Dear our valued Customer,
First of all, VGrowth Development Co., Ltd (Validus Vietnam) would like to thank our valued customers for trusting and accompanying us during the time. With all your transactions at Validus Vietnam, we always try to protect your personal data, ensuring the compliance with the provisions of Vietnamese law.
This Notice of Personal Data Processing is deemed to be the amendment, supplement and an integral part of the terms and conditions governing the relationship between you and Validus Vietnam. Please read more below:
Article 1. Interpretation of terms
1.1. Customer (including Funded Entity and Investor defined at Funded Entities’ Terms And Conditions and Investor’ Terms And Conditions) refers to the individual using products and services provided by Validus, who is also the data subject.
1.2. Personal data refers to information in the form of symbols, characters, numbers, images, audio or similar forms in the electronic environment, directly related to or can be used to identify a specific individual. Personal data includes general personal data and sensitive personal data.
1.3. General personal data refers to last name, middle name, and first name according to the birth certificate (if any); date of birth; date of death or going missing; gender; place of birth, birth certificate issuing place, permanent and temporary address, current address, place of origin, and contact address; nationality; information and images of the individual acquired from surveillance, including audio records and footage of the individual acquired from surveillance (security cameras, CCTV); phone numbers, ID card number, personal identification number, passport number, driver’s license number, license plate number, personal tax code number, social security number, health insurance card number; marital status; family information (parents and children); information on personal digital accounts; personal data showing activities and activity log on cyberspace; other information directly related to or can be used to identify a specific individual that is not categorized as sensitive personal data.
1.4. Sensitive personal data refers to the personal data directly related to the privacy of an individual which, when being infringe, will directly affect the legal rights and interests of the individual, including: political view, religion and beliefs; health condition as stated in health records, with the exception of blood type information; information on racial or ethnic origin; information on genetic characteristics inherited or acquired by the individual; information on the individual’s biometric or biological characteristics; information on sex life and sexual orientation of the individual; criminal records collected and archived by law enforcement agencies; information on Customers of credit institutions, foreign bank branches, intermediary payment service providers, and other approved organizations, Customer information includes: Customer identification information according to regulations of the law, information on accounts, deposits, deposited assets, and transactions, information on organizations and individuals acting as guarantors at credit institutions, bank branches, intermediary payment service providers; location data of the individual acquired by location services; other personal data categorized as special and special protection required by the law.
1.5. Data subject refers to an individual to whom the data relates.
1.6. Personal data processing refers to an activity or activities that deal with personal data such as collecting, recording, analyzing, confirming, archiving, editing, disclosing, combining, accessing, tracing, retrieving, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, and destroying personal data or taking other related actions.
1.7. Personal Data Controller refers to an organization or individual who determines the purposes and means of personal data processing.
1.8. Personal Data Processor refers to an organization or individual who processes data on behalf of the Personal Data Controller via a contract or agreement with the Personal Data Controller.
1.9. Personal Data Controller-cum-Processor refers to an organization or individual who determines the purposes and means of personal data processing and also directly processes personal data.
1.10. Third party refers to an organization or individual other than the Data Subject, the Personal Data Controller, the Personal Data Processor, and the Personal Data Controller-cum-Processor who has the authority to process personal data.
1.11. Automated personal data processing refers to a form of personal data processing performed by electronic devices to assess, analyze and predict an individual’s activities, specifically: habits, preferences, reliability, behaviors, location, trends, capabilities and other scenarios.
1.12. Outbound transfer of personal data” refers to an act of using cyberspace, electronic devices, equipment, or other forms to transfer personal data of a Vietnamese citizen to a location outside the territory of the Socialist Republic of Vietnam or using a location outside the territory of the Socialist Republic of Vietnam to process personal data of a Vietnamese citizen. To be specific: (i) An organization, enterprise or individual transfers personal data of a Vietnamese citizen to an overseas organization, enterprise or management department in order to process the data for the purposes agreed upon by the data subject; (ii) The personal data of a Vietnamese citizen is processed by automatic systems outside the territory of the Socialist Republic of Vietnam of the Personal Data Controller, Personal Data Controller-cum-Processor, Personal Data Processor for the purposes agreed upon by the data subject.
