FPT Smart Cloud Company Limited (“FPT Smart Cloud”) develops this Personal Data Protection Policy (“Policy”) so that Customers can better understand the purpose and scope of information that we process, the measures we take to protect your personal information and your rights with respect to these activities. This policy is an inseparable part of the Contract, Terms of Use, Policies and other usage agreements of FPT Smart Cloud, published on FPT Smart Cloud's transaction channel from time to time.
Article 1. Definition
1.1. FPT Smart Cloud: is FPT Smart Cloud Company Limited, tax code 0109307938. Head office at No. 10 Pham Van Bach, Dich Vong Ward, Cau Giay District, Hanoi City, Vietnam.
1.2. Customer: is an individual customer, with information provided to FPT Smart Cloud when registering and using FPT Smart Cloud's Services.
1.3. Personal data: is information in the form of symbols, letters, numbers, images, sounds or similar forms in the electronic environment that are associated with a specific person or help identify a specific person. Personal data includes basic personal data and sensitive personal data.
1.4. Basic personal data includes:
(a) Surname, middle name, birth name, other names (if any);
(b) Date, month and year of birth; date, month, year of death or disappearance;
(c) Gender;
(d) Place of birth, place of birth registration, permanent residence, temporary residence, current residence, hometown, contact address;
(e) Nationality;
(f) Images of individuals;
(g) Phone number, ID card number, personal identification number, passport number, driver's license number, license plate number, personal tax code number, social insurance number, insurance card number medical insurance;
(h) Marital status;
(i) Information about family relationships (parents, children);
(j) Information about individuals' digital accounts; Personal data reflecting activities and history of activities in cyberspace;
(k) Other information that pertains to a specific person or identifies a specific person does not fall within Sensitive Personal Data.
(l) Other data according to current legal regulations.
1.5. Sensitive personal data is personal data associated with an individual's privacy rights , if violated will directly affect the individual's legitimate rights and interests, including:
(a) Political views, religious views;
(b) Health status and personal life recorded in medical records, excluding information on blood type;
(c) Information related to racial and ethnic origin;
(d) Information about inherited or acquired genetic characteristics of the individual;
(e) Information about the individual's physical attributes and biological characteristics;
(f) Information about the individual's sex life and sexual orientation;
(g) Data on crimes and criminal acts collected and stored by law enforcement agencies;
(h) Customer information of credit institutions, foreign bank branches, payment intermediary service providers, and other authorized organizations, including: customer identification information according to regulations of law, account information, deposit information, deposited asset information, transaction information, information about organizations and individuals who are guarantors at credit institutions and bank branches, an organization providing intermediary payment services;
(i) Data about the individual's location determined through location services;
(j) Other personal data specified by law are special and require necessary security measures
1.6. Personal data protection: is the activity of preventing, detecting, stopping, and handling violations related to personal data according to the provisions of law.
1.7. Personal data processing: is one or more activities affecting personal data, such as: collecting, recording, analyzing, confirming, storing, editing, disclosing, combining, accessing, export, retrieve, encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy personal data or other related actions.
1.8. FPT Smart Cloud transaction channel: includes FPT Smart Cloud electronic transaction Channel (Hotline, Facebook, registration form on Website...) or other transaction channels from time to time provided by FPT Smart Cloud to Customers.
Article 2. Types of data processing
2.1. FPT Smart Cloud processes the following types of Personal Data of Customers:
(a) Surname, middle name, birth name, other names (if any);
(b) Telephone number
(k) Email
2.2. Processed personal data includes data customers provide to FPT Smart Cloud when registering to use the service and data arising during the process of customers using FPT Smart Cloud services.
Article 3. Data security principles of FPT Smart Cloud
3.1. Customers' personal data is committed to maximum security according to FPT Smart Cloud regulations and law. The processing of each Customer's Personal Data is only carried out with the Customer's consent, unless otherwise provided by law.
3.2. FPT Smart Cloud does not use, transfer, provide or share with any third party Customer's personal data without the Customer's consent, unless otherwise prescribed by law.
