1. Introduction
Aureum Vault ("we", "us", "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website aureumvault.com.au or use our platform services.
We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using our services, you consent to the collection and use of your information as described in this policy.
Last Updated: 13 May 2026
2. Information We Collect
2.1 Personal Information You Provide
We collect personal information that you voluntarily provide to us:
- Identity Data: Name, date of birth, government-issued ID numbers
- Contact Data: Email address, phone number, postal address
- Financial Data: Bank account details, investment capacity, source of funds (for KYC/AML compliance)
- Professional Data: Employment details, business affiliations, investor classification
- Account Data: Username, password, security questions
- Transaction Data: Deal submissions, offers, enquiries, communications
2.2 Information Collected Automatically
When you visit our website, we automatically collect:
- Technical Data: IP address, browser type, device information, operating system
- Usage Data: Pages visited, time spent, click patterns, referral sources
- Location Data: General geographic location (country/region level)
2.3 Information from Third Parties
We may receive information about you from:
- KYC/AML verification services
- Professional advisors (lawyers, accountants)
- Public registers and databases
- Referral partners
3. How We Use Your Information
We use your personal information for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Platform access and member authentication | Contract performance |
| KYC/AML verification and compliance | Legal obligation |
| Deal matching and transaction facilitation | Contract performance |
| Communication (updates, notifications, support) | Legitimate interest |
| Platform improvement and analytics | Legitimate interest |
| Fraud prevention and security | Legitimate interest |
| Marketing (with your consent) | Consent |
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:
4.1 With Your Consent
We will share information with your explicit consent, such as when you authorize us to share your details with a potential transaction counterparty.
4.2 Service Providers
We engage trusted third-party service providers who may access your information to perform services on our behalf:
- Cloud hosting and infrastructure (e.g., AWS, Google Cloud)
- KYC/AML verification services
- Payment processors
- Email and communication services
- Analytics and marketing tools
- Legal and professional advisors
All service providers are bound by confidentiality obligations and data protection requirements.
4.3 Legal Requirements
We may disclose information if required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety.
4.4 Business Transfers
In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. You will be notified of any change in control.
5. International Data Transfers
Some of our service providers may be located outside Australia. We ensure that appropriate safeguards are in place, such as:
- Contractual data protection clauses
- Providers certified under international frameworks
- Compliance with APP requirements for cross-border disclosure
By using our services, you acknowledge that your information may be transferred to countries outside Australia.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal information:
- Encryption: Data encrypted in transit (TLS/SSL) and at rest
- Access Controls: Role-based access, multi-factor authentication
- Network Security: Firewalls, intrusion detection, regular security audits
- Data Minimization: We collect only necessary information
- Retention Limits: We retain data only as long as necessary
While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
7. Your Privacy Rights
Under Australian privacy law, you have the following rights:
7.1 Access
You may request access to the personal information we hold about you. We will respond within 30 days.
7.2 Correction
You may request correction of inaccurate, incomplete, or outdated information. We will respond within 30 days.
7.3 Deletion
You may request deletion of your personal information, subject to legal retention requirements (e.g., AML/CTF records must be kept for 7 years).
7.4 Opt-Out
You may opt-out of marketing communications at any time by clicking "unsubscribe" in our emails or contacting us directly.
7.5 Complaint
If you believe we have breached your privacy rights, you may lodge a complaint with us or the Office of the Australian Information Commissioner (OAIC).
8. Data Retention
We retain personal information for as long as necessary to:
- Provide our services to you
- Comply with legal obligations (e.g., AML/CTF: 7 years)
- Resolve disputes
- Enforce our agreements
After the retention period, we securely delete or anonymize your information.
9. Cookies and Tracking
Our website uses cookies and similar technologies to enhance your experience:
- Essential Cookies: Required for platform functionality
- Analytics Cookies: Help us understand website usage
- Marketing Cookies: Used for targeted advertising (with consent)
You can control cookie settings through your browser. Disabling cookies may limit platform functionality.
10. Children's Privacy
Our services are not intended for persons under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website
- Sending an email notification
- Updating the "Last Updated" date
We encourage you to review this policy periodically.
12. Contact Us
For privacy-related queries, complaints, or requests:
- Email: privacy@aureumvault.com.au
- Postal: Privacy Officer, Aureum Vault, 526/368 Sussex St, Sydney NSW 2000
- Phone: +61 432 566 174
- Response Time: We respond within 30 days
If you are not satisfied with our response, you may contact the OAIC:
- Website: www.oaic.gov.au
- Phone: 1300 363 992