Your Personal Data is processed in accordance with the General Data Protection Regulation (Regulation EU 2016/679, further – “the GDPR”), the Data Protection Act 2018 and other relevant legislation with respect to the accepted principles of good information handling (collectively referred to as the “Data Protection Legislation”).
“Company” means AML Corporation Limited, a private limited company incorporated in Lithuania with company number 306141950, whose registered office address is Taikos pr. 111-74, LT-94230 Klaipėd (the “Company”, “We”), which operates AMLSafe Website available at https://amlsafe.io and the associated mobile application (referred to as “we” and “us” hereinafter);
“Website” means the AMLSafe website operated by the Company and available at https://amlsafe.io;
“Personal Data” means any information relating to the User, which identifies or may identify the User;
INFORMATION WE COLLECT
When you engage with us, we collect and process your Personal Data, which includes as follows:
Personal identification information, including your name, e-mail address, phone number, country, full address and date of birth;
Data collected in connection with “Know Your Customer” (KYC) compliance, “Anti-Money Laundering” (AML) compliance and “Counter-Terrorist Financing” (CTF) compliance, including but not limited to:
Your full name;
Your residential address;
Your contact details (telephone number, email address);
Your date and place of birth, gender, place of citizenship;
Your bank account information and/or credit card details;
Your status as a politically exposed person;
Source of funds & proof of address;
Passport and/or national driver’s license or government-issued identification card to verify your identity.
Device and website usage data, including: IP addresses; language preferences and other device identifiers; information relating to your access to the Website and the associated mobile application, such as device characteristics, date and time.
HOW WE COLLECT YOUR DATA
We collect Personal Data directly from you when you use our Website and/or the associated mobile application, communicate with us, or interact directly with us. For example, direct collection of your Personal Data occurs when you complete the contact form on our Website and/or the associated mobile application or when you contact us via email.
When you create an account with AMLSafe we perform checks at:
Credit reference agencies to verify the identity information you have provided to us, as part of complying with our legal duties. These checks consist of a ‘soft search’ and do not impact your credit score.
KYC (Know Your Customer) and AML (Anti Money Laundering) service providers, as part of complying with our legal duties.
We also may collect information about you from third-party sources, including but not limited to, the following channels:
marketing partners and resellers;
advertising partners and analytics providers;
public databases, credit bureaus and ID verification partners;
social networks (for example, Twitter).
THE PURPOSES OF COLLECTING YOUR PERSONAL DATA
The Company collects your Personal Data for the following purposes:
To enable you to use our Website and/or the associated mobile application and the Services provided through those, to create an account or profile, to process information you provide via our Website and/or our mobile application (including verifying that your email address is active and valid) in accordance with Article 6(1)(a) GDPR;
To detect and prevent potentially prohibited or illegal activity relating to the Company’s services in accordance with Article 6(1)(b), (c) and (f) GDPR;
To tailor content, recommendations, and advertisements that we and third parties display to you, both on the Website and our mobile application and elsewhere online in accordance with Article 6(1)(a) GDPR;
To contact you in response to your inquiries, comments and suggestions in accordance with Article 6(1)(b) GDPR;
with your consent, to provide you with information, products, or services that we otherwise believe will interest you, including special opportunities from us and our third-party partners in accordance with Article 6(1)(a) GDPR;
for internal business purposes, such as to improve our Website and/or our mobile application in accordance with Article 6(1)(b) GDPR;
to issue invoices and collect fees in accordance with Article 6(1)(f), (b) GDPR;
to comply with our policies and obligations, including, but not limited to, disclosures and responses in response to any requests from law enforcement authorities and/or regulators in accordance with any applicable law, rule, regulation, judicial or governmental order in accordance with Article 6(1)(c), (b) GDPR.
Your Personal Data, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the purpose of delivering the requested services and improving our services.
PROVIDING YOUR PERSONAL DATA TO OTHERS
For behaviour statistics and business intelligence we use the services of Google LLC (“Google Analytics”), a company located in the United States. Your Personal Data that we may provide to Google Analytics may include your IP address, and that data is used by Google Analytics to generate information about your usage of our service.
We may share your Personal Data with the following third parties:
Third-party vendors providing services on our behalf, including advertising, analytics, research, customer service, service support, data storage, validation, security, fraud prevention, and legal services. Such third-party vendors have access to perform these services but are prohibited from using your Personal Data for other purposes;
Law enforcement bodies and other external parties (including but not limited to authorities that stop financial crime, money laundering, terrorism and tax evasion; the police, courts or other dispute resolution bodies; banks and other financial institutions for the purposes of fraud investigations, etc.) where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests and/or the vital interests of a third-party;
Other third parties subject to your consent.
When we disclose your Personal Data to a third party, we take all reasonable steps to ensure that those third parties are bound by confidentiality and privacy obligations with respect to the protection of your Personal Data. The disclosure is conducted in compliance with legal requirements, including entering into data processing agreements with the relevant third parties, to ensure that Personal Data is only processed in accordance with our instructions, applicable laws and regulations and for the purpose specified by us and to ensure adequate security measures.
STORAGE AND DELETION OF PERSONAL DATA
The Company will retain your Personal Data for as long as we shall deem it necessary to enable you to use the Website and the associated mobile application and to provide Services to you, to comply with applicable laws (including those regarding document retention), resolve disputes with any parties and otherwise as necessary to allow us to conduct our business.
