Customer Personal Data Protection Notice
(Updated date: 26/02/2025)
Sun World Group Co., Ltd
Important note: By continuing to access or/and use the electronic information page, electronic application of Ours or enter into, use the products, goods and services of Ours, the Customer acknowledges that they have read, understood and fully agree with the content of this Personal Data Protection Notice.
INTRODUCTION
This Customer Personal Data Protection Notice ("Notice") is implemented by Sun World Group Co., Ltd and its subsidiaries, affiliates, partners, branches, representative offices (collectively referred to as "We") and describes Our activities related to the processing of Customer's personal data, including but not limited to activities of collecting, recording, analyzing, confirming, storing, modifying, disclosing, combining, retrieving, recalling, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, destroying personal data or other related actions. We will also share with the Customer Our rights and how the Customer can exercise these rights. This Notice governs the way We collect and process personal data of organizations, individuals ("Customer"), including all: customers, agents, contractors, suppliers, distributors, partners who: (i) own, co-own, use or interact with Our products, goods, services (collectively referred to as "Services"); and/or (ii) participate in Our promotional, advertising, marketing and other promotional activities; and/or (iii) access, contact through Our electronic information pages, electronic applications or any other official information/communication channels of Ours; and/or (iv) enter into contracts with Us; and/or (v) have personal data provided to Us through other means. By continuing to access or/and use the electronic information page, electronic application of Ours or enter into, use the products, goods and services of Ours or interact with Us in any other way, the Customer acknowledges that they have read, understood and fully agree with the content of this Notice and any updated, supplemented, adjusted or replaced content at any time.
1. SCOPE OF DATA COLLECTION
Personal data is information that identifies the Customer or information about the Customer that We can collect from various sources.
1.1 Data sources
Personal data is information that identifies the Customer or information about the Customer that We can collect from various sources, including: (i) directly from the Customer, (ii) from third parties authorized by or related to the Customer, (iii) from companies, organizations, businesses that are customers of Ours where the Customer is the representative or related, (iv) from other members of Ours and from suppliers, partners, contractors, other organizations, (v) from camera or other technological tools installed at Our business premises or locations, or (vi) from other publicly available information sources, cookies and other information sources in accordance with legal regulations. The Customer's Personal Data that We collect includes but is not limited to and may change depending on the products, services, goods, Customer's interaction with Us and according to the authority and regulations of the law ("Personal Data"), specifically: (i) Personal information such as: Full name, middle name and surname; date, month, year of birth; gender; nationality; ID card number, personal identification number, passport; … (ii) Image data including: personal images, camera footage and recordings of the Customer; … (iii) Contact information such as: Fixed or mobile phone number; permanent residence, current residence, hometown, contact address; personal email address… (iv) Behavioral data: Data related to electronic information pages or applications: technical data (including device type, operating system, browser type, browser settings, IP address, language settings, date and time of connection to the electronic information page, application statistics, application settings, date and time of connection to the application, technical contact information and other location information); account name; password; security login details; usage data; advertising data: interests in advertising, cookie data, clickstream data, web browsing history, reactions to direct marketing; … (v) Correspondence data: Information recorded through voice, messages, emails and other communications that the Customer exchanges with Us.
1.2 Sensitive personal data
In some cases, We may need to collect sensitive Personal Data of the Customer for the purpose of providing Services to the Customer or for other necessary purposes or as required by law. Sensitive Personal Data is Personal Data related to an individual's privacy that when violated will directly affect the legal rights and interests of the individual including: (i) Data about crimes, criminal records collected, stored by law enforcement agencies; (ii) Customer information data of credit institutions, foreign bank branches, authorized intermediary service providers, other authorized organizations; (iii) Data about the location of an individual determined through location services; (iv) Other personal data stipulated by law as special and requiring necessary security measures.
1.3 Responsibility for accuracy
The Customer must ensure the accuracy and legality of the Personal Data provided, We are not responsible and do not resolve any complaints related to the rights and interests of the Customer in cases where the information the Customer provides is inaccurate.
