Policy on Handling and Protection of Personal Data
IT-Communications Vietnam Company Limited (hereinafter referred to as “IT-COM VIETNAM”) is a Company established under Vietnamese law. We, including IT-COM VIETNAM and Related Persons and Affiliates of IT-COM VIETNAM according to the law (hereinafter collectively referred to as "We"), understand the importance of data customer's personal. We respect your personal data and commit to protecting and processing your personal data appropriately in compliance with Vietnamese law.
This personal data processing and protection policy (“Policy”) is designed to provide customers with the most general information about personal data processing activities at IT-COM VIETNAM, includes the following basic contents:
SECTION 1: GENERAL RULES
SECTION 2: CONTENT PROCESSING AND PROTECTION OF PERSONAL DATA
SECTION 3: PERSONAL DATA RETENTION PERIOD
SECTION 4: RIGHTS AND OBLIGATIONS OF DATA SUBJECTS
SECTION 5: OTHER REGULATIONS
SECTION 1: GENERAL RULES
Article 1. Subjects of application
This Policy applies to all Customers who provide their personal data to IT-COM VIETNAM through the means of providing personal data specified in this Policy.
Article 2. Terminology used in the policy
“Personal data” is information in the form of symbols, letters, numbers, images, sounds or similar forms in the electronic environment that is associated with a specific person or helps identify a specific person. can. Personal data as defined in this Policy includes basic personal data and sensitive personal data specified in Article 3 of this Policy.
“Information that helps identify a specific person” is information formed from an individual's activities that, when combined with other data and stored information, can identify a specific person.
“Data subject” is the individual to whom the personal data reflects. When you provide your personal data to IT-COM VIETNAM, you are considered a data subject.
“Personal data processing” means one or more activities affecting personal data, such as: collection, recording, analysis, confirmation, storage, correction, disclosure, combination, access, retrieve, retrieve, encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy personal data or other related actions.
Regulations on personal data protection are all current legal documents on personal data protection including but not limited to Decree No. 13/2023/ND-CP dated April 17, 2023 of Government.
Article 3. Data collected by IT-COM VIETNAM
IT-COM VIETNAM commits to only collecting and processing personal data that has been agreed to be provided by the data subject, including part or all of the following personal data:
1 Basic personal data, including:
-
Surname, middle name, birth name, other names (if any);
-
Date of birth; date, month, year of death or disappearance;
-
Gender;
-
Jobs;
-
Place of birth, place of birth registration, permanent residence, temporary residence, current residence, hometown, contact address;
-
Nationality;
-
Images of individuals;
-
Phone number, ID card number, personal identification number, passport number, driver's license number, license plate number, personal tax code number, social insurance number, medical insurance card number economic;
-
Marital status
-
Information about family relationships (parents, children);
-
Information about individual digital accounts; Personal data reflecting activities and history of activities in cyberspace;
-
Bank account information, credit card information;
-
Other personal data that IT-COM VIETNAM collects when data subjects interact on the Website, including but not limited to information related to usage such as Cookie information, updates, etc. access signature, terminal information, and other communications-related information of the data subject, including IP address, browser information, browser language, and the content of the service that the data subjects use, date, time and number of times of use, online behavior of the data subject, information related to the settlement situation through the use of services on the Website.
2 Sensitive personal data, including:
-
Political views, religious views;
-
Health status and private life are recorded in medical records, excluding information about blood type;
-
Information related to racial origin and ethnic origin;
-
Information about inherited or acquired genetic characteristics of individuals;
-
Information about the individual's physical attributes and biological characteristics;
-
Information about individual's sex life and sexual orientation;
-
Data about an individual's location determined through a location service, such as geolocation information.
SECTION2: CONTENTS OF PROCESSING AND PROTECTION OF PERSONAL DATA
Article 4. Purpose of processing personal data
IT-COM VIETNAM only uses personal data provided for the purposes below or other lawful purposes as agreed between the data subject and IT-COM VIETNAM arising from time to time or other purposes. which the law stipulates.
-
To conduct communication and provide and exchange information about the services that IT-COM VIETNAM legally provides in accordance with the law (“Services”);
-
To establish technical and technological measures to simplify the entry of necessary information when data subjects register for the Service;
-
To confirm that the data subject has registered for the Service to receive information via email;
-
To survey and analyze the Service usage situation and the level of satisfaction with the Service of data subjects;
-
To implement measures to improve current Services or to develop new Services;
-
To send instructions or notifications about current Services or new Services to data subjects;
-
To invite data subjects to participate in events organized by IT-COM VIETNAM;
-
To send advertisements of the Group and/or Third Parties for whom IT-COM VIETNAM is obligated to advertise;
-
To resolve problems in the process of providing Services to data subjects;
-
To serve the management and operation of the Company's business activities;
-
To draft agreements, contracts or other documents concluded with data subjects;
-
To carry out the rights and obligations of IT-COM VIETNAM arising from contracts and agreements between IT-COM VIETNAM and the data subject;
-
To transfer to a Third Party that has been consented to by the data subject before the transfer;
-
To store according to legal regulations.
