Terms & Policies
AustraliaPrivacy Policy
Last updated: 7 February 2025
AIRWALLEX
GLOBAL CUSTOMER PRIVACY POLICY
Last updated: 26 February 2026
For California residents, go here.
Thank you for using Airwallex!
Airwallex is a global payments and financial platform company for modern businesses. We provide a broad range of financial services including payments, treasury, spend management and embedded finance to global businesses of all sizes. It is important that you are well informed as to how we process your personal information. This Privacy Policy (the “Policy”) describes the personal data (sometimes also referred to as personal information) we collect as a data controller from you and how that information is used and shared by us. It also includes details about the choices we offer you in relation to your information. Please review it carefully.
Here is a summary of the information contained in this Policy (although it is not a substitute for reading the full Policy). We have included hyperlinks to help you jump to the relevant sections with more detail.
What does this Policy apply to? | This Policy applies to any user of products, services, technologies or functionalities offered by us anywhere in the world (and, when such user is a business entity, to any individual who is the owner of, or who acts on behalf of, such user), and to any visitor to our website, mobile app, or other channel whose personal data we process. Personal data is any information that is related to an identified or identifiable natural person. The definition under applicable laws is broad, and can include information that could be used indirectly and/or with other information to identify an individual – such as device identifiers or IP address. Examples of personal data include your name, email address, ID document information, bank account number, credit card details, telephone number, transaction information or home address. | |
Who is the data controller? | “We” or “us” in this Policy refers to Airwallex. The data controller of your personal information varies by your location: Australia Airwallex Pty Ltd, Airwallex SVF Pty Ltd, and/or Airwallex Capital Pty Ltd (depending on the Services provided) Brazil Airwallex (Brasil) Ltda. Canada Airwallex (Canada) International Payments Limited EEA/Switzerland Airwallex (Netherlands) B.V., or Airwallex Capital (Netherlands) B.V., or Airwallex Digital (NL) B.V., or Airwallex Lithuania UAB (depending on the Services provided) Indonesia PT Skype Sab Indonesia Israel Airwallex (Israel) Ltd Malaysia Airwallex (Malaysia) Sdn Bhd Mexico MexPago Transacciones, S.A.P.I. de C.V., Institución de Fondos de Pago Electrónico New Zealand Airwallex (New Zealand) Limited Singapore Airwallex (Singapore) Pte Ltd, Airwallex Capital (Singapore) Pte Ltd, or Airwallex Digital (SG) Pte. Ltd. (depending on the Services provided) United Arab Emirates Airwallex Middle East Innovation In Financial Solutions - L.L.C - O.P.C UK Airwallex (UK) Limited; Airwallex Capital (UK) Limited (depending on the Services provided) United States Airwallex US, LLC, Airwallex Digital (US) LLC; Airwallex Capital US, T0 Finance LLC (depending on the services provided) Vietnam Payment Telecom Informatics Post A Member Of Company Limited. | |
What types of information do we collect and why? | When you set up an account to use our Services, we require information (such as your name, address, government-issued ID, tax identifier, business information) to set this up. We also process certain identity information when we undertake our KYC/AML process. We will process information in connection with transactions (including payment information and the beneficiary of payment). Our Services also process network, device and usage information in order to maintain the integrity of our systems. You can read more about what personal information we process and why below. | |
How is your information shared? | Our affiliates and select third parties support the operation of the Services and will necessarily receive and/or transfer personal information in order to facilitate the Services and services provided by third parties at your request and/or with your consent where legally required. If a third party is engaged to support the Services, this is solely for the purpose of the Services and we require that the third party comply with appropriate safeguards to protect personal information. Services supported and/or provided by third parties may include support services, effecting transactions, account information services, payment initiation services, cloud services, analytics, market research, fraud detection, Business Customers’ services and other functions in connection with the Services. We also have affiliates around the world who help us deliver the Services and we may be required by a court or legal obligation to disclose certain information in some circumstances. You can read more about how we share your personal information below. | |
Where do we store your information? | Where we store your information depends on your location and associated applicable laws. We primarily host personal information in Singapore, Belgium, the Netherlands, Japan, Australia, Malaysia, and the United States. As a global business, we may also transfer or process personal information in countries outside your country of incorporation, business operations, or residence, to where our affiliates, select third parties, Ecosystem and Financial Partners and service providers are located. Any cross-border data transfers or processing is done in compliance with applicable law, as described in Section 5 below. | |
How long do we retain information for? | We retain personal information for so long as it is required to fulfil the purpose for which it was collected, unless we are subject to legal or regulatory obligations to retain such information. | |
What rights do I have regarding the processing of my information by Airwallex? | Depending on where you are located, you may have certain rights with respect to your personal information, such as rights of access, to receive a copy of your information, or to delete your information or restrict or object to our processing of your information. You can read more about your rights below. | |
How can I contact Airwallex? | If you have questions or concerns about this Policy or a specific request related to your personal information, please contact us at [email protected]. | |
How will we notify you of changes to this Policy? | We reserve the right to make changes to this Policy at any time by posting a revised version to our Site and updating the “Last Updated” date at the top of this Policy. | |
Are there specific terms that apply to certain countries? | Yes. You can read more about the specific processing activities for certain jurisdictions in the Jurisdiction-Specific Addenda below. |
1. SCOPE OF POLICY
This Policy applies to you when you use or interact with our Services anywhere in the world, or our website, mobile app, or other channel (collectively, “Sites”) when we act as a data controller. “Services” means any products, services, technologies or functionalities offered by Airwallex. The Services we offer may vary by region.
