Privacy Policy


Download PDF

Thank you for using Airwallex!

Airwallex is a global payments and financial platform company for modern businesses. We provide a broad range of financial services including payments, treasury, spend management and embedded finance to global businesses of all sizes. It is important that you are well informed as to how we process your personal information. This Privacy Policy (the “Policy”) describes the information we collect from you and how that information is used and shared by us. It also includes details about the choices we offer you in relation to your information. Please review it carefully.

Here is a summary of the information contained in this Policy (although it is not a substitute for reading the full Policy). We have included hyperlinks to help you jump to the relevant sections with more detail.

What does this Policy apply to?

This Policy applies to any user of products, services, technologies or functionalities offered by us anywhere in the world, and to any visitor to our website, mobile app, or other channel. 

Link

Who is the data controller?

“We” or “us” in this Policy refers to Airwallex. The data controller of your personal information varies by your location:

Australia Airwallex Pty Ltd. or Airwallex Capital Pty Ltd (depending on the Services provided)

Canada Airwallex (Canada) International Payments Limited 

Hong Kong Airwallex (Hong Kong) Limited or UniCard Solution Limited or Airwallex Capital Hong Kong Limited (depending on the Services provided)

EEA/Switzerland Airwallex (Netherlands) B.V. 

Malaysia Airwallex (Malaysia) Sdn Bhd 

New Zealand Airwallex (New Zealand) Limited 

Singapore Airwallex (Singapore) Pte Ltd 

UK Airwallex (UK) Limited

United States Airwallex US, LLC

Link

What types of information do we collect and why?

When you set up an account to use our Services, we require information (such as your name, address, government-issued ID, tax identifier, business information) to set this up. We also process certain identity information when we undertake our KYC/AML process. We will process information in connection with transactions (including payment information and the beneficiary of payment). Our Services also process network, device and usage information in order to maintain the integrity of our systems. You can read more about what personal information we process and why below.

Link

How is your information shared?

Our affiliates and select third parties support the operation of the Services and will necessarily transfer personal information in order to facilitate the Services and services provided by third parties at your request and/or with your consent. If a third party is engaged to support the Services, this is solely for the purpose of the Services and we require that the third party comply with appropriate safeguards to protect personal information. Services supported and/or provided by third parties may include support services, effecting transactions, account information services, payment initiation services, cloud services, analytics, market research, fraud detection, Business Customers’ services and other functions in connection with the Services. We also have affiliates around the world who help us deliver the Services and we may be required by a court or legal obligation to disclose certain information in some circumstances. You can read more about how we share your personal information below.

Link

Where do we store your information?

We primarily host your personal information in Singapore, Hong Kong, Belgium, the Netherlands, Japan, Australia, Malaysia, and the United States. As a global business we may also transfer your personal information to, and process your personal information in,  countries outside your country of incorporation, business operations or residence, and where our affiliates, Ecosystem and Financial Partners and service providers are located.

Link

How long do we retain information for?

We only retain personal information for so long as it is required to fulfil the purpose for which it was collected, unless we are subject to legal or regulatory obligations to retain such information. You can read more about how long we retain specific categories of personal information below.

Link

What rights do I have to processing of my information?

Depending on where you are located, you may have certain rights with respect to your personal information, such as rights of access, to receive a copy of your information, or to delete your information or restrict or object to our processing of your information. You can read more about your rights below.

Link

How can I contact Airwallex?

If you have questions or concerns about this Policy or a specific request related to your personal information, please contact us at [email protected].

Link

How will we notify you of changes to this Policy?

We reserve the right to make changes to this Policy at any time by posting a revised version to our Site and updating the “Last Updated” date at the top of this Policy.

Link

Are there specific terms that apply to certain countries?

Yes. You can read more about the specific processing activities for certain jurisdictions in the Jurisdiction-Specific Addenda below.

Link

1. SCOPE OF POLICY

This Policy applies to you when you use or interact with our Services anywhere in the world, or our website, mobile app, or other channel (collectively, “Sites”). “Services” means any products, services, technologies or functionalities offered by Airwallex. The Services we offer may vary by region.

Depending on the context, “you” may mean any of the End User, Business Customer, Representative or Visitor.

  • End User: an end user (individual) who uses our Service, regardless of whether the End User uses  our Services for personal use or otherwise. We collect an End User’s personal information when provided by the Business Customer . 

  • Representative: individual who is the owner of, or who acts on behalf of a Business Customer  (e.g. employee, director or officer of Business Customer who has authority for managing Business Customer’s account with us). 

  • Visitor: a visitor (individual) to our Sites or who otherwise communicates with us (e.g. if you send us a query on our Support Page) without being logged into an Airwallex account.

  • Business Customer” refers to a business entity who we provide Services to, whether directly or indirectly, or do business with and such Business Customer will provide us with an End User’s personal information in connection with Business Customer and that End User’s respective activities. When you (as an End User or Representative) interact with a Business Customer, your personal information will be collected, retained, shared and/or stored by the Business Customer in accordance with their own privacy policies and not this Policy.