1.4 Third party data
If the Customer provides Us with Personal Data of a third party, the Customer must obtain the permission, consent, approval or confirmation of that third party as required by law and must explain and ensure that person understands how We will use their personal data. The Customer is responsible for all costs and expenses arising from the act of providing information causing disputes, complaints, lawsuits of third parties against the Customer and Us; and compensate Us for any direct and/or indirect damages related to the complaint/suit/dispute mentioned above.
1.5 Minors
If the Customer is under 16 years old, the Customer must obtain the consent of parents or guardians, legal representatives in accordance with legal regulations before providing personal data to Us. Parents, guardians or legal representatives will be bound by this Notice and be responsible for the Customer's actions. We have the right to refuse to provide Services to the Customer if there is a basis to believe that the Customer is under 16 years old and has not obtained the consent of parents, guardians, legal representatives regarding this content.
2. COLLECTION AND USE OF COOKIES
We use cookies, pixels, beacons, tags and other similar technologies (collectively referred to as "cookies") to identify the Customer's browser or device, learn more about the Customer's preferences, provide the Customer with essential features and services and for other additional purposes.
2.1 Purposes of using cookies
We use cookies for the following purposes: a) Identify the Customer when logging in and/or using Our services. This allows Us to provide the Customer with suggestions, display personalized content and provide other customized features and services. b) Respect the options that the Customer has agreed to. This allows Us to respect what the Customer likes and dislikes, such as language and configurations that the Customer chooses. This improves the quality of service and Customer experience. c) Conduct research and analysis to improve Our products, goods, services, suggest new services and features suitable for the Customer's needs d) Evaluate the effectiveness and improve the electronic information page, electronic application and make them suitable for the Customer's preferences. e) Prevent fraudulent behavior. f) Improve security. g) Provide content, including advertising, relevant to the Customer's interests on Our electronic information page, electronic application and third-party websites. h) Measure and analyze the quality of Our products, services, goods.
2.2 Managing cookies
Cookies allow the Customer to take advantage of some essential features of Ours. For example, if the Customer blocks or refuses Our cookies, the Customer may not be able to use certain products, services that require the Customer to log in or the Customer may have to manually adjust some options or language settings each time the Customer accesses again. The Customer can manage browser cookies by setting their browser. The 'Help' feature on most browsers will tell the Customer how to prevent the browser from accepting new cookies, how the browser notifies the Customer when receiving a new cookie, how to disable cookies and when cookies expire.
2.3 Third party cookies
Approved third parties may place cookies when the Customer interacts with their content, advertising or services. These third parties usually include search engines, measurement and analysis service providers, social networks and advertising companies. Third parties use cookies in the process of providing content, including advertising relevant to the Customer's interests, to measure the effectiveness of advertising and perform some services on Our behalf.
3. PURPOSES OF USING PERSONAL DATA
The Customer agrees that the Personal Data that We collect from the Customer will be used within the following scope, including but not limited to:
3.1 Evaluate and provide products, goods, services to the Customer
i. Provide products, goods, services and process related transactions, including but not limited to registration, purchase, participation in advertising programs, promotions and payments. ii. Personal image data is used to identify customer faces to create favorable conditions for the Customer to experience Our services seamlessly iii. Establish, maintain and manage the relationship between Us and the Customer; open, maintain and manage the Customer's account, verify the Customer's identity; provide the Customer with appropriate access to Our products, goods and services. iv. Send communications about the management of the Customer's account and features of the electronic information page, application or device and any adjustments, additions, updates, changes (if any). v. Send to the Customer information related to transactions and the Customer's needs in accordance with legal regulations. vi. Communicate with the Customer about products, goods, services, including products, goods, services being provided and upcoming, launched.
3.2 Improve products, goods and services
i. Measure usage, analyze performance, fix errors, provide support, improve and develop products, goods, services. ii. Monitor, record, record exchanges, communications of Ours with the Customer, for training, training purposes and improve the quality of goods, products, services. iii. Conduct surveys, data analysis and market research. iv. Collect information by aggregating data from the usage of Our products, goods, services and applications to provide products and services suitable for the Customer's needs. v. Monitor content conversations, posts on social media to identify unsatisfactory segments, feelings and opinions about Ours and the quality of Our products, goods, services.
