Our Commitment to Your Privacy
At Global Trust Gold (GTG), we are committed to protecting your privacy and maintaining the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.
By using GTG services, you consent to the data practices described in this policy.
1. Information We Collect
1.1 Personal Information
When you create an account or use GTG services, we collect:
| Category |
Information Collected |
| Identity Information |
Full name, date of birth, Social Security Number or Tax ID, government-issued ID (driver's license, passport), photo identification |
| Contact Information |
Email address, phone number, mailing address, shipping address |
| Financial Information |
Bank account numbers, routing numbers, credit/debit card information, transaction history, AURUBIT holdings, DAC balance |
| Account Credentials |
Username, password (encrypted), security questions, multi-factor authentication codes |
| MyPOG Information |
IQR code, referral relationships, commission earnings, downline organization structure |
1.2 Automatically Collected Information
When you access our platform, we automatically collect:
- Device Information: IP address, browser type and version, operating system, device identifiers
- Usage Data: Pages visited, time spent on pages, click patterns, features used, search queries
- Location Data: General geographic location based on IP address (we do not collect precise GPS location)
- Log Data: Access times, error logs, performance data
1.3 Information from Third Parties
We may receive information from:
- Identity Verification Services: Age verification, identity authentication, fraud detection
- Payment Processors: Transaction status, payment method details
- Credit Bureaus: Credit reports for certain transactions (with your consent)
- Social Media: If you connect social accounts (name, profile photo, email)
- Public Databases: Sanctions lists, watchlists for compliance purposes
2. How We Collect Information
2.1 Direct Collection
You provide information directly when you:
- Create an account or register for membership
- Complete identity verification
- Make purchases or sales of AURUBITS
- Order physical gold shipments
- Apply for a DAC Card
- Contact customer support
- Participate in surveys or promotions
- Enroll in the MyPOG Associates program
2.2 Automated Collection
We use various technologies to automatically collect information:
- Cookies: Small text files stored on your device
- Web Beacons: Electronic images that track page views
- Analytics Tools: Google Analytics, Mixpanel, or similar services
- Session Replay: Recording of user interactions for support and improvement
2.3 Third-Party Sources
We receive information from:
- KYC/AML verification providers
- Payment gateways and processors
- Gold custody and vault services
- Marketing and analytics partners
3. How We Use Your Information
3.1 Primary Uses
We use your information to:
Core Service Functions
- Create and manage your GTG account
- Process transactions (buying, selling, transferring AURUBITS)
- Maintain AURUBIT and DAC balances
- Process physical gold shipments
- Issue and manage DAC Cards
- Calculate and pay MyPOG commissions
3.2 Compliance and Security
- Identity Verification: Comply with Know Your Customer (KYC) regulations
- Fraud Prevention: Detect and prevent fraudulent transactions
- Anti-Money Laundering: Screen against sanctions lists and monitor suspicious activity
- Tax Reporting: Generate required tax documents (1099 forms, etc.)
- Legal Compliance: Respond to legal requests, court orders, and regulatory inquiries
3.3 Communication
- Send transaction confirmations and receipts
- Provide account statements and balance updates
- Deliver important service announcements
- Respond to customer support inquiries
- Send marketing communications (with your consent, opt-out available)
3.4 Platform Improvement
- Analyze usage patterns to improve user experience
- Develop new features and services
- Troubleshoot technical issues
- Conduct research and analytics
- Personalize content and recommendations
3.5 MyPOG Program Administration
- Track IQR-based referral relationships
- Calculate commission earnings across 17 levels
- Manage downline organization structures
- Process commission payments
- Generate Associates back office reports
4. Information Sharing and Disclosure
4.1 We Share Your Information With:
| Recipient |
Purpose |
Information Shared |
| Payment Processors |
Process payments and transactions |
Name, payment details, transaction amounts |
| Identity Verification Services |
Verify identity and prevent fraud |
Name, address, SSN, ID documents |
| Gold Custodians |
Store physical gold reserves |
AURUBIT balances, delivery addresses for shipments |
| Card Issuers |
Issue and manage DAC Cards |
Name, address, DAC balance, transaction history |
| Shipping Carriers |
Deliver physical gold shipments |
Name, shipping address, package contents (gold value) |
| Cloud Service Providers |
Data storage and hosting |
All data (encrypted at rest) |
| Analytics Providers |
Platform analytics and improvement |
Usage data, anonymized where possible |
| Legal Authorities |
Comply with legal obligations |
Any information required by law or court order |
4.2 We Do NOT Sell Your Information
Important Promise
GTG does not sell, rent, or lease your personal information to third parties for marketing purposes. Your data is used solely to provide our services and comply with legal obligations.