3.3. Other principles according to current legal regulations.
Article 4. Processing purposes
4.1. Customer agrees to allow FPT Smart Cloud to process Customer's personal data and share data processing results for the following purposes:
a) Support Customers, update Customer information when purchasing and using products and services provided by FPT Smart Cloud or FPT Smart Cloud partners.
b) Providing products and services of FPT Smart Cloud, products and services of FPT Smart Cloud in cooperation with partners for Customers.
c) Organize trade introduction and promotion, market research, public opinion polls, and brokerage.
d) Research, develop new services and provide suitable products and services to Customers.
e) Providing marketing services and introducing advertising products.
f) Measure, analyze floating data, evaluate and do other processing to improve and enhance the quality of services that FPT Smart Cloud provides to customers.
g) Investigate and resolve customers' questions and complaints.
h) Adjust, update, secure and improve products, services and devices that FPT Smart Cloud is providing.
i) Verify identity and ensure confidentiality of Customer information.
j) Notify Customers about changes to policies and promotions of products and services that FPT Smart Cloud is providing.
k) Prevent and prevent fraud, identity theft and other illegal activities.
l) Comply with applicable laws, relevant industry standards and other applicable policies of FPT Smart Cloud.
m) Any other purpose specific to the operation of FPT Smart Cloud and any other purpose that FPT Smart Cloud notifies the Customer, at the time of collecting the Customer's personal data or before commencing relevant processing or as otherwise required or permitted by applicable law.
4.2. In case it is necessary to process Customer's Personal Data for other purposes or at Customer's request, FPT Smart Cloud will notify Customer through FPT Smart Cloud's transaction channels so that Customer can express their agree before implementation.
Article 5. Organization to Process Personal Data
5.1. FPT Smart Cloud Company Limited, tax code 0109307938. Head office at No. 10 Pham Van Bach, Dich Vong Ward, Cau Giay District, Hanoi City, Vietnam.
5.2. FPT Smart Cloud will share or jointly process personal data with the following organizations and individuals:
a) FPT Group and member companies under FPT Group.
b) Member companies that FPT Smart Cloud directly or indirectly owns.
c) Contractors, agents, partners, and operational service providers of FPT Smart Cloud.
d) Branches, business units and employees working at branches, business units and agents of FPT Smart Cloud.
e) Telecommunications businesses in case the Customer violates the obligation to pay service fees.
f) Commercial stores and retailers related to the implementation of FPT Smart Cloud promotional programs.
g) FPT Smart Cloud's professional advisors such as auditors and lawyers according to the provisions of law.
h) Courts and competent state agencies in accordance with the provisions of law and/or when required and permitted by law.
FPT Smart Cloud commits to sharing or jointly processing personal data only in cases where it is necessary to effectuate the Processing Purposes stated in Article 4 of this Policy or as prescribed by law. Organizations and individuals that receive Customer's personal data will have to comply with the provisions of this Policy and relevant legal regulations on personal data protection.
Although FPT Smart Cloud will make every effort to ensure that Customer information is anonymized/encrypted, the risk that this data may be disclosed in some force majeure cases.
5.3. In case of participation of other personal data processing organizations mentioned in this Article, Customer agrees that FPT Smart Cloud will notify Customer through FPT Smart Cloud's transaction channels before FPT Smart Cloud effectuate.
Article 6. Processing of Personal Data in some special cases
FPT Smart Cloud ensures that the processing of Customer's personal data fully meets the requirements of the law in the following special cases:
6.1. Surveillance camera (CCTV) footage, in specific cases, may also be used for the following purposes:
a) For quality assurance purposes;
b) For public security and labor safety purposes;
c) Detect and prevent suspicious, inappropriate or unauthorized use of FPT Smart Cloud utilities, products, services and/or facilities;
d) Detect and prevent criminal acts; and/or
e) Conduct investigation of incidents.
6.2. FPT Smart Cloud always respects and protects children's personal data. In addition to personal data protection measures prescribed by law, before processing children's personal data, FPT Smart Cloud will verify the age of the child and request consent from:
a) Children and/or
b) Father, mother or guardian of the child as prescribed by law.
6.3. In addition to complying with other relevant legal regulations, for the processing of personal data related to personal data of people declared missing/deceased, FPT Smart Cloud will have to obtain consent of one of the relevant persons according to the provisions of current law.
Article 7. Storing Personal data
FPT Smart Cloud commits to only storing Customer's personal data in cases related to the purposes stated in this Policy. FPT Smart Cloud may also need to store your personal data for a period of time when required by applicable law.
Article 8. Customer Rights
8.1. Customers have the right to know about the processing of their personal data, unless otherwise provided by law.
8.2. Customers can agree or disagree to the processing of their personal data, unless otherwise provided by law.
8.3. Customers have the right to access, view, edit or request correction of their Personal Data in writing to FPT Smart Cloud, unless otherwise prescribed by law.
8.4. Customers have the right to withdraw their consent in writing sent to FPT Smart Cloud, unless otherwise prescribed by law. Withdrawing consent does not affect the legality of the data processing. Customer agrees with FPT Smart Cloud before withdrawing consent.
