AMLHUB Privacy Policy

Last updated 26 June 2026

Important notice:

This policy does not apply to you if we are interacting with you on behalf of one of our clients, such as a real estate agency, financial services provider, or other regulated business.

In those circumstances, AMLHUB acts as a service provider to our client. The client’s privacy policy applies to the collection and use of your personal information, and you should contact the client directly with any privacy questions or requests.

AMLHUB collects, processes, stores, and uses your personal information only as necessary to provide contracted anti-money laundering services to our client and to help the client meet its AML/CFT obligations. We do not sell your personal information. We do not use, access, disclose, or share your personal information except as necessary to provide those services, comply with applicable law, and meet AML/CFT requirements.

 

 

1. Introduction

AMLHUB Australia Pty Ltd and its associated entities (we, us, our) comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) when handling “personal information” (information or an opinion about an identified or reasonably identifiable individual). Nothing in this policy limits any rights you may have under the Privacy Act, the Spam Act 2003 or other Australian laws.

2. Changes to this Policy

We may update this policy by posting a revised version on our website (www.amlhub.com.au). Changes apply from the date of publication.


3. When does this policy apply?

This policy applies to:

  • visitors to amlhub.com.au or any AMLHUB‑branded site;
  • Australian customers, prospects and suppliers who deal with us directly; and
  • anyone whose details appear in our sales, support or marketing systems.

AMLHUB’s platform also hosts “User Data” uploaded by, or on behalf of our regulated customers (e.g., their clients’ identity records). For User Data we act solely as a data processor under our customer contracts. Your dealings with the relevant customer’s privacy notice —not this one— govern that processing. If we receive a request about User Data, we’ll pass it to the customer unless required by law to act ourselves.


4. What personal information do we collect?

Source

Typical Data Items (may vary)

Directly from you (forms, calls, events, demos)

Name, job title, employer, email, phone, billing details, any other information you choose to share

Automatically (cookies, analytics, log files)

IP address, device type, browser, time on page, pages visited, links clicked



5. Why we collect and use personal information

We may use your personal information to:

  • provide and improve the AMLHUB platform and related services;
  • set up, secure and administer accounts;
  • answer enquiries or support tickets;
  • send service announcements or legal notices;
  • market our products and services (see Section 6);
  • conduct anonymised research and statistics;
  • detect, investigate or prevent fraud, money‑laundering or security incidents;
  • comply with legal obligations (e.g., AML/CTF record‑keeping) or respond to lawful requests; or
  • any other purpose you authorise.

 

6. Direct marketing & cookies

We may email or message our Australian business contacts where we have received consent to do so. We identify ourselves clearly, and we provide an easy one‑click unsubscribe, in line with the Spam Act 2003. If you no longer wish to receive marketing, use the unsubscribe link or email privacy@amlhub.com.au.

Our websites use first‑ and third‑party cookies (HubSpot, Google Analytics) to understand traffic and improve the user experience. See the Cookie Policy at the end of this page for opt‑out options.

 

7. Disclosing personal information

We may disclose personal information to:

  • other AMLHUB group companies;
  • trusted service providers and sub‑processors that support our platform, CRM, email and analytics;
  • professional advisers, auditors and insurers;
  • law‑enforcement or regulators where required; or
  • anyone else with your consent or as allowed by law.

 

8. Overseas disclosures (APP 8)

Primary production data for Australian customers is hosted in Google Cloud’s Australia region. We may transfer personal information to our support and SaaS systems located in the United States, European Union and New Zealand.



9. Storage & security (APP 11)

We maintain ISO 27001‑aligned technical and organisational measures, including:

  • regular third party audits of our compliance and information security posture
  • encryption in transit and at rest;
  • role‑based access controls and MFA;
  • continuous vulnerability management and logging;
  • regular penetration testing and vendor risk assessments.


10. Retention

We keep personal information only for as long as required:

  • to achieve the purpose for which it was collected; or
  • where our customer’s AML/CTF obligations or other laws require longer retention.

We may also keep personal information where otherwise permitted by law.

When no longer required (or otherwise permitted by law to be retained), we will take reasonable steps to ensure data is securely deleted or anonymised.

 

11. Your rights (APP 12 & 13)

You have the right to:

  • access the personal information we hold about you;
  • request correction if you believe it is inaccurate;
  • withdraw consent (where processing is based on consent); and
  • opt‑out of marketing at any time.

Email privacy@amlhub.com.au with sufficient detail for us to confirm your identity and process the request. We will respond within a reasonable time, usually 30 days. Where your request pertains to User Data, we will forward your request to our customer who is the data controller for your data.

Under APP 2 you may deal with us anonymously or under a pseudonym where lawful and practical (e.g., browsing our public website).

 

12. Notifiable Data Breaches

If we become aware of an eligible data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme.

 

13. Complaints & escalation

  1. Step 1 – Contact us: Email privacy@amlhub.com.au or raise a ticket in the AMLHUB support portal.
  2. Step 2 – Internal review: If you are not satisfied, ask for your complaint to be escalated to the Chief Privacy Officer.
  3. Step 3 – OAIC: If our response does not resolve your concern, you may complain to the OAIC (www.oaic.gov.au, 1300 363 992).


14. Trans‑Tasman note

AMLHUB Limited (New Zealand) remains subject to the Privacy Act 2020 (NZ) for any personal information it handles in New Zealand. Cross‑border flows between AMLHUB Pty Ltd and AMLHUB Limited follow contract terms that ensure protections broadly consistent with both the NZ Privacy Act and the APPs.

 

15. Contact details

  • AMLHUB Australia Pty Ltd
  • ABN: 27 679 005 915
  • Registered office: Level 1, 35 Cotham Road, Kew, 3101
  • Email: privacy@amlhub.com.au

 

Cookie Policy (summary)

  • Strictly necessary cookies – required for site functionality.
  • Performance cookies – help us improve the site; collected via Google Analytics.
  • Functionality cookies – remember settings such as language or font size.
You can disable cookies via your browser settings, but parts of our site or platform may not work properly.


 

Need more information?

Please email privacy@amlhub.com.au and we’ll be happy to explain any aspect of this policy in more detail.


AML_BlueBlue_Cropped

PS-Badges-ISO_27001

AMLHUB is ISO/IEC 27001:2022 certified.
Your data is safe with us.

Platform  Solutions  Resources  Events  About  Contact

Join our mailing list

© 2026 AMLHUB Group Ltd

Return to top

Add Headline Here

Vivamus dapibus interdum metus.

Nam sagittis non sapien vitae cursus. Vivamus dapibus interdum metus vitae cursus. Pellentesque gravida eu elit a malesuada. Aenean vitae ipsum velit. Etiam porta purus sed tincidunt convallis.

  • Bullet point
  • Bullet point
  • Bullet point
Work With Us