🇺🇸EnglishEnglish🇲🇪CrnogorskiMontenegrin🇷🇺РусскийRussian🇹🇷TürkçeTurkish
For whoSolutionHowPricing

Terms of Use and Privacy Policy

1. INTRODUCTION

This document governs the Terms of Use and Privacy Policy of the AML CORE platform (hereinafter: the "Platform"), operated by AI BUSINESS SOLUTIONS DOO, registered seat: 4 JULA BR. 113/18, Podgorica, Montenegro; Tax ID (PIB): 04381122 (hereinafter: the "Company", "we", "us", or "our").

These Terms of Use and Privacy Policy constitute a binding agreement between the Company and each Platform user. By accessing, registering for, or using any part of the Platform, the user agrees to be legally bound by all provisions set out in this document.

By using the Platform, you confirm that you have read, understood, and accepted all provisions of this document. If you do not agree with them, you are not authorized to use the Platform.

The Company reserves the right, in accordance with law, to take all measures necessary to protect its rights, system integrity, and the interests of other users.

2. DEFINITIONS

For the purposes of this document, the following terms have the meanings set out below:

  • Platform – the AML CORE software application operated by the Company and used to provide technical support for the implementation of AML procedures.
  • Company – the legal entity that develops, maintains, and operates the Platform.
  • User – a legal entity or natural person registered on the Platform and using its functionalities for AML procedures.
  • Client – one natural person or legal entity representing one business relationship of the user under AML regulations.
  • Related persons – natural persons related to the client, including beneficial owners, legal representatives, authorized persons, and other persons in accordance with AML regulations.
  • AML documentation – all data, records, logs, and documents processed for implementing anti-money laundering and counter-terrorist financing measures.
  • DMS (Document Management System) – the electronic system for storing, organizing, and managing AML documentation within the Platform.
  • Automated processing / automated functionalities – technical Platform functions that process data based on predefined rules, without making automated decisions that produce legal effects for persons.
  • Sub-processor – a third party engaged by the Company to provide hosting or infrastructure services, in accordance with law.
  • Terms – these Terms of Use and Privacy Policy.

3. PLATFORM PURPOSE

The Platform is intended for legal entities and natural persons implementing procedures under the Law on Prevention of Money Laundering and Terrorist Financing of Montenegro and, depending on the selected package, provides the following functionalities:

  • KYC (Know Your Customer) – client identification and verification in accordance with legal requirements,
  • Creation and maintenance of risk matrices – defining, classifying, and periodically updating risk levels of clients and transactions,
  • Preparation of AML reports – automatic generation of legally prescribed reports and internal analyses,
  • Due Diligence analyses – collection, processing, and verification of data on clients, partners, and business relationships,
  • AML policies and procedures – creation, updating, and record-keeping of internal acts and measures,
  • Transaction records and monitoring of suspicious activities,
  • Automatic risk assessment – generation of preliminary risk ratings for clients or transactions based on predefined criteria,
  • Register of obligated entities and employees,
  • System notifications and reminders,
  • Training records and internal knowledge checks,
  • Generation of standardized forms and reports (PDF, Excel),
  • Internal audit and activity review,
  • Secure archive of AML documentation,
  • PEL / sanctions checks,
  • Multi-user support and hierarchical access,
  • Advanced encryption and access control – in accordance with GDPR and data protection regulations.

The Company does not provide legal, financial, or accounting advice. The Platform serves exclusively as a technical and IT tool supporting users in the implementation of AML procedures.

The Platform does not make decisions that by themselves produce legal effects for individuals, nor are decisions based exclusively on automated data processing. It provides technical support to users, with mandatory human assessment and decision-making.

3.1. Usage limitation and target audience

The Platform is intended exclusively for entities that are obligated under the Law on Prevention of Money Laundering and Terrorist Financing (e.g., banks, accounting service providers, lawyers, notaries, real estate agencies, insurance companies, etc.).

Natural persons who are not obligated entities may use the Platform only for educational purposes, without processing real third-party data. The Company reserves the right to refuse or limit registration in accordance with internal risk assessment procedures.

4. REGISTRATION AND USER ACCOUNTS

Registration is required to access Platform functionalities. The user is responsible for:

  • accuracy and completeness of entered data,
  • maintaining the confidentiality of username and password,
  • all activities performed through their account.

The Company is not liable for any account misuse, unauthorized access, or data loss resulting from improper handling of the account by the user.

User accounts are personal and non-transferable and may not be assigned, sold, or otherwise provided to third parties without the Company's consent.

5. TYPES OF DATA PROCESSED BY THE PLATFORM

5.1. User data

  • first and last name,
  • business email address and phone number,
  • legal entity name and tax ID (if applicable),
  • username and password,
  • IP address, login date and time.

