Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your personal information when you use our AML compliance platform.
Last updated: January 2025
Legal Basis
AML Proof s.r.o. processes personal data in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679, \\\"GDPR\\\"), the cornerstone of European data protection law.
The GDPR was adopted by the European Parliament and the Council of the European Union and is enforced under the supervision of the European Data Protection Board (EDPB) together with the national data protection authorities of each EU Member State.
AML Proof s.r.o., as the data controller, determines the purposes and means of processing your personal data when you use our platform.
Information We Collect
Personal Information
- • Name and contact details
- • Email address and phone number
- • Job title and organization
- • Professional credentials
- • Account preferences
Usage Data
- • Platform usage patterns
- • Feature interactions
- • Session duration and frequency
- • Device and browser information
- • IP address and location data
Compliance Data
- • AML case information
- • Risk assessment data
- • Training records
- • Audit trail information
- • Regulatory reporting data
Technical Information
- • Cookies and tracking pixels
- • Log files and error reports
- • Performance metrics
- • Security event logs
- • API usage statistics
How We Use Your Information
Service Provision
- Provide and maintain our AML compliance platform
- Process and manage compliance cases
- Generate reports and analytics
- Facilitate training and certification
Communication
- Send service updates and notifications
- Provide customer support
- Share regulatory updates
- Deliver training materials
Improvement
- Analyze usage patterns and performance
- Develop new features and services
- Enhance security measures
- Optimize user experience
Compliance
- Meet legal and regulatory obligations
- Respond to lawful requests
- Maintain audit trails
- Protect against fraud and abuse
Information Sharing & Disclosure
We do not sell your personal information. We may share information in limited circumstances as outlined below.
Legal Requirements
When required by law, court order, or regulatory authority, including AML/CTF reporting obligations and law enforcement requests.
Service Providers
With trusted third-party service providers who assist in platform operations, under strict confidentiality agreements.
Business Transfers
In connection with mergers, acquisitions, or asset sales, with appropriate notice and protection of your rights.
Payment Processing
Payments are processed by Stripe Payments Europe Ltd. Data may be transferred outside the EEA under Standard Contractual Clauses and appropriate safeguards.
Data Security & Protection
We implement comprehensive security measures to protect your personal information from unauthorized access, use, or disclosure.
Technical Safeguards
- End-to-end encryption for data transmission
- Advanced encryption for data at rest
- Multi-factor authentication systems
- Regular security monitoring and audits
Operational Controls
- Role-based access controls
- Employee security training programs
- Incident response procedures
- Regular backup and recovery testing
Your Privacy Rights
You have important rights regarding your personal information. Contact us to exercise these rights.
Access
Request copies of your personal information
Correction
Update or correct inaccurate information
Deletion
Request deletion of your personal data where legally permissible. Certain AML/CTF compliance records cannot be deleted before the end of mandatory retention periods.
Portability
Export your data in a portable format
Data Retention
We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy and comply with legal obligations.
Account Data
Retained for 5–10 years after account closure, in line with applicable AML/CFT and data protection regulations.
Compliance Records
AML/CTF records retained for 5-10 years as required by AMLR 2024 and national implementing regulations.
Usage Analytics
Anonymized usage data retained for 3 years for service improvement
Questions About Your Privacy?
If you have questions about this privacy policy or how we handle your personal information, please contact our privacy team.
If you believe your personal data have been processed unlawfully, you also have the right to lodge a complaint with the Úřad pro ochranu osobních údajů (UOOU) or with your local supervisory authority within the European Economic Area.