The legal basis for retaining your Personal Data is the Company’s legitimate interest under GDPR Article 6(1)(f) to protect our rights in the light of potential legal disputes during the limitation period under law.
Notwithstanding anything to the contrary in this Section, we may retain your Personal Data where such retention is necessary for compliance with a legal obligation to which we are subject to, or in order to protect your vital interests or the vital interests of another natural person in accordance with GDPR Article 6(1)(c).
When the Company no longer needs to keep your Personal Data, it will securely delete or destroy it.
PROTECTION OF PERSONAL DATA
Your Personal data integrity is of high concern to us. We follow the standard practices within the industry to protect the Personal Data that we collect and maintain, including using Transport Layer Security (TLS) to encrypt information as it travels over the internet. We have therefore implemented technology and security policies and procedures intended to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to, such information, reasonably appropriate to the nature of the data concerned; unfortunately, however, no data transmission over the Internet can be guaranteed to be 100% secure.
We implemented a number of additional security measures to ensure that your Personal Data is not lost, abused, or altered, including, but not limited to:
Physical measures, which means that materials containing your Personal Data will be stored in a locked place.
Electronic measures, which means that computer data containing your Personal Data will be stored in the computer systems and storage media that are subject to strict log-in restrictions.
Management measures, which means that only authorized employees are permitted to come into contact with your Personal Data and such employees must comply with our internal confidentiality rules for Personal Data. We have also imposed strict physical access controls to buildings and files.
If you suspect that your Personal Data has been compromised, please immediately contact our Customer Support Team at firstname.lastname@example.org.
Users residing in certain countries, including the EU, are afforded certain rights regarding their personal information:
The right to access: you have the right to confirmation as to whether or not we process your Personal Data and, where we do, to access the Personal Data. Providing that the rights and freedoms of others are not affected, we will supply to you a copy of your Personal Data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee;
The right to object to processing: you have the right to object to us processing your Personal Data, citing personal reasons; however, understand that we may still process your Personal Data if we have lawful grounds to do so, but only if our interests in processing your Personal Data are not overridden by your rights, interests, or freedoms;
The right to rectification: you have the right to have any inaccurate Personal Data about you rectified and, taking into account the purposes of the processing, to have any incomplete Personal Data about you completed;
The right to data portability: you have the right to obtain and reuse your Personal Data for your own purposes across different services. It allows you to move, copy or transfer Personal Data easily from one IT environment to another in a safe and secure way, without hindrance to usability;
The right to erasure: you have the right to request that the Company erase your Personal Data under certain conditions. However, this can sometimes be a limited right where our other duties prevent us from doing so. For example, if you asked us to delete your identity and transaction data, we would not be able to do this, as we have a legal duty to keep it under anti-money laundering and counter-terrorism financing regulations;
The right to restrict processing: you have the right to request that the Company restrict the processing of your Personal Data under certain conditions;
The right to withdraw consent: to the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing of your Personal Data before the withdrawal.
You may exercise any of your rights in relation to your Personal Data by contacting our Customer Support. You must note that prior to accessing and making changes to your Рersonal Data, we will need to verify your identity properly.
We will aim to respond to your requests regarding your Personal Data within 1 (one) month of receipt of any such request.
If you believe that your rights have been infringed, you may lodge a complaint with the supervisory authority in your jurisdiction. In the UK, you can make an enquiry or file a complaint with the Information Commissioner’s Office, the UK’s independent regulator for Data Protection and Freedom of Information.
INTERNATIONAL TRANSFER OF PERSONAL DATA
We may need to transfer your Рersonal Data to countries which are located outside the European Economic Area (“EEA”), for the purpose of providing the Services to you. You may be located in a country outside of the EEA and therefore we may have no choice but to transfer your Personal Data outside of the EEA.
Any transfer of your personal information outside of the EEA will be subject to a GDPR-compliant guarantee (such a Model Contract Clause approved by the European Commission) that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach.
A cookie is a small data file containing a string of characters that is sent to your computer when you visit a website. When you visit the websites again, the cookie allows that site to recognize your browser. The length of time a cookie will stay on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. For further information regarding cookies, visitallaboutcookies.org.
We use the following types of cookies on our Website and in our mobile application:
Strictly necessary cookies: these are essential for you to browse our Website and use its features, and access and use our mobile application. Without these cookies, some online services cannot be provided.
Performance cookies: these collect information about how you use our Website and the associated mobile application. This data may be used to help optimize our Website and our mobile application and make them easier for you to navigate.
Functional cookies: these allow our Website and our mobile application to remember the choices you make while browsing the Website and/or using the mobile application and to personalize your experience.
Third-party cookies: these are placed by websites and/or parties other than us. These cookies may be used on our Website and in our mobile application to improve our services or to help us provide more relevant advertising. These cookies are subject to the respective privacy policies for the relevant external services.
Analytics cookies: these are offered by services like Google Analytics, to help us understand how long a visitor stays on our Website and in our mobile application, what pages they find most useful, and how they arrived at https://amlsafe.io.
Most web browsers allow you to control cookies through their settings preferences. However, if you limit the ability of our Website or our mobile application to set cookies, you may impair your overall user experience, as it will no longer be personalized to you.
In addition to cookies, we sometimes use small graphics images known as pixels (also known as web beacons, clear GIFs, or pixel tags). We use pixels in our email communications to you (if you have selected to receive such communications) to help us to understand whether our email communication has been viewed. We also use third-party pixels (such as those from Google, YouTube, and other networks) to help us provide advertising that is relevant to your interests.