Privacy Policy
Last updated: February 2026
1. Introduction
Dinar Exchange New Zealand, operated by Oz Trading Group Pty Ltd (ABN 82 158 981 787, AUSTRAC Enrolled: 100311410), is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and disclose your personal data in compliance with the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988.
2. Information We Collect
We collect the following types of personal information:
- Identity Information: Full name, date of birth, and government-issued photo ID (required for AML/KYC compliance)
- Contact Information: Email address, phone number, and postal address
- Financial Information: Bank account details for payment processing
- Transaction Records: Order history, amounts, and currency denominations purchased
- Technical Information: IP address, browser type, and device information collected via cookies and analytics
3. How We Use Your Information
- Processing and fulfilling your currency exchange orders
- Verifying your identity as required by Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations
- Communicating with you about your orders and enquiries
- Improving our website and services through analytics (Google Analytics)
- Complying with legal and regulatory obligations
- Preventing fraud and ensuring transaction security
4. Legal Basis for Processing
We process your personal data on the following legal bases: contract performance (to fulfil your orders), legal obligation (AML/KYC compliance under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009), legitimate interests (fraud prevention and service improvement), and consent (marketing communications, if opted in).
5. ID Verification and Document Handling
As a registered currency exchange provider, we are legally required to verify customer identity. Government-issued photo ID submitted during verification is securely stored using encrypted cloud storage (Supabase) and is only accessible to authorised compliance staff. ID documents are retained for the minimum period required by law (typically 5 years after the business relationship ends) and then securely deleted.
6. Data Storage and Security
Your personal information is stored securely using industry-standard encryption. Our website uses HTTPS encryption for all data transmission. Customer data is stored using Supabase (hosted in secure data centres) with access controls and encryption at rest. We regularly review our security practices to protect against unauthorised access, loss, or misuse.
7. Cookies and Analytics
Our website uses cookies and Google Analytics to understand how visitors use our site. This data is anonymised and used solely to improve the user experience. You can control cookie preferences through your browser settings. We do not sell or share analytics data with third parties for advertising purposes.
8. Third-Party Disclosure
We do not sell your personal information. We may share your data with: courier services (NZ Post) for order delivery, banking institutions for payment processing, government authorities when required by law (e.g., AUSTRAC, NZ Financial Markets Authority), and technology service providers who assist in operating our website (under strict data processing agreements).
9. Your Rights
Under the New Zealand Privacy Act 2020, you have the right to:
- Access the personal information we hold about you
- Request correction of any inaccurate or incomplete information
- Request deletion of your data (subject to legal retention requirements)
- Withdraw consent for marketing communications at any time
- Lodge a complaint with the Office of the Privacy Commissioner
10. Data Retention
We retain personal information for as long as necessary to provide our services and comply with legal obligations. Transaction records and identity verification documents are retained for a minimum of 5 years as required by AML regulations. After the retention period, data is securely deleted or anonymised.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.
12. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at dinars@dinarexchange.co.nz or visit our Contact page.