RAPAPORT PRIVACY POLICY
Last Updated March 15, 2026
1 Overview
1.1 The Rapaport Group of Companies (any company owned at least 51% by Martin Rapaport or any trust settled by Martin Rapaport, and its subsidiaries and affiliates) (“Rapaport” or “we”) offers services to the international diamond, gem and jewelry industry, including information, pricing, trading, auction, laboratory and grading services (“Services”).
In order to operate the Services and to comply with United States and other laws and regulations, including sanctions and anti-money laundering requirements and applicable privacy laws (including the USA Patriot Act, OFAC, GDPR, UK GDPR, CCPA/CPRA and other state privacy laws where applicable),
Rapaport may ask you to provide us with company, personal, credit card, and/or bank account details. This Privacy Policy applies to all Rapaport websites, apps and Services and describes the information we collect and how we use that information.
Rapaport or the relevant Rapaport entity providing the Services will be the controller of your personal data provided, collected, or processed in connection with our Services. Certain Rapaport affiliates may process personal data on our behalf as service providers (data processors), unless otherwise stated. Where an affiliate determines the purposes and means of processing, it may act as an independent controller in accordance with applicable law.
1.2 Rapaport takes the privacy of your personal information very seriously and will use your information only in accordance with the terms of this Privacy Policy.
We will not sell your personally identifiable information.
There are limited circumstances in which some of your information will be shared with third parties as described below.
California notice: Under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), certain disclosures may be considered “sharing” (for cross-context behavioral advertising). If applicable, you may opt-out as described below.
1.3 This Privacy Policy applies to Rapaport clients who use the Services and, where applicable, to non-clients (visitors) who view and interact with content and data on some of our websites, apps or Services. By using our websites, apps or Services, you acknowledge that you have read and understood this Privacy Policy. the provisions of this Privacy Policy. By applying for any of the Services, you expressly consent to our use and disclosure of your personal information in the manner described in this Privacy Policy. This Privacy Policy forms a part of and is incorporated into the terms of the relevant Agreement between you and Rapaport governing the provision of the Services.
1.4 Rapaport will hold and transmit your personal information in a safe, confidential and secure environment in accordance with applicable laws and regulations. If you object to processing of your personal information as described in this Privacy Policy, please do not register, subscribe for, or use the Services.
2 Notification of Changes
2.1 This policy may be revised over time as new features are added to the Services or as we incorporate suggestions from our customers. If we make a material change to how we use or disclose personal information, we will provide appropriate notice and obtain your consent where required by applicable law. Any material changes will be effective 30 days after we post an amended Privacy Policy.
2.2 We will post the amended Privacy Policy on our websites and apps so that you can always review what information we gather, how we might use that information, and whether we will disclose it to anyone. Please check this website at any time for the most current version of our Privacy Policy.
2.3 Our Services may include links to third party websites. These sites are governed by their own privacy statements, and Rapaport is not responsible for their operations, including but not limited to their information practices. By submitting your information to or through these third-party websites you should review the privacy statement of these sites before providing them with personally identifiable information.
3 WHAT DATA WE COLLECT
3.1 Required Information
To subscribe or use the Services, you must provide personal and company details, address, phone number, and e-mail address. To trade through our Trading Division or RapNet trading systems, you may be required to provide trade references, credit card, debit card or bank account information. This information is necessary for us to approve your membership and to process transactions or to contact you should the need arise in administering your membership.
If you choose to register or apply for certain optional/additional features, products or Services offered through Rapaport, you may be required to provide additional information to establish that you qualify for such features or products.
3.2 Use of Services Information
We log all usage data including chats and communications when you visit or otherwise use our Services, including our sites, app and platform technology , such as when you view or click on content (e.g., news article) or ads (on or off our sites and apps), perform a search, install or update one of our mobile apps, share articles or list diamonds. We use logins, cookies, device information, location and internet protocol (“IP”) addresses to identify you and log your use. Search activity may be used to generate demand signals and trading opportunities for other Rapaport customers and may involve analytics or profiling techniques, subject to user preferences and applicable law.
