• Transparency: Personal data processing will be clear and understandable.

• Lawful and Fair Use: e only process Personal Data lawfully (always ensuring the prior consent of the Data Subject) and when there is a legitimate reason to do so.

• Purpose Limitation: We only process Personal Data for specific purposes and will not use it for any other incompatible purpose, unless we have complied with the procedures permitted by data protection laws to do so lawfully.

• Data Adequacy and Minimization: We ensure that we only process Personal Data appropriately. We will maintain a reasonable balance to ensure that (i) We process just enough Personal Data to fulfill specific purposes, and (ii) do not process Personal Data beyond what is necessary.

• Data Accuracy: We maintain appropriate standards regarding the accuracy, integrity, and necessary rectification, updates, and supplementation of data. We implement policies related to data accuracy, including necessary procedures to prevent Personal Data from not being updated.

• Privacy by Design: We implement processes to ensure that new products and services or changes to existing products and services are designed in compliance with data privacy laws. We ensure that every individual involved in processing Personal Data is aware of their obligations regarding Personal Data and their responsibility to comply with these principles.

• Documentation: We appropriately store documents to demonstrate compliance with data privacy laws.

• Rights of Data Subjects: We respect the rights of data subjects regarding their Personal Data in accordance with data protection laws.

• Storage and Data Security: We maintain reasonable security standards for the Personal Data we process. We delete or destroy Personal Data when it is no longer needed for a legitimate purpose. We ensure that only authorized personnel with access rights to the Personal Data we are processing are allowed to perform such deletion or destruction.

• Data Transfer: In the event of a voluntary transfer of Personal Data to a legal entity within the SIYV system, a third party, or another law enforcement agency, we ensure that such transfer complies with data privacy laws. When necessary, we will review the privacy and information security policies of the data recipient to ensure they are applying standards equivalent to the above principles.

• Safety Assurance: We proactively prevent, detect, stop, combat, and strictly handle any violations of Personal Data protection laws in a timely manner.

• Third Parties: When appointing a supplier or business partner, we will review their privacy and information security policies to ensure they are applying standards equivalent to the aforementioned principles.

"Personal Data" refers to digital data or information in other forms that identifies or helps identify a specific individual, including: Basic Personal Data and Sensitive Personal Data. Personal Data, after de-identification, is no longer Personal Data. The Personal Data we collect about You is information necessary for You to use our products and services ("Products", "Services") and for other purposes stated in this Notification of Personal Data Processing and Protection, including:
1. “Basic Personal Data”: 
We may collect Basic Personal Data about You as prescribed by law, including:

1. Surname, middle name, and birth name, other names (if any);

2. Date of birth; date of death or missing status;

3. Gender;

4. Place of birth, place of birth registration, permanent residence, temporary residence, current residence, hometown, contact address;

5. Nationality;

6. Personal image;

7. Phone number, personal identification number (ID), passport number, driver's license number, license plate number;

8. Marital status;

9. Information on family relationships (parents, children, spouse);

10. Information on the individual's digital account;

11. Other information associated with a specific person or helping to identify a specific person that does not fall under "Sensitive Personal Data".

2. “Sensitive Personal Data”: 
In some cases, the Personal Data we collect may be Sensitive Personal Data, and we only collect Sensitive Personal Data with Your consent and/or in strict compliance with applicable laws. Sensitive Personal Data includes: 

1. Data revealing racial or ethnic origin;

2. Political opinions, religious or philosophical beliefs;

3. Information about private life, personal secrets, family secrets;

4. Health status;

5. Biometric data, genetic data;

6. Data revealing sex life or sexual orientation of the individual;

7. Data on crimes and legal violations collected and stored by law enforcement agencies;

8. Location of the individual identified via location services;

9. Information on usernames and passwords for accessing personal electronic identity accounts; Images of ID cards, citizen identification cards, identity cards;

