Our business (AML Group) has three distinct arms: Anti Money Laundering Solutions Ltd (AML Solutions) provides consulting, training, and auditing services; AMLHUB Ltd (AMLHUB) is a SaaS platform; and AMLHUB Services Ltd (AML Services) provides outsourcing services. The three businesses collect different types of information from the different clients they interact with, and use the information in different ways.
AML Group (we, us, our) complies with the Privacy Act 2020 (New Zealand) when dealing with personal information. Personal information is information about an identifiable individual (a natural person). This policy does not limit or exclude any of your rights under the Privacy Act 2020 (New Zealand) and all other applicable privacy and data protection laws. For further information on the Privacy Act 2020 (New Zealand), see www.privacy.org.nz. This policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. We are happy to provide any additional information or explanation needed.
Any request for further information should be sent to firstname.lastname@example.org
Changes to this policy
We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we upload the revised policy. This policy was last updated on 18 September 2023.
What personal information do we collect?
Directly from you
We collect the following information directly from you:
▲ When you fill in a contact or enquiry form or download resources on the AML Group websites, call us, meet us in person or otherwise contact us relating to AML Solutions, AMLHUB, or AMLHUB Services, your name, email address, phone number and any other information you choose to provide to us.
▲ When you sign up to our newsletter and other electronic alerts relating to AML Group, your name, email address and any other information you provide to us when you ask to receive our newsletter or other alerts.
▲ Over the telephone or a video call (such as Microsoft Teams, ZOOM, Google Meets…etc), e.g. when you talk to our personnel.
▲ When you register for, or login to, an online account or training with AML Group, your name, email address and any other information we require or ask for to set you up with an account or that you submit to us for billing or payment purposes.
▲ We may also collect personal information about you from publicly available sources, e.g. the internet.
Some personal information that we collect directly from you may be mandatory and some may be optional. We will let you know which of these applies at the time we collect the relevant personal information. While you do not have to provide us with some information we may request, this might mean that the AML Group websites or AMLHUB may not perform as well as they should, or that we may not be able to provide some parts of the AML Group websites or AMLHUB to you.
If you require further information about the consequences of not providing us with any information, please contact us at email@example.com.
Automatically when you use the AML Group websites or AMLHUB
When you access and use the AML Group websites or AMLHUB we may automatically collect information about your device and usage of the websites and AMLHUB, including your IP address, operating system, browser type, time spent on certain pages of the website, pages visited and links clicked.
How we use your personal information
We may use your personal information:
▲ to contact you
▲ to provide the AML Group websites and/or AMLHUB to you
▲to market our products and services to you, including contacting you electronically (e.g. by phone, text or email for this purpose)
▲to improve the AML Group websites and AMLHUB platform
▲to bill you and to collect money that you owe us, including authorising and processing credit card transactions
▲to respond to communications from you, including enquiries and complaints
▲to conduct research and statistical analysis (on an anonymised basis)
▲to protect and/or enforce our legal rights and interests, including defending any claim
▲to respond to lawful requests by public authorities, including to comply with law enforcement requirements, or
▲for any other purpose authorised by you or applicable law.
You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails or by contacting us directly.
Disclosing your personal information
We may disclose your personal information to:
▲another company within our group (AML Solutions, AMLHUB, or AMLHUB Services)
▲any business that supports the AML Group websites or AMLHUB, including any person that hosts or maintains any underlying IT system or data centres that we use to provide the websites or AMLHUB, or that we use to process payments
▲third parties (for anonymised statistical information)
▲a person who can require us to supply your personal information (e.g. a law enforcement agency or regulatory authority)
▲any other person authorised by applicable law
▲any other person with your consent
International transfers of personal information
A business that supports the AML Group website or AMLHUB may be located outside of New Zealand. This means that the personal information we collect may be transferred, and stored, outside of New Zealand.
Protecting your personal information
We will take steps as required by applicable laws to keep your personal information safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks inherent in processing personal information.
You play an important role in keeping your personal information secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. You should not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.
We use a range of physical and electronic security measures to protect the security of the personal information we hold, including:
- Access to information systems is controlled through identity and access management
- Our buildings are secured with a combination of locks, monitored alarms, and cameras to prevent unauthorised access
- Personnel are bound by internal information security policies and are required to keep information secure
- Personnel in AML Group businesses have restricted access to the personal information stored by AML Solutions, AMLHUB, and AMLHUB Services respectively.
- Personnel are required to complete annual training about information security and privacy
- When we send information overseas or use service providers to process or store information, we put arrangements in place to protect your information
- We regularly monitor and review our compliance (and our service providers’ compliance) with internal policies and industry best practice
- We only keep information for as long as we need it, or as long as the law requires us to. We have a records management policy that governs how we manage our information and records to make sure we destroy any information that is outdated, irrelevant, or unnecessary.
Cloud based service providers
We use third party service providers to store and process most of the information we collect. We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.