2. DATA CONTROLLER

As used in this Policy, “we,” “us” “our” and “Airwallex” refers to the Airwallex group company that acts as the data controller with respect to your information. The data controller responsible for your information under this Policy varies depending on your country of residence and/or the entity used to enter into an agreement with Airwallex to provide services to you and is listed below.

Our privacy team can be contacted at [email protected].

Country of Residence

Data Controller(s)

Address

Australia

Airwallex Pty Ltd 

(for payment and other financial services)

and 

Airwallex Capital Pty Ltd

(for discretionary portfolio management services)

Level 7, 15 William Street, Melbourne, VIC 3000, Australia

United States

Airwallex US, LLC

2 Embarcadero Center, 8th Floor, San Francisco, CA 94111, USA

Hong Kong

Airwallex Capital Hong Kong Limited (discretionary portfolio management service) or Airwallex (Hong Kong) Limited (for payment and other financial services) or UniCard Solution Limited (for stored value facility services)

34th Floor, Oxford House, Taikoo Place, 979 King's Road, Quarry Bay, Hong Kong SAR

34th Floor, Oxford House, Taikoo Place, 979 King's Road, Quarry Bay, Hong Kong SAR

UK

Airwallex (UK) Limited

LABS House, 15-19 Bloomsbury Way, London WC1A 2TH, London, United Kingdom

EEA or Switzerland

Airwallex (Netherlands) B.V.

Herengracht 168 Unit 201, 1016BP Amsterdam, The Netherlands

Malaysia

Airwallex (Malaysia) Sdn Bhd

WeWork Mercu 2, Level 40, No.3 Jalan Bangsar, KL Eco City 59200, Kuala Lumpur, Malaysia

New Zealand

Airwallex (New Zealand) Limited

c/- CSNZ, Level 5, 79 Queen Street, Auckland 1010, New Zealand

Singapore

Airwallex (Singapore) Pte Ltd

#20-01, Guoco Tower, 1 Wallich Street, Singapore 078881

Canada

Airwallex (Canada) International Payments Limited

Suite 2600, Three Bentall Centre, 595 Burrard Street, Vancouver, BC Canada, V7X 1L3.

3. THE TYPES OF PERSONAL INFORMATION WE USE

“Personal information” means any information that identifies you (whether directly or indirectly), such as your name, address, telephone number, email address, date of birth, payment card information, bank account information and any other data that is associated with your identity. The specific categories of personal information which we process are listed in the section “How We Use Your Personal Information” below. This section describes the different types of personal information we collect from you and how we process it.

A. INFORMATION YOU PROVIDE DIRECTLY TO US

  • Account and Profile Information, Events participation, Newsletter or Content subscription: To use our Services or attend an event or receive content we publish, you must provide certain personal information to us, including contact details and other information required to establish an account profile, identity verification information, financial information and information regarding beneficiaries of payments. This information is necessary for us to perform the contracted services and also to allow us to comply with our legal obligations. If you are not able or willing to provide this information, we may not be able to provide you with all the requested Services.

  • Survey, feedback, and promotions: Some information you provide to us is voluntarily provided by you and not mandatory. Examples of such information include your opting to respond to our surveys, provide feedback to us about our products and services, participate in promotions or contests or otherwise communicate with us. This information allows us to provide incentives or additional features to you, evaluate our performance and to create a better user experience for you when using the Airwallex platform. This additional information will be processed based on our reasonable discretion or when applicable, your consent.

B. INFORMATION AUTOMATICALLY COLLECTED FROM YOUR USE OF SERVICES

We automatically collect certain data from you when you use the Services or visit any of our Sites where we have a legitimate interest (such as to prevent fraud or misuse, or to understand your use of and improve our Services). This includes:

  • transaction data, beneficiary information, card related information;

  • usage data;

  • information about the devices you use to access the Services;

  • recordings; 

  • log data; and

  • location  information.

Our Cookie Policy provides additional information about the technologies we use to automatically collect your personal information mentioned above.

C. INFORMATION COLLECTED FROM THIRD PARTIES

We also obtain information about you from other external sources, including information obtained from our ecosystem and financial partners, payment service providers, service providers, credit bureaus, credit reference agencies or other providers of credit information, financial institutions, debt collection agencies, companies and other official registers and databases, fraud prevention agencies and partners, community forums used to post ratings or reviews, Airwallex business partners or Business Customers through which you access our Services, or other sources of public records. The collection and sharing of such personal information with Airwallex is also explained in such third parties’ own respective privacy policies. We may combine information collected from third parties with information we collect from you directly through the Airwallex platform.

Regardless of the method of collection, the information we obtain from or about you is subject, at all times, to the privacy choices or rights exercised by you.

D. COOKIES

We use cookies and similar technologies (i.e. web beacons, pixels, ad tags and device identifiers) to recognize you, prevent fraud and secure our systems and network and to customize your online experience. To learn more about cookies and the other tracking technologies we may utilize, please refer to our Cookie Policy, which includes a comprehensive overview of cookies and provides further details about how we use cookies and how to control our use of cookies.

4. HOW WE USE YOUR PERSONAL INFORMATION

This section provides more detail on the types of personal information we collect from you, and why. For users who are resident in the United Kingdom, the European Economic Area or Switzerland (each a “Relevant Jurisdiction”), it also identifies the legal basis under which we process your personal information.

