Privacy Policy

1. About This Policy

NexusShield Pty Ltd ("NexusShield", "we", "us", "our") is an Australian company providing an AML/CTF compliance platform. This Privacy Policy explains how we collect, use, disclose, and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using the NexusShield platform, you agree to the collection and use of information as described in this policy.

2. Information We Collect

We collect information necessary to provide our compliance services:

• Account information: Name, email address, job title, and organisation details provided on registration.
• Identity verification data: Documents and information submitted through KYC/KYB verification workflows on behalf of your organisation's customers.
• Compliance and training data: Records of training completion, CPD certificates, risk assessments, and regulatory reports generated within the platform.
• Usage data: Log files, IP addresses, browser type, and interaction data used to maintain platform performance and security.
• Payment information: Billing details processed securely through our payment provider; we do not store card numbers.

3. How We Use Your Information

• Providing, maintaining, and improving the NexusShield platform and its features.
• Generating and storing regulatory compliance records, reports, and audit trails required under the AML/CTF Act 2006.
• Issuing CPD training certificates and managing team compliance dashboards.
• Communicating with you about your account, service updates, and regulatory changes.
• Meeting our own legal and regulatory obligations.

4. Disclosure of Information

We do not sell your personal information. We may share information with:

• Service providers: Trusted third parties who assist in delivering the platform (hosting, payment processing, identity verification) under strict data processing agreements.
• AUSTRAC and regulators: Where required by Australian law or a lawful regulatory request.
• Within your organisation: Administrators designated by your organisation may access team member compliance records within the platform.

5. Data Storage and Security

All data is stored on servers located in Australia or in jurisdictions with equivalent privacy protections. We implement industry-standard security measures including encryption at rest and in transit, access controls, and regular security assessments.

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.

6. Data Retention

We retain personal information for as long as required to provide the service and to meet regulatory obligations. AML/CTF compliance records are retained for a minimum of 7 years in accordance with the AML/CTF Act 2006. Account information is deleted within 90 days of account closure, except where retention is required by law.

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Request access to the personal information we hold about you.
• Request correction of inaccurate or incomplete information.
• Complain about how we have handled your personal information.

To exercise these rights, please contact us using the details below. We will respond within 30 days.

8. Cookies

The NexusShield platform uses essential session cookies to maintain your login state and platform functionality. We do not use third-party tracking or advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to users via email or in-platform notification at least 14 days before taking effect. Continued use of the platform after that date constitutes acceptance of the updated policy.

10. Contact Us