If there is a privacy breach
We work hard to keep your personal information safe. However, despite applying strict security measures and following industry standards to protect your personal information, there is still a possibility that our security could be breached. If we experience a privacy breach, where there is a loss or unauthorised access or disclosure of your personal information that is likely to cause you serious harm, we will, as soon as we become aware of the breach:
- Seek to quickly identify and secure the breach to prevent any further breaches and reduce the harm caused
- Assess the nature and severity of the breach, including the type of personal information involved and the risk of harm to affected individuals
- Advise and involve the appropriate authorities where criminal activity is suspected
- Where appropriate, notify any individuals who are affected by the breach (where possible, directly)
- Where appropriate, put a notice on our website advising our clients of the breach
- Notify the Privacy Commissioner
Accessing and correcting your personal information
Subject to certain grounds for refusal under applicable law, you have the right to access your personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
Where you request correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. In all other cases, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at firstname.lastname@example.org. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information or the correction that you are requesting).
Subject to applicable law, we may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
Data retention policy
The personal information that we collect and use will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.
We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days, but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
If you are not satisfied with our response to any privacy related concern you may lodge a complaint on the Privacy Office website (www.privacy.org.nz) or send a complaint form to the Privacy Commissioner at:
- Office of the Privacy Commissioner
PO BOX 10-094
By continuing to use the AML Group websites and/or AMLHUB, you indicate your agreement for us to use the cookies described below.
When you interact with us through our websites, social media pages, or engage with marketing communications, the information collected through the cookies may include:
- The date and time of visits
- Website page (or pages viewed)
- The website from which you accessed the internet and our website or other digital platform
- How you navigate through the website and interact with pages (including any fields completed in forms and applications completed (where applicable))
- Information about your location
- Information about the device used to visit our digital platform
- IP address (or addresses), and the type of browser used
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your browsing device, e.g. a computer or smartphone, when you visit a website. Cookies can be recognised by the website that downloaded them, or by other websites that use the same cookies. This helps a website know if the browsing device has visited that or other websites before.
Cookies can be used to collect information relating to your use of a website or your device, let you navigate between pages effectively, remember your preferences, and generally improve your browsing experience.
Cookies can be session or persistent cookies. Session cookies are temporary and only stay on your browser until you stop browsing. Persistent cookies stay on your device until they expire or are deleted.
The cookies used on the AML Group websites and AMLHUB may be first party cookies (i.e. set by us) or third party cookies (i.e. set on our website by a person other than us). The third party companies that place cookies on our website will have their own privacy policies.
What types of cookies do we use?
The types of cookies used by us, and most websites, can generally be categorised as follows.
Strictly necessary cookies
These cookies are essential for the full functionality of our website and related services. They enable you to navigate around our website and services, and use their features e.g. accessing secure areas and enabling services that you have specifically asked to receive. If you opt out of these cookies, you may not be able to access all the functions of our website and some services that you have asked for.
These cookies do not track where else you have been on the internet and do not remember your preferences beyond your current visit. These cookies are generally first party session cookies which will expire when you close your browsing session. These cookies do not collect information that could be used for marketing purposes.
These cookies allow a website to remember choices you make and provide enhanced, more personal features. E.g. these cookies allow us to remember the settings you have applied to the website (such as font size, preferences or colours), identify whether you are a returning website visitor and present you with a personalised version of the website, or eliminate the need for you to re-enter your login details. The information these cookies collect is generally anonymous and they do not track your browsing activity on other websites. These cookies may be first or third party, session or persistent cookies.
These cookies collect information about how you use a website, e.g. which pages are the most visited and if you receive any error message from any page. This information helps us improve the way the website and services work and helps us manage the performance and design of the website. These cookies do not gather information that identifies you. All information these cookies collect is aggregated and anonymous. These cookies may be first or third party, session or persistent cookies.
Third party cookies
We may use Google Analytics to collect information about visitors to the AML Group websites and users of AMLHUB. Google Analytics collects information related to your device, browser, IP address, network location, and website activities to measure and report statistics about your interactions on the AML Group websites and AMLHUB. We use this information to help us manage the performance and design of the AML Group websites and AMLHUB and to improve the AML Group websites and AMLHUB.
Purpose of collection and use of personal information
Any personal information you provide to us may be used to:
- Check where they are eligible for the product or services offered by us
- Facilitate those services
- Provide information that you request
- Provide you with further information about AML Group’s products and services
How to control or opt out of cookies
You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. However, if you do this, you may have to manually adjust some preferences every time you visit our website and attempt to use our services, you may not be able to access certain parts of the AML Group websites or AMLHUB, and some functionalities may not work.
You can find out more information about how to change your browser cookie settings at http://www.aboutcookies.org.uk.
To learn more about how to control cookie settings through your browser:
▲ click here to learn more about the Private Browsing setting and managing cookie settings inFirefox
▲ click here to learn more about Incognito and managing cookie settings in Chrome
▲ click here to learn more about InPrivate and managing cookie settings in Internet Explorer
▲ click here to learn more about Private Browsing and managing cookie settings in Safari.
Third party website cookies