Privacy Policy



Table of Contents

  1. Purpose and Scope

  2. Information We Collect

  3. How We Collect It

  4. Why We Collect Your Information

  5. Disclosure of Information

  6. Identity Verification & AML Screening (Sumsub)

  7. Cross-Border Data Transfers

  8. Security and Storage

  9. Retention of Information

  10. Access, Correction and Deletion

  11. Automated Decision-Making

  12. Blockchain Immutability Notice

  13. Cookies and Analytics

  14. Marketing Communications

  15. Recording of Communications

  16. Age Restrictions

  17. Your Rights Under Australian Law

  18. Complaints Process

  19. Changes to This Policy

  20. Contact Us




    Trustrade Australia is a registered Digital Currency Exchange (DCE) provider under the Australian Transaction Reports and Analysis Centre (AUSTRAC). As part of our regulatory obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, we are required to implement robust policies and procedures to ensure all crypto transactions on our platform are lawful, transparent, and secure.

1. Purpose and Scope

This Privacy Policy explains how Alcides Junio Araujo, Rangel ("we", "us", "our") collects, stores, uses and discloses personal information in connection with our Australian digital currency exchange (DCE) services.

We are registered with the Australian Transaction Reports and Analysis Centre (AUSTRAC) as a Digital Currency Exchange and comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) ("AML/CTF Act") and the Privacy Act 1988 (Cth) (‘Privacy Act’).

This Policy applies only to individuals located in Australia and to personal information collected in connection with our Australian operations.

2. Information We Collect

We collect personal information that is reasonably necessary to provide our regulated DCE services, including:

Identification details: full name, date of birth, gender, address, email, and phone number.

Verification documents: passport, driver's licence, proof of address, and selfie photo/video for KYC verification.

Financial details: bank account numbers, payment references, and digital wallet addresses.

Transaction information: type and amount of digital currency, timestamps, counterparties, and IP addresses.

Technical data: device type, browser version, IP address, and website usage metrics.

Communications: any messages, emails, support interactions, or recorded calls/video sessions with us.

3. How We Collect It

We collect information:

  • directly from you when you sign up, verify your account or use our services; and

  • from third-party providers such as verification and fraud-prevention partners (including Sumsub).

4. Why We Collect Your Information

We collect and use personal information to:

  • verify your identity and comply with AML/CTF laws;

  • provide digital currency exchange and related services;

  • monitor for fraud, money laundering, or suspicious transactions;

  • comply with AUSTRAC and legal reporting obligations;

  • respond to your queries and provide customer support;

  • send important updates about your account or changes to our services;

  • improve our Website and service performance; and

  • conduct automated risk assessments for AML/CTF compliance.

We do not sell, rent or trade your personal information to third parties for marketing purposes.

5. Disclosure of Information

We may disclose your personal information to:

  • AUSTRAC and other government authorities as required under the AML/CTF Act;

  • our Australian service providers (e.g., payment processors, hosting and cloud infrastructure providers);

  • professional advisers (lawyers, accountants, auditors) under confidentiality obligations;

  • law-enforcement agencies when required by law or court order;

  • identity verification providers (see Section 6 below);

  • your authorised representatives or agents with your consent; and

  • other parties with your explicit consent or as required by law.

All third-party service providers are contractually required to handle your information securely and in compliance with Australian privacy laws.

6. Identity Verification & AML Screening (Sumsub)

To comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), we use Sumsub Limited ("Sumsub"), an independent verification provider, to perform identity verification, sanctions screening, and AML/CTF checks on our behalf.

When you provide your identification documents or photographs during onboarding, they are securely transmitted to Sumsub for verification.

What Sumsub Does:

  • Verifies your identity documents (passport, driver's licence, etc.)