3.3 Marketing and Advertising
i. Suggest, advertise, send relevant information to products, goods, services that the Customer may be interested in, identify preferences and personalize the Customer's experience with products, goods, services. ii. Manage content, promotional programs, surveys or other features of the electronic information page, application, device; or survey platform. iii. Market and promote products, services, goods in accordance with legal regulations, including displaying advertisements based on the Customer's interests.
3.4 Ensure security, safety, prevent fraud
i. Confirm technical and security information of the Customer's Personal Data. ii. Collect and identify personal images to ensure that Our services are provided to legitimate users, prevent unauthorized access, fraud iii. Protect against identity theft or other illegal activities. iv. Protect the security, integrity of products, goods, services and any means, devices used to provide products, goods, services. v. Ensure the safety of the Customer and Our employees. vi. For other health/safety regulations. vii. Detect, investigate and prevent financial crimes.
3.5 Comply with laws, current regulations and other requirements
i. Detect and investigate compliance with Our policies. ii. Provide information as requested by competent state agencies or mandatory provision in accordance with legal regulations.
3.6 Our legal rights
i. Establish, enforce legal rights or protect legal claims of Ours. ii. Store necessary records/documents as evidence for any disputes, claims, lawsuits that may arise in the future. iii. Determine, exercise Our self-defense rights against possible damages.
3.7 Other purposes
i. Other reasonable purposes to serve the Customer. ii. Any other purpose specific to Our business activities, including but not limited to purposes to facilitate business activities, transactions, mergers, transfers, corporate restructuring. iii. Purposes specified in Section 5 of this Notice. iv. Camera footage, in specific cases, may also be used for the following purposes: (i) for quality assurance purposes; (ii) for public safety and occupational safety purposes; (iii) to detect and prevent suspicious, inappropriate or unauthorized use of Our facilities, products, services and/or premises; (iv) to detect and prevent criminal acts; and/or (v) to conduct investigations at the request of state agencies. v. In any other way that We notify the Customer, at the time of collecting the Customer's Personal Data or before starting related processing or other requirements or permitted by current law.
4. STORAGE, DELETION, DESTRUCTION OF PERSONAL DATA
The Customer's Personal Data will be processed at any time depending on the Customer's consent, except in cases where current law stipulates otherwise and will stop processing when the Customer withdraws their consent or when requested in accordance with current regulations.
4.1 Storage duration
We will store the Customer's Personal Data for business reasons or legal reasons for the time the Customer transacts with Us, and then store for a period after that to perform the purposes as described in this Notice and in accordance with current legal regulations. Unless otherwise stipulated by law and current regulations, We will delete, anonymize, destroy and/or stop using the Personal Data when We no longer need that Personal Data.
4.2 Cases where data is not deleted
Deletion, destruction of data will not apply when requested by the Customer in the following cases: a) Laws stipulate that Personal Data cannot be deleted. b) Personal Data is processed by competent state agencies for the purpose of serving state agency activities in accordance with legal regulations. c) Personal Data is disclosed in accordance with legal regulations. d) Personal Data is processed for legal requirements, scientific research, statistics in accordance with legal regulations. e) In emergency situations of national defense, national security, public order, major disasters, dangerous epidemics, risk of threatening security, defense but not yet to the level of declaring a state of emergency; prevent riots, terrorism, prevent crimes and violations of law. f) Respond to emergency situations threatening the life, health and safety of the Customer and other individuals.
5. METHODS OF SHARING PERSONAL DATA
The Customer allows Us to use the Customer's Personal Data to (i) operate, provide and improve products, goods, services or perform contract conclusion and (ii) directly or on behalf of the Customer provide the Customer's Personal Data to other organizations, individuals to perform the purposes below:
5.1 Sharing purposes
For the purposes as stipulated in Section 3 of this Notice.
5.2 Third party services
We provide the Customer with services, software and content provided by third parties for use or through Our products, goods, services. The Customer may know when a third party is involved in the Customer's transactions and when We will share information related to those transactions with that third party.
5.3 Service providers
We use and/or cooperate with other companies, partners, contractors and individuals to perform some work and programs such as promotional programs, sales cross, market research, service improvement, personalization of Customer experience, advertising, communication, … for the Customer. These third-party service providers have access to the necessary Personal Data to perform their functions, but are not allowed to use it for other purposes. In addition, they must comply with this Notice and other Personal Data Protection laws.