10. Usernames and passwords for bank accounts; Bank card information, data on transaction history of bank accounts; Financial information, credit information, and information on activities, financial transaction history, securities, insurance of customers at credit institutions, foreign bank branches, payment intermediary service providers, securities, insurance, and other authorized organizations;

11. Data tracking behavior, usage activities of telecommunications services, social networks, online media services, and other services in cyberspace;

12. Other Personal Data prescribed by law requiring confidentiality or strict security measures.

We collect Your Personal Data in specific cases, including but not limited to:

• Provided by You or by Your Employer/Business Representative with Your prior consent;

• When You access or interact with SIYV’s websites, social networks, and/or social networks we cooperate with partners on;

• When You use SIYV’s Products and ServicesWhen You use SIYV’s Products and Services

• Indirectly from You through public, official, and lawful sources; Through receiving necessary shared data from member companies or partners collected during their cooperation with SIYV to provide Products/Services to You, with Your permission to share;

• Through interactions between Us and You (face-to-face, mail, phone, online, call center systems, electronic communication, or any other means), including Customer surveys;

• From audio and video recording devices placed at our offices or locations where part or all of our operations are conducted, where You meet, appear, or interact with us. The placement of recording devices aims to contribute to protecting social order and safety, and protecting the legitimate rights and interests of You and SIYV in accordance with the law;

• When You participate in events, training programs, seminars, competitions, interviews, etc., organized by us (offline or online). This information is only collected when You voluntarily provide it to us before participating;

Note regarding Third-Party Data: If You provide us with Personal Data of another person, You must have that person's permission as required by applicable law, and must explain and ensure that person understands how we will process their Personal Data.

Device Fingerprinting: Besides information provided by You, during Your interaction with our digital platforms (including the SIYV website (www.SIY.vn) or websites belonging to the SIYV system, MY PACE Learning Home, and online survey forms), we use "Device Fingerprinting" technology to automatically collect certain technical data.

Purposes:

• Security and Anti-Fraud: Helps the system identify abnormal access, prevent unauthorized logins or other abusive behaviors, ensuring the safety of Your account when attending studies/contacting SIYV;

• Data Integrity: When You conduct online surveys (especially public surveys not requiring prior login), this technology helps us accurately link Your survey responses to the corresponding profile, ensuring data is recorded fully and correctly.

We may use this information to notify You of and introduce products, services, and other marketing materials that we believe are suitable for Your interests. Similarly, the use of "Device Fingerprinting" technology is strictly employed for security and data management purposes. You may choose to receive these materials via email and may always opt out of receiving them. At any time You wish for us to stop sending emails, please contact us; Your request will be responded to within two (02) working days and processed within a maximum of fifteen (15) days from the date SIYV receives the request. We will fulfill Your request and ensure that You are not included in future marketing promotional mailing lists.
Upon receiving a REQUEST
(i) view, (ii) rectify, or (iii) request rectification of Personal Data, or (iv) provide Personal Data in accordance with Your proper procedures, we will respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within ten (10) days. In cases where it is necessary to request the Personal Data Processor or a third party to rectify Your Personal Data, we will execute this within fifteen (15) days.
Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding ten (10) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.
Upon receiving a REQUEST
Upon receiving a REQUEST to (i) delete Personal Data in accordance with Your proper procedures, we will respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within twenty (20) days. In cases where it is necessary to request the Personal Data Processor or a third party to provide, delete, or restrict the processing of Your data, we will execute this within thirty (30) days.
Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding twenty (20) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.
Upon receiving a REQUEST
(i) implement measures and solutions to protect Your Personal Data in accordance with Your proper procedures, we shall respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within fifteen (15) days.
Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding fifteen (15) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.