Personal Information

Use

Legal Basis (only relevant if you are located in a Relevant Jurisdiction)

Account and Profile Information (End User, and/or Representative only)

Personal identifiers such as your name, residential address, email address, date of birth, social security number, driver’s license number, passport number, tax identification number or other similar identifiers.

To provide the Services, e.g.

• to create a User Profile and associated permissions and authorisations to that User Profile;

• to process instructions from you payments and the use of our products;

• to provide customer support;

• to enable you to access and use the Airwallex products and platform; and

• to evaluate your application to use the Services.

To prevent fraud, misuse or breaches of the Acceptable Use Policy, e.g.

• to verify your identity or authenticate your right to access an account or other information;

• to manage risk, fraud and abuse of the Services and Sites; and

• to conduct manual or system monitoring to protect against fraud and other harmful activity.

To communicate with you, e.g.

• to respond to your inquiries and support requests;

• to send you service updates and notices, security alerts and other administrative messages; 

• to provide information related to your transactions including confirmations, receipts and tracking notices; and

• send you our newsletter or other content, or to send you marketing and promotional messages and offers. 

Necessary to perform our contract with you to provide the Services and to send you communications related to your use of the Services.

Consent to send you promotional or marketing communications. 

It is in our legitimate interests to prevent fraud misuse, or breaches of the Acceptable Use Policy.

Demographic Data (End User and/or Representative only)

We may also collect demographic data about you including your employment history, education, income and other similar information.

To develop new products or enhance existing products and Services.

To monitor and analyze trends, usage and other user activities on our Sites to optimize user experience.

It is in our legitimate interests to use this information to improve our Services and Sites.

Identity Verification Documents (End User and/or Representative only)

To comply with laws and regulations, we may collect copies of your government-issued identification document.

Name, date of birth, identification document (including passport, driver’s licence or national ID card), address proof, tax residency information or other authentication information, all of which may include photographs of you.

To the extent permitted by applicable law, we may obtain reports about you from public records. In order to obtain such reports, we may use information or personal information you provide to us.

To fulfil our legal obligations.

To provide the Services, e.g.:

• to create your account for the Services in accordance with your request; and

• to verify your identity or authenticate your right to access an account or other information. 

To prevent fraud, or misuse or breaches of the Acceptable Use Policy, e.g.

• to verify your identity or authenticate your right to access an account or other information;

• to manage risk, fraud and abuse of our Services and Sites; and

• to conduct manual or system monitoring to protect against fraud and other harmful activity.

Necessary to satisfy our legal obligations under applicable law to provide our Services.

It is in our legitimate interests to prevent fraud,  misuse or breaches of the Acceptable Use Policy.

Transaction  Data  (End User and/or Representative only)

We may collect financial information such as bank account details (account number, routing number), credit or debit card numbers, billing address, shipping address, payment method information, merchant, location, transaction amount, date of transaction or tax information.

To provide the Services, including  to process payments from and to the Business Customer’s account or the End User account, to process payment transactions from buyers or the users of any Airwallex card products.

To fulfil our legal and regulatory reporting obligations.

Necessary to perform our contract with you to provide the Services.

Necessary to satisfy our legal and regulatory reporting obligations under applicable law.

Beneficiary Information (End User and/or Representative only)

We may collect information about the parties to the transaction, the designated recipient (including the recipient’s bank account information), the source of the funds, the reason for the transaction, the devices and payment methods used to complete transactions.

To provide the Services, e.g.

• to process payments from and to the Business Customer or End User account.

To prevent fraud, misuse or breaches of the Acceptable Use Policy, e.g.

• to verify your identity or authenticate your right to access an account or other information;

• to manage risk, fraud and abuse of the Services and Sites; and

• to conduct manual or system monitoring to protect against fraud and other harmful activity.

Necessary to perform our contract with you to provide the Services.

It is in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy.

Card Related Information (End User)

Card numbers and details

To provide the Services, e.g.

• to process payments made by the card;

• to issue cards and process their transactions as part of the Services;

• to validate the authenticity of the transaction; and

• to prevent fraud.

Necessary to perform our contract with you to provide the Services and to fulfil our legal obligations.

Business Entity Information (End User and/or Representative only)

If you are using the Services on behalf of a business entity, we may collect information about the business including: the organizational structure of the company, the company address, the product and service offerings, website domain name used by the business,  information about the beneficial owners of the business, tax classification of the business, tax identification number(s), company registration number(s),and its tax residence. We also may collect entity formation documents or other corporate records.

To provide the Services, e.g.

• to process payments to your suppliers and other recipients;

• to provide customer support;

• to enable you to access and use the Airwallex platform; 

• to evaluate your application to use our Services; and

• where applicable, to meet our legal obligations and conduct required and regulatory reporting, including to tax authorities. 

To prevent fraud, misuse or breaches of the Acceptable Use Policy, e.g.

• to verify your identity or authenticate your right to access an account or other information;

• to manage risk, fraud and abuse of our Services and Sites; and

• to conduct manual or system monitoring to protect against fraud and other harmful activity.

To communicate with you, e.g.