1.13. Unless otherwise defined in this Facility Request, capitalized terms herein shall have the meaning as ascribed to them under the Funded Entities’ Terms And Conditions and Investor’ Terms And Conditions.
Article 2. Personal data processing
2.1. Personal data collection:
Validus (including the Data processor that Validus collaborates with) may collect Customer’s personal data during Validus’s provision of products and services to Customer from a variety of sources, including but not limited to:
a. From the information provided by the Customer in the Transaction Documents, through the ways of communication or in other ways.
b. From survey, communication, and promotional programs that customers participate in
c. From the information that the Customer provides to third parties (which are organizations and individuals other than Validus and the Data Processor that Validus collaborates with) and agrees to that third party to provide Validus.
d. From any publicly available sources.
e. From competent authorities in Vietnam or overseas.
f. Via Validus’s website cookies or other similar tools.
g. From other sources permitted by the law.
2.2. Purposes of personal data processing:
a. For identity and background establishment; authentication and identification of the Customer;
b. To conduct checks with the do not call or other registry (if any);
c. To perform the necessary work for the provision of the Service;
d. To provide documents or other notices to the Customer or to related parties, update the Customer’s personal information, and notify the Customer of changes and updates to the website or application;
e. To improve the quality of Validus’s products and services (including Validus’s personnel training);
f. To undertake and comply with contractual arrangements between Validus and Customer and/or between Validus and other parties;
g. To respond to the Customer’s questions and complaints and to resolve arising disputes and complaints;
h. To conduct market research, surveys, and data analysis related to any service or product provided by Validus which may be relevant to the Customer;
i. For audit, compliance, and risk management purposes of Validus;
j. To meet or comply with Validus’s internal policies and procedures and any applicable regulations, written requests, and decisions issued by any court, competent authorities in Vietnam or overseas;
k. For any other purpose that is required or permitted by provisions of the law.
2.3. Types of personal data to be processed:
Types of personal data processed by Validus and/or Data Processors that Validus collaborates with include General Personal Data and Sensitive Personal Data.
2.4. Personal data processing methods:
Including but not limited to collect, record, analyze, confirm, store, alter, use, disclose, combine, access, trace, retrieve, encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy or conduct any other relevant activities to the maximum extent permitted by law.
2.5. Subjects (organizations, individuals) involved in personal data processing:
a. Related parties in the Transaction Document;
b. Validus personnel;
c. Subsidiaries and affiliated companies of Validus;
d. Individuals and/or organizations that act as Validus’s suppliers, partners, agents and/or professional advisers;
e. The Court, the Vietnam International Arbitration Center, the competent state agencies, the individuals and organizations to which Validus is allowed or obliged to disclose and provide information in accordance with the law, or under any other contract or commitment between Validus and these parties;
2.6. Customer personal data processing time:
Validus shall conduct data processing upon the Customer’s personal data begins to be collected in accordance with Article 2.1. Data processing shall end when Validus no longer stores any personal data of the Customer, according to Validus’s regulations, the law, and/or the written agreements between Customer and Validus.
Article 3. Enforcement provisions
3.1. By registering for an Account and/or continuing to use Validus’ products and services and/or by agreeing to provide his/her personal data to Validus, the Customer accepts all the terms in this information. this notice.
3.2. In case of necessity in the judgment of Validus, data may be provided by Validus, shared with relevant organizations and individuals to serve the provision of Services and/or storage.
3.3. By providing the personal data of third parties to Validus, the Customer represents and warrants that such personal data has been lawfully collected and that such third parties have irrevocably consented to the provision and processing of personal data
3.4. When the Customer conducts the right to withdraw your consent to the Customer’s personal data or requests to correct, delete or destroy the personal data, it leads to the inability of Validus to continue to provide products or services of Validus to the Customer pursuant to the Transaction Documents, Validus will consider any claim to conduct such right as an action by the Customer to unilaterally terminate the agreements under the Transaction Documents and/or consider it is the Event of Default. On that basis, Validus reserves the right to take legitimate action to protect Validus’ legitimate rights and benefits.
3.5. In case the Customer has any questions and/or requests regarding this Notice of Personal Data Processing or with respect to your personal data, please contact Validus’ office directly or via email address [email protected].
Thanks and best regards!
Vgrowth Development Co., Ltd. (Validus Vietnam)