  • Performs facial recognition and liveness checks

  • Screens against sanctions lists and politically exposed persons (PEP) databases

  • Assesses AML/CTF risk

  • Detects fraudulent documents

How Sumsub Handles Your Data: Sumsub is contractually required to:

  • Handle your personal information in accordance with Australian privacy standards

  • Use your information only for lawful compliance purposes

  • Implement appropriate security measures

  • Delete or return your data when no longer required for compliance

By using our services, you consent to your personal information being shared with and processed by Sumsub for these compliance obligations. For more information about Sumsub's privacy practices, visit: https://sumsub.com/privacy-notice/

7. Cross-Border Data Transfers

While we primarily store data within Australia, certain compliance services require cross-border transfers:

Sumsub Identity Verification: When you submit identification documents, they are processed by Sumsub, which may store data on servers located outside Australia, including within the European Union or United Kingdom. Sumsub is subject to European data protection laws (GDPR) which provide a comparable level of protection to Australian privacy laws.

Other International Transfers: We do not routinely transfer personal information overseas except where necessary for compliance, security, or service delivery. Where transfers occur, we ensure:

  • The recipient is subject to laws or binding schemes substantially similar to the Australian Privacy Principles (APPs); or

  • The recipient is contractually bound to handle information in accordance with Australian privacy standards.

By using our services, you consent to these cross-border transfers for the purposes described in this Policy.

8. Security and Storage

We implement reasonable technical and organisational measures to safeguard your personal information, including:

  • secure Australian-based servers and restricted data access;

  • multi-factor authentication for administrative access;

  • regular security audits and vulnerability assessments;

  • staff training on privacy and security obligations; and

  • secure disposal of documents containing personal information.

While we take reasonable precautions, no system is entirely secure. We cannot guarantee absolute security of information transmitted over the internet.

Data Breach Notification: If a data breach occurs that is likely to result in serious harm to you, we will comply with the Notifiable Data Breaches (NDB) Scheme under the Privacy Act, including notifying you and the Office of the Australian Information Commissioner (OAIC) within 72 hours of becoming aware of the breach.

9. Retention of Information

We retain records containing personal information for at least 7 years in accordance with the AML/CTF Act. This retention period begins from the date of your last transaction or the closure of your account.

After this period, or once information is no longer required for legal or operational purposes, we will:

  • securely destroy physical records (shredding, pulping);

  • permanently delete electronic records; or

  • de-identify information so that it can no longer reasonably identify you.

Note: We may retain some information for longer periods if required by law, court order, or to resolve disputes.

10. Access, Correction and Deletion

You have the right to request:

Access: A copy of the personal information we hold about you.

Correction: Updates to ensure your information is accurate, complete and up-to-date.

Deletion: Erasure of your personal information where it is no longer required for legal or operational purposes (noting AML/CTF retention requirements).

How to Request: Contact us at support@trustradeaustralia.com with your full name and ABN/account details.

Response Time: We will respond to your request within 30 days. If we require additional time, we will notify you of the reason and expected timeframe.

Fees: We do not charge a fee for reasonable access requests. However, if your request requires significant time or resources, we may charge a reasonable fee to cover administrative costs. We will notify you of any fees before processing your request.

Refusing Requests: If we cannot provide access or make corrections (e.g., due to legal obligations or the information relates to enforcement matters), we will explain the reason in writing and inform you of complaint options.

11. Automated Decision-Making

We may use automated systems and algorithms to:

  • detect suspicious transactions and assess fraud risk;

  • perform AML/CTF risk scoring;

  • monitor for unusual account activity; and

  • enforce transaction limits and security measures.

These automated processes may affect your ability to transact or may result in your account being flagged for manual review.

Your Right to Human Review: You have the right to request human review of any automated decision that significantly affects you. Contact us at support@trustradeaustralia.com to request a review.

12. Blockchain Immutability Notice

Important: Digital currency transactions recorded on public blockchains (such as Bitcoin, Ethereum, etc.) are permanent and cannot be deleted, modified, or reversed.

While we can delete your personal account information from our systems in accordance with this Privacy Policy, transaction records on the blockchain remain publicly visible and immutable. Blockchain addresses and transaction amounts are pseudonymous but not anonymous.

If privacy is a concern, you should:

  • Use privacy-focused cryptocurrencies;

  • Avoid reusing wallet addresses; or

  • Use privacy-enhancing technologies where appropriate.