5.2. Data entered by users

  • personal data of third parties (the user’s clients),
  • documentation and records of AML processes (identification documents, contracts, risk assessments).

The Company does not inspect the content of entered AML data and does not use such data for its own purposes.

6. PROCESSING AND PROTECTION OF PERSONAL DATA

6.1. Legal basis and compliance

The Company processes personal data in accordance with:

  • the Law on Personal Data Protection of Montenegro,
  • the EU General Data Protection Regulation (GDPR 2016/679),
  • the Law on Electronic Commerce of Montenegro.

6.2. Who collects and processes data

The Company acts as Data Controller in relation to Platform user data.

When a user enters data of their clients as part of AML procedures, that user becomes an independent Data Controller, while the Company acts as a technical Data Processor and does not assume responsibility for the content, accuracy, or lawfulness of such data.

Where needed, the Company and the user may enter into a separate Data Processing Agreement (DPA) in accordance with GDPR.

Mutual rights and obligations regarding data processing may be further regulated by a separate Data Processing Agreement (DPA).

Special categories of personal data, if processed by the user, are specially marked and protected in accordance with Article 13 of the Law.

7. DATA STORAGE LOCATION AND METHOD

All personal data is stored on secure server infrastructure operated by contracted hosting and infrastructure providers, currently within the European Union / European Economic Area, unless otherwise stated in a separate agreement or notice.

The Company, together with contracted hosting providers and data center infrastructure providers, applies modern technical and organizational protection measures in line with international standards (ISO/IEC 27001, GDPR, and applicable regulations of Montenegro), including but not limited to:

  • SSL/TLS encryption of data transmission,
  • multi-layer authentication and access control,
  • physical and logical server protection,
  • firewall and IDS/IPS systems,
  • regular backups and recovery plans,
  • 24/7 monitoring of infrastructure and network services.

The Company is not liable for incidents, failures, data loss, or unauthorized access caused by omissions or technical issues on the side of external hosting providers, except where such omission is proven to be the result of the Company's intent or gross negligence.

The amount of storage space for documentation (DMS) depends on the selected package.

If the contracted storage space is exceeded, the user must purchase additional space or upgrade the package.

The Platform does not guarantee unlimited data storage space.

The Platform is intended exclusively for storing AML-relevant documentation.

Misuse of the system for storing data unrelated to AML procedures is not allowed.

If the user enters special categories of personal data under applicable regulations, the user is obliged to ensure an appropriate legal basis, while the Platform applies additional technical access protection measures for such data.

The Platform automatically keeps records of user access and activities in accordance with legal requirements, for security, audit, and proof of compliance.

The Company uses contracted hosting and infrastructure service providers (sub-processors), selected with due care and contractually obligated to apply appropriate technical and organizational protection measures in accordance with applicable regulations.

The Company is not liable for security incidents arising exclusively from failures of sub-processors, except where such sub-processor was selected contrary to applicable regulations or without due care.

Entrusting processing of personal data to sub-processors (hosting and infrastructure providers) is performed exclusively on the basis of written agreements, in accordance with Article 16 of the Law on Personal Data Protection.

7.1. Data retention period

User personal data is retained only as long as necessary to achieve the purpose of processing, and at most until user account deletion, unless a longer period is prescribed by law.

Activity logs and technical records are retained for up to 12 months for security and audit purposes.

Data processed for AML procedures may be retained longer if required by specific laws.

Retention periods for AML documentation may be longer in accordance with specific regulations in the field of anti-money laundering and counter-terrorist financing.

7.2. Confidentiality and data access

Access to confidential data is restricted exclusively to authorized Platform administrators for technical maintenance purposes, without the right to review user content.

All Company employees and associates sign confidentiality statements and are obliged to maintain confidentiality even after termination of employment.

Data is not transferred outside the EU/EEA or shared with third parties except where required by law, necessary for service delivery through contracted sub-processors, or otherwise governed by a Data Processing Agreement.

8. PURPOSE OF DATA PROCESSING

Data is used exclusively for:

  • user registration and authentication,
  • system maintenance and security,
  • technical support and communication,
  • fulfilment of legal obligations within the AML framework.

The Company does not use data for marketing purposes nor disclose it to third parties.

The Platform automatically keeps records of access, activities, and data processing in accordance with Articles 24 and 26 of the Law on Personal Data Protection, for security, audit, and proof of compliance.

9. USER RIGHTS

The user has the right to:

  • request access to their data,
  • request rectification, restriction, or deletion of data,
  • transfer their data to another controller,
  • withdraw consent for processing,
  • file a complaint with the Personal Data Protection Agency of Montenegro.

To exercise the above rights, the user may contact: info@amlcore.me.

The Company will act within the statutory period of 30 days.

10. USER RESPONSIBILITY

Users entering third-party data into the system (e.g., client data) confirm they have a legal basis and consent for such processing.