Depending on the context, “you” may mean any of the End User, Business Customer, Representative or Visitor.
End User: an end user (individual) who uses our Service or receives the benefits of our Services, regardless of whether the End User uses or receives our Services for personal use or otherwise. We may also collect an End User’s personal information when provided by the Business Customer.
Representative: individual who is the owner (including the ultimate beneficial owner) of, or who acts on behalf of a Business Customer (e.g. employee, director or officer of Business Customer who has authority for managing Business Customer’s account with us).
Visitor: a visitor (individual) to our Sites or who otherwise communicates with us (e.g. if you send us a query on our Support Page) without being logged into an Airwallex account.
Business Customer: a business entity who we provide Services to, whether directly or indirectly, or do business with and such Business Customer will provide us with an End User’s personal information in connection with Business Customer and that End User’s respective activities. When you (as an End User or Representative) interact with a Business Customer, your personal information will be collected, retained, shared and/or stored by the Business Customer in accordance with their own privacy policies and not this Policy. Where Airwallex acts as the Business Customer’s processor, the Business Customer’s privacy policy applies to end user personal information in that processor context and not this Policy.
2. DATA CONTROLLER
As used in this Policy, “we,” “us” “our” and “Airwallex” refers to the Airwallex group company that acts as the data controller with respect to your information. The data controller responsible for your information under this Policy varies depending on your country of residence and/or the entity used to enter into an agreement with Airwallex to provide services to you.
Controller and Processor Roles
Airwallex acts in different roles depending on the context of the Services. When we provide and improve our Services, administer the Airwallex Platform, protect the security and integrity of our systems, communicate with you, manage risk and fraud, meet tax, reporting, and other regulatory obligations, or otherwise comply with Applicable Law, we act as an independent data controller of your personal information. Please see our Global Privacy Centre for more information.
When we process personal information strictly on documented instructions from a Business Customer in connection with that customer’s use of our Services, we act as that Business Customer’s processor. In those processor contexts, the Business Customer’s privacy policy—not this Policy—governs the collection and use of end‑user personal information, and the Business Customer is responsible for providing appropriate privacy notices and obtaining any required consents. This Policy continues to apply to Airwallex’s own controller‑level processing, including for service administration, security, compliance, and platform operations.
