Government e Marketplace (GeM)

Privacy Policy

  1. This privacy policy, applicable for the GeM is an electronic agreement formed under the Information Technology Act, 2000, and the rules made thereunder (as amended to date). This privacy policy is a legally binding document between the user and GeM. The terms of this privacy statement will take effect upon your use of the website and will govern the user's relationship with the GeM for all uses of the GeM website or portal. By using the GeM website or portal it is implied that the content of this privacy policy has been read carefully and accepted unconditionally by the users or else no one is allowed to use this GeM website or portal at all.
  2. This Privacy Policy prescribes that:
    • The terms "we," "us," and "our" individually and collectively refer to each entity that is part of the definition of GeM, and the terms "you," "your," and "yourself" refer to the users (including but not limited to Sellers as well as Buyers).
    • By providing us your information or by making use of the facilities provided by the GeM website or portal, you hereby grant explicit and unequivocal consent to the collection, storage, processing, and transfer of any and all of your personal information and non-personal information by GeM as specified under this privacy policy. You further agree that such collection, use, storage, and transfer of your information shall not cause any loss or wrongful gain to you or any other person.
    • This Privacy Policy is a contract between you and the respective GeM entity. This privacy policy shall be read together with the terms and conditions of the respective GeM entity.
    • Information collected and storage of such information: The information (which shall also include data) provided by you to GeM or collected from you by GeM may consist of "personal information" and "non-personal information."
      • Personal information is information gathered that can be used to uniquely identify or contact you. The GeM portal and apps based on this portal do not automatically capture any specific personal information from you without your consent unless you yourself provide such information during your activities on GeM. We do not sell any personally identifiable information volunteered on the GeM to any third party (public or private).
      • Non-Personal Information: GeM may also collect information other than personal information about you through the website or app when you visit and/or use it. Such information may be stored in server logs. This non-personal information would not assist GeM in identifying you personally. We gather certain information about the user, such as internet protocol (IP) addresses, domain names, browser types, operating systems, the date and time of the visit, and the pages visited. We make no attempt to link these addresses to the identities of people who visit our site unless a malicious attempt to harm the site is detected or the department requires such information for any specific queries.
    • You hereby accept and represent to GeM that:
      • The information you provide to GeM from time to time is and shall be authentic, correct, current, and updated, and you have all the rights, permissions, and consents as may be required to provide such information to GeM.
      • You’re providing the information to GeM and GeM 's consequent storage, collection, usage, transfer, access, or processing of the same shall not be in violation of any third-party agreement, law, charter document, judgement, order, or decree.
      • GeM and each of GeM 's entities shall not be responsible for the authenticity of the information that you or any other user provide to GeM. You shall indemnify and hold harmless GeM and each of its entities, and any third party relying on the information provided by you, in the event you are in breach of this privacy policy, including this provision and the immediately preceding provision above and hereinafter.
      • Your information will primarily be stored in electronic form, although certain data can also be stored in physical form. We may store, collect, process, and use your data in countries other than the Republic of India, but only in compliance with applicable laws. We may enter into agreements with third parties (in or outside of India) to store or process your information or data. These third parties may have their own security standards to safeguard your information or data, for which GeM undertakes no responsibility whatsoever.
      • When you use the Website and/or the Services you specifically undertake not to host, display, upload, modify, publish, transmit, update, or share any information or Content that:
        • Belongs to another person and to which you do not have any right to
        • Is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, pedophilic, libelous, invasive of another's privacy, hateful, or racially or ethnically objectionable, disparaging, relating to or encouraging money laundering or gambling, or otherwise unlawful in any manner whatsoever.
        • Harms minors in any way.
        • Impersonate any person or entity, or falsely state or otherwise misrepresent your affiliation with a person or entity.
        • Threatens the unity, integrity, defense, security, or sovereignty of India, friendly relations with foreign states, or public order, or causes incitement to the commission of any cognizable offense, prevents investigation of any offense, or is insulting to any other nation.
        • Infringes any patent, trademark, copyright, or other proprietary rights.
        • contain software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer resource.
        • Deceives or misleads the addressee about the origin of such messages or communicates any information that is grossly offensive or menacing in nature.
        • Engage in any activity that interferes with or disrupts access to the website or the services (or the servers and networks that are connected to the website).
        • Attempt to gain unauthorized access to any portion or feature of the website, any other systems or networks connected to the website, any GeM server, or any of the services offered on or through the website, by hacking, password mining, or any other illegitimate means.
        • Neither probe, scan, or test the vulnerability of the website or any network connected to the website, nor breach the security or authentication measures on the website or any network connected to the website. You may not reverse look-up, trace, or seek to trace any information on any other user of the website to its source.
        • Disrupt or interfere with the security of, or otherwise cause harm to, the website, systems resources, accounts, passwords, servers, or networks connected to or accessible through the website, or any affiliated or linked sites.
        • Use the website or content for any purpose that is unlawful or prohibited by the agreement, or to solicit the performance of any illegal activity or other activity that infringes the rights of GeM or other third parties.
        • Falsify or delete any author attributions, legal or other proper notices, or proprietary designations or labels of the origin or source of software or other material contained in a file that is uploaded.
        • Violate any applicable laws or regulations for the time being in force within or outside India.
  3. Purpose for collecting, using, storing, and processing Your Information: GeM collects, uses, stores, and processes your information for any purpose as may be permissible under applicable laws (including where the applicable law provides for such collection, usage, storage, or processing with the consent of the user) connected with any function or activity of each of GeM entities. You hereby agree and acknowledge that the information so collected is for a lawful purpose connected with a function or activity of each of the GeM entities or any person on their behalf, and the collection of information is necessary for the purposes.