13. Cookies and Analytics

We use cookies and analytics tools (such as Google Analytics) to:

  • improve site performance and user experience;

  • understand how visitors use our Website;

  • remember your preferences and settings; and

  • provide security features.

Types of Cookies:

  • Essential cookies: Required for the Website to function (login sessions, security)

  • Analytics cookies: Collect anonymised data about page visits, session duration, and user behavior

  • Functional cookies: Remember your preferences (language, display settings)

Managing Cookies: You can disable cookies in your browser settings; however, some features may not function correctly. Most browsers allow you to:

  • Block all cookies

  • Accept only first-party cookies

  • Delete cookies when you close the browser

For more information about cookies, visit: www.aboutcookies.org

14. Marketing Communications

We may send service updates, security alerts, or promotional emails to customers who have opted in or who have an existing relationship with us.

You can opt out at any time by:

  • Clicking the "unsubscribe" link in any marketing email;

  • Contacting us at support@trustradeaustralia.com; or

  • Updating your communication preferences in your account settings.

Important Service Communications: Even if you opt out of marketing, we will still send essential communications related to your account, transactions, security, and legal obligations.

We do not send unsolicited marketing to individuals who have not consented or who do not have an existing relationship with us.

15. Recording of Communications

We may record phone calls, video verification sessions, and customer support interactions for the following purposes:

  • quality assurance and staff training;

  • fraud prevention and security;

  • compliance with AML/CTF obligations; and

  • dispute resolution.

You will be notified before any recording begins. If you do not wish to be recorded, you may choose to communicate with us via email instead.

Recordings are stored securely and are subject to the same retention periods as other personal information (minimum 7 years for AML/CTF compliance).

16. Age Restrictions

Our services are only available to individuals aged 18 years or older.

We do not knowingly collect personal information from minors (persons under 18 years of age). If we become aware that we have collected information from a person under 18, we will:

  • delete the information promptly; and

  • refund any funds where appropriate.

If you believe a minor has provided us with personal information, please contact us immediately at support@trustradeaustralia.com.

17. Your Rights Under Australian Law

Under the Australian Privacy Principles (APPs), you have the right to:

  • access the personal information we hold about you (APP 12);

  • request corrections to ensure your data is accurate and up-to-date (APP 13);

  • request deletion of your information where legally permissible;

  • know how your information is collected and used (APP 5);

  • opt out of direct marketing communications (APP 7);

  • request that we do not disclose your information to third parties in certain circumstances; and

  • lodge a complaint if you believe we have mishandled your information.

18. Complaints Process

If you have a privacy concern or complaint, we encourage you to contact us first so we can attempt to resolve the issue.

Our Internal Complaints Process:

  1. Submit your complaint via email to support@trustradeaustralia.com with:

    • Your full name and contact details

    • Description of the privacy concern

    • Any relevant documentation

  2. Acknowledgment: We will acknowledge receipt of your complaint within 5 business days.

  3. Investigation: We will investigate your complaint and provide a written response within 30 days. If we require additional time, we will notify you of the reason and expected timeframe.

  4. Resolution: Our response will include:

    • Findings of our investigation

    • Action we will take (if any)

    • Your options if you are not satisfied

If You Are Not Satisfied:

You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

  • Website: www.oaic.gov.au

  • Phone: 1300 363 992

  • Address: GPO Box 5218, Sydney NSW 2001

  • Email: enquiries@oaic.gov.au

The OAIC can investigate complaints about privacy breaches and may make a determination requiring us to take specific action.

19. Changes to This Policy

We may update this Privacy Policy periodically to reflect:

  • changes in our services or operations;

  • updates to applicable laws or regulations;

  • improvements to our privacy practices; or

  • feedback from customers or regulators.

Notice of Changes: When we make material changes to this Policy, we will:

  • update the "Effective Date" at the top of this document;

  • notify you via email if you have an active account; and

  • display a prominent notice on our Website.

Your Continued Use: Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

The most current version will always be available on our Website at: https://www.trustradeaustralia.com/compliance