Country of Residence | Data Controller(s) | Address |
Australia | Airwallex Pty Ltd (for payment and other financial services); Airwallex SVF Pty Ltd (for stored value services); and Airwallex Capital Pty Ltd (for investment management services) | Level 7, 15 William Street, Melbourne, VIC 3000, Australia |
Brazil | Airwallex (Brasil) Ltda | Avenida Brigadeiro Luís Antônio, 300, 100 andar, conjunto 104, parte, Bela Vista, Brazil |
United States | Airwallex US, LLC Airwallex Digital (US) LLC Airwallex Capital US (for investment services) T0 Finance LLC | 188 Spear Street, 9th Floor, San Francisco, CA 94105, USA |
UK | Airwallex (UK) Limited
Airwallex Capital (UK) Limited (for investment services) | Wells and More, 45 Mortimer St, London, United Kingdom, W1W 8HJ |
EEA or Switzerland | Airwallex (Netherlands) B.V. Airwallex Capital (Netherlands) B.V. (for investment services) Airwallex Lithuania UAB | Rivvia, Keizersgracht 127, 1015 CJ Amsterdam, Netherlands Konstitucijos ave. 21B, Vilnius, the Republic of Lithuania |
Malaysia | Airwallex (Malaysia) Sdn Bhd | WeWork Mercu 2, Level 40, No.3 Jalan Bangsar, KL Eco City 59200, Kuala Lumpur, Malaysia |
New Zealand | Airwallex (New Zealand) Limited | c/- CSNZ, Level 5, 79 Queen Street, Auckland 1010, New Zealand |
Singapore | Airwallex (Singapore) Pte Ltd Airwallex Capital (Singapore) Pte Ltd (discretionary portfolio management service) | #20-01, Guoco Tower, 1 Wallich Street, Singapore 078881 36 Robinson Road, #20-01, City House, Singapore 068877 |
Canada | Airwallex (Canada) International Payments Limited | Suite 2600, Three Bentall Centre, 595 Burrard Street, Vancouver, BC Canada, V7X 1L3. |
Israel | Airwallex (Israel) Ltd | Derech Menachem Begin 132, Tel Aviv-Yafo, Israel 6701101 |
Indonesia | PT Skype Sab Indonesia | PT Skye Sab Indonesia, 73A Mampang Prapatan Raya Street, Tegal Parang, Mampang Prapatan, South Jakarta 12790 |
Mexico | MexPago Transacciones, S.A.P.I. de C.V., Institución de Fondos de Pago Electrónico | Bosque de Duraznos 65, 602B, Bosques de las Lomas, Miguel Hidalgo, Ciudad de Mexico, 117000 |
UAE | Airwallex Middle East Innovation In Financial Solutions - L.L.C - O.P.C | Silver Castle Building, Mussafah, M33, Plot 67, Office 5, Abu Dhabi, United Arab Emirates) |
Vietnam | Payment Telecom Informatics Post A Member Of Company Limited | No. 04-117, Lim Tower 3, 29A Nguyen Dinh Chieu, Sai Gon Ward, Ho Chi Minh City, Vietnam |
3. THE TYPES OF PERSONAL INFORMATION WE USE
“Personal information” or “personal data” means any information that identifies you (whether directly or indirectly), such as your name, address, telephone number, email address, date of birth, payment card information, bank account information and any other data that is associated with your identity. The specific categories of personal information which we process are listed in the section “How We Use Your Personal Information” below. This section describes the different types of personal information we collect from you and how we process it.
A. INFORMATION YOU PROVIDE DIRECTLY TO US
Account and Profile Information, Events participation, Newsletter or Content subscription: To use our Services or attend an event or receive content we publish, you must provide certain personal information to us, including contact details and other information required to establish an account profile, identity verification information, financial information and information regarding beneficiaries of payments. This information is necessary for us to perform the contracted services and also to allow us to comply with our legal obligations. If you are not able or willing to provide this information, we may not be able to provide you with all the requested Services.
Survey, feedback, and promotions: Some information you provide to us is voluntarily provided by you and not mandatory for using our Services. Examples of such information include your opting to respond to our surveys, provide feedback to us about our products and Services, participate in promotions or contests or otherwise communicate with us. This information allows us to provide incentives or additional features to you, evaluate our performance and to create a better user experience for you when using the Airwallex platform. This additional information will be processed based on our reasonable discretion or when applicable, your consent.
B. INFORMATION AUTOMATICALLY COLLECTED FROM YOUR USE OF SERVICES
We automatically collect certain data from you when you use the Services or visit any of our Sites (such as to prevent fraud or misuse, or to understand your use of and improve our Services). This includes:
transaction data, beneficiary information, card related information;
usage data;
information about the devices you use to access the Services;
call recordings;
log data; and
location information.
C. INFORMATION COLLECTED FROM THIRD PARTIES
We may also obtain information about you from external sources, including information obtained from our ecosystem and financial partners, payment service providers, service providers, credit bureaus, credit reference agencies or other providers of credit information, financial institutions, debt collection agencies, companies and other official registers and databases, fraud prevention agencies and partners, community forums used to post ratings or reviews, Airwallex business partners or Business Customers through which you access our Services, or other sources of public records. The collection and sharing of such personal information with Airwallex is also explained in such third parties’ own respective privacy policies. We may combine information collected from third parties with information we collect from you directly through the Airwallex platform.