8.5. Customers have the right to delete or request deletion of their personal data in writing sent to FPT Smart Cloud, unless otherwise prescribed by law.
8.6 Customers have the right to request restriction of processing of their personal data in writing to FPT Smart Cloud, unless otherwise prescribed by law. Restriction of data processing will be implemented by FPT Smart Cloud within 72 hours after the Customer's request, with all Personal Data that the Customer requests to be restricted, unless otherwise prescribed by law.
8.7. Customers have the right to request FPT Smart Cloud to provide themselves with their personal data in writing sent to FPT Smart Cloud, unless otherwise prescribed by law.
8.8. Customers have the right to object to FPT Smart Cloud, the Organization processing personal data specified in Article 5 of this Policy processing their personal data in writing sent to FPT Smart Cloud in order to prevent or limit data disclosure Person or use for advertising and marketing purposes, unless otherwise provided by law. FPT Smart Cloud will fulfill the Customer's request within 72 hours after receiving the request, unless otherwise prescribed by law.
8.9. Customers have the right to complain, denounce or sue according to the provisions of law.
8.10. Customers have the right to claim compensation for actual damages according to the provisions of law if FPT Smart Cloud violates regulations on protecting their Personal data, unless otherwise agreed by both sides or otherwise provided by law.
8.11. Customers have the right to protect themselves according to the provisions of the Civil Code and other relevant laws, or request competent agencies and organizations to implement methods to protect civil rights as prescribed in Article 11 of the Civil Code.
8.12. Other rights as prescribed by current law.
8.13. Method of exercising rights: in writing sent to FPT Smart Cloud or calling hotline 1900 638 399 or send an email to
[email protected] for instructions.
Article 9. Customer's Obligations
9.1. Comply with laws, regulations, and instructions of FPT Smart Cloud related to processing Customer Personal Data.
9.2. Provide complete, honest and accurate Personal data and other information as requested by FPT Smart Cloud when registering and using FPT Smart Cloud services and when there are changes to this information. FPT Smart Cloud will secure the Customer's Personal data based on the information the Customer has registered, if there is any incorrect information, FPT Smart Cloud will not be responsible for cases that affects or limits the Customer's rights. In case of failure to notify, if any risks or losses arise, the Customer is responsible for errors or acts of exploitation or fraud when using the service due to customer's own fault or failure to provide correct, sufficient, accurate, and timely information changes; including financial losses and costs arising from incorrect or inconsistent information provided.
9.3. Coordinate with FPT Smart Cloud, competent state agencies or third parties in case of issues affecting the security of Customer's personal data.
9.4. Protect your personal data; proactively apply measures to protect your personal data while using FPT Smart Cloud services; promptly notify FPT Smart Cloud when detecting any errors or mistakes about your personal data or suspecting that your personal data is being violated.
9.5. Take responsibility for the information, data, and consent that you create and provide in the network environment; Take responsibility in case personal data is leaked or violated due to your own fault.
9.6. Regularly update the Regulations and Personal Data Protection Policy of FPT Smart Cloud from time to time as notified to Customers or posted on FPT Smart Cloud's Transaction Channel. Take actions according to FPT Smart Cloud's instructions to clearly indicate consent or disapproval for the purposes of processing Personal Data that FPT Smart Cloud notifies customers from time to time.
9.7. Respect and protect other people's personal data.
9.8. Participate in propagating and disseminating personal data protection skills.
9.9. Other responsibilities as prescribed by law.
Article 10. Rights of FPT Smart Cloud
10.1. Process Customer's personal data according to the purpose, scope and other contents agreed with the Customer and/or agreed by the Customer.
10.2. Allow to amend, supplement content or replace this Policy from time to time and ensure that Customers are notified through FPT Smart Cloud's transaction channels before applying. If the Customer continues to use products and services, perform and conclude transactions with FPT Smart Cloud after FPT Smart Cloud notifies, it is understood that the Customer accepts all modifications, additions, and changes of this Policy by FPT Smart Cloud.
10.3. Has the right to refuse requests that are not legal by the Customer or that cannot be met due to infrastructure, technical or technological reasons.
10.4. Decide to apply appropriate measures to protect Customer Personal Data.
10.5. Be exempted from all obligations and responsibilities for risks that may occur during the processing of personal data, including but not limited to data loss due to system errors or external objective causes beyond the control of FPT Smart Cloud.
10.6. Other rights are specified in this Policy and according to the provisions of law.
Article 11. Obligations of FPT Smart Cloud
11.1. Comply with legal regulations in the process of processing Customer's personal data.
11.2. Apply suitable information security measures to avoid unauthorized access, change, use, and disclosure of Customer's personal data.
