This policy sets out how we will collect, use, disclose and protect your personal information.
First AML Limited (First AML) complies with the New Zealand Privacy Act 2020 (the Act) and the Australian Privacy Act 1998 when dealing with personal information.
Personal information is information about an identifiable individual (a natural person).
This policy does not limit or exclude any of your rights under the Act. In addition, it does not limit or exclude any rights that you have or may have under the General Data Protection Regulation 2016/679 (GDPR).
If you wish to seek further information, please see www.privacy.org.nz for New Zealand and https://www.oaic.gov.au/privacy/the-privacy-act/ for Australia.
Suite E, 317 New North Road, Kingsland, Auckland.
56190, Dominion Road, Auckland 1446, New Zealand.
AML/CFT Act means the Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
Reporting Entity has the meaning given to that term in the AML/CFT Act i.e. these are businesses supervised under Section 5 of the Act. Including, but not limited to;
Information we will be collecting
In accordance with the legislation that applies to our services, we are required to verify the following, this is limited to;
We will be collecting this by asking for your Identification Documents such as a Passport or Driver’s License.
What we will do with your information
We will never share this information with anyone other than the initial transaction it was required for OR if you have given us your express consent on each occasion it is required to be shared thereafter. E.g;
If information is not provided
If the requested information is not provided by our client, First AML may not be able to complete customer due diligence.
Changes to this policy
We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.
Who do we collect your data from?
We collect personal information about you from:
Disclosing your personal information
We may disclose your personal information to:
Protecting your personal information
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.
Accessing and collecting your personal information
You may contact us to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we consider that the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
Data management and security
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity.
The personal information that we hold is stored on secure servers located in Australia in data centres that are SOC 1, SOC 2 and ISO 270001 certified. The data centres have round-the-clock security, automatic fire detection and suppression, redundant power supply systems, and strict controls for physical access.
‘SOC’ stands for ‘Systems and Organisation Controls’. These are a reporting framework through which organisations can communicate relevant useful information about the effectiveness of their cybersecurity risk management program (i.e. Amazon Web Services ‘AWS’ are our providers).
‘ISO27001’ is an international standard on how to manage information security. Its best practice approach helps organisations manage their information security by addressing people and processes as well as technology.
Data held cannot be seen by anyone outside of First AML. Data is encrypted when it is sent to and from our servers, as well as when it is at rest. To protect data in transit, 256-bit SSL/TLS encryption is used. At rest, data is protected using 256-bit AES encryption.
By accessing our website or by submitting information to First AML, you consent to First AML collecting, maintaining, using and disclosing personal information about you and provided by you or by another person as described above.