Regardless of the method of collection, the information we obtain from or about you is subject, at all times, to the privacy choices or rights exercised by you.
D. COOKIES
We use cookies and similar technologies (i.e. web beacons, pixels, ad tags and device identifiers) to recognize you and to customize your online experience. To learn more about cookies and the other tracking technologies we may utilize, please refer to our Cookie Policy, which includes a comprehensive overview of cookies and provides further details about how we use cookies and how to control our use of cookies.
4. HOW WE USE YOUR PERSONAL INFORMATION
This section provides more detail on the types of personal information we collect from you, and why. For users who are resident in the United Kingdom, the European Economic Area or Switzerland (each a “Relevant Jurisdiction”), it also identifies the legal basis under which we process your personal information.
Personal Information | Use | Legal Basis (only relevant if you are located in a Relevant Jurisdiction or in other jurisdictions which require us to identify the legal basis for each processing) | |
Account and Profile Information (End User, and/or Representative only) | Personal identifiers such as your name, residential address, email address, phone number, date of birth, social security number, driver’s license number, passport number, tax identification number, username in combination with your password to access your online account, or other similar identifiers. | To provide the Services, e.g. to create a User Profile and associated permissions and authorisations to that User Profile; to process instructions from you payments and the use of our products; to provide customer support; to enable you to access and use the Airwallex products and platform; and to evaluate your application to use the Services. To prevent fraud, misuse or breaches of the Acceptable Use Policy, e.g. to verify your identity or authenticate your right to access an account or other information; to manage risk, fraud and abuse of the Services and Sites; and to conduct manual or system monitoring to protect against fraud and other harmful activity. To communicate with you, e.g. to respond to your inquiries and support requests; to help you explore and learn about our features, capabilities and products; to send you service updates and notices, security alerts and other administrative messages; to provide information related to your transactions including confirmations, receipts and tracking notices; and send you our newsletter or other content, or to send you marketing and promotional messages and offers. | Necessary to perform our contract with you to provide the Services and to send you communications related to your use of the Services. Consent to send you promotional or marketing communications (depending on your jurisdiction and our existing relationship with you). It is our legal obligation and in our legitimate interests to prevent fraud misuse, or breaches of the Acceptable Use Policy. |
Demographic Data (End User and/or Representative only) | We may also collect demographic data about you including your employment history, education, income and other similar information. | To develop new products or enhance existing products and Services. To monitor and analyze trends, usage and other user activities on our Sites to optimize user experience. | It is in our legitimate interests to use this information to improve our Services and Sites. |
Identity Verification Data (End User and/or Representative only) | To comply with laws and regulations, we may collect copies of your government-issued identification document. Name, date of birth, identification document (including passport, driver’s licence or national ID card), address proof, tax residency information or other authentication information, all of which may include photographs of you. To validate your identity, we may also conduct a liveness check (for example by making a selfie). To the extent required or permitted by applicable law, we may obtain reports about you from public records. In order to obtain such reports, we may use information or personal information you provide to us. | To fulfil our legal obligations. To provide the Services, e.g.: to create your account for the Services in accordance with your request; and to verify your identity or authenticate your right to access an account or other information. To prevent fraud, or misuse or breaches of the Acceptable Use Policy, e.g. to verify your identity or authenticate your right to access an account or other information; to manage risk, fraud and abuse of our Services and Sites; and to conduct manual or system monitoring to protect against fraud and other harmful activity. | Necessary to satisfy our legal obligations under applicable law to provide our Services. It is our legal obligation and in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy. |
Transaction Data (End User and/or Representative only) | We may collect financial information such as bank account details (account number, routing number), credit or debit card numbers, billing address, shipping address, payment method information, merchant, location, transaction amount, date of transaction or tax information. | To provide the Services, including to process payments from and to the Business Customer’s account or the End User account, to process payment transactions from buyers or the users of any Airwallex card products. To fulfil our legal and regulatory reporting obligations. | Necessary to perform our contract with you to provide the Services. Necessary to satisfy our legal and regulatory reporting obligations under applicable law. |
Beneficiary Information (End User and/or Representative only) | We may collect information about the parties to the transaction, the designated recipient (including the recipient’s bank account information), the source of the funds, the reason for the transaction, the devices and payment methods used to complete transactions. | To provide the Services, e.g. to process payments from and to the Business Customer or End User account. To prevent fraud, misuse or breaches of the Acceptable Use Policy, e.g. to verify your identity or authenticate your right to access an account or other information; to manage risk, fraud and abuse of the Services and Sites; and to conduct manual or system monitoring to protect against fraud and other harmful activity. | Necessary to perform our contract with you to provide the Services. It is our legal obligation and in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy. |