3.3 Transaction Information
When you list an item for sale (for example, a diamond), purchase or sell an item, or use any of the Services in any way, we record all information related to each transaction.
3.4 Information About You from Third Parties
In order to protect us and our customers against potential fraud or in order to perform compliance obligations, we may verify with third parties the information you provide.
In the course of such verification, we receive personally identifiable information about you from such services. This may include background and credit checks from a credit bureau or a business information service, as well as sanctions screening (including OFAC) and other lawful checks.
Rapaport, at its sole discretion, also reserves the right periodically to retrieve and review a business and / or consumer credit report for any account, and reserves the right to close an account based on information obtained during this credit review process or where permitted by applicable law.
3.5 Additional Verification
If we cannot verify the information that you provide, we may ask you to send us additional information (such as your drivers’ license, credit card statement, and/or a recent utility bill or other information linking you to the applicable address), or to answer additional questions.
3.6 Website Traffic Information
We automatically receive the web address of the site that you came from or are going to. We also collect information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our Services from a mobile device, that device will send us data about your location based on your phone settings. We record which pages of our website you visit and what links or buttons you click on.
Session replay / interaction data: We may collect interaction data (such as mouse movements, scrolling behavior, and user input patterns) for security, fraud prevention, analytics, and user-experience improvement purposes. We do not use session replay tools to intentionally capture passwords, payment card details, or security codes, and we take reasonable steps to mask or exclude sensitive fields. Where required by law, we will provide notice and obtain consent before using such technologies.
We use this information for analytical purposes and to understand our customers’ preferences and usage patterns, in order to improve our Service and your experience with Rapaport. Where permitted by law, we may also use and share aggregated or user-level search activity with selected suppliers to facilitate relevant business opportunities and improve trading efficiency. You may opt out of this use at any time through your account settings or by contacting us by sending an e-mail to privacy@rapaport.com.
3.7 Rapaport Inbox and messages
Messages sent to you and from you through any inbox, message center, chat or other Rapaport communication tools are kept and maintained by Rapaport.
3.8 Our Use of “Cookies”, Web Beacons and Similar Technology
We use cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to recognize you and/or your device(s) on, off and across different Services, websites and apps.
You can set your web browser to warn you about attempts to place cookies on your computer, limit the type of cookies you allow or refuse cookies altogether; however, you may not be able to use some or all of the features of the Services if you refuse/disable cookies. A more detailed explanation of different types of cookies and our use of such cookies is set out at the end of this Privacy Policy.
Cookie categories: We may use (a) strictly necessary cookies (required to operate the Services), (b) analytics cookies, (c) functional cookies, and (d) advertising/marketing cookies.
Consent and preferences: Where required by law, we will request your consent before placing non-essential cookies or similar technologies on your device. You may withdraw or change your cookie preferences at any time through our cookie settings tool (if available) or your browser settings.
Manage your cookie preferences through our cookie banner, our Cookie Preference Center (where available), or through your browser settings.
3.9 Customer Service Correspondence
We may retain any correspondence you send us and our replies to you. Such information is often placed in the records of your account. We may also record phone calls to or from our various offices. We retain these records in order to measure and improve our customer service, maintain a history of your relationship with us and to investigate potential fraud and violations of our Agreement.
3.10 Questionnaires, Surveys and Profile Data
From time to time, we offer optional questionnaires and surveys to our clients for such purposes as collecting demographic information or assessing clients’ interests and needs. The use of the information collected will be explained in detail in the survey itself. If we collect personally identifiable information from our clients in these questionnaires and surveys, the clients will be given notice of how the information will be used prior to their participation in the survey or questionnaire.
3.11 Sensitive Personal Information
We do not collect sensitive personal information (e.g., racial/ethnic origin, biometrics, precise geolocation) except government-issued identification numbers where required for sanctions screening, identity verification, or AML compliance. California residents may request to limit use of sensitive data via privacy@rapaport.com.
4 HOW WE USE YOUR DATA
4.1 Internal Uses
We collect, store and process your personal information on servers located in the United States and other jurisdictions where we or our service providers operate.
