Privacy Policy.

1 · Who we are

"Gold.Kiosk" refers to AI Kiosk International Inc., a Delaware corporation headquartered at 8 The Green, STE B, Dover, Delaware 19901, USA, with operational entities in the United Arab Emirates (Dubai) and India (Bengaluru). The entity that acts as your data controller depends on where you transact — the kiosk you use will display this at the start of every session.

2 · What we collect

We collect four categories of data. We do not collect anything else.

• Identity data — the information on your government-issued ID (name, date of birth, nationality, document number, expiry), captured from the MRZ and NFC chip.
• Biometric artifacts — a liveness video (≤4 seconds) and a face-match score comparing the liveness capture to your ID photo. Raw biometric templates are never exported from the kiosk.
• Transaction data — item mass, declared category, XRF spectrum, valuation, offered price, payout destination, and timestamp.
• Technical data — IP address, browser identifiers, and interaction telemetry on goldkiosk.com and the operator console.

3 · Why we collect it

We collect identity and biometric data to satisfy anti-money-laundering and counter-terrorist-financing law in every market we operate in. We collect transaction data to execute, settle, and audit the trade you asked us to make. We collect technical data to operate this website and our partner console safely.

We do not sell data. We do not share data with advertisers. We do not profile you to market other products. This is a regulated-fintech product, not an ad-supported consumer app.

4 · Data from the kiosk itself

When you use a Gold.Kiosk machine:

• We do not store the raw video of your face after the liveness score is computed — the artifact is deleted from the kiosk within 24 hours of payout.
• We do store the XRF spectrum of the item you traded, for seven years, as required by precious-metals regulators.
• We do not store your fingerprints, palm prints, iris, or any biometric beyond the one-shot liveness capture described above.
• The camera records only while a session is active. No bystander imagery leaves the device.

5 · Who we share data with

We share your data only with the following categories of recipient, and only to the minimum extent each requires:

• Your partner institution (if you transacted at a bank, jewelry chain, or host-retail kiosk): the minimum data they need to reconcile the transaction on their side — never your biometric artifacts.
• Refineries that take physical delivery of the metal: item ID, mass, and purity. Never your identity.
• Regulators, when legally obligated to file a report. We document every such disclosure.
• Payment rails (banks, card networks) to execute payout.
• Sub-processors listed at gold.kiosk/subprocessors. Each is bound by a written data-processing agreement.

6 · How long we keep data

Retention is bounded by regulation and deleted thereafter:

• Transaction ledger — 7 years from the transaction.
• KYC documents — 5 years from your last interaction with us.
• XRF spectra — 7 years.
• Biometric liveness artifacts — 24 hours after payout.
• Website analytics — 90 days.

You can ask us to delete data earlier if no retention obligation applies. See section 7.

7 · Your rights

Under GDPR, UAE PDPL, India's DPDP Act, and the equivalent laws of every market we operate in, you have the right to:

• Access the personal data we hold about you.
• Rectify data that is inaccurate or incomplete.
• Erase data where we have no lawful basis to keep it.
• Restrict processing while a complaint is investigated.
• Portability — receive your data in a machine-readable form.
• Object to processing based on legitimate interest.
• Complain to the data-protection authority in your jurisdiction (a list is maintained at gold.kiosk/dpa).

Exercise any of these by emailing contactus@goldkiosk.com. We respond within 30 days and do not charge a fee.

8 · International transfers

Personal data lives in the regional plane of the jurisdiction where you transact — see Data residency for detail. When data must cross a border (e.g. operator support), we rely on Standard Contractual Clauses, EU Standard Contractual Clauses, and the applicable UAE and India cross-border transfer frameworks. We never transfer KYC or biometric data out of its originating region.

9 · Cookies & site analytics

On goldkiosk.com we use a single first-party analytics tool (Plausible, self-hosted) that does not set cookies or collect any personally identifiable data. We do not use third-party advertising trackers. A session cookie is set only if you log into the partner console, and is deleted on logout.

10 · Security

Security controls are described in detail on our Security page. In summary: SOC 2 Type II, ISO 27001, mTLS + certificate pinning on every device, AWS KMS CMKs for at-rest encryption, tenant isolation, and a 15-minute P1 incident-response SLA.

11 · Children

Gold.Kiosk is a regulated financial product. Every transaction requires a valid government-issued ID. The service is not directed at anyone under 18, and we do not knowingly collect data from minors. A kiosk will refuse to transact if the presented ID indicates an underage holder.

12 · Changes to this policy

We version this document. Material changes are announced at least 30 days in advance via email to registered customers and an in-kiosk notice. Prior versions are archived at gold.kiosk/legal/privacy/archive.

13 · Contact us

For anything privacy-related, write to our Data Protection Officer at contactus@goldkiosk.com, or by post to AI Kiosk International Inc., Attn. DPO, 8 The Green, STE B, Dover, Delaware 19901, USA. PGP key fingerprint is available on the Security page.