Card Related Information (End User only) | Card numbers and details | To provide the Services, e.g. to process payments made by the card; to issue cards and process their transactions as part of the Services; to validate the authenticity of the transaction; and to prevent fraud. | Necessary to perform our contract with you to provide the Services and to fulfil our legal obligations. |
Log Data (End User and/or Representative only) | When you access the Services, we collect server logs which may include information such as access times and dates, pages viewed and other system activity, including the third-party site you were using before accessing our Services. | To provide the Services. To prevent fraud, misuse or breaches of the Acceptable Use Policy and improve our Services. To understand your use of and improve the Services. | Necessary to perform our contract with you to provide the Services. It is our legal obligation and in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy and improve the Services. |
Device Information (End User and/or Representative only) | We may obtain information about the devices you use to access the Services including: the device type, operating systems and versions, the device manufacturer and model, preferred languages, and plugins. | To provide the Services. To prevent fraud, or misuse or breaches of the Acceptable Use Policy and improve the Services. To understand your use of and improve the Services. | Necessary to perform our contract with you to provide the Services, and it is our legal obligation and in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy and improve the Services. |
Usage Information | We collect information about how you interact or engage with the Sites and how you use the Services including your user preferences and other settings selected by you. This information may be collected if you visit our Sites and regardless of whether or not you establish an account with us or conduct a transaction. In some cases, we do this by utilizing cookies, pixel tags and similar technologies. Please see further details about cookies and other tracking technologies in our Cookie Policy. | To provide the Services. To evaluate your satisfaction with our Services, platform and features. To develop new products or enhance existing products and services. To monitor and analyse trends, usage and other user activities on our Sites to optimize user experience and to improve the Services. | Necessary to perform our contract with you to provide the Services. It is in our legitimate interests to protect the integrity of the Services and improve our operations. |
Location Information (End User and/or Representative only) | When you use certain features of the Services, we may collect information about your precise or approximate location as determined by data such as your IP address or mobile device GPS. Most mobile devices allow you to control or disable the use of geolocation services for applications by changing preferences on your mobile device. | To provide the Services. To enable you to access and use the Airwallex platform. To manage risk, fraud and abuse of our Services and Sites or breaches of the Acceptable Use Policy. To conduct manual or system monitoring to protect against fraud and other harmful activity. | Necessary to perform our contract with you to provide the Services. It is our legal obligation and in our legitimate interests to prevent fraud, misuse or breaches of the Acceptable Use Policy. |
Communications Data | Information related to your interactions and communications with us, which may include email messages, chat sessions, text messages, and phone calls that we exchange with you. | To respond to your inquiries and customer support requests. To send you technical notices, updates, security alerts and other administrative messages. To provide information related to your transactions including confirmations, receipts and tracking notices. | Necessary to perform our contract with you to provide the Services. |
Call Recordings | Voice recordings of you captured when you contact us or if we contact you, including interactions with our customer service or sales teams. | To respond to your inquiries and customer support requests. | Necessary to perform our contract with you to provide the Services. |
Various other Information | Any information you may provide us when you respond to surveys. | To run the survey and analyse the results for our internal business purposes. | We collect this information with your consent. |
Any information you may provide us when you participate in contests. | To facilitate promotional contests that you choose to participate in. | We collect this information with your consent. | |
Any information you may provide us when you participate in promotions or request to receive promotional information. | To deliver promotional offers, incentives, and targeted marketing in accordance with your preferences (as permitted by applicable law). To provide invitations and information about events or events held by our partners. | We collect this information with your consent. |
5. TRANSFERS AND STORAGE
Where we store your data depends on where you are located – e.g. your country of incorporation, business operations or residence. We primarily host personal information in Singapore, Belgium, the Netherlands, Japan, Australia, Malaysia, and the United States, depending on your location. As a global business we may also transfer or process personal information in countries outside your country of incorporation, business operations or residence, and where our affiliates, third parties, Ecosystem and Financial Partners and service providers are located. These countries may have data protection rules that are different from your country, but the privacy requirements of your jurisdiction remain in effect regardless of cross-border data transfers. In certain situations, we may be required to disclose your personal information pursuant to lawful requests from local law enforcement or government authorities. Airwallex implements appropriate measures and safeguards to protect your personal information to meet applicable data protection and national security requirements, as well as the standards described in this Policy, including the use of mandated Standard Contractual Clauses (for the European Union) and International Data Transfer Agreement (for the United Kingdom) or any equivalent standard contracts issued by relevant authorities into its agreements (where applicable) and/or adopting alternative measures required for the lawful transfer of personal information in accordance with applicable data protection law.