Article 5. How to process data
IT-COM VIETNAM will securely process the data subject's personal data through the following methods:
-
IT-COM VIETNAM collects data through the following means (i) information and documents that the data subject provides to IT-COM VIETNAM through filling in the requested information on the Website, sending fax, email, text message, postal, face-to-face communication or other means; (ii) interactive activities of data subjects on the Website and (iii) Agreements and contracts between data subjects and IT-COM VIETNAM;
-
IT-COM VIETNAM stores and processes personal data of data subjects through paper document processing, using office application software such as Microsoft Word, Excel, PowerPoint, OneNote, Outlook provided. by a reputable provider, storing data in a server in an environment that normal users cannot access, or storage devices such as USB sticks or hard drives.
-
Upon completion of data processing or when required by law or requested by the data subject, IT-COM VIETNAM will destroy and delete the data subject's personal data through methods such as using a computer. shred paper, irreversibly erase data on software, servers, storage devices, or authorize a third party to provide data destruction services.
Article 6: Security, processing and protection of personal data
-
All personal data provided by the Customer will be absolutely confidential by IT-COM VIETNAM and stored in a server in an environment that is inaccessible to normal users and IT-COM VIETNAM professional managers. Nam will manage and use this personal data. Information will be strictly managed and there will be no cases of unauthorized access to personal information, loss, leakage or falsification of information.
-
IT-COM VIETNAM will only process personal data for the purposes agreed to by the data subject, and implement appropriate monitoring and protection measures to protect personal data from violations. Violating the Regulations on Personal Data Protection and preventing, combating and limiting loss or damage caused by incidents or violations.
-
Unless otherwise prescribed by law or prior consent of the data subject has been received, IT-COM VIETNAM commits not to provide the data subject's personal data to any Third Party. other than the Third Party specified in Article 7.2 of this Policy. In case of providing personal data to a Third Party, IT-COM VIETNAM will endeavor to impose necessary measures on this Third Party to protect personal data.
-
For sensitive personal data, IT-COM VIETNAM will designate a department or person in charge of protecting personal data and exchange information about this department or person in charge with the Ministry of Public Security according to regulations. Decree No. 13/2023/ND-CP dated April 17, 2023 of the Government.
Article 7: Providing personal data to third parties
-
IT-COM VIETNAM has the right to provide personal data of data subjects to third parties that process personal data for the data processing purposes mentioned in Article 4 of the Policy.
-
“Third party” includes authorized representatives of IT-COM VIETNAM; Relevant organizations and individuals for the purpose of checking and referencing history, work experience, education level, skills, checking and identifying conflicts of interest and conflicts of interest; Contractors and service providers that IT-COM VIETNAM hires or supplements to carry out activities related to IT-COM VIETNAM business field or to fulfill IT-COM VIETNAM legal obligations IT-COM VIETNAM; Third Parties related to contracts, agreements, and commitments that the data subject enters into with IT-COM VIETNAM; Competent state agencies; Other individuals and organizations permitted by law or authorized by the data subject.
Article 8. Unintended consequences and damage are likely to occur during data processing
IT-COM VIETNAM has implemented appropriate security measures to prevent data subject data from being lost, used or accessed in an unauthorized manner, modified or unlawfully disclosed. However, the data subject is advised that during the process of IT-COM VIETNAM processing the data subject's personal data, the data subject's data may be lost due to unauthorized access outside IT-COM VIETNAM control ability (such as data being hacked from computer systems or servers), and data subject's data may be destroyed due to force majeure events. However, IT-COM VIETNAM will take all necessary and reasonable actions in an effort to prevent such damage from occurring during the processing of the data subject's data.
SECTION3: PERSONAL DATA RETENTION RERIOD
Article 9: Start and end time of data processing
-
Time to start data processing: IT-COM VIETNAM begins processing personal data from the time the data subject provides personal data to IT-COM VIETNAM.
-
End of data processing: Unless otherwise required by law, IT-COM VIETNAM will end the processing of the data subject's personal data when (i) the purposes of the processing are completed data stated in the Policy, and (ii) there is a request from a State agency or a request from a data subject.
SECTION4: RIGHTS AND OBLIGATIONS OF DATA SUBJECTS
Article 10: Data subject's consent
1. IT-COM VIETNAM only collects and processes personal data of data subjects after satisfying
the following conditions:
-
The consent of the data subject has been obtained by clicking on the checkbox set up below the information fields that Customers are required to provide on the Website.
-
The data subject has received notice of personal data processing from IT-COM VIETNAM before IT-COM VIETNAM processes personal data by clicking to agree in the checkbox set below the terms. information fields that Customers are required to provide on the Website.