• to respond to your inquiries and support requests;

• to send you technical notices, updates, security alerts and other administrative messages; and

• to provide information related to your transactions including confirmations, receipts and tracking notices.

Necessary to perform our contract with you to provide the Services.

To fulfil our legal and regulatory  obligations. 

It is in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy.

Log Data (End User and/or Representative only)

When you access the Services, we collect server logs which may include information such as access times and dates, pages viewed and other system activity, including the third-party site you were using before accessing our Services.

To provide the Services.

To prevent fraud, misuse or breaches of the Acceptable Use Policy and improve our Services.

To understand your use of and improve the Services.

Necessary to perform our contract with you to provide the Services.

It is in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy and improve the Services.

Device Information (End User and/or Representative only)

We may obtain information about the devices you use to access the Services including: the device type, operating systems and versions, the device manufacturer and model, preferred languages, and plugins.

To provide the Services.

To prevent fraud, or misuse or breaches of the Acceptable Use Policy and improve the Services.

To understand your use of and improve the Services.

Necessary to perform our contract with you to provide the Services, and it is in our legitimate interests to prevent fraud,  misuse or breaches of the Acceptable Use Policy and improve the Services.

Usage Information 

We collect information about how you interact or engage with the Sites and how you use the Services including your user preferences and other settings selected by you. This information may be collected if you visit our Sites and regardless of whether or not you establish an account with us or conduct a transaction. In some cases, we do this by utilizing cookies, pixel tags and similar technologies. Please see further details about cookies and other tracking technologies in our Cookie Policy.

To provide the Services.

To evaluate your satisfaction with our Services, platform and features.

To develop new products or enhance existing products and services.

To monitor and analyse trends, usage and other user activities on our Sites to optimize user experience and to improve the Services.

To protect the integrity and security of the Services and improve our operations.

Necessary to perform our contract with you to provide the Services.

It is in our legitimate interests to protect the integrity of the Services and improve our operations.

Location Information (End User and/or Representative only)

When you use certain features of the Services, we may collect information about your precise or approximate location as determined by data such as your IP address or mobile device GPS. Most mobile devices allow you to control or disable the use of geolocation services for applications by changing preferences on your mobile device.

To provide the Services.

To enable you to access and use the Airwallex platform.

To manage risk, fraud and abuse of our Services and Sites or breaches of the Acceptable Use Policy. 

To conduct manual or system monitoring to protect against fraud and other harmful activity.

Necessary to perform our contract with you to provide the Services.

It is in our legitimate interests to prevent fraud,  misuse or breaches of the Acceptable Use Policy.

Communications Data

Information related to your interactions and communications with us, which may include email messages, chat sessions, text messages, and phone calls that we exchange with you.

To respond to your inquiries and customer support requests.

To send you technical notices, updates, security alerts and other administrative messages. 

To provide information related to your transactions including confirmations, receipts and tracking notices.

Necessary to perform our contract with you to provide the Services.

Call Recordings

Voice recordings of you captured when you contact us or if we contact you, including interactions with our customer service or sales teams.

To respond to your inquiries and customer support requests.

Necessary to perform our contract with you to provide the Services.

Various other Information 

Any information you may provide us when you respond to surveys.

To run the survey and analyse the results for our internal business purposes.

We collect this information with your consent.

Any information you may provide us when you participate in contests.

To facilitate promotional contests that you choose to participate in.

We collect this information with your consent.

Any information you may provide us when you participate in promotions or request to receive promotional information.

To deliver promotional offers, incentives, and targeted marketing in accordance with your preferences (as permitted by applicable law).

To provide invitations and information about events or events held by our partners.

We collect this information with your consent.

5. TRANSFERS AND STORAGE

We primarily host your personal information in Singapore, Hong Kong, Belgium, the Netherlands, Japan, Australia, Malaysia, and the United States. As a global business we may also transfer your personal information to, and process your personal information in,  countries outside your country of incorporation, business operations or residence, and where our affiliates, Ecosystem and Financial Partners and service providers are located. These countries may have data protection rules that are different from your country. In certain situations, we may be required to disclose your personal information pursuant to lawful requests from local law enforcement or government authorities. Airwallex  implements appropriate measures and safeguards to protect your personal information to meet the standards described in this Policy, including the use of mandated Standard Contractual Clauses (for the European Union) and International Data Transfer Agreement (for the United Kingdom) or any equivalent standard contracts issued by relevant authorities into its agreements (where applicable) and/or adopting alternative measures required for the lawful transfer of personal information in accordance with applicable data protection law.

INFORMATION SHARING AND DISCLOSURE

Only where necessary will we share your personal information with third parties. Situations where this occur are:

Third Party

Purpose

Third party service providers

We engage a variety of service providers (who act as data processors) to enable us to provide our Services to Business Customers, and, indirectly, to you. For example, service providers may be used to: facilitate payment processing, support technology or infrastructure, cloud storage, conduct market research, marketing analytics, detect fraud, verify identity and perform audits or other functions. We will share your personal information with such service providers only to the extent necessary to allow the performance of their intended engagement. All service providers and business partners that receive your personal information are contractually bound to protect and use your information only in accordance with this Policy.

