Privacy Policy

1. About this policy

AMLPrep ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website amlprep.com and use our services, including our free AML/CTF compliance quiz.

This policy is designed to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you do not agree with our policies and practices, please do not use our website or services.

2. Information we collect

2.1 Information you provide directly

We collect personal information when you voluntarily provide it to us, including:

• Free Quiz: Your full name and email address when you complete our free AML/CTF compliance quiz
• Contact Form: Your name, email address, and message when you contact us via our contact form
• Payment Information: Payment details (processed securely by Stripe) when you purchase products or services
• Email Communications: Any information you provide when subscribing to our email newsletter (managed via MailerLite)
• Account Information: Details provided if you create an account on our website

2.2 Information collected automatically

When you visit our website, we automatically collect certain information about your interaction with the site:

• Analytics Data: Information collected via Google Analytics 4, including pages visited, time on site, user flow, device type, browser type, operating system, IP address (anonymized), and general location data
• Cookies: We use cookies to remember your preferences and track your usage patterns (see Cookies section below)
• Server Logs: Standard server logs including IP address, browser type, referring URL, and pages accessed

2.3 Cookies and similar technologies

We use cookies and similar tracking technologies to enhance your browsing experience and analyze how our website is used. This includes:

• Essential Cookies: Required for basic functionality (e.g., remembering your consent preferences)
• Analytics Cookies: Google Analytics 4 cookies to understand how you use our website
• Marketing Cookies: MailerLite cookies to track email engagement

You can control cookies through your browser settings. Disabling cookies may affect functionality of the website.

2.4 Third-party information

We may occasionally receive information about you from third parties, such as:

• Business partners or referral sources
• Publicly available sources for verification purposes
• Service providers assisting with our business operations

3. How we use your information

3.1 Primary purposes

We use the personal information we collect for the following purposes:

• Quiz Administration: Processing your quiz completion, calculating results, and providing feedback and resources
• Email Marketing: Sending educational content, compliance updates, product information, and promotional materials (with your consent)
• Payment Processing: Processing purchases and managing transactions securely through Stripe
• Website Analytics: Understanding how users interact with our site to improve content, functionality, and user experience
• Customer Support: Responding to your inquiries, providing assistance, and resolving issues
• Account Management: Creating and maintaining your user account if applicable
• Compliance: Complying with legal and regulatory obligations

3.2 Marketing communications

We will send you marketing communications (emails) based on your consent. Specifically:

• When you complete our quiz, you'll receive an email with your results and relevant compliance resources
• If you opt-in to our newsletter via MailerLite, we'll send regular updates about AML/CTF compliance, industry news, and new resources
• You can opt-out of marketing communications at any time using the unsubscribe link in our emails or by contacting us

3.3 Legitimate interests

We may use your information for the following legitimate business purposes:

• Improving our website, products, and services
• Analyzing usage patterns and trends
• Preventing fraud and ensuring security
• Contacting you about changes to our services or policies
• Marketing our products and services (with appropriate consent)

3.4 Sensitive information

We do not intentionally collect sensitive personal information (such as health information, biometric data, or information about racial or ethnic origin). If you inadvertently provide such information, we will handle it in accordance with the Privacy Act and Australian Privacy Principles.

4. Disclosure of information

4.1 Third-party service providers

We disclose your personal information to third-party service providers who assist us in operating our website and conducting our business. These service providers are contractually obligated to protect your information and use it only for the purposes we specify:

• MailerLite: Email marketing platform where we store email addresses and send newsletters (MailerLite's privacy policy: https://www.mailerlite.com/privacy/)
• Stripe: Payment processor for secure payment transactions (Stripe's privacy policy: https://stripe.com/privacy)
• Google Analytics 4: Web analytics service to track website usage and performance (Google's privacy policy: https://policies.google.com/privacy)
• Cloudflare Pages: Website hosting platform (Cloudflare's privacy policy: https://www.cloudflare.com/privacy/)

4.2 Legal disclosure

We may disclose your personal information if required by law, legal process, or regulatory authority, including:

• Compliance with court orders or government requests
• Enforcement of our Terms and Conditions
• Protection of our rights, privacy, safety, or property
• Compliance with Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) obligations
• Other disclosures required by Australian law

4.3 Business transfers

If AMLPrep is involved in a merger, acquisition, bankruptcy, or sale of assets, your personal information may be transferred as part of that transaction. We will provide notice of any such change and any choices you may have regarding your information.

