PRIVACY POLICY
This Privacy Policy is issued by the operator of this website, a registered remittance service provider ("we", "us", "our").
Version: 1.0
1. ABOUT THIS POLICY
1.1 This Privacy Policy explains how we collect, hold, use and disclose your personal information, and how you can access and correct it or make a complaint. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles ("APPs").
1.2 As a registered remittance service provider and reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) ("AML/CTF Act"), we are legally required to collect, verify, retain and in certain circumstances disclose your personal information. If you do not provide the information we request, we may be unable to provide our services to you.
1.3 By using our website or services, or by ticking the acceptance checkbox during registration or transaction submission, you consent to the handling of your personal information as described in this Policy.
2. WHAT PERSONAL INFORMATION WE COLLECT
Depending on your use of our services, we may collect:
(a) Identity information: full name (including names in other scripts, e.g. Chinese characters), date of birth, nationality, country of birth, residential address, contact details (phone, email), occupation and employer;
(b) Identity documents: passport, driver licence, national identity card, visa/immigration status, Medicare card, and biometric data derived from identity verification (e.g. facial images and liveness checks used to match you to your documents);
(c) Financial information: bank account details (yours and your beneficiaries'), transaction amounts, currencies, transaction purposes, source of funds and source of wealth documentation (e.g. payslips, bank statements, contracts of sale, investment statements, tax records);
(d) Beneficiary information: name, account details, address, relationship to you, and jurisdiction of the beneficiary — you warrant that you are authorised to provide this information to us;
(e) Compliance information: results of sanctions, politically exposed person (PEP) and adverse media screening; risk assessments; records of compliance reviews; correspondence relating to your transactions;
(f) Technical and usage information: IP address, device identifiers, browser type, operating system, pages visited, session times, and location data inferred from IP address;
(g) Declaration records: the content and version of declarations and terms you accept, together with timestamps, IP address and device information evidencing your acceptance;
(h) Communications: records of phone calls (which may be recorded with notice), emails, chat messages and other correspondence with us.
We collect sensitive information (e.g. biometric identifiers used for verification) only with your consent or where permitted or required by law.
3. HOW WE COLLECT PERSONAL INFORMATION
3.1 We collect personal information:
(a) directly from you — via website forms, account registration, transaction requests, uploaded documents, and communications with us;
(b) from third-party verification providers, including electronic identity verification services and the Australian Government Document Verification Service (DVS);
(c) from sanctions, PEP and adverse media screening databases;
(d) from publicly available sources (e.g. company registers, court records);
(e) from our banking and payment partners in the course of processing transactions; and
(f) automatically through cookies and similar technologies when you use our website (see clause 10).
3.2 If you provide personal information about another person (e.g. a beneficiary, a beneficial owner, or a director of your company), you must ensure that person is aware of this Policy and, where required, has consented to the disclosure.
4. WHY WE COLLECT, HOLD AND USE PERSONAL INFORMATION
We collect, hold and use personal information for the following purposes:
(a) to identify and verify you, your beneficial owners and your beneficiaries as required by the AML/CTF Act;
(b) to assess, process, execute and settle your transactions;
(c) to conduct initial and ongoing customer due diligence, transaction monitoring, sanctions screening and risk assessment;
(d) to comply with our legal and regulatory obligations, including reporting obligations to AUSTRAC (such as International Funds Transfer Instructions, Threshold Transaction Reports and Suspicious Matter Reports) and record-keeping obligations (minimum 7 years);
(e) to detect, prevent and investigate fraud, scams, money laundering, terrorism financing and other unlawful activity;
(f) to manage our relationship with you, respond to enquiries and resolve complaints;
(g) to maintain evidentiary records of your acceptance of our terms and declarations;
(h) to improve our website, services and customer experience, including analytics;
(i) with your consent, to send you service updates, rate alerts and marketing communications (you may opt out at any time); and
(j) for any other purpose required or authorised by law, or for which you have given consent.
5. WHO WE DISCLOSE PERSONAL INFORMATION TO
5.1 We may disclose your personal information to:
(a) Regulators and authorities: AUSTRAC, law enforcement agencies, courts, tribunals, tax authorities and other government bodies in Australia and overseas, where required or authorised by law. Note: where we make certain reports under the AML/CTF Act, we are legally prohibited from informing you ("tipping-off" prohibition);
(b) Banking and payment partners: our Australian and overseas banks, correspondent banks, intermediary banks, payment networks and settlement providers, to the extent necessary to execute your transactions;
(c) Verification and screening providers: electronic identity verification services, the DVS, sanctions/PEP screening providers and fraud prevention services;
(d) Service providers: IT hosting and cloud providers, customer relationship management systems, communications platforms, professional advisers (lawyers, accountants, auditors) and insurers — in each case under obligations of confidentiality;
(e) Related bodies corporate for internal administration and compliance;
(f) Prospective purchasers of our business or assets, subject to confidentiality obligations; and
(g) any other party with your consent or as required or authorised by law.