We use the information we collect about you in order 1) to provide our services and process your transactions, 2) to provide customer service, 3) to determine your eligibility to receive special trading privileges or products, 4) to improve our products and services and 5) for the marketing of our Services to you and others.
We process this information given our legitimate interest in providing and improving our Services, and for the adequate performance of our contract with you.
We may also process this information for compliance, fraud prevention, security, and enforcement of our agreements.
Lawful bases (GDPR/UK GDPR): We process personal data based on contract necessity, legitimate interests, legal obligation, and consent where required. We will explain the relevant lawful basis upon request.
4.2 Disclosure to Other Rapaport Customers
If you are a registered Rapaport customer, information in your profile (for example your name, company name, telephone numbers) and other personal information, may be displayed to other Rapaport customers via our Services. Should you be expelled or excluded as a member/customer, your name and member details may be posted online within Rapaport Services or other industry communications. However, your credit card number will NEVER be revealed to anyone other than 3rd party PCI compliant payment processors, except with your express written permission or if we are required to do so pursuant to a subpoena or other legal process. We process this information given our legitimate interest in providing the Services.
4.3 Disclosure to Third Parties Other Than Rapaport Customers
Rapaport will not sell your personally identifiable information. We disclose personal information only in the limited circumstances described below, or with your express permission (or with other Rapaport customers as described above).
We disclose information we collect in response to a law enforcement request, subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action.
We disclose information we collect in circumstances in which Rapaport believes the Services are being used in the commission of a crime; when we have a good faith belief that there is an emergency that poses a threat to the safety or security of you or another person; or when necessary either to protect the rights or property of Rapaport, the Services or our subsidiaries, or affiliates in the Rapaport Group, or for us to render the Services provided.
We disclose information we collect to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
Where permissible according to applicable law, we may use certain limited personal information about you, such as your email address, to hash it and to share it with social media or advertising platforms, such as Facebook or Google, to generate leads, drive traffic to our websites or otherwise promote our Services. These processing activities are based on our legitimate interest in undertaking marketing activities to offer you and others products or services that may be in your or their interest.
Depending on the specific processing activity, advertising and social media platforms with which we may share limited personal data may act as independent controllers or as our service providers (data processors). These platforms operate under their own privacy policies, and we encourage you to review their privacy notices for additional information.
Please note that you may, at any time ask Rapaport to cease processing your data for these direct marketing purposes by sending an e-mail to privacy@rapaport.com.
We share aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our clients have addresses in New York. However, this aggregated information is not tied to personally identifiable information.
We share your information with our parent, subsidiaries, affiliates and joint ventures to help coordinate the Services we provide to you, enforce our terms and conditions, and promote trust and safety.
We share your information with third party companies that perform services on our behalf, including payment and subscription processing, order fulfilment, data analysis, marketing services, e-mail campaigns, hosting services, and customer service. While providing services for us, these companies act as Data Processors and may access your personal information and are required to use it solely as directed by us for the purpose of our requested service.
We may also share your information with third party companies that we partner with to provide certain services to you in connection with the Services. We only share the minimum data needed for Data Processors to perform the services for which they are contracted.
We process this information for the purposes listed in this section given our legitimate interest in undertaking marketing activities or your consent where required by law, to offer you and others our Services. You may opt out of marketing communications by following the unsubscribe instructions in our marketing communications.
Advertising/marketing sharing (where applicable): Where permissible, we may share limited identifiers (such as hashed email) with advertising platforms to promote our Services. Where required, we will provide opt-out rights and honour applicable preference signals.
Where required by applicable law, including ePrivacy and similar regulations, we will obtain your consent before using cookies or similar technologies for advertising purposes or before sending electronic direct marketing communications.
4.4 Our Contacts with Rapaport Customers
We will contact you through email, mobile phone, notices posted on our websites or apps, messages to your Rapaport Inbox, and other ways through our Services, including text messages where permitted by applicable law and with your consent where required, and push notifications. We will send you messages about the availability of our Services, security, or other service-related issues. We also send messages about how to use the Services, network updates, reminders and promotional messages from us. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices, as doing so would prevent us from providing the Services to you. We use your information to contact you given our legitimate interest in providing the Services.