4.3 Business Transfers
If GTG is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. You will be notified via email and/or prominent notice on our website of any change in ownership or use of your personal information.
4.4 Aggregate Data
We may share aggregated, anonymized data that cannot identify you individually with:
- Business partners for market research
- Investors for business metrics
- The public for transparency reports
5. Data Storage and Retention
5.1 Where We Store Data
Your information is stored on secure servers located in:
- United States (primary data centers)
- European Union (EU customers)
- Cloud infrastructure provided by AWS, Google Cloud, or Microsoft Azure
5.2 How Long We Keep Data
| Data Type |
Retention Period |
| Account Information |
Duration of account + 7 years after closure |
| Transaction Records |
7 years (regulatory requirement) |
| Tax Documents |
7 years (IRS requirement) |
| Identity Verification |
7 years after account closure |
| Marketing Communications |
Until opt-out, then deleted within 30 days |
| Usage/Analytics Data |
24-36 months, then anonymized or deleted |
| Support Tickets |
3 years |
5.3 Data Deletion
When data is no longer needed, we:
- Securely delete from active systems
- Remove from backup systems within 90 days
- Anonymize data used for analytics
- Maintain minimum data required by law
6. Security Measures
Our Security Commitment
We employ industry-leading security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.
6.1 Technical Security
- Encryption:
- TLS 1.3 for data in transit
- AES-256 encryption for data at rest
- End-to-end encryption for sensitive communications
- Access Controls:
- Multi-factor authentication (MFA) required for accounts
- Role-based access control (RBAC) for employees
- Principle of least privilege
- Network Security:
- Firewalls and intrusion detection systems
- DDoS protection
- Regular penetration testing
- Application Security:
- Secure coding practices
- Regular security audits
- Vulnerability scanning
6.2 Organizational Security
- Employee Training: Regular security awareness training
- Background Checks: All employees with data access undergo screening
- Non-Disclosure Agreements: All staff sign confidentiality agreements
- Incident Response Plan: Procedures for handling security breaches
6.3 Third-Party Security
- Vendor security assessments
- Data processing agreements
- Regular compliance audits
- SOC 2 Type II certification for critical vendors
6.4 Your Security Responsibilities
You play a crucial role in security:
- Use strong, unique passwords
- Enable multi-factor authentication
- Keep login credentials confidential
- Log out from shared devices
- Report suspicious activity immediately
- Keep contact information up to date
Data Breach Notification
In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours via email and dashboard notification, as required by law.
7. Cookies and Tracking Technologies
7.1 What Are Cookies?
Cookies are small text files placed on your device that help us provide and improve our services. We use the following types of cookies:
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Required for platform functionality, login sessions, security |
Session or up to 1 year |
| Performance Cookies |
Analyze usage, identify errors, improve performance |
Up to 2 years |
| Functional Cookies |
Remember preferences, personalize experience |
Up to 1 year |
| Marketing Cookies |
Track ad effectiveness, personalize marketing (opt-out available) |
Up to 1 year |
7.2 Other Tracking Technologies
- Web Beacons: Track email opens and page views
- Local Storage: Store preferences and session data
- Device Fingerprinting: Fraud detection and security
- Analytics SDKs: Mobile app usage tracking
7.3 Managing Cookies
You can control cookies through:
- Browser Settings: Most browsers allow you to refuse or delete cookies
- Cookie Consent Tool: Manage preferences via our cookie banner
- Opt-Out Links: Third-party analytics and advertising opt-outs
Note on Essential Cookies
Disabling essential cookies may prevent you from using certain features of the GTG platform, including logging in and making transactions.