5.4 Business transfers
During business development, We may sell or purchase businesses or restructure services or purchase a portion of assets, business areas in accordance with legal regulations. In such transactions, Personal Data, databases and general usage rights are one of the information, data transferred along with but the transferee must still comply with the provisions of this Notice or when approved by the Customer.
5.5 Disclosure according to law
We disclose accounts and other Personal Data when We believe it is appropriate to comply with the law, to enforce or apply other terms and agreements of Ours or to protect Our rights, property or security of Our customers, or any other person. These tasks may include exchanging information with other companies to prevent and detect fraud and reduce credit and property risks.
5.6 Notification and consent
In addition to the above provisions, the Customer will be notified when the Customer's Personal Data may be shared with third parties and the Customer will have the right not to consent to the sharing of information.
5.7 Sharing without consent
Cases of sharing Personal Data that do not require consent: as stipulated by law, information may be shared by Us for the purpose of improving the quality of goods, services; or for some objects to exploit records, including interns, researchers, practitioners at service facilities for professional technical work; or for representatives of state management agencies, investigation agencies, prosecutor's offices, courts, inspectors, insurance organizations, authorized appraisal organizations, lawyers allowed to borrow documents for reading or copying to serve the tasks assigned according to their authority.
5.8 International transfer
In case the recipient of the Customer's data is in a jurisdiction outside Vietnam and the laws of the host country do not have data protection laws similar to those in Vietnam, We will take all reasonable necessary steps to ensure that the Customer's Personal Data is subject to an appropriate, adequate level of protection to comply with current laws.
6. METHODS OF PROTECTING PERSONAL DATA
We commit to protecting the Customer's Personal Data through appropriate management, technical measures.
6.1 Compliance with usage regulations
Only use the Customer's Personal Data in accordance with the provisions of this Notice.
6.2 Security measures
We commit to using appropriate management, technical measures to protect information stored by Ourselves, comply with standards, technical regulations on ensuring information network security. In case of hacker attacks leading to loss of Customer's Personal Data, We will have the responsibility to notify the functional agency to investigate and handle promptly and notify the Customer to be aware.
6.3 Payment security
Information about bank accounts, payment cards issued by financial institutions is protected by Us according to international standards with the principle of not recording important data of payment cards (card number, name, CVV number) on Our system. The Customer's payment transactions are carried out on the system of the relevant bank.
6.4 Security on the Internet
Although the Internet is not a completely safe environment and We cannot guarantee that the Personal Data shared via the Internet will always be secure. When the Customer uses the Internet to transmit personal data, the Customer should only use secure systems to access electronic information pages, applications or devices. The Customer has the responsibility to protect their access authentication information for each electronic page, application and device and change the access password immediately. The Customer needs to notify Us immediately if they detect any abuse of login information and change the access password immediately.
6.5 Prohibition of system interference
The Customer absolutely must not use any tools, programs or other measures to illegally interfere with the system or change the data structure of any Service, nor perform any other actions aimed at disseminating, promoting activities with the purpose of interfering, destroying or invading the data of Our system, as well as other illegal acts under Vietnamese law. In case We detect the Customer's violation, We have the right to transfer information about the violation to competent authorities for handling in accordance with legal regulations.
6.6 International storage
The Customer's Personal Data may be stored at, accessed from or transferred to many countries, including Vietnam. When We transfer the Customer's Personal Data to other countries, We will ensure that the information is transferred in accordance with this Notice and allowed by law and related regulations.
7. INTERNET ADVERTISING AND THIRD PARTIES
Products, goods, services may include third-party advertising and links to other websites and applications. Third-party advertising partners may collect information about the Customer when the Customer interacts with their content, advertising or services. The Customer has the right to refuse to view advertising according to the instructions of the relevant advertising pages or other methods according to the regulations in the relevant Contract.
8. CUSTOMER'S RIGHTS REGARDING PERSONAL DATA
The Customer has full rights according to law regarding their Personal Data.