We also enable communications between you and others through our Services, including for example Rapaport Inbox.
We may also send promotional communications.
You may opt-out of marketing communications at any time by following unsubscribe instructions or emailing privacy@rapaport.com.
4.5 Your Use of Information and Our Services
Where applicable, in order to facilitate the transactions between Rapaport clients, our Services may allow you limited access to other clients’ contact or shipping information. In such circumstances, as a member you may have access to the member information, email address or other contact or shipping information of other members. By consenting to the applicable License Agreement, you agree that you will not share Rapaport access logins and you will only use this information for: (a) Rapaport-related communications that are not unsolicited commercial messages, (b) using services offered through Rapaport (e.g. diamond sales, shipping or insurance), and (c) any other purpose that such client expressly agrees to after adequate disclosure of the purpose(s). In all cases, you must provide clients with the opportunity to remove themselves from your database and review any information you have collected about them. In addition, under no circumstances, except as defined in this Section, can you disclose personally identifiable information about another Rapaport client to any third party without our consent and the consent of such other client after adequate disclosure. Note that law enforcement personnel and other rights holders are given different rights with respect to information they access.
4.6 Spam Prohibited
Rapaport does not tolerate spam. You may not add a Rapaport client to your marketing lists (email, phone, physical mail or any other electronic or physical form of communication) without their express consent after adequate disclosure, even if that client has previously made a purchase from you. We strictly enforce our Anti-Spam Policy. To report Rapaport-related spam, please send an email to: privacy@rapaport.com.
4.7 Disclosure of Buying Interest and Search Data
In order to facilitate transactions and improve market efficiency on the RapNet platform, we may process and disclose buying interest data derived from user searches, listings, and platform activity, including search criteria, specifications, and purchase-related intent, to other Rapaport customers, including potential suppliers. Such disclosure may include limited identifying information such as company name and contact details, where permitted by the user. This processing is based on the performance of our contract with you and, where required by applicable law, your consent. You may manage or withdraw such consent through your account settings.
5. YOUR CHOICES & OBLIGATIONS
5.1 Data Retention
We retain personal data as long as necessary for the purposes described in this Privacy Policy, including to provide services, maintain records, comply with legal obligations, resolve disputes, enforce agreements, and prevent fraud.
Retention examples (non-exhaustive):
| Data Category | Typical Retention Period | Reason |
| Account & transaction records | Duration of relationship + 5–10 years | Legal compliance, disputes |
| Payment details | As required for processing/compliance | Fraud prevention |
| Marketing preferences | Until opt-out or deletion | User choice |
| Security logs | 1–2 years | Security needs |
| Correspondence | As needed for service/compliance | Support history |
Where legally required, we will provide more detailed retention schedules upon request.
5.2 Rights to Access and Control Your Personal Data
Any requests relating to the rights described below should be sent to privacy@rapaport.com. We will respond as best possible within the timeframe required by applicable law (for example, up to 45 days under certain U.S. state laws), which may be extended once where permitted by law. We verify identity to protect your personal data. Where permitted by applicable law, you may use an authorized agent to submit a request on your behalf.
Depending on your location, you may have rights to:
- Access your data
- Correct inaccuracies
- Delete data
- Restrict or object to certain processing
- Portability
- Withdraw consent
- Opt-out of targeted advertising / “sharing”
- Limit use of sensitive personal information (where applicable)
- Right to lodge a complaint (GDPR/UK GDPR): You may lodge a complaint with your local supervisory authority.
5.3 Account Closure
We keep some of your data even after you close your account.
If you choose to close your account, your personal data will generally stop being visible to others on our Services within 24 hours. We generally remove diamond information and profiles within 24 hours of account closure, and this information will no longer be visible to clients of the Services.
We retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our License Agreements, or fulfill your request to “unsubscribe” from further messages from us. We will retain de-personalized information after your account has been closed.
Information you have shared with others (e.g., through Inbox, emails, posts etc…) will remain visible after you closed your account or deleted the information from your own profile or mailbox, and we do not control data that other Members copied out of our Services.
We may retain information after account closure where required for legal compliance, fraud prevention, recordkeeping, and enforcement.