7.4 Third-Party Cookies
We use services that may set their own cookies:
- Google Analytics (analytics)
- Stripe (payment processing)
- Intercom (customer support chat)
- Facebook Pixel (advertising, if opted in)
8. Your Privacy Rights
Your Rights Under Privacy Laws
Depending on your location, you may have the following rights regarding your personal information:
- Right to Access: Request a copy of your personal information
- Right to Correction: Request correction of inaccurate information
- Right to Deletion: Request deletion of your information (subject to legal retention requirements)
- Right to Portability: Receive your data in a machine-readable format
- Right to Restriction: Request limitation on how we process your data
- Right to Object: Object to processing based on legitimate interests
- Right to Opt-Out: Opt out of marketing communications
- Right to Withdraw Consent: Withdraw consent for optional processing
- Right to Lodge Complaint: File complaint with a data protection authority
8.1 How to Exercise Your Rights
To exercise any of these rights, you may:
- Email: privacy@globaltrustgold.com
- Use the Privacy Request form in your account dashboard
- Mail a written request to our address (see Contact section)
8.2 Response Timeframe
We will respond to your request within:
- GDPR (EU): 30 days
- CCPA (California): 45 days
- Other jurisdictions: 30-60 days
8.3 Identity Verification
To protect your privacy, we will verify your identity before fulfilling requests. This may require:
- Confirmation of email address
- Answering security questions
- Providing government-issued ID
8.4 Limitations on Rights
We may deny requests if:
- Required to retain data by law (e.g., financial records for 7 years)
- Needed to complete transactions you initiated
- Necessary to detect or prevent fraud
- Required for legal defense or compliance
8.5 Marketing Opt-Out
To opt out of marketing communications:
- Click "Unsubscribe" in any marketing email
- Adjust preferences in your account settings
- Email privacy@globaltrustgold.com
Note: You will still receive transactional emails (receipts, account notifications, etc.)
9. Children's Privacy
9.1 Age Requirement
GTG services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.
9.2 Parental Notice
If we learn that we have collected personal information from a child under 18, we will:
- Delete the information immediately
- Terminate the associated account
- Notify the parent or guardian if contact information is available
9.3 Reporting
If you believe a child under 18 has provided information to GTG, please contact us immediately at privacy@globaltrustgold.com.
10. International Data Transfers
10.1 Cross-Border Transfers
GTG operates globally and may transfer your information to countries other than your own. These countries may have different data protection laws.
10.2 Transfer Safeguards
When transferring data internationally, we use:
- Standard Contractual Clauses (SCCs): EU-approved contracts for data protection
- Adequacy Decisions: Transfer to countries deemed adequate by the EU Commission
- Binding Corporate Rules: Internal policies for data transfers within our corporate group
- Your Consent: Where required by law
10.3 EU-US and Swiss-US Privacy Shield
While Privacy Shield has been invalidated, we continue to apply its principles and rely on SCCs for EU and Swiss data transfers.
10.4 UK Transfers
For transfers from the UK, we comply with UK GDPR and use UK-approved transfer mechanisms.
11. Changes to This Privacy Policy
11.1 Updates
We may update this Privacy Policy from time to time to reflect:
- Changes in our services
- New legal requirements
- Industry best practices
- User feedback
11.2 Notification of Changes
For material changes, we will notify you via:
- Email to your registered address (30 days before effective date)
- Prominent notice on our website
- Dashboard notification when you log in
11.3 Effective Date
Changes become effective on the date specified in the notice. Your continued use of GTG services after the effective date constitutes acceptance of the updated Privacy Policy.
11.4 Previous Versions
You may request previous versions of this Privacy Policy by contacting privacy@globaltrustgold.com.