8.1 Basic rights
The Customer has full rights according to law regarding their Personal Data, including: i. Right to know ii. Right to consent iii. Right to access iv. Right to withdraw consent v. Right to delete data vi. Right to restrict, object to data processing vii. Right to provide data viii. Right to complain, denounce, sue ix. Right to claim compensation for damage x. Right to self-defense
8.2 Personal data management
The Customer can view, update, edit and delete certain information about their account and interactions with products, goods, services in one of the following ways: i. Log in to the Customer information management page, self-adjust or delete their information. ii. Call the hotline: We will support adjusting information or proceed to delete information if there is a basis to determine that the personal data provided by the Customer or requested to edit/delete is accurate. iii. Leave comments or feedback directly from Our electronic information page, application, We will check the information and contact the Customer to confirm the information and edit/delete the Customer's information when the information has been fully and accurately verified.
8.3 Service limitations
Many products, goods, services include functions that allow the Customer to choose about how their information is currently used. The Customer can choose not to provide certain information, but then the Customer may not be able to take advantage of some products, goods, services.
8.4 Written requests
In addition to exercising the rights regarding Personal Data established in Our electronic information page, application as mentioned in Clause 8.1 of this Article, for other rights, the Customer can send a written request to Us specifying the request specifically. After receiving the Customer's request, We will inform the Customer to consider the limitations, consequences, damages that may occur if performing according to the Customer's requests before performing that request.
8.5 Customer's obligations
In addition to the rights mentioned above, the Customer has the following obligations: i. Self-protect Personal Data of the Customer ii. Provide and be responsible for Personal Data provided by the Customer iii. Respect and protect Personal Data of others iv. Participate in propagating and popularizing skills to protect personal data v. Comply with regulations of law on protecting personal data and prevent, report violations of regulations on protecting personal data. vi. Other obligations according to law
9. CONSEQUENCES, UNINTENDED DAMAGES THAT MAY OCCUR WHEN PROCESSING PERSONAL DATA
The Customer needs to be notified about the consequences, damages that may occur during the processing of personal data.
9.1 Consequences
Personal Data is disclosed to other subjects without the Customer's consent; or third parties may access Personal Data and use it for other purposes without the Customer's consent.
9.2 Possible damages
Loss of property or reputation, prestige of the Customer is violated.
9.3 Other consequences
Other consequences, damages that We cannot foresee due to objective causes.
10. GENERAL PROVISIONS
General provisions on the implementation of this Personal Data Protection Notice.
10.1 Requirements for minors
If the Customer is under 16 years old, the Customer must obtain the consent of parents or guardians before signing contracts and approving this Information Protection Notice.
10.2 Contact information
If the Customer has any questions about privacy or wants to contact Our information controller, please contact Us through the contact channels posted on the information page, electronic application or hotline number and We will try to answer the Customer's questions.
10.3 Consent acknowledgment
By using Our services, goods, products, using Our electronic information page, electronic application and entering into Contracts with Us, the Customer acknowledges that they have clearly known and agree with all the provisions in this Notice. In case the Customer does not accept the terms, or withdraws consent regarding the permission to process the Customer's personal data according to the purposes in this Notice, then the withdrawal of that consent may cause the provision of products, services, goods, features on the electronic information page, application, or device of Ours to be limited, restricted, suspended, canceled, prevented, prohibited, depending on the case. In this case, the Customer acknowledges that (i) self-responsible for any loss, damage, loss arising from or related to this decision of the Customer, (ii) Personal Data that has been processed before the time of withdrawing consent will not be affected, (iii) protect and exclude liability for Us from any disputes, claims, damages related to this decision, (iv) Our legal rights will be clearly reserved regarding the limitation, restriction, suspension, cancellation, prevention, prohibition.
10.4 Governing law and dispute resolution
This Information Protection Notice is understood and governed by Vietnamese law. If the Customer has any complaints related to the collection, use of Personal Data, the Customer please contact Us for negotiation, resolution on the basis of goodwill, respect for each other's rights, interests. If within 03 (three) months from the date the Customer requests negotiation to resolve the dispute or in a shorter reasonable time to timely protect the Customer's Personal Data and the Customer's request is not resolved or cannot be resolved by the two Parties then the Customer has the right to request the competent Court in Vietnam to resolve.
This notice takes effect from: 26/02/2025
PrivacyPolicy.copyright