  4. Sharing and disclosure of Your Information: You hereby unconditionally agree and permit that GeM may transfer, share, disclose, or otherwise deal with all or any of Your Information, within and outside of the Republic of India, to various GeM entities and to banks and financial institutions for one or more of the purposes listed above or as may be required by applicable law. You further unconditionally agree and permit GeM to share statistical data and other details (other than your personal information) to facilitate various programmes or initiatives launched by GeM, the Government of India, its affiliates, and state governments from time to time. You explicitly permit GeM to also share personal information if GeM believes it is necessary to investigate, prevent, or act regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of various terms and conditions or our policies. We reserve the right to disclose your information when required to do so by law or regulation, under any legal obligation or order under law, in response to a request from a law enforcement or governmental agency, judicial, quasi-judicial, or any other statutory or constitutional authority, to establish or exercise our legal rights, or to defend against legal claims. You also agree that such disclosure, sharing, and transfer of Your personal and non-personal information will not result in any wrongful loss to you or any third party, or any wrongful gain to us or any third party.
  5. Links to third-party websites:Links to third-party websites or any third-party electronic communication service may be provided on the Website. These websites are operated by third parties and are not controlled by, affiliated with, or associated with GeM unless expressly specified on the Website. GeM is not responsible for any form of transmission, whatsoever, received by you from any third-party website. Accordingly, GeM does not make any representations concerning the privacy practices or policies of such third parties or the terms of use of such third-party websites, nor does it control or guarantee the accuracy, integrity, or quality of the information or data available on such third-party websites. The inclusion or exclusion does not imply any endorsement by GeM of the thirdparty websites, the website’s provider, or the information on the website. The information provided by you to such third-party websites shall be governed in accordance with the privacy policies of such third-party websites, and it is recommended that you review the privacy policies of such third-party websites prior to using such websites.
  6. Security & Retention: The security of your personal information is important to us. GeM works hard to protect Your personal information and keep it safe from unauthorized access, alteration, disclosure, or destruction. For this purpose, GeM adopts internal reviews of the data collection, storage, and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where GeM stores your personal information. Each of the GeM entities shall adopt reasonable security practices and procedures as mandated under applicable laws for the protection of your information. Provided, however, that Your right to seek damages is limited to statutory damages under the Information Technology Act of 2000, and You hereby waive and release all GeM entities from any claim of damages under contract. If you choose a payment gateway to complete any transaction on the Website, then your credit card data may be stored in compliance with industry standards or a recommended data security standard for the security of financial information, such as the Payment Card Industry Data Security Standard (PCI-DSS). GeM may share your information with third parties in accordance with a confidentiality agreement that, among other things, prohibits such third parties from disclosing the information further unless necessary for the purpose. However, GeM is not responsible for any breach of security or for any actions of any third parties that receive your personal information. GeM is not liable for any loss or injury caused to you because of your providing your personal information to a third party (including any third-party websites, even if links to such third-party websites are provided on the Website). Notwithstanding anything contained in this policy or elsewhere, GeM shall not be held responsible for any loss, damage, or misuse of your personal information if such loss, damage, or misuse is attributable to a force majeure event. A "force majeure event" shall mean any event that is beyond the reasonable control of GeM and shall include, without limitation, sabotage, fire, flood, explosion, acts of God, civil commotion, strikes, or industrial action of any kind, riots, insurrections, wars, acts of government, computer hacking, unauthorized access to computers, computer systems, or computer networks, computer crashes, breaches of security and encryption (provided beyond the reasonable control of GeM), power or electricity failure or unavailability of adequate power or electricity, and failure or unavailability of adequate power or electricity while GeM entity will make every effort to keep any personal information GeM entity hold about you secure and prevent unauthorized access, you acknowledge that the internet or computer networks are not completely secure and that We cannot provide any absolute assurance regarding the security of Your personal information. You agree that all personal information shall be retained till such time as is required for the purpose or as is required under applicable law, whichever is later. Non-personal information will be retained indefinitely.
  7. User discretion and opting out: You agree and acknowledge that you are providing your information out of your own free will. You have the option not to provide or permit GeM to collect your personal information. In such a case, you should neither visit any website nor use any service being provided by GeM. Also, you should not contact GeM entity, whatsoever. You can add or update your personal information on a regular basis. Kindly note that GeM will retain your previous personal information in its records.
  8. GeM Help Desk/Call Centre: If you find any discrepancies or have any grievances in relation to the collection, storage, use, disclosure, and transfer of Your Personal Information under this Privacy Policy or any other terms and conditions or policies of any GeM entity, please contact the GeM Help Desk/Call Centre or GeM entity as per details provided on the GeM website.
  9. GeM has provided this Privacy Policy to familiarize You with
    • The types of data or information that you share with or provide to GeM, as well as the data or information that GeM collects from you.
    • The reason for collecting such data or information from you:
    • Gems’ information and security practices and policies; and
    • Gems policy on sharing or transferring your data or information with third parties
  10. In cases of registration of the primary user or buyer and creation of secondary user(s) by the former, the Aadhar (UID) details collected by GeM are solely for user verification and to apply e-signatures on the documents. The e-sign is on par with digital signatures as per the Information Technology Act Amendment 2008, and it works based on details available in the Aadhar database of UIDAI. There is no interference or intrusion in their personal details.
  11. This privacy statement may be amended or updated from time to time; we will indicate the date of any such amendment, which you should review on a regular basis to stay up to date on any changes. Your continued use of the website or provision of data or information thereafter will imply your unconditional acceptance of such updates to this privacy policy.
  12. The GeM Authenticator Mobile Application is used for secure user authentication (MFA) on the GeM platform and generates time-based one-time passwords (OTP). No sensitive personal or financial data is stored or shared with third parties; all data is securely encrypted and stored on the device. The application complies with Indian government security standards and is intended for secure use within the GeM ecosystem.