Privacy Policy

Effective Date: 16/08/2025

MatchAudit (“we”, “us”, or “our”) provides technology solutions for sanctions screening, anti-money laundering (AML) monitoring, fraud detection, financial crime risk controls, and Know Your Customer (KYC) verification (the “Services”). This Privacy Policy describes how we collect, use, disclose, and protect personal data in compliance with applicable data protection laws. By using our Services, you agree to this Privacy Policy.

1. Legal Compliance & Limitation of Liability

While we strive for accuracy, our Services provide risk intelligence and screening results for informational purposes only. We do not make legal determinations, and nothing in our Services constitutes legal advice. You (the client) are solely responsible for regulatory compliance decisions, reporting obligations, and any actions taken based on our Services. We shall not be liable for any fines, penalties, damages, or losses arising from reliance on our Services, including missed or false matches.

2. Regulatory Framework

This Privacy Policy is designed to comply with:

• EU General Data Protection Regulation (GDPR)
• UK GDPR & Data Protection Act 2018
• California Consumer Privacy Act (CCPA)
• Singapore Personal Data Protection Act (PDPA)
• Canada Personal Information Protection and Electronic Documents Act (PIPEDA)
• Australia Privacy Act 1988

3. Information We Collect

• Account Data: Name, email, phone, organisation, login credentials.
• KYC Data: Government ID, nationality, date/place of birth, address, verification documents.
• Compliance Data: Names, aliases, company names, identifiers, watchlist matches, risk scores.
• Fraud & Transaction Data: Transactions, IP, device info, behaviour patterns.
• Usage Data: IP address, browser type, access times, page views.
• Billing Data: Payment details processed via PCI-DSS-compliant providers (no full card storage).

4. How We Use Your Data

• Deliver, operate, and maintain our Services.
• Perform sanctions, AML, fraud, and KYC checks.
• Generate compliance audit logs and reports.
• Prevent, detect, and investigate fraud or other unlawful activities.
• Comply with legal and regulatory obligations.

5. Legal Basis for Processing

We process data on the basis of: (a) contractual necessity, (b) legal obligation, (c) legitimate interest in preventing financial crime, or (d) your consent where required by law.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes set out in this Privacy Policy or to comply with legal obligations. Audit logs may be retained for up to 7 years unless otherwise required by law.

7. International Transfers

Data may be transferred to and processed in countries outside your jurisdiction. Where required, we use Standard Contractual Clauses or equivalent safeguards to protect such transfers.

8. Data Security

We implement appropriate technical and organisational measures to protect data, including encryption in transit and at rest, access controls, and security monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Disclosures & Law Enforcement

We may disclose personal data to law enforcement, regulators, or other authorities if required by applicable law or in response to valid legal processes. We may also disclose information to protect our rights, safety, and the integrity of our Services.

10. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to our processing of your data. You may also have the right to data portability and to withdraw consent at any time.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised effective date.

12. Contact

For questions about this Privacy Policy, please contact us at:
Email: info@matchaudit.io