AML Privacy Policy

INTRODUCTION

We are committed to protecting your personal information and handling it in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, store, disclose and protect personal information, including information used to verify your identity.

PERSONAL INFORMATION WE COLLECT

We may collect the following types of personal information:

• Full name

• Date and place of birth

• Residential and/or business address

• Email address and telephone number

• Government-issued identification details, including driver licence, passport, Medicare card or other identity document numbers

• Biometric information, such as a facial image or short video used to verify your identity

• Information relating to the services we provide to you and any associated transactions

• Any other information you choose to provide to us

We only collect personal information that is reasonably necessary to carry out our business activities and provide our services.

WHY WE COLLECT YOUR PERSONAL INFORMATION

We collect, use and disclose your personal information for the following purposes:

• Verifying your identity

• Providing and managing our services

• Communicating with you regarding your account and our services

• Meeting legal and regulatory obligations, including Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) requirements

• Detecting and preventing fraud and maintaining the security of our systems

• Improving our products and services

IDENTITY VERIFICATION AND GOVERNMENT DATA MATCHING (DVS)

To verify your identity, we may use electronic identity verification services, including the Australian Government's Document Verification Service (DVS).

Where you provide your consent, your name, date of birth and identity document details may be securely submitted to the relevant Commonwealth or State authority that issued your identification document. These authorities may include:

• Passport issuing authorities

• Driver licence authorities

• The Department of Home Affairs

• Registries of Births, Deaths and Marriages

• Other authorised government record holders

These authorities will check whether the information you have provided matches the records they hold.

We do not receive copies of your government records. Instead, the authority returns a match result indicating whether the details provided match its records.

This verification process may be conducted through accredited identity verification providers, including APLYiD Pty Ltd (ABN 36 632 866 794) and its authorised sub-providers.

Further information about the DVS is available at idmatch.gov.au.

BIOMETRIC INFORMATION

As part of our identity verification process, we may collect biometric information, including a facial image or a short video of you holding your identification document.

Biometric information may be used to:

• Confirm that you are a real person and physically present during the verification process

• Match your image with the photograph on your identity document

• Reduce the risk of fraud, impersonation and identity theft

Biometric information is considered sensitive information under the Privacy Act 1988 (Cth). We only collect and use biometric information for identity verification and related compliance purposes, and only with your consent.

CONSENT TO COLLECTION AND IDENTITY VERIFICATION

By providing your personal information and completing our identity verification process, you consent to:

• The collection, use and disclosure of your personal information for identity verification, AML/CTF compliance and related purposes

• The collection and use of biometric information, including facial images and video recordings, for identity verification purposes

• Verification of your information against records held by Commonwealth and State authorities through the DVS

• Disclosure of your information to authorised identity verification providers, including APLYiD and its authorised sub-providers

Providing consent is voluntary. You may withdraw your consent at any time by contacting us using the details provided in Section 13.

Please note that if you do not provide consent or the information required for verification, we may be unable to verify your identity electronically. In such circumstances, alternative verification methods may be required, or we may be unable to provide certain services.

DISCLOSURE OF PERSONAL INFORMATION

We may disclose your personal information to:

• Identity verification providers, including APLYiD and its authorised sub-providers

• Commonwealth and State authorities and official record holders through the DVS

• Employees and authorised representatives who require access to perform their duties

• Professional advisers, including lawyers, accountants and auditors

• Trusted technology providers and service providers who assist in operating our business

• Regulators, law enforcement agencies, courts, tribunals or other parties where required or authorised by law

We do not sell your personal information to third parties.

OVERSEAS DISCLOSURE

Some of our service providers may store or process personal information outside Australia.

Where overseas disclosure occurs, we take reasonable steps to ensure that your personal information is handled in a manner consistent with the Australian Privacy Principles, including implementing appropriate contractual and security protections.

DATA SECURITY AND STORAGE

We take reasonable steps to protect your personal information from misuse, interference, loss and unauthorised access, modification or disclosure.

Our security measures may include:

• Secure systems and infrastructure

• Access controls and authentication measures

• Encryption of data in transit and, where appropriate, at rest

• Monitoring and security management processes

We retain personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law. When information is no longer required, it is securely destroyed or de-identified.

ACCESS AND CORRECTION

You have the right to request access to the personal information we hold about you and to request correction of information that is inaccurate, incomplete, out of date or misleading.

Requests can be made using the contact details provided in Section 13. We will respond within a reasonable period.

DIRECT MARKETING

From time to time, we may use your contact details to provide information about our products, services, promotions or updates that may be of interest to you.

You may opt out of receiving marketing communications at any time by:

• Clicking the unsubscribe link included in our communications; or

• Contacting us using the details provided in Section 13

PRIVACY COMPLAINTS

If you believe we have mishandled your personal information or breached our privacy obligations, please contact us using the details in Section 13.

We will:

1. Acknowledge receipt of your complaint;

2. Investigate the matter; and

3. Respond within a reasonable timeframe.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

CONTACT DETAILS

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us on 5444 2222 or admin3@propertytoday.com.au

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our business practices, technology, legal obligations or regulatory requirements.