We may process Your Personal Data for the following purposes ("Purposes"), including but not limited to:

• Verifying the accuracy and completeness of information provided by You; Identifying or authenticating Your identity and performing customer verification procedures;

• Processing Your registration for any Products or Services proposed or provided by us (including but not limited to third-party products);

• Evaluating Your suitability for the use of our Products and Services;

• Providing Products and Services of SIYV or organizations within the SIYV system;

• Contacting You to exchange information, deliver invoices, reports, or other relevant documents;

• Managing and evaluating business activities including designing, improving, and enhancing the quality of Products and Services or performing marketing communication activities;

• Preparing operational reports or other related reports required by law;

• Conducting market research, surveys, and data analysis related to any Products or Services provided by us (whether by SIYV or in cooperation with another party) that may relate to You;

• Using Your Personal Data in the form of symbols, writing, numbers, images, sounds, or similar forms in the electronic environment... for the purpose of introducing and promoting training and communication activities at the office, on the website, or other social media channels managed by us;

• Protecting our legitimate interests and complying with relevant legal regulations; Performing other obligations in compliance with laws applicable to SIYV or organizations within the SIYV System;

• Preventing or minimizing threats to the life, health of others, and public interest;

• Other reasonable purposes related to the purposes stated above.

If we process Your Personal Data for purposes other than the Purposes herein, we will notify You of how we process such Personal Data and obtain Your additional consent before processing Your Personal Data for such purposes in accordance with applicable laws and regulations.
To fulfill the aforementioned Purposes, we process Your Personal Data by performing one or more activities such as collecting, recording, analyzing, confirming, storing, rectifying, disclosing, combining, accessing, retrieving, recovering, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, destroying Personal Data or other relevant actions.

To fulfill the "Purposes" stated in Section IV, we may share Your Personal Data with the following organizations and individuals:

• Organizations within the SIYV system (www.SIY.vn);

• Business partners, service providers, advertisers, charitable organizations, or non-profit organizations of the SIYV system (including their employees, management, and staff);

• Domestic and foreign law enforcement agencies and competent authorities;

• Any organization or individual that is Your representative or authorized party dealing with us;

• Payment service providers based on Your authorization or approval;

• Third parties to whom You agree or we have a legal basis to share Your Personal Data.

Data sharing will be conducted in accordance with the order, method, and applicable legal regulations. Parties receiving Personal Data are obligated to keep Your Personal Data confidential in accordance with this Policy, SIYV’s Personal Data Protection regulations, processes, standards, and applicable laws.

To fulfill the Purposes stated in Section IV, we may share Your Personal Data with our relevant third parties, and these third parties may be in Vietnam or anywhere else according to the law.
When transferring Personal Data, SIYV will require the recipient to ensure that Your Personal Data transferred to them remains confidential and secure. We comply with legal obligations and regulations related to the transfer of Your Personal Data.

Personal Data is processed from the time we or the Transferee receive the Personal Data provided by You and we have an appropriate legal basis to process the data according to the law;
To the extent permitted by law, Personal Data will be processed until the data processing purposes have been fulfilled;
Your Personal Data stored by SIYV or the Transferee will be kept confidential. We (and we will require the Transferee) will implement reasonable measures to protect Your Personal Data. To the extent permitted by law, we or the Transferee may store Your Personal Data in Vietnam or abroad, including on cloud computing storage solutions. We (and we will require the Transferee) apply global data security standards of the SIYV system, consistent with applicable laws;
We (and we will require the Transferee) store Your Personal Data for the period necessary to fulfill the stated Purposes, unless a longer retention period is required or permitted by applicable laws;
We (and we will require the Transferee) will delete or destroy Your Personal Data after completing the transfer purpose.

1. Unless the law provides otherwise, You may exercise Your rights by contacting us according to the information provided below, including:

1. Right to Know: You have the right to know about the processing of Your Personal Data;

2. Right to Consent/Withdraw Consent: You have the right to consent, disagree, or withdraw consent to the processing of Your Personal Data;

3. Right to Access/Rectify: You have the right to request to view, correct, or request correction of Your Personal Data;

4. Right to Delete/Restrict: You have the right to request the provision, deletion, or restriction of the processing of Personal Data; You have the right to object to the processing of Your Personal Data;

5. Right to Complain/Litigate: You have the right to file complaints, denunciations, lawsuits, and claim damages in accordance with the law;

6. Right to Self-Protection: You have the right to request competent authorities or relevant organizations/individuals to implement measures to protect Your Personal Data.

