Because Givealittle is used for transferring money from one party to another, we have obligations under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009.
One of these requirements is to perform Customer Due Diligence (CDD) on all the people we pay funds to.
If the Payee is an Individual then we will do CDD on them, personally. If the Payee is an organisation, such as a Charity, School, Business, or other Group, then we are required to perform CDD on any people that have "Effective Control". Sometimes we also need to do CDD on other people associated with a page, perhaps a particular donor or member, or beneficiary, etc.
Our staff will review the information you provide, to confirm your identity (including taking reasonable steps to determine whether you are a politically exposed person or a close associate of a politically exposed person).
If you choose to be verified by Electronic Verification, we will share your personal information with Cloudcheck, a provider of electronic identity verification services. They compare the information provided with government data sources and global watchlists and provide us with a report. Your information is retained by Cloudcheck for 7 days, then purged from their system. (See Verify’s Data Retention Policy.)
We also use Cloudcheck to perform a biometric check that you are the owner of the identity document used for the Electronic Verification. This is done securely on the Cloucheck website and the result is stored by us. Your information is retained by Cloudcheck for 7 days, then purged from their system. (See Verify’s Data Retention Policy.)
From time to time, in order for us to comply with our charitable reporting obligations, we may need to disclose your personal information to independent auditors and public authorities (including government agencies with statutory law enforcement responsibilities). We will only disclose your information if we are required by law to provide it.
Your data is encrypted in our database and communicated securely to and from Cloudcheck. Once your identity has been verified, the details you supplied for verification, and the report from Cloudcheck, will be locked and only accessible by specially authorised staff. If verification is not completed for some reason, the information will be automatically locked after a reasonable period of time.