Our corporate affiliates

To facilitate or support us in providing the Services to you, we may share your personal information within the Airwallex group of companies. All Airwallex group companies may only use your personal information in accordance with the relevant Intra-Group contracts governing such processing and for the purposes set out in this Policy.

Financial and Ecosystem Partners 

The Services may be offered to you (as an End User, Business Customer or Representative) in conjunction with or facilitated by other financial institutions, other payment institutions or other ecosystem partners (such as a provider of accounting or treasury management services or a marketplace payment service provider programmes).  In respect of Financial or other payment institutions, such transfers and disclosures are necessary in order to provide the Airwallex services to you.  In respect of Ecosystem Partners, such disclosures and transfers will be made in the manner you authorised or requested, or described to you (to enable use by you of such Ecosystem and Financial partners’ products and services) at the time you authorised or requested such disclosures.  When you allow or authorise such 3rd party provider, plugins, widgets, and/or website to access your Airwallex Account or to receive your personal information, this will constitute a request and/ or authorisation.  

In respect of Connected Account holders, the Platform (or any Platform partners)

For the Airwallex for Platforms solution, personal information relating to the Connected Account will be transferred to the Platform (or the Platform partners) to allow the Connected Account to consume the Airwallex services via the Platforms’ (or Platforms’ partner’s) website or mobile app.  The Platform (and/or Platform partner)is an independent data controller of the personal information it processes in relation to the Connected Account holder.

Commercial Partners

We may also refer you to services provided by our Commercial Partners (as an End User, Business Customer or Representative).  Such Commercial Partners provide services under their own licences or authorisations, will have direct contracts with you and may be independent data controllers of the data you provide to them or data generated from your use of their services.  Airwallex has no responsibility for any Commercial Partner services.  Any data that may need to be transferred to such Commercial Partners from us will be done with your consent or as requested by you.

Regulatory Authorities:

regulators, judicial authorities and law enforcement agencies, tax authorities, and other third parties for safety, security, or compliance with the law.

There are circumstances in which we are legally required to disclose information about you to authorities (e.g. regulators, judicial authorities, courts, law enforcement agencies, tax authorities, and other public / government authorities both domestic and international), such as to comply with a legal obligation or processes, enforce our terms, address issues relating to security or fraud, or to protect our users. These disclosures may be made with or without your consent, and with or without notice, subject to and in compliance with the terms of valid legal process, including but not limited to regulatory queries or requests, subpoenas, court orders, or search warrants. We are usually prohibited from notifying you of any such disclosures by the terms of the legal process. We may also disclose your information to:

enforce our Master Services Agreement entered into with the Business Customer or End User, or our online terms and conditions accepted by the Business Customer or End User or other applicable agreements or policies, including investigation of any potential violation thereof;

detect, prevent or otherwise address security, fraud or technical issues;

protect our rights, property, privacy, or security, or that of others, as permitted by law; or

comply with relevant law, legal process or governmental requests or orders.

Social Media Platforms

Social media networks such as Facebook, Twitter, Pinterest, and Instagram that offer functionalities, plugins, widgets, or tools in connection with our corporate website or mobile application. If you as a Visitor choose to use these functionalities, plugins, widgets, or tools, certain information may be shared with or collected by those social media companies — for more information about what information is shared or collected, and how it is used, see the applicable social media company's privacy policy.

Potential Acquirers of our Business

If we are the subject of or are involved in any corporate merger, acquisition, consolidation, reorganization, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with bankruptcy or similar proceedings), we may share data with third parties during negotiations. In the event your personal information becomes subject to a different privacy policy, we will make reasonable efforts to notify you beforehand. We also may need to disclose information to a third party in connection with a commercial transaction where we or any of our affiliates are seeking financing, investment or funding.

Other Authorized Parties

If you request (as part of the Services provided to you) or provide your consent, we may share your information including your personal information with a third party not defined in this Policy. 

A list of Airwallex’s third party processors and sub-processors can be found here

6. DATA RETENTION

We will retain your personal information for the period of time required to comply with applicable law, for fulfilling any ongoing obligations to you or, where necessary and consistent with applicable law, for our internal business purposes.

We will retain your personal information even after you close your Airwallex account or request deletion of your personal information. Examples of such cases include:

  • To process any transactions booked prior to closure or deactivation of an account.

  • To comply with anti-money laundering regulations or other laws and rules.

  • To detect or prevent fraud and other loss prevention activities.

  • To comply with legal process orders or law enforcement requests.

  • To collect any fees or other outstanding amount owed and payable to us by you.

  • To comply with our tax, accounting, and financial and regulatory reporting obligations. 

  • Where required by our contractual commitments to our ecosystem or financial partners.

  • To resolve any disputes or enforce our User Agreement or other applicable agreements or policies.

  • To take any other action or exercise any other right in accordance with applicable law.

When a relevant retention period has passed, Airwallex will destroy personal information or, where applicable, sufficiently anonymize the personal information.

For further details on how long we keep your data, please refer to the time periods set out below.

Type of Information

Retention Policy

Account and Profile Information 

Demographic Data

Identity Verification Documents 

Transaction Data

Beneficiary Information 

Card Related Information

Business Entity Information 

Log Data

Device Information

Usage Information 

Location Information

Communications Data 

Call Recordings

Various Information 

Stored for the lifetime of your use of the Services plus no less than 7 years.