11.3. Comply with Customer's lawful requests regarding Customer Personal Data.
11.4. Make sure to have a mechanism that allows Customers to exercise their rights related to their Personal Data.
11.5. Coordinate with competent state agencies and other relevant organizations, individuals to minimize damage when detecting legal violations against Customer Personal Data.
11.6. Other obligations are specified in this Policy and according to the provisions of law.
Article 12. Data processing methods
FPT Smart Cloud applies one or more activities affecting personal data such as: collection, recording, analysis, confirmation, storage, editing, disclosure, combination, access, retrieval, recall , encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy personal data or other related actions.
Article 13. Unwanted consequences, damage that may occur
13.1. FPT Smart Cloud uses many different security technologies to protect Customer's personal data from being retrieved, used or shared unintentionally. However, no data can be 100% confidential secure. Therefore, FPT Smart Cloud commits to maximum security of Customer's personal data.
Some unwanted consequences and damages that may occur include but are not limited to:
(a) Hardware and software errors during data processing cause loss of Customer data;
(b) Security holes are beyond the control of FPT Smart Cloud, the system is attacked by hackers, causing data to be leaked;
(c) Customers self-disclose personal data due to: carelessness or fraud; visit websites/download applications containing malware...
13.2. FPT Smart Cloud recommends that Customers keep confidential information related to the login password to their account, OTP code and not share this login password, OTP code with anyone else.
13.3. Customers should preserve electronic devices during use. Customers should lock, log out, or exit their accounts on website or FPT Smart Cloud's Application when no longer need to use them.
13.4. In case the data storage server is attacked by hackers leading to loss of Customer's personal data, FPT Smart Cloud will be responsible for reporting the incident to the investigating authorities for timely handling and notify customers.
Article 14. Cookies
14.1. When Customers use or access FPT Smart Cloud's websites, FPT Smart Cloud may place one or more cookies on the Customer's device. “Cookie” is a small file placed on the Customer's device when the Customer visits a website. It records information about the Customer's device, browser, and in some cases, preferences and interests, Customers' news browsing habits. FPT Smart Cloud can use this information to identify Customers when they return to FPT Smart Cloud's websites, to provide personalized services on FPT Smart Cloud's websites, to compile analytical data to better understand website operations and to improve FPT Smart Cloud's websites. Customers can use their browser settings to delete or block cookies on their devices. However, if the Customer decides not to accept or block cookies from FPT Smart Cloud's websites, the Customer may not be able to experience full advantage of all the features of FPT Smart Cloud's websites.
14.2. FPT Smart Cloud may process Customer's personal information through cookie technology, according to the provisions of these Terms. FPT Smart Cloud may also use remarketing to serve ads to individuals that FPT Smart Cloud knows have previously visited its website.
14.3. To the extent third parties have placed content on FPT Smart Cloud's websites (e.g. social media features), those third parties may collect personal information from Customers. (e.g. cookie data) if Customer chooses to interact with such third party content or use third party services.
Article 15. General provisions
15.1. This policy takes effect from July 1, 2023. Customers understand and agree that this Policy may be amended from time to time and will be notified to Customers through FPT Smart Cloud's transaction channels before application. Changes and effective date will be updated and announced in transaction channels and other channels of FPT Smart Cloud. The Customer's continued use of the service after the notice period of amendments and supplements from time to time means that the Customer has accepted those amendments and supplements.
15.2. Customers know and agree that this Policy is also the Notice of Personal Data Processing specified in Article 13 of Decree 13/ND-CP/2023 and amended and supplemented from time to time before FPT Smart Cloud conducts Personal Data Processing. Accordingly, FPT Smart Cloud does not need to take any additional measures for the purpose of notifying Customers of personal data processing.
15.3. Customers commit to strictly comply with the provisions of this Policy. For issues that have not been regulated, both sides agree to comply with the provisions of law, instructions of competent State agencies and/or amendments and supplements to this Policy will be FPT Smart Cloud notity to customers in each period.
15.4. This policy is agreed upon on the basis of goodwill between FPT Smart Cloud and the Customer. During the implementation process, if any disputes arise, the Parties will proactively resolve them through negotiation and conciliation. In case conciliation fails, the dispute will be brought to the competent People's Court for resolution according to the provisions of law.
15.5. The customer has carefully read, understood the rights and obligations and agreed to the entire content of this Personal Data Protection Policy.
Information about the person responsible for FCI's Personal Data Protection:
Person responsible: Pham The Minh
Mobile: +84 913571357
E-mail:
[email protected]