4.4 No sale of data

We do not sell or rent your personal information to third parties for their marketing purposes. Any disclosures are made only for the purposes outlined in this policy.

5. Security and storage

5.1 Security measures

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

• Encryption: SSL/TLS encryption for data in transit to our website
• Secure Storage: Data stored on secure servers with access controls
• Access Controls: Restricted access to personal information by authorized personnel only
• Payment Security: Payment information processed and stored securely by Stripe (PCI-DSS compliant)
• Regular Audits: Regular security assessments and updates

5.2 Data storage and location

Your personal information is stored in Australia and may be transferred to, and stored in, countries where our service providers operate, including:

• MailerLite: EU and US data centers
• Stripe: US and international data centers
• Google Analytics: Google's global servers
• Cloudflare: Global CDN network

These service providers are contractually obligated to protect your information in accordance with this policy and applicable laws.

5.3 Data retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law:

• Quiz Data: Retained for 2 years for analytics and customer support purposes, unless you request deletion
• Email Lists: Retained while you remain subscribed to our newsletter; removed upon unsubscribe
• Transaction Records: Retained for 7 years to comply with tax and business record requirements
• Analytics Data: Retained by Google Analytics according to Google's retention settings (typically 14 months)

5.4 Data breach notification

If we become aware of an unauthorized access to, or disclosure of, your personal information that is likely to result in serious harm, we will notify you and the relevant privacy regulator in accordance with the Privacy Act 1988 (Cth) and the Notifiable Data Breaches (NDB) scheme.

6. Accessing and correcting your information

6.1 Access rights

You have the right to access your personal information held by AMLPrep. To request access, please contact us with details of the information you seek. We will provide access within 30 days or explain why access cannot be provided (for example, if providing access would reveal another person's personal information).

6.2 Correcting inaccurate information

If you believe your personal information is inaccurate, incomplete, misleading, or out of date, you may request correction. To request correction, please contact us with details of the information you believe requires updating. We will take reasonable steps to correct the information and notify you when this has been done.

6.3 Unsubscribe and opt-out

You can opt-out of marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email we send
• Contacting us directly at hello@amlprep.com with "unsubscribe" in the subject line
• Using your account settings if you have created an account with us

6.4 Deletion requests

You may request deletion of your personal information in certain circumstances. Please note that:

• We may retain certain information as required by law or for legitimate business purposes
• Deleting your information may affect your ability to use our services
• Some information may be anonymized rather than deleted

7. Complaints and disputes

7.1 Making a complaint

If you have concerns about how we handle your personal information or believe we have breached the Privacy Act 1988 (Cth) or Australian Privacy Principles, you may lodge a complaint with us:

7.2 Complaint resolution

We will acknowledge receipt of your complaint within 7 days and endeavor to resolve it within 30 days. If we cannot resolve it within this timeframe, we will advise you of the expected resolution date.

7.3 Office of the Australian Information Commissioner

If you are not satisfied with our response, or if we do not resolve your complaint within a reasonable timeframe, you may contact the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Email: enquiries@oaic.gov.au

8. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy and, if required, by sending you a notice via email or prominent posting on our website.

Your continued use of our website and services following the posting of changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

9. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We are committed to working with you to resolve any privacy concerns. We aim to respond to all inquiries within 10 business days.

This Privacy Policy was last updated on 16 March 2026 and is effective immediately. AMLPrep is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) and Australian Privacy Principles.