7. YOUR RIGHTS AND CHOICES

You have certain rights relating to your personal information. The ability and extent to which you may exercise these rights will vary depending on your location. Only the data subject (an individual), account owner or the administrator may raise data subject rights to us. 

The following rights (described in detail below) apply to users in a Relevant Jurisdiction.

If you are located outside of a Relevant Jurisdiction, please review the section on Jurisdiction- Specific Rights for more information about the privacy rights afforded to you in your country or state of residence. To exercise any of your rights, please contact us at [email protected].

A. ACCESS, CORRECTION, ERASURE

You may review, correct or update information you provided to us at any time by logging into your Airwallex account. Prior to changing or correcting your information, we may be required to verify your identity. There may be circumstances which preclude us from providing access to some or all of your information, for example where the information contains references to personal information about an individual other than you or the information is subject to legal or proprietary protections. If there is any other personal information you believe we process that you would like to access, correct or erase, please contact us at [email protected].

B. PORTABILITY

You may have the right to receive a copy of certain personal information we process about you. This comprises any personal information we process on the basis of your consent (e.g., survey information) or pursuant to our contract with you (e.g., your name). You may have the right to receive this information in a structured, commonly used and machine-readable format. You may also have the right to request that we transfer or share that personal information to another party (e.g. a third party service provider or an ecosystem or financial partner), with certain exceptions. We will provide further information to you about this if you make such a request.

C. RESTRICTION OF PROCESSING

You may have a right to require us to stop processing the personal information we hold about you other than for storage purposes in certain circumstances. Please note, however, that if we stop processing the personal information, we may use it again if there are valid grounds under data protection laws for us to do so (for example, for the defence of legal claims or for another’s protection). Where we agree to stop processing the personal information, we will try to tell any third party to whom we have disclosed the relevant personal information so that they can stop processing it too.

D. OBJECTION

You may have the right to object to our processing of your personal information. To the extent provided by applicable laws and regulations, you may withdraw any consent you previously provided to us for certain processing activities by contacting us at [email protected]. Where consent is required to process your personal information, if you do not consent to the processing or if you withdraw your consent, we may not be able to deliver the expected service.

8. DEVICE & MARKETING 

Device Permissions

Most mobile devices allow you to disable the use of location services, or revoke consent to applications to access your camera and photo library or send you push notifications information. Please refer to your device settings to restrict collection of certain information.

Notifications

We may from time to time send you notifications when we consider it necessary to do so (for example, when we temporarily suspend access to the Services for maintenance, or security, privacy or administrative-related communications). You may not opt-out of these service-related notifications, which are not promotional in nature.

Marketing Opt-Out

As described in section 4, we only send you promotional communications with your consent. You can opt out of receiving such promotional communications from us by following the instructions included in those messages or by logging into your Airwallex account and changing your preferences. Please note that if you opt out of marketing-related emails from us, we will continue to send you non-promotional messages that are required to provide our Services, such as transactional receipts and messages about your account or our relationship with you.

9. ADVERTISING AND ANALYTICS

We may partner with third parties to display advertisements to you on websites you visit. These third-party partners use cookies and other technologies to gather information about your activities on our Sites as well as other sites you visit in order to serve you advertising based upon your browsing history and interests. To learn more about behavioral advertising and online tracking, visit the Network Advertising Initiative. This website also provides information about how to opt out of interest-based online advertising delivered by member companies. You can learn more about Google’s practices here. For more information about the cookies that may be served through use of our services, please refer to our Cookie Policy.

10. SECURITY

We implement and update technical and physical security measures to safeguard your personal information against loss, misuse or unauthorized access on an ongoing basis. Safeguards used to protect your information include firewalls, data encryption, and access controls. Please keep in mind that the transmission of information over the Internet is never 100% secure and no data storage system can be guaranteed safe. Although we will do our best to protect your personal information, we cannot warrant the security of data transmitted to our Sites; any transmission is at your own risk. We encourage you to understand the integral role you play in keeping your own personal information secure and confidential. Please select passwords that are sufficiently complex and always keep our log-in details secure. If you suspect any unauthorized use or access to your account or information, please contact us immediately.

11. CHILDREN’S PRIVACY

The Sites and Services are not intended for or directed at children. By children we mean users under the age of 16 or in the case of a country where the minimum age for processing personal information differs, such different age.

We do not knowingly collect any information from children. If we obtain actual knowledge that we have collected personal information from a child, we will immediately delete it (unless we are legally obligated to retain such information). Please contact us if you believe that we inadvertently collected information from any child.

12. THIRD PARTY LINKS AND SERVICES

The Sites may include links to third party websites or services, such as third-party integrations, co-branded services, or third-party branded services (“Third-Party Sites”). Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not own or control these third-party websites and when you engage with these Third-Party Sites, you may be providing information directly to the Third-Party Site, Airwallex, or both. Third-Party Sites will have their own policies about the collection, use and disclosure of your information. Please review those policies for more information.

