AMLHUB Privacy Policy

1. Introduction

AMLHUB Australia Pty Ltd (we, us, our) complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles when handling “personal information” (information or an opinion about an identified or reasonably identifiable individual). Nothing in this policy limits any rights you may have under the Privacy Act, the Spam Act 2003 or other Australian laws.

2. Changes to this Policy

We may update this policy by posting a revised version on our website (www.amlhub.com.au). Changes apply from the date of publication.

3. When does this policy apply?

This policy applies to:

• visitors to amlhub.com.au or any AMLHUB‑branded site;
• Australian customers, prospects and suppliers who deal with us directly; and
• anyone whose details appear in our sales, support or marketing systems.

AMLHUB’s platform also hosts “User Data” uploaded by, or on behalf of our regulated customers (e.g., their clients’ identity records). For User Data we act solely as a data processor under our customer contracts. Your dealings with the relevant customer’s privacy notice —not this one— govern that processing. If we receive a request about User Data, we’ll pass it to the customer unless required by law to act ourselves.

4. What personal information do we collect?

5. Why we collect and use personal information

We may use your personal information to:

• provide and improve the AMLHUB platform and related services;
• set up, secure and administer accounts;
• answer enquiries or support tickets;
• send service announcements or legal notices;
• market our products and services (see Section 6);
• conduct anonymised research and statistics;
• detect, investigate or prevent fraud, money‑laundering or security incidents;
• comply with legal obligations (e.g., AML/CTF record‑keeping) or respond to lawful requests; or

• any other purpose you authorise.

We do not use User Data for our own marketing or analytics.

6. Direct marketing & cookies

We email or message Australian business contacts only where we have at least inferred or, preferably, express consent. We identify ourselves clearly, and we provide an easy one‑click unsubscribe, in line with the Spam Act 2003. If you no longer wish to receive marketing, use the unsubscribe link or email privacy@amlhub.com.au. 

Our websites use first‑ and third‑party cookies (HubSpot, Google Analytics) to understand traffic and improve the user experience. See the Cookie Policy at the end of this page for opt‑out options.

7. Disclosing personal information

We may disclose personal information to:

• other AMLHUB group companies;
• trusted service providers and sub‑processors that support our platform, CRM, email and analytics;
• professional advisers, auditors and insurers;
• law‑enforcement or regulators where required; or
• anyone else with your consent or as allowed by law.

We never sell personal information.

8. Overseas disclosures (APP 8)

Primary production data for Australian customers is hosted in Google Cloud’s Australia region. Some support and SaaS tools are located in the United States, European Union and New Zealand. Where we transfer data overseas we:

• enter into written agreements that require the recipient to protect the information in accordance with, or to a standard comparable to, the APPs (APP 8.2(b)); or
• ensure another permitted safeguard applies (e.g., the recipient is subject to a law that provides substantially similar protection).
  

9. Storage & security (APP 11)

We maintain ISO 27001‑aligned technical and organisational measures, including:

• encryption in transit and at rest;
• role‑based access controls and MFA;
• continuous vulnerability management and logging;
• regular penetration testing and vendor risk assessments.

10. Retention

We keep personal information only for as long as needed:

• to achieve the purpose for which it was collected; or
• where our customer’s AML/CTF obligations or other laws require longer retention.

When no longer required, data is securely deleted or anonymised.

11. Your rights (APP 12 & 13)

You have the right to:

• access the personal information we hold about you;
• request correction if you believe it is inaccurate;
• withdraw consent (where processing is based on consent); and
• opt‑out of marketing at any time.

Email privacy@amlhub.com.au with sufficient detail for us to confirm your identity and process the request. We will respond within a reasonable time, usually 30 days.  Where your request pertains to User Data, we will forward your request to our customer who is the data controller for your data.

Under APP 2 you may deal with us anonymously or under a pseudonym where lawful and practical (e.g., browsing our public website).

12. Notifiable Data Breaches

If we become aware of an eligible data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme. 

13. Complaints & escalation

1. Step 1 – Contact us: Email privacy@amlhub.com.au or raise a ticket in the AMLHUB support portal.
2. Step 2 – Internal review: If you are not satisfied, ask for your complaint to be escalated to the Chief Privacy Officer.
3. Step 3 – OAIC: If our response does not resolve your concern, you may complain to the OAIC (www.oaic.gov.au, 1300 363 992).
   

14. Trans‑Tasman note

AMLHUB Limited (New Zealand) remains subject to the Privacy Act 2020 (NZ) for any personal information it handles in New Zealand. Cross‑border flows between AMLHUB Pty Ltd and AMLHUB Limited follow contract terms that ensure protections broadly consistent with both the NZ Privacy Act and the APPs.

15. Contact details

• AMLHUB Australia Pty Ltd
• ABN: 27 679 005 915
• Registered office: Level 1, 35 Cotham Road, Kew, 3101
• Email: privacy@amlhub.com.au
  
  

Cookie Policy (summary)

• Strictly necessary cookies – required for site functionality.
• Performance cookies – help us improve the site; collected via Google Analytics.
• Functionality cookies – remember settings such as language or font size.

You can disable cookies via your browser settings, but parts of our site or platform may not work properly.

Need more information?

Please email privacy@amlhub.com.au and we’ll be happy to explain any aspect of this policy in more detail.