Privacy Policy

Last updated: April 23, 2026

1. Information We Collect

When you use GeoMine, we collect the following types of information:

• Account Information: Email address, display name, and hashed password when you create an account.
• Location Data: GPS coordinates when you use the mining feature. We only collect location data while you have an active mining session.
• Device Information: Device type, operating system, app version, and device identifiers for anti-cheat verification.
• Transaction Data: Mining session history, GM Point balances, and gift card redemption records within the app.
• Usage Data: App interactions, feature usage, crash reports, and performance metrics.
• Identity & Redemption Data: For gift card redemptions we collect your verified email address. We use it solely to deliver the gift card code to you and to surface the redemption to our internal fulfillment team. We track lifetime redemption totals (in USD, per rolling 365-day window) so we can enforce the $599/year per-user cap that keeps redemptions below the IRS 1099-MISC threshold.
• Business Claim Data: If you submit a business claim, we collect the proof of ownership you provide (e.g., utility bill, license, verified business email). Documents are stored encrypted and deleted 90 days after the claim is resolved.

2. How We Use Your Information

We use the collected information for the following purposes:

• To operate and maintain the GeoMine platform and its features.
• To verify your physical presence at business locations (mining verification).
• To detect and prevent fraud, including GPS spoofing and mock locations.
• To calculate and credit mining rewards to your wallet.
• To provide business analytics to participating businesses (aggregated, anonymized data only).
• To improve our services and develop new features.
• To send you important service updates and security alerts.

3. Location Data

GeoMine requires location access to verify your presence at participating businesses. Important details about our location practices:

• Location is only collected during active mining sessions — never in the background.
• We do not track your location when you are not actively mining.
• Location data is used solely for geofence verification and anti-cheat purposes.
• Business owners receive anonymized, aggregated visitor data — they cannot see individual user locations.

4. Data Sharing

We do not sell your personal information. We may share data in the following circumstances:

• Business Partners: Aggregated, anonymized analytics (visitor counts, session durations). No personally identifiable information is shared.
• Service Providers: We use trusted third parties for hosting (infrastructure), payment processing (Stripe), transactional email (Resend), and error tracking (Sentry). Each receives only the minimum data needed to perform its function.
• Gift Card Issuers: When you redeem GM Points, we may share your verified email with the gift card issuer (e.g., Amazon, Walmart, Target) to deliver the redemption code.
• Legal Requirements: When required by law, such as in response to a valid subpoena or court order.

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, bcrypt password hashing (12 rounds), and JWT-based authentication. We conduct regular security audits and vulnerability assessments.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access and download your personal data.
• Request correction of inaccurate data.
• Request deletion of your account and associated data.
• Opt out of non-essential data collection.
• Withdraw consent for location tracking (note: this will disable mining features).

7. Data Retention

We retain your account data as long as your account is active. Mining session data is retained indefinitely for blockchain verification purposes. If you delete your account, we will remove your personal information within 30 days, except where retention is required by law.

8. Children's Privacy

GeoMine is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If we discover that a minor has created an account, we will promptly delete it and any associated data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of GeoMine after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or requests, contact us at privacy@geocoinminer.app.