Skip to main content
Skip table of contents

Anti-Money Laundering (AML) and the Data Protection Regime

ZEW’s Privacy Policy

ZEW processes as data Controller the personal data of visitors to this website (hereinafter "Visitors"), as well as those who register, regardless of the type of account they register for - Visitor account ("Visitor") or Registered User account ("Registered") (together, "User" or "Users").

ZEW processes the Users data in accordance with our Privacy Policy, available at: https://help.zew.world/help-center/privacy-policy

Data Retention and Compliance with AML, and how it relates to the Data Protection Regime

At ZEW, we are committed to ensuring transparency and compliance with all applicable data protection laws.

Below is an overview of how we process and retain personal data in line with the applicable Data Protection Regime and AML legal and regulatory standards, which establish that ZEW must collect and keep record of information that includes personal data of Users.

For detailed information, please check ZEW’s Privacy Policy, Anti-Money Laundering (AML) Policy, Sanctions Policy, KYC Policy and Procedure Manual.

Lawful Grounds for Processing Personal Data and AML legislation

Under Article 6(1)(c) of the General Data Protection Regulation ("GDPR”), approved by Regulation (EU) 2016/679, of April 27, 2016, ZEW’s processing of personal data  necessary for compliance with a legal obligation to which ZEW is subject and for the purposes detailed in ZEW’s Privacy Policy is lawful.

This means that ZEW may retain personal data to fulfill statutory obligations, including those mandated by AML legislation.

Data Subject’s Rights and the Right to Erasure and Exceptions

Generally, Users may, at any time and subject to the legal requirements for admissibility, exercise the right of access, rectification, erasure, restriction of processing to object to processing and data portability.

While GDPR provides data subjects the right to obtain from the controller the erasure of their personal data under Article 17(1), there are exceptions to this right under Article 17(3), namely if the processing is necessary for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject.

Personal data cannot be erased if its retention is necessary to comply with a legal obligation imposed by Union or Member State law.

For example, data retained for AML compliance purposes is exempt from the right to erasure for the duration mandated by law.

Retention Periods

Personal data required under AML regulations will be:

  • Retained for the duration mandated by legal requirements (7 years);

  • Promptly and securely deleted once the mandated retention period expires.

Balancing GDPR and AML Compliance

ZEW's data retention practices ensure compliance with both the applicable Data Protection Regime and AML legal and regulatory standards. This dual compliance means:

  • Personal data is processed lawfully and transparently;

  • Legal obligations are satisfied without infringing on the principles of data protection.



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.