13. UPDATES TO THIS POLICY

We reserve the right to make changes to this Policy at any time by posting a revised version to our Site and updating the “Last Updated” date at the top of this Policy. To the extent permitted by applicable law, your continued use of our services after such notice or posting constitutes your consent to our revisions of this Policy. If you disagree with any of our changes, you may deactivate your account with us at any time.

14. CONTACT

If you have questions or concerns about this Policy or a specific request related to your personal information, please contact us at [email protected].

If you wish to make an inquiry regarding how we process your personal information, please contact us at [email protected] and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection authority in the country in which you live or work where you think we have infringed data protection laws.

15. LANGUAGE

Except as otherwise set out by law, in the event of any inconsistency between the English version and local language version of this Policy (where applicable), the English version shall prevail.

JURISDICTION-SPECIFIC RIGHTS

Some jurisdictions’ laws contain additional terms for users of the Services, which are set out in this section. If you are a customer of Airwallex entity located in one of the jurisdictions below, the terms set out below under the name of your jurisdiction apply to you in addition to the terms set out in our Policy above.

For customer of Airwallex Australia

Overseas Recipients

You consent to the transfer of personal information to third parties outside Australia, and acknowledge that while we take reasonable steps to ensure that such third parties handle your personal information in accordance with Australian privacy laws, we will not be liable for the acts and omissions of these overseas third party recipients.

Access

You have the right to access personal information we hold about you, how we use it, and who we share it with. You can access the personal information you have made available as part of your account by logging into your account. If you believe we hold any other personal information about you, please contact us at [email protected].

Correction

You have the right to correct any of your personal information we hold that is inaccurate. You can access the personal information we hold about you by logging into your account. If you believe we hold any other personal information about you and that information is inaccurate, please contact us at [email protected].

Transacting Anonymously

Where possible we will give you the option of not identifying yourself when using the Service. You acknowledge that if you do not provide us with your personal information, we may be unable to provide you with access to certain features or sections of the Services.

Your Rights

If you are dissatisfied with our response to your request for access to, or correction of, your personal information or your privacy complaint in respect of your personal information, you may contact the Office of the Australian Information Commissioner (Telephone: +61 1300 363 992 or email: [email protected]).

Data Transfers

While we take reasonable steps to ensure that third party recipients of your personal information comply with privacy laws that are similar to those of your jurisdiction, you acknowledge and agree that we cannot control the actions of third party recipients and so cannot guarantee that they will comply with those privacy laws.

For customers of Airwallex United States and resident in California

If you are a California resident, you have certain rights afforded by the California Consumer Protection Act as amended by the California Privacy Rights Act (CCPA) with respect to your personal information.

Collection and Disclosure of Personal Information

Over the past 12 months, we have collected and disclosed the following categories of personal information from or about you or your device:

  • Identifiers, such as your name, email address, residential address, date of birth, social security number, driver’s license number, passport number, tax identification number or other similar identifiers, government issued identification information, bank account details, credit card or debit card numbers and IP address. This information is collected directly from you and your device. We disclosed identifiers with third party service providers, our corporate affiliates, ecosystem and financial partners, regulatory authorities, and other authorised parties.

  • Internet or other electronic network activity information, such as your information regarding your use of the Services, including your user preferences and other settings selected by you, server logs, and other device information as described in the main Policy. This information is collected directly from you and your device. This may be disclosed to third party service providers, our corporate affiliates, ecosystem and financial partners, regulatory authorities, social media platforms and other authorised parties.

  • Commercial information about any transactions within the Services such transaction information when you collect or make payments. This information is collected directly from you and your device. This may be disclosed to  third party service providers, our corporate affiliates, ecosystem and financial partners, regulatory authorities, and other authorised parties.

  • Location data such as your IP address or mobile device GPS. This information is collected directly from you. This may be disclosed to third party service providers, our corporate affiliates, ecosystem and financial partners, regulatory authorities, social media platforms and other authorised parties.

  • Professional or employment-related information such as your profession if you choose to provide it in a survey. This information is collected directly from you. This may be  disclosed to  our corporate affiliates.

  • Other information described in subdivision (e) of Section 1798.80, including information about your gender, nationality, or age. This information is collected directly from you in the context of being our consumer.  This may be disclosed to  third party service providers, our corporate affiliates and ecosystem and financial partners.

Over the past 12 months, we have collected and disclosed the following categories of sensitive personal information from or about you or your device:

  • Identifiers: such as your social security number, driver’s license number, passport number, tax identification number or other similar identifiers, government issued identification information. This information is collected directly from you.

  • Financial information: such as your bank account details, credit card or debit card numbers. This information is collected directly from you or from third party financial institutions who you may hold an account with. 

We collect your personal information, including sensitive personal information, for the following business purposes:

  • To provide you with the Services, maintain your account, provide customer service and process payments.

  • To improve our services, including the functionality of the Services and Sites.

  • For security and verification purposes, including to prevent and detect fraudulent activity.

  • To address and remediate technical issues and bugs.

  • To communicate with you.

  • To market and promote our Services.

For additional information about what each type of personal information is used for, see this table in the main portion of the Policy. For information regarding how long we retain personal information, see section 6 in the main portion of the Policy.

Sharing/selling personal information:

In the past 12 months, we have not sold Personal Information of California residents within the meaning of “sold” in the CCPA. We do not have actual knowledge that we “sell” or “share” personal information of residents under 16 years of age. 

