INITIALIZING SYSTEMS

0%
ENVI
GET CONSULTATION
🔒 LEGAL

Privacy Policy

Last updated: January 26, 2025

1. Introduction

Seraphim Vietnam Co., Ltd. ("Seraphim," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

This policy complies with the Vietnam Law on Cybersecurity (2018), Vietnam Decree 13/2023/ND-CP on Personal Data Protection, the EU General Data Protection Regulation (GDPR), Singapore Personal Data Protection Act (PDPA), South Korea Personal Information Protection Act (PIPA), and applicable US privacy laws including the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

  • Contact information (name, email address, phone number, company name)
  • Business information (job title, industry, company size)
  • Communication content (messages, inquiries, feedback)
  • Payment information (processed through secure third-party providers)
  • Job application materials (resume, cover letter, portfolio)

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

  • Device information (browser type, operating system, device type)
  • Usage data (pages visited, time spent, referral source)
  • IP address and approximate geographic location
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use collected information for the following purposes:

  • Providing, maintaining, and improving our services
  • Responding to inquiries and providing customer support
  • Processing transactions and sending related information
  • Sending promotional communications (with your consent)
  • Analyzing website usage to improve user experience
  • Complying with legal obligations
  • Protecting our rights and preventing fraud

4. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area, we process personal data based on:

  • Consent: Where you have given explicit consent
  • Contract: Where processing is necessary for contract performance
  • Legal Obligation: Where required by applicable law
  • Legitimate Interests: Where we have a legitimate business interest that doesn't override your rights

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third parties who assist in our operations (hosting, analytics, payment processing)
  • Business Partners: With your consent, for joint marketing or service delivery
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Transfers: In connection with merger, acquisition, or asset sale

We do not sell your personal information to third parties.

6. International Data Transfers (Cross-Border Transfer Notice)

6.1 PDPD Cross-Border Transfer Disclosure (Điều 25, 26 Nghị định 13)

In accordance with Articles 25 and 26 of Vietnam's Decree 13/2023/ND-CP on Personal Data Protection, we hereby disclose that your personal data may be transferred outside of Vietnam to the following countries:

Country/Region Purpose Service Providers
🇺🇸 United States Cloud hosting, analytics, communication tools AWS, Google Cloud, Microsoft Azure, Cloudflare
🇸🇬 Singapore Regional data processing, business operations AWS Singapore, Alibaba Cloud
🇰🇷 South Korea Korean market services, communication Naver Cloud, regional partners
🇪🇺 European Union GDPR-compliant data processing EU-based infrastructure providers

6.2 Safeguards for Cross-Border Transfers

When transferring your personal data internationally, we implement the following safeguards as required by Article 25 of Decree 13/2023/ND-CP:

  • Transfer Impact Assessment: We conduct impact assessments for cross-border transfers as required by Vietnamese law.
  • Standard Contractual Clauses: We use approved contractual clauses with all international data recipients.
  • Adequacy Verification: We verify that receiving countries provide adequate data protection standards.
  • Technical Safeguards: Encryption in transit (TLS 1.3) and at rest (AES-256) for all international transfers.
  • Access Controls: Strict access controls limiting who can access transferred data.
  • Regulatory Notification: Compliance with notification requirements to the Ministry of Public Security where applicable.

6.3 Your Rights Regarding Cross-Border Transfers

You have the right to:

  • Be informed about which countries your data is transferred to (as disclosed above)
  • Object to cross-border transfers in certain circumstances
  • Request information about the safeguards in place for specific transfers
  • Withdraw consent for transfers (which may affect our ability to provide certain services)

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, or as required by law. Retention periods vary based on:

  • Client data: Duration of engagement plus 7 years for legal compliance
  • Marketing contacts: Until you withdraw consent or 3 years of inactivity
  • Job applications: 2 years from application date
  • Website analytics: 26 months

8. Your Rights Under Applicable Privacy Laws

8.1 Rights Under Vietnam PDPD (Decree 13/2023/ND-CP)

If you are located in Vietnam or your data is processed in Vietnam, you have the following rights under Article 9 of Decree 13/2023/ND-CP on Personal Data Protection:

  • Right to Know (Quyền được biết): The right to be informed about the processing of your personal data, including the purpose, scope, methods, and duration of processing.
  • Right to Consent (Quyền đồng ý): The right to give or refuse consent to the processing of your personal data, except where exempted by law.
  • Right to Access (Quyền truy cập): The right to access and obtain a copy of your personal data held by us.
  • Right to Withdraw Consent (Quyền rút lại đồng ý): The right to withdraw your consent at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Right to Delete (Quyền xóa): The right to request deletion of your personal data when it is no longer necessary or when you withdraw consent.
  • Right to Restrict Processing (Quyền hạn chế xử lý): The right to request restriction or limitation of processing of your personal data.
  • Right to Data Provision (Quyền cung cấp dữ liệu): The right to receive a copy of your personal data in a commonly used format.
  • Right to Object (Quyền phản đối): The right to object to the processing of your personal data in certain circumstances.
  • Right to Complain (Quyền khiếu nại): The right to file a complaint with the competent authority (Department of Cybersecurity and High-Tech Crime Prevention, Ministry of Public Security) or initiate legal proceedings.
  • Right to Claim Damages (Quyền yêu cầu bồi thường): The right to claim compensation for damages caused by violations of personal data protection regulations.
  • Right to Self-Defense (Quyền tự bảo vệ): The right to take lawful measures to protect your personal data.

We will respond to your PDPD rights requests within 72 hours as required by Article 14 of Decree 13.

8.2 Rights Under Other Jurisdictions

Depending on your location, you may also have rights under GDPR (EU), PDPA (Singapore), PIPA (Korea), CCPA (California), and other applicable privacy laws, including rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

8.3 How to Exercise Your Rights

To exercise any of your data protection rights, please contact our Data Protection Officer:

  • Email: dpo@seraphim.vn
  • Response Time: Within 72 hours for PDPD requests; within 30 days for other jurisdictions

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication requirements
  • Regular security assessments and audits
  • Employee training on data protection
  • Incident response procedures

10. Cookies

We use cookies and similar technologies for functionality, analytics, and marketing. You can control cookies through your browser settings. For details, see our Cookie Policy section on this page.

11. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Data Protection Officer & Contact Information

13.1 Data Protection Officer (DPO)

In accordance with Vietnam's Decree 13/2023/ND-CP on Personal Data Protection, we have designated a Data Protection Officer responsible for overseeing our data protection practices and handling data subject requests:

Data Protection Officer Privacy & Compliance Team
DPO Email dpo@seraphim.vn
Response Time Within 72 hours (PDPD) / 30 days (other jurisdictions)

13.2 General Inquiries

For general privacy-related inquiries or business matters:

Email: hello@seraphim.vn

Address: Seraphim Vietnam Co., Ltd., District 1, Ho Chi Minh City, Vietnam

13.3 Regulatory Authorities

If you are not satisfied with our response or believe we have violated data protection laws, you have the right to lodge a complaint with the relevant supervisory authority:

  • Vietnam: Department of Cybersecurity and High-Tech Crime Prevention (A05), Ministry of Public Security
  • Singapore: Personal Data Protection Commission (PDPC) - www.pdpc.gov.sg
  • EU: Your local Data Protection Authority
// SUMMARY

Your privacy matters to us

We collect only what's necessary, protect it rigorously, and never sell your information.

// Enterprise Technology Partner

Request a Quote

Tell us about your project and we'll get back to you within 24 hours.