaction confirmations and limited payment information necessary to complete your purchases. Stripe's privacy policy is available at https://stripe.com/privacy.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing Our Services: To create and manage your account, process round-ups and subscription payments, purchase precious metals on your behalf, arrange shipping of gold bars to your address, and provide customer support.
  • Compliance and Security: To verify your identity, comply with KYC/AML and other legal requirements, detect and prevent fraud, and protect the security of our Services and users.
  • Communications: To send you transaction confirmations, shipping notifications, account alerts, and updates about our Services. We may also send promotional communications with your consent, which you can opt out of at any time.
  • Improvement and Analytics: To analyze usage patterns, improve our Services, develop new features, and conduct A/B testing to optimize user experience.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests, including tax reporting requirements.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers: We share information with third-party vendors who perform services on our behalf, including:

  • Plaid, Inc. – Bank account linking and transaction data
  • Stripe, Inc. – Payment processing
  • Avalara, Inc. – Tax calculation and compliance
  • UPS – Shipping and delivery services
  • Upstate Gold & Coin – Precious metals sourcing and fulfillment
  • Amazon Web Services – Cloud hosting and data storage
  • Identity verification providers – KYC/AML compliance

We share certain financial information with Plaid to facilitate secure bank account linking and data retrieval for features like round-ups and payments. Plaid may collect, use, and share your data as detailed in their End User Privacy Policy at https://plaid.com/legal/#end-user-privacy-policy. We do not control Plaid's practices, and you should review their policy for full details on how they handle your information.

These service providers are contractually obligated to protect your information and may only use it to perform services on our behalf.

Legal Requirements: We may disclose your information if required by law, subpoena, court order, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

Business Transfers: If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

4. Data Security

We implement robust technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

  • Encryption: All data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption.
  • PCI DSS Compliance: Payment card data is handled in compliance with Payment Card Industry Data Security Standards through our payment processor, Stripe.
  • SOC 2 Best Practices: We follow SOC 2 best practices for security, availability, and confidentiality of customer data.
  • Access Controls: We employ least-privilege access principles, ensuring that only authorized personnel with a business need can access your information.
  • Monitoring: We continuously monitor our systems for security vulnerabilities and suspicious activity.

While we strive to protect your information, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but we are committed to promptly notifying you and relevant authorities of any data breach as required by law.

5. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy. Specific retention periods include:

  • Account Information: Retained for the duration of your account and for up to 7 years after account closure to comply with tax and legal requirements.
  • Transaction Records: Retained for at least 7 years to comply with tax reporting and financial record-keeping requirements.
  • KYC/AML Documentation: Retained for at least 5 years after the end of the customer relationship, as required by anti-money laundering regulations.
  • Usage Data: Generally retained for up to 2 years for analytics purposes, then anonymized or deleted.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access and Portability: You may request access to the personal information we hold about you and receive a copy in a portable format.
  • Correction: You may request that we correct inaccurate or incomplete personal information.
  • Deletion: You may request deletion of your personal information, subject to certain exceptions required by law (such as tax and KYC/AML retention requirements).
  • Opt-Out of Marketing: You may opt out of promotional emails by clicking the "unsubscribe" link in any marketing email or by contacting us directly. Note that you cannot opt out of transactional communications related to your account and purchases.
  • Withdraw Consent: Where we rely on your consent to process your information, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing conducted prior to withdrawal.

To exercise any of these rights, please contact us at privacy@giraffegoldbar.com. We will respond to your request within 30 days (or as required by applicable law).

7. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: You have the right to know what personal information we collect, use, disclose, and sell.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information. We do not sell personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information. However, because we use such information only as necessary to provide our Services (such as identity verification and financial transactions), limiting use may prevent us from providing certain Services to you.

To exercise your California privacy rights, contact us at privacy@giraffegoldbar.com or call us at [Phone Number]. You may also designate an authorized agent to make requests on your behalf.

8. Other State Privacy Rights

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights to access, correct, delete, and opt out of certain processing of their personal information. Please contact us to exercise these rights.

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will promptly delete that information. If you believe we have collected information from a child under 18, please contact us immediately at privacy@giraffegoldbar.com.

10. International Data Transfers

Our Services are currently available only in the United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

11. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will notify you by email (if you have an account) and/or by posting a prominent notice in our app or on our website prior to the changes taking effect. We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Giraffe Gold Holdings LLC

Email: privacy@giraffegoldbar.com

Website: www.giraffegoldbar.com

General Inquiries: info@giraffegoldbar.com

We aim to respond to all privacy-related inquiries within 30 days.

Appendix: Financial Privacy Notice

Federal law gives consumers the right to limit some but not all sharing of personal financial information. Federal law also requires us to tell you how we collect, share, and protect your personal information.

What We Collect

We collect personal information when you open an account, make purchases, link bank accounts, or provide identity verification. This includes Social Security Number, income information, account balances, transaction history, and payment history.

Bank Account Connections via Plaid

To provide services such as transaction-based round-ups and automated payments, we integrate with Plaid Inc. Plaid enables secure connections to your financial accounts without requiring you to share your bank login credentials directly with us. When you choose to link an account through our app, you authorize us (and Plaid acting on our behalf) to access and use your financial data for these purposes. This includes transmitting identifiers, account details, balances, and transaction history to Plaid. Plaid collects and processes this data in accordance with their End User Privacy Policy, which you can review here: https://plaid.com/legal/#end-user-privacy-policy. By linking your account, you consent to this data sharing and Plaid's data practices as described therein.

Why We Share

We share your information for everyday business purposes (such as processing your transactions, maintaining your account, and responding to legal requests), and with service providers who help us operate our business. We do not share your information for joint marketing with other financial companies, for our affiliates' everyday business purposes, or for our affiliates or nonaffiliates to market to you.

How We Protect

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards, secured files, and employee training.

This Privacy Policy was last updated on January 23, 2026.

logo
Choose your monthly contribution, add automatic round-ups, and start accumulating physical precious metals. Simple, secure, and completely on your terms.
      Why gold
      How it works
      Benefits
      Compare
      Waitlist
info@giraffegoldbar.com
Giraffe Gold Holdings LLC • Delaware‑based fintech startup
Privacy Policy | Terms & Conditions