Rights to know:

If you are a California resident, you have the right to:

  • Request access to the following information covering the 12 months preceding your request:

    • the categories of personal information about you that we collected, sold, or shared;

    • the categories of sources from which the personal information was collected;

    • the business or commercial purpose for collecting, selling, and disclosing personal information about you;

    • the categories of third parties to whom we disclosed personal information about you and the categories of personal information that was disclosed (if applicable) and the business or commercial purpose for disclosing the personal information about you; and

    • the specific pieces of personal information we collected about you;

  • Request that we correct inaccurate personal information that we maintain about you. Once we receive and confirm a verifiable rights request, we will correct your personal information maintained in our records, unless an exemption applies;

  • Request that we not to sell or share your personal information. To exercise this right, please use the following form: Do Not Sell or Share My Personal Information;

  • Request that we delete personal information we collected from you, unless CCPA recognises an exception; and 

  • Be free from unlawful discrimination for exercising your rights including providing a different level or quality of services or denying goods or services to you when you exercise your rights under the CCPA.

We aim to fulfil all verified requests within 45 days pursuant to the CCPA. If necessary, extensions for an additional 45 days will be accompanied by an explanation for the delay. Any disclosures will cover only the 12-month period preceding the verifiable rights request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

How to Exercise Your Rights

First, you may wish to log into your account and manage your data from there. To exercise any of the rights described in this section, please submit your request by contacting us at [email protected]. Your request must provide sufficient information (including pieces of identification) that allows us to reasonably verify you are the person about whom we collected personal information. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. You may designate, in writing or through a power of attorney document, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us.

For customers of Airwallex Canada

If you are located in Canada and wish to obtain written information about our policies and practices with respect to our service providers located outside Canada, you may contact us at [email protected]. We are able to answer any questions users may have about the collection, use, disclosure or storage of personal information by our service providers.

Where we use service providers who might have access to your personal information, we require them to have privacy and security standards that are comparable to ours. We use contracts and other measures with our service providers to maintain the confidentiality and security of your personal information and to prevent it from being used for any purpose other than as provided in this Policy.

For customers of Airwallex Hong Kong

If you are located in Hong Kong, you have legal rights in relation to the personal information we hold about you (to the extent permitted under applicable laws and regulations).

You are entitled to make a subject access request to receive a copy of the data we process about you, a data correction request as well as a right to reject the use of your personal information for direct marketing purposes. A fee may be chargeable by us for complying with a data access request.

For customers of Airwallex Malaysia

Parental and Guardian Consent

In the event you are agreeing to this Policy in order for a minor to access and use the Services, you hereby consent to the provision of personal information of the minor to be processed in accordance with this Policy and you personally accept and agree to be bound by the terms in this Policy. Further, you hereby agree to take responsibility for the actions of such minor, and that minor’s compliance with this Policy.

Rights of Data Subjects

Right of access: You have the right to request access to and obtain a copy of the personal information that we have collected and is being processed by or on behalf of us. We reserve the right to impose a fee for providing access to your personal information in the amounts permitted by law. When handling a data access request, we are permitted to request certain information in order to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data access request.

Right of correction: You may request for the correction of your personal information.

Right to limit processing of your Personal Information: You may request limiting the processing of your personal information by using the contact details provided above. However this may affect our provision of the Services to you.

Contact

If you would like to make any inquiries, complaints, access or correction requests or request for us to limit the processing of your personal information, please contact us at:

For customers of Airwallex New Zealand

Overseas Recipients

While we take reasonable steps to ensure that third parties outside New Zealand handle your personal information in accordance with New Zealand privacy laws, you acknowledge that we do not control, or accept liability for, the acts and omissions of these overseas third party recipients.

Access and Correction

You have the right to access personal information we hold about you, how we use it, and who we share it with. You have the right to request the correction of any of your personal information we hold that is inaccurate. You can access or correct your personal information by logging into your account. If you believe we hold any other personal information about you or that such information is inaccurate, please contact us at [email protected].

Complaints

If you would like to make a privacy complaint in respect of your personal information, you may contact the Office of the New Zealand Privacy Commissioner (www.privacy.org.nz).

For customers of Airwallex Singapore

Access

You have the right to access your personal information, how we use it, and who we share it with. You can access the personal information you have made available as part of your account by logging into your account. If you believe we hold any other personal information about you, please contact us at [email protected].

Correction

You have the right to correct any of your personal information that is inaccurate. You can access the personal information we hold about you by logging into your account. If you believe we hold any other personal information about you and that information is inaccurate, please contact [email protected].

Our privacy team for the purposes of compliance with the Personal information Protection Act 2012 can be contacted at [email protected].

For customers of Airwallex United States and resident in Texas

If you are resident in Texas and have a complaint about our services, first contact Airwallex customer support at 855-932-3331.

If you still have an unresolved complaint regarding the company’s money transmission or currency exchange activity, please direct your complaint to the Texas Department of Banking at 2601 North Lamar Blvd, Austin, TX 78705, 1-877-276-5554 (toll-free), www.dob.texas.gov. 33.51(d)(1)(B)