5.2 We do not sell your personal information.
6. OVERSEAS DISCLOSURE
6.1 By the nature of cross-border remittance, your personal information (and your beneficiaries' information) will be transmitted to the destination country of your transaction and to intermediary jurisdictions. Depending on your transactions, recipients may be located in (without limitation): the People's Republic of China, Hong Kong SAR, the United States, Singapore, the United Kingdom, New Zealand and other jurisdictions relevant to your payment corridors.
6.2 Our IT and cloud service providers may store or process data in Australia and overseas.
6.3 Overseas recipients may not be subject to privacy laws equivalent to the Australian APPs, and you may not be able to seek redress under the Privacy Act in respect of their handling of your information. Where APP 8 requires, we take reasonable steps to ensure overseas recipients handle your personal information consistently with the APPs; however, by using our services you consent to the overseas disclosures described in this clause, acknowledging that overseas recipients may be subject to foreign laws (including compelled disclosure to foreign authorities).
7. HOW WE HOLD AND PROTECT PERSONAL INFORMATION
7.1 We hold personal information in electronic systems (including cloud infrastructure) and, in limited cases, physical files. We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure, including: encryption in transit and at rest; access controls and role-based permissions; multi-factor authentication for internal systems; staff confidentiality obligations and training; vendor due diligence; and logging and monitoring.
7.2 No system is completely secure. You transmit information to us at your own risk, and you should protect your own account credentials.
7.3 Data breach: in the event of a data breach likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner ("OAIC") in accordance with the Notifiable Data Breaches scheme.
8. RETENTION
8.1 We are required by the AML/CTF Act to retain customer identification records and transaction records for at least seven (7) years after the end of the customer relationship or the transaction (whichever is later). We may retain information for longer where required for legal, regulatory, audit, insurance or dispute-resolution purposes.
8.2 When personal information is no longer required, we take reasonable steps to destroy or de-identify it. Please note: because retention is mandated by law, we generally cannot delete your KYC or transaction records on request during the statutory retention period, even if you close your account.
9. ACCESS, CORRECTION AND YOUR CHOICES
9.1 You may request access to the personal information we hold about you by contacting our Privacy Officer (details below). We will respond within a reasonable period (generally 30 days). We may charge a reasonable fee for access (not for making the request). We may refuse access where permitted by law — for example, where access would prejudice an investigation, reveal a suspicious matter report, or be unlawful — and where we refuse, we will provide written reasons unless prohibited by law.
9.2 You may request correction of inaccurate, out-of-date, incomplete or misleading information. Keeping your information current is also your obligation under our Terms and Conditions.
9.3 Marketing opt-out: you may opt out of marketing communications at any time via the unsubscribe link or by contacting us. Opting out does not affect service and compliance communications, which we must still send.
9.4 Anonymity: due to our legal obligations under the AML/CTF Act, we cannot provide remittance services to anonymous or pseudonymous customers.
10. COOKIES AND ANALYTICS
10.1 Our website uses cookies and similar technologies to: keep you signed in; remember preferences; measure website performance; and analyse usage patterns (e.g. via analytics providers).
10.2 You can manage cookies through your browser settings. Disabling cookies may affect website functionality. Where required, we will seek your consent to non-essential cookies via a cookie banner.
11. CREDIT INFORMATION
We do not provide credit and do not collect credit eligibility information, except that identity verification checks conducted through a credit reporting body are verification-only checks and do not affect your credit score.
12. THIRD-PARTY WEBSITES
Our website may link to third-party websites. This Policy does not apply to those websites, and we are not responsible for their privacy practices.
13. CHANGES TO THIS POLICY
We may update this Policy from time to time by publishing the updated version on our website with a new version number and effective date. Material changes will be notified via the website or email. Your continued use of our services after the effective date constitutes acceptance of the updated Policy.
14. COMPLAINTS
14.1 If you believe we have breached the APPs or mishandled your personal information, please contact our Privacy Officer first. We will acknowledge your complaint within 5 business days and aim to respond within 30 days.
14.2 If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au | 1300 363 992 | GPO Box 5288, Sydney NSW 2001.
15. CONTACT US
Privacy Officer — Please direct all privacy enquiries and requests to our Privacy Officer via the contact details published on our website.
This Policy is prepared in English. Any translation is provided for convenience only; the English version prevails to the extent of any inconsistency.