We restrict transfers of personal data to certain jurisdictions in accordance with applicable law.
6. INFORMATION SHARING AND DISCLOSURE
Only where necessary will we share your personal information with third parties or corporate affiliates. Situations where this occurs are:
Third Party | Purpose |
Third party service providers | We engage a variety of service providers (who in general act as data processors (where we are data controller) or sub-processors (where we are a processor) to enable us to provide our Services to Business Customers, and, indirectly, to you. For example, service providers may be used to: facilitate payment processing, support technology or infrastructure, cloud storage, conduct market research, marketing analytics, detect fraud, verify identity and perform audits or other functions. We will share your personal information with such service providers only to the extent necessary to allow the performance of their intended engagement. All service providers and business partners that receive your personal information are contractually bound to protect and use your information only in accordance with this Policy. |
Our corporate affiliates | To facilitate or support us in providing the Services to you, we may share your personal information within the Airwallex group of companies. All Airwallex group companies may only use your personal information in accordance with the relevant Intra-Group contracts governing such processing and for the purposes set out in this Policy. |
Financial and Ecosystem Partners | The Services may be offered to you (as an End User, Business Customer or Representative) in conjunction with or facilitated by other financial institutions, other payment institutions or other ecosystem partners (such as a provider of accounting or treasury management services or a marketplace payment service provider programmes). In respect of Financial or other payment institutions, such transfers and disclosures are necessary in order to provide the Airwallex services to you. In respect of Ecosystem Partners, such disclosures and transfers will be made in the manner you authorised or requested, or described to you (to enable use by you of such Ecosystem and Financial partners’ products and services) at the time you authorised or requested such disclosures. When you allow or authorise such third party provider, plugins, widgets, and/or website to access your Airwallex Account or to receive your personal information, this will constitute a request and/ or authorisation. |
In respect of Connected Account holders, the Platform (or any Platform partners) | For the Airwallex for Platforms solution, personal information relating to the Connected Account will be transferred to the Platform (or the Platform partners) [to allow the Connected Account to consume the Airwallex services via the Platforms’ (or Platforms’ partner’s) website or mobile app.] The Platform (and/or Platform partner) is an independent data controller of the personal information it processes in relation to the Connected Account holder. |
Commercial Partners | We may also refer you to services provided by our Commercial Partners (as an End User, Business Customer or Representative). Such Commercial Partners provide services under their own licences or authorisations, will have direct contracts with you and may be independent data controllers of the data you provide to them or data generated from your use of their services. Airwallex has no responsibility for any Commercial Partner services. Any data that may need to be transferred to such Commercial Partners from us will be done with your consent or as requested by you. |
Regulatory Authorities: regulators, judicial authorities and law enforcement agencies, tax authorities, and other third parties for safety, security, or compliance with the law. | There are circumstances in which we are legally required to disclose information about you to authorities (e.g. regulators, judicial authorities, courts, law enforcement agencies, tax authorities, and other public / government authorities both domestic and international), such as to comply with a legal obligation or processes, enforce our terms, address issues relating to security or fraud, or to protect our users. These disclosures may be made with or without your consent, and with or without notice, subject to and in compliance with the terms of valid legal process, including but not limited to regulatory queries or requests, subpoenas, court orders, or search warrants. We are usually prohibited from notifying you of any such disclosures by the terms of the legal process. We may also disclose your information to: enforce our Master Services Agreement entered into with the Business Customer or End User, or our online terms and conditions accepted by the Business Customer or End User or other applicable agreements or policies, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; protect our rights, property, privacy, or security, or that of others, as permitted by law; or comply with relevant law, legal process or governmental requests or orders. |
Social Media Platforms | Social media networks such as Facebook, Twitter, Pinterest, and Instagram that offer functionalities, plugins, widgets, or tools in connection with our corporate website or mobile application. If you as a Visitor choose to use these functionalities, plugins, widgets, or tools, certain information may be shared with or collected by those social media companies — for more information about what information is shared or collected, and how it is used, see the applicable social media company's privacy policy. |
Potential Acquirers of our Business | If we are the subject of or are involved in any corporate merger, acquisition, consolidation, reorganization, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with bankruptcy or similar proceedings), we may share data with third parties during negotiations. In the event your personal information becomes subject to a different privacy policy, we will make reasonable efforts to notify you beforehand. We also may need to disclose information to a third party in connection with a commercial transaction where we or any of our affiliates are seeking financing, investment or funding. |
Other Authorized Parties | If you request (as part of the Services provided to you) or provide your consent, we may share your information including your personal information with a third party not defined in this Policy. |
A list of Airwallex’s third party processors and sub-processors can be found here.