5.4 Lawful Bases for Processing
We will only collect and process personal data about you where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the Services you have requested)) and legitimate interests.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your personal data, please contact our Data Protection Officer at: (privacy@rapaport.com).
5.5 California & U.S. State Privacy Rights (Where Applicable)
If you are a resident of California or another U.S. state with a privacy law, you may have the right to:
- Know categories and specific pieces of personal information collected
- Delete personal information
- Correct inaccurate personal information
- Opt-out of sale or sharing of personal information
- Limit use/disclosure of sensitive personal information
- Non-discrimination for exercising rights
| Category | Collected | Disclosed To | Shared (as defined by CPRA) |
| Identifiers (name, email, etc.) | Yes | Service providers, affiliates | Limited (opt-out) |
| Commercial information | Yes | Affiliates | No |
| Financial information | Yes | Payment processors | No |
| Internet/activity data | Yes | Analytics providers | Limited (opt-out) |
| Geolocation (approximate) | Yes | Limited (internal) | No |
Do Not Sell or Share My Personal Information: Email privacy@rapaport.com .
Where required by applicable law, we honor Global Privacy Control (GPC) signals.
6. International Data Transfers
Rapaport may transfer personal data to the United States and other jurisdictions where privacy protections may differ from your location.
Where required by law, we use recognized safeguards for international transfers, such as:
- Standard Contractual Clauses approved by the European Commission
- UK International Data Transfer Addendum and/or UK International Data Transfer Agreement (IDTA), where applicable
- Additional safeguards as needed based on risk assessments
- Other legally recognized mechanisms
7. Automated Decision-Making / Profiling
Some compliance and fraud-prevention checks may involve automated processing (including profiling), such as identity verification, sanctions screening, and creditworthiness checks.
Where applicable law provides, you may have rights to request additional information, contest decisions, or request human review.
8. Children’s Privacy
Rapaport Services are not intended for children. We do not knowingly collect personal information from children under the applicable minimum age (13 in the United States, and 16 in the EEA/UK subject to lower national limits where permitted by law). If you believe a child has provided us with personal data, please contact privacy@rapaport.com and we will take appropriate steps to delete such information.
9. Information Security
9.1 Rapaport is committed to handling your customer information with high standards of information security. We restrict access to your personally identifiable information to employees who need to know that information in order to provide products or services to you. We maintain physical, electronic and procedural safeguards that comply with federal regulations to safeguard your non-public personal information.
9.2 The security of your subscription to any of the Services also relies on your protection of your password. You may not share your password with anyone. Rapaport will never ask you to send your password or other sensitive information to us in an e-mail, though we may ask you to enter this type of information on the website.
9.3 Any e-mail or other communication requesting your password, asking you to provide sensitive account information via email, should be treated as unauthorized and suspicious and should be reported to Rapaport immediately. If you do share your Rapaport password with a third party for any reason, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please contact us immediately on privacy@rapaport.com.
If we become aware of a personal data breach that poses a risk to individuals, we will notify affected individuals and/or regulators as required by law.
Defining Cookies and what we use them for:
Cookies can be used to recognize you when you visit our Services, remember your preferences, and give you a personalized experience. Cookies may also be used for analytics and advertising purposes. Where required, we will request consent for non-essential cookies and allow you to withdraw consent.
| Category | Purpose |
| Strictly Necessary | Operate Services, Authentication |
| Performance/Analytics | Improve site, research |
| Functionality | Preferences, features |
| Advertising | Relevant ads on/off site |
Cookie Preference Center
For more detailed information about the cookies and similar technologies used on our websites, including the providers, purposes, and duration of each cookie, please visit our Cookie Policy / Cookie Preference Center:
Rapaport.com – https://rapaport.com/cookie-policy/
Rapnet – https://www.rapnet.com/terms/cookie-policy/
Rapaportauctions.com – https://rapaportauctions.com/cookie-policy/
This page is dynamically generated and updated automatically to reflect changes in cookies used on our websites. You may also use this page at any time to manage or update your cookie preferences, including opting in or out of non-essential cookies, as required by applicable law.