The Company is not liable for any unlawful or unauthorized data processing by users.

The user is solely responsible for the accuracy, completeness, and timeliness of all data entered into the Platform, including client data, AML assessments, risk classifications, documentation, and other records maintained within the Platform.

Automated Platform functionalities, including automatic risk assessment, scoring, and report generation, represent technical support and do not release the user from legal responsibility for implementing AML procedures in accordance with applicable regulations.

11. SECURITY INCIDENTS

In case of a data security breach, the Company will:

  • respond immediately and take protective measures,
  • notify the competent authority,
  • where necessary, notify affected users.

12. LIMITATION AND DISCLAIMER OF LIABILITY

The Company does not guarantee:

  • uninterrupted operation of the Platform,
  • accuracy of data entered by users,
  • users’ compliance with law,
  • prevention of all possible unauthorized access.

To the maximum extent permitted by law, the Company, its employees, and partners are not liable for any direct, indirect, incidental, or consequential damage arising from use or inability to use the Platform.

In such cases, the Company will undertake all reasonable measures to restore normal operation of the system.

The Platform is provided on an "as-is" and "as-available" basis.

The Company is not responsible for the accuracy, availability, or timeliness of data obtained from third parties or external sources.

The Company reserves the right to temporarily suspend operation of the Platform for maintenance, upgrades, or technical improvements.

The total liability of the Company, on any basis arising from use of the Platform, is limited to the amount paid by the user to the Company in the last 12 months.

12.1. Force majeure and technical circumstances

The Company is not liable for damage caused by events outside its reasonable control, including natural disasters, technical breakdowns, cyber attacks, internet outages, decisions of state authorities, or other force majeure circumstances.

12.2. Disclaimer of regulatory and advisory responsibility

The Company does not guarantee that use of the Platform by itself ensures full compliance with laws, regulations, or guidelines of competent authorities.

The Platform does not replace legal, accounting, or professional advice. The user is solely responsible for interpretation and application of relevant regulations.

13. INTELLECTUAL PROPERTY

All Platform content (software, databases, texts, reports, graphics, logo) is the exclusive intellectual property of the Company and protected by the laws of Montenegro and international regulations.

Any unauthorized copying, distribution, modification, or reproduction of materials is prohibited.

14. PROHIBITED ACTIVITIES

Users are prohibited from:

  • using the Platform for illegal activities,
  • entering false or misleading data,
  • attempting unauthorized access to systems,
  • performing reverse engineering, copying, or decompilation of code.

Violation of these provisions may lead to permanent account termination and initiation of legal proceedings.

Use of automated tools, scripts, bots, or other means for access, data collection, or disruption of Platform operation is prohibited.

14.1. Access termination and account deletion

The Company reserves the right, without prior notice, to temporarily or permanently disable access for a user who violates these Terms, abuses the system, or endangers data security.

The Company may delete the account and all related data, while retaining a copy within the legally required period where mandatory.

The Company reserves the right to temporarily suspend user access to the Platform in case of suspected abuse, security risk, breach of these Terms, or legal violations, without prior notice.

The Company reserves the right to temporarily suspend or limit access to the Platform in case of delay in settlement of financial obligations, until obligations are fully settled.

During the suspension period, user access to Platform functionalities may be disabled, including entry of new data, while existing data remains preserved.

15. CHANGES TO THE DOCUMENT

The Company reserves the right to amend these Terms and Privacy Policy at any time.

All amendments enter into force on the day of publication on the Platform.

The Company reserves the right, without prior notice to users, to modify, improve, or adjust the appearance, structure, technical characteristics, functionalities, and content of the Platform, as well as forms, reports, and related documentation, for service improvement, regulatory alignment, or technical development.

The user is obliged to periodically check updates; continued use is considered acceptance of changes.

Changes may include adding, modifying, or removing certain functionalities, in line with Platform development and regulatory requirements.

Data obtained via external sources, databases, or third parties is provided for informational purposes only, and the Company does not guarantee its completeness, accuracy, or timeliness.

16. GOVERNING LAW AND JURISDICTION

This document is interpreted in accordance with the laws of Montenegro.

For all disputes arising from use of the Platform, the Commercial Court in Podgorica has exclusive jurisdiction.

17. CONTACT

For all questions, requests, or complaints related to this document, users may contact us by email at info@amlcore.me, by phone at +38268407407, or at the registered seat: 4 JULA BR. 113/18, Podgorica.

18. FINAL NOTE

The AML CORE Platform is developed and maintained in accordance with the principles of compliance by design and data protection by default.

The Company regularly conducts internal security audits, updates policies, and improves data protection in accordance with the technical and regulatory standards of the European Union and Montenegro.

Request a free demo

Leave your details and we will contact you as soon as possible