7. DATA RETENTION
We will retain your personal information for the period of time required to comply with applicable law, for fulfilling any ongoing obligations to you or, where necessary and consistent with applicable law, for our internal business purposes.
We may retain your personal information even after you close your Airwallex account or request deletion of your personal information. Examples of such cases include:
To process any transactions booked prior to closure or deactivation of an account.
To comply with anti-money laundering regulations or other laws and rules.
To detect or prevent fraud and other loss prevention activities.
To comply with legal process orders or law enforcement requests.
To collect any fees or other outstanding amount owed and payable to us by you.
To comply with our tax, accounting, and financial and regulatory reporting obligations.
Where required by our contractual commitments to our ecosystem or financial partners.
To resolve any disputes or enforce our User Agreement or other applicable agreements or policies.
To take any other action or exercise any other right in accordance with applicable law.
When a relevant retention period has passed, Airwallex will destroy personal information or, where applicable, sufficiently anonymize the personal information.
8. YOUR RIGHTS AND CHOICES
You have certain rights relating to your personal information. The ability and extent to which you may exercise these rights vary depending on your location. Only an individual may raise data subject rights to us, and only information about that individual (and not other individuals or businesses) will be provided in response in accordance with applicable law.
The following rights (described in detail below) apply to users in a Relevant Jurisdiction (United Kingdom, European Economic Area and Switzerland).
If you are located outside of a Relevant Jurisdiction, please review the section on Jurisdiction- Specific Rights for more information about the privacy rights afforded to you in your country or state of residence. To exercise any of your rights, please contact us at [email protected].
A. ACCESS, CORRECTION, ERASURE
You may access, correct or erase information you provided to us at any time by logging into your Airwallex account and taking required actions (where possible) or you can reach out to us for access, correction or deletion of your personal data There may be circumstances which preclude us from providing access to some or all of your information, for example where the information contains references to personal information about an individual other than you or the information is subject to legal or proprietary protections. Please also note that as a financial institution, we are subject to statutory retention periods. Therefore we cannot always erase (all of) your personal data upon request.
B. PORTABILITY
You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to transfer it to another party (e.g. a third party service provider or an ecosystem or financial partner), with certain exceptions. .This comprises any personal information we process on the basis of your consent (e.g., survey information) or pursuant to our contract with you (e.g., transaction data). We will provide further information to you about this if you make such a request.
C. RESTRICTION OF PROCESSING
You may have a right to require us to stop processing the personal information we hold about you other than for storage purposes in certain circumstances. Please note, however, that if we stop processing the personal information, we may use it again if there are valid grounds under data protection laws for us to do so (for example, for the defence of legal claims or for another’s protection). When we agree to stop processing the personal information, we will try to tell any third party to whom we have disclosed the relevant personal information so that they can stop processing it too.
D. OBJECTION
To the extent provided by applicable laws and regulations, you may object to certain processing activities where we rely on the legal grounds of legitimate interest or the performance of a task carried out in the public interest.
DEVICE & MARKETING
Device Permissions
Most mobile devices allow you to disable the use of location services, or revoke consent to applications to access your camera and photo library or send you push notifications information. Please refer to your device settings to restrict collection of certain information.
Notifications
We may from time to time send you notifications when we consider it necessary to do so (for example, when we temporarily suspend access to the Services for maintenance, or security, privacy or administrative-related communications). You may not opt-out of these service-related notifications, which are not promotional in nature.