Note: Exercising these requests may result in limitations, suspension, cancellation, or prohibition of the Products and Services we provide to You, depending on the case. Therefore, such requests may also be considered a termination by You of any contractual relationship with us, and we reserve our legal rights and remedies in such cases.

2. Your Obligations:

• Self-protect Your Personal Data and request relevant others to protect Your Personal Data;

• Respect and protect the Personal Data of others;

• Provide Your Personal Data fully and accurately according to the law, contract, or when consenting to processing;

• Comply with legal regulations and obligations of a data subject under contracts. The exercise of rights and obligations must aim to protect the legitimate rights and interests of the data subject themselves;

• Do not hinder or obstruct the performance of legal rights and obligations of the Personal Data Controller or Processor;

• Participate in disseminating Personal Data protection skills;

• Comply with laws on Personal Data protection and participate in preventing violations;

• Other obligations as prescribed by applicable laws and regulations.

We use various information security technologies such as international standard SSL, firewalls, encryption... to protect and prevent Your Personal Data from unintended access, use, or sharing. However, no data can be completely secured. Therefore, we cannot commit to absolute security of Your Personal Data in cases such as: (i) Hardware/software errors during data processing causing data loss, (ii) Security vulnerabilities beyond our control, or system attacks by hackers.
You should be aware that anytime You disclose and make Your Personal Data public, such data may be collected and used by others for purposes beyond Your and our control.
Recommendations for You; Regularly check and secure used devices (phones, tablets, PCs); Do not access using public internet networks; Log out of accounts when not in use;
Cyberspace is not a safe environment, and we cannot absolutely guarantee that Your Personal Data shared via cyberspace will always be secure;
You are responsible for keeping Your access credentials for each website, application, or device safe and confidential.

In the event of a server attack, SIYV is responsible for notifying the authorities for timely investigation and notifying You in accordance with the law.

1. Our Commitment

• Security is our top priority. SIYV always strives to ensure Your Personal Data is protected against unauthorized or accidental access, processing, or deletion;

• We maintain this commitment by applying physical, electronic, and managerial measures. We will take all reasonable steps to ensure Your Personal Data is not retained longer than necessary and comply with legal requirements regarding storage;

• If Your Personal Data is transferred (with Your consent), we commit to requiring the Transferee to fully comply with obligations under this clause.
  

2. Your Commitment

• By entering into this Agreement, You agree to: 

(i) Allow the processing of Your Personal Data, unless the law provides otherwise;
(ii) Voluntarily and clearly understand the following information:
- Types of Personal Data processed (Section II);
- Purposes of processing (Section IV);
- The Data Controller or Controller and Processor is Us and the Partner we will transfer to (if any);
- Consent is valid until You change it or as prescribed by law.
- You commit not to exploit or attempt to exploit governance vulnerabilities to access or disclose our Personal Data intentionally or unintentionally, for any purpose. If violated, You will be responsible before us and the law, and compensate for damages according to the Civil Code, Labor Code, Criminal Code, and related Laws;
- You must protect Your Personal Data by keeping this information confidential. If You suspect or detect unauthorized use of our Personal Data or disclosure to a third party, You are responsible for notifying us immediately to minimize loss and resolve the violation according to our regulations and the Law.

Contact Information:
SIY Vietnam
341 Nguyen Trai, Cau Ong Lanh Ward, Ho Chi Minh City
Phone: (028) 3837.0208
Email: Contact@SIY.vn
Refer to other Google policies and terms:

• Google privacy

• Google terms