-
In addition, IT-COM VIETNAM also collects consent and processes target data reported on the Company's consulting calls and Zalo.
2. Notwithstanding the provisions of this Article, IT-COM VIETNAM is entitled to process personal data without
the consent of the data subject in the following cases:
-
In an emergency, it is necessary to immediately process relevant personal data to protect the life and health of the data subject or other people;
-
Disclose personal data according to the provisions of law;
-
To perform the data subject's contractual obligations with IT-COM VIETNAM according to the provisions of law.
3. Data subjects provide personal data by the following means, and IT-COM VIETNAM collects personal data
of data subjects through these means:
-
Fill in the requested information on the Website;
-
Providing information and documents via fax, email, text message, post, direct exchange or other means;
-
Carry out interactions on the Website;
-
Make calls on the Zalo application;
-
Agreement and contract between data subject and IT-COM VIETNAM.
Article 11: Rights and obligations of data subjects
Under the Personal Data Protection Regulation, data subjects have rights in relation to the processing of their personal data, including but not limited to the right to know, the right to consent, the right to access, the right to delete data, the right to restrict data processing, the right to self-protection according to the Regulations on Personal Data Protection.
When receiving legal requests related to the exercise of data subjects' rights, IT-COM VIETNAM will handle these requests in accordance with the order, procedures, and deadlines according to the Data Protection Regulations. personal data. However, the data subject should note that exercising the data subject's rights may hinder the provision and updating of IT-COM VIETNAM products and services to the data subject.
Data subjects have obligations such as protecting their personal data; Respect and protect the personal data of others; Provide complete and accurate personal data when agreeing to process personal data; and other obligations under the Personal Data Protection Regulations.
SECTION5: OTHER PROVISIONS
Article 12: Impact assessment and transfer of personal data abroad
1. Assess the impact of processing personal data
-
IT-COM VIETNAM will prepare a dossier assessing the impact of processing personal data according to the form prescribed in Decree No. 13/2023/ND-CP dated April 17, 2023 of the Government and send it to the Ministry of Public Security (Department of Cyber Security and Prevention Cyber Crimes) within 60 days from the date of processing personal data.
-
In case there is a change in the content of the personal data processing impact assessment file, IT-COM VIETNAM will update or supplement and send it to the Ministry of Public Security according to the provisions of the Decree. No. 13/2023/ND-CP dated April 17, 2023 of the Government.
2. Transfer of personal data abroad
-
Personal data is only transferred to companies belonging to the Company's group, or relevant partners abroad for purposes that have been notified in advance to the data subject.
-
The transfer of personal data abroad will be carried out in accordance with the personal data protection rules specified in Decree No. 13/2023/ND-CP dated April 17, 2023 of the Government and IT-COM VIETNAM will fully implement the obligations prescribed in Decree 13 including but not limited to procedures for preparing and sending dossiers assessing the impact of transferring personal data abroad to the Ministry of Public Security within the time limit. 60 days from the date of processing personal data, storing this impact assessment record at the Company to serve the inspection activities of the Ministry of Public Security.
-
IT-COM VIETNAM will endeavor to impose necessary measures to ensure that personal data is used by the organization receiving personal data transfer abroad for the right purpose as notified to the data subject. and have safeguards against leakage to the outside.
Article 13: Methods and tools for editing personal data
Data subjects can self-check and edit the information provided at any time on the Website according to the editing mechanism clearly specified on the Website or contact IT-COM VIETNAM directly to request corrections. according to the contact information stated in Article 15.1 of this Policy.
Article 14: Use of “Cookies”
Customers can set whether or not to allow the use of Cookies. In many Web browsers, the use of Cookies is automatically permitted, but browser settings can also be changed to prevent the use of Cookies.
-
Once you have blocked the use of Cookies, you may not be able to use this Website normally, or display advertising settings that require the use of Cookies;
-
IT-COM VIETNAM receives your Cookie information, information about advertisements and websites you have viewed, or the environment you use, etc. from your browser automatically and then copy it to the server to use that information to improve the convenience of automatically entering your email address when logging in. This website ensures security for you. maintaining and protecting sessions, in addition to considering new services, and improving services or advertising content that is more suitable for customers.
Article 15: Contact information and policy updates and changes
If you have any questions about this Policy, please contact us at the following address:
IT-COMMUNIACTIONS VIETNAMCO.,LTD
Head office: 6th Floor, No. 178/8 Nguyen Van Thuong Street, Ward 25, Binh Thanh District, Ho Chi Minh City, Vietnam.
This Policy is issued and takes effect from July 1, 2023.
We may amend and update this Policy from time to time. The revised and supplemented Policy will take effect from the time it is posted on our Website. Please visit the Website to refer to the current Policy.