Marketing Opt-Out
As described in section 4, we only send you promotional communications with your consent. You can opt out of receiving such promotional communications from us by following the instructions included in those messages or by logging into your Airwallex account and changing your preferences. Please note that if you opt out of marketing-related emails from us, we will continue to send you non-promotional messages that are required to provide our Services, such as transactional receipts and messages about your account or our relationship with you.
9. ADVERTISING AND ANALYTICS
We may partner with third parties to display advertisements to you on websites you visit. These third-party partners use cookies and other technologies to gather information about your activities on our Sites as well as other sites you visit in order to serve you advertising based upon your browsing history and interests. To learn more about behavioral advertising and online tracking, visit the Network Advertising Initiative. This website also provides information about how to opt out of interest-based online advertising delivered by member companies. You can learn more about Google’s practices here. For more information about the cookies that may be served through use of our services, please refer to our Cookie Policy.
10. SECURITY
We implement and update technical and physical security measures to safeguard your personal information against loss, misuse or unauthorized access, use of disclosure on an ongoing basis. Safeguards used to protect your information include firewalls, data encryption, and access controls. Please keep in mind that the transmission of information over the Internet is never 100% secure and no data storage system can be guaranteed safe. Although we will do our best to protect your personal information, we cannot warrant the security of data transmitted to our Sites; any transmission is at your own risk. We encourage you to understand the integral role you play in keeping your own personal information secure and confidential. Please select passwords that are sufficiently complex and always keep our log-in details secure. If you suspect any unauthorized use or access to your account or information, please contact [email protected] immediately.
11. CHILDREN’S PRIVACY
The Sites and Services are not intended for or directed at children. By children we mean users under the age of 16 or in the case of a country where the minimum age for processing personal information differs, such different age.
We do not knowingly collect any information from children. If we obtain actual knowledge that we have collected personal information from a child, we will immediately delete it (unless we are legally obligated to retain such information). Please contact us if you believe that we inadvertently collected information from any child.
12. THIRD PARTY LINKS AND SERVICES
The Sites may include links to third party websites or services, such as third-party integrations, co-branded services, or third-party branded services (“Third-Party Sites”). Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not own or control these third-party websites and when you engage with these Third-Party Sites, you may be providing information directly to the Third-Party Site, Airwallex, or both. Third-Party Sites will have their own policies about the collection, use and disclosure of your personal information. Please review those policies for more information.
13. USE OF ARTIFICIAL INTELLIGENCE AND AUTOMATED TECHNOLOGIES
We continuously explore ways to make our Services more efficient, secure, and reliable, and to meet our legal and regulatory obligations globally. This includes the responsible use of artificial intelligence (“AI”) and machine learning (“ML”) technologies, which may process your personal data. We may also process personal data to develop or improve our AI or ML technologies as described in section 4 of this Policy in accordance with applicable law and internal standards.
Before deploying AI or ML technologies, we assess whether their use is necessary and appropriate for the intended purpose, and whether it aligns with applicable laws, regulatory expectations and our internal standards. We also consider ethical, security, and reliability aspects to ensure that the use of such technologies is responsible and proportionate.
We may use AI or ML technologies to support operational efficiency, risk management, fraud prevention, compliance processes, customer support, and product improvement. For example, AI-enabled applications may be used to assist with summarising customer interactions, improving internal workflows, or streamlining risk assessments. We may also make AI tools available for use by you on our Platform, in accordance with applicable terms.
We do not use AI systems to make solely automated decisions that produce legal or similarly significant effects on individuals unless permitted by applicable laws, your consent (where required), and supported by appropriate safeguards.
14. UPDATES TO THIS POLICY
We reserve the right to make changes to this Policy at any time by posting an updated version to our Site and updating the “Last Updated” date at the top of this Policy. To the extent permitted by applicable law, your continued use of our services after such notice or posting constitutes your consent to our revisions of this Policy. If you disagree with any of our changes, you may deactivate your account with us at any time.
15. CONTACT
If you want to reach out to our Data Protection Officer, please contact [email protected].
If you have questions or concerns about this Policy or wish to make an inquiry regarding how we process your personal information, please contact us at [email protected] and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection authority in the country in which you live or work where you think we have infringed data protection laws.
You have the right to lodge a complaint with the competent supervisory authority in your country or your EU Member State of residence, place of work, or where the alleged infringement occurred.