FPT International Telecom Company Limited is a company incorporated under Vietnamese law, headquartered at Lot L.29B-31B-33B Tan Thuan Street, Tan Thuan Export Processing Zone, Tan Thuan Dong Ward, District 7, Ho Chi Minh City, Vietnam (hereinafter referred to as “FTI”).
2.1. FPT Telecom: FPT Telecom Joint Stock Company, tax code 0101778163. Headquartered at Floor 2, FPT Cau Giay Building, 17 Duy Tan Street, Dich Vong Hau Ward, Cau Giay District, Hanoi City, Vietnam.
2.2. Customer: Individual Customers (Vietnamese or foreigners) who provide information to FPT Telecom when registering for and using the products or services that FPT Telecom is currently providing within the territory of Vietnam.
2.3. Personal data: Information in the form of signs, writing, numbers, images, sound, or similar forms in electronic environments, which is associated with a specific individual or helps identify a specific individual. Personal data includes basic personal data and sensitive personal data.
2.4. Basic Personal Data includes:
(a) Full name, middle name, first name, aliases (if any);
(b) Date, month, year of birth; date, month, year of death or disappearance;
(c) Gender;
(d) Place of birth, place of birth registration, place of permanent residence, temporary residence, current address, hometown, contact address;
(e) Nationality;
(f) Images of individuals;
(g) Phone number, ID card number, personal identification number, passport number, driver’s license number, license plate number, personal tax code, social insurance number, health insurance card number;
(h) Marital status;
(i) Information about family relationships (parents, children);
(j) Information about personal account numbers; personal data reflecting activities, activity history on the internet;
(k) Other information associated with a specific individual or helps identify a specific individual that is not Sensitive Personal Data;
(l) Other data as prescribed by current laws.
2.5. Sensitive personal data includes personal data associated with the privacy of an individual, the infringement of which will directly affect the legitimate rights and interests of the individual, including:
(a) Political opinions, religious beliefs;
(b) Health status and private life recorded in medical records, excluding blood group information;
(c) Information related to ethnic origin, race;
(d) Information about inherited or acquired genetic characteristics of individuals;
(e) Information about physical attributes, individual’s biological characteristics;
(f) Information about sexual life, sexual orientation of individuals;
(g) Data on crimes, criminal acts collected, stored by law enforcement agencies;
(h) Customer information of credit institutions, branches of foreign banks, organizations providing intermediary payment services, other authorized organizations, including: customer identification information as regulated by law, information about accounts, information about deposits, information about assets, information about transactions, information about organizations, individuals acting as guarantors at credit institutions, bank branches, organizations providing intermediary payment services;
(i) Data on the location of individuals determined through location-based services;
(j) Other personal data as prescribed by law that is specific and requires necessary security measures.
2.6. Personal data protection: activities of prevention, detection, prevention, and handling of violations related to personal data as prescribed by law.
2.7. Personal data processing: one or more operations affecting personal data, such as: collection, recording, analysis, verification, storage, modification, disclosure, combination, access, retrieval, recovery, encryption, decryption, copying, sharing, transmission, provision, transfer, deletion, erasure of personal data, or other related actions.
2.8. FPT Telecom’s transaction channels: Including FPT Telecom’s electronic transaction channels (website fpt.vn, Zalo, etc.) or other transaction channels provided by FPT Telecom to customers depending on each period.
3.1. FPT Telecom processes the following types of personal data of Customers:
(a) Full name, middle name, first name, aliases (if any);
(b) Date, month, year of birth; date, month, year of death or disappearance;
(c) Gender;
(d) Place of birth, place of birth registration, place of permanent residence, temporary residence, current address, hometown, contact address;
(e) Nationality;
(f) Images of individuals, including images provided by customers when registering for services and images posted by customers on FPT’s applications/websites during service usage;
(g) Phone number, ID card number, personal identification number, passport number, driver’s license number, license plate number, personal tax code, social insurance number, health insurance card number;
(h) Marital status;
(i) Information about family relationships (parents, children);
(j) Information about personal account numbers; personal data reflecting activities, activity history on the internet;
(k) Data on telecommunication consumption behavior: call, SMS, data, VAS;
(l) Phone configuration, version information of applications on the phone;
(m) Sensitive personal data includes: Customer identification information as regulated by law, information about accounts, information about transactions.
3.2. The personal data processed includes data provided by customers to FPT Telecom when registering for and using services, as well as data generated during customers’ use of FPT Telecom’s services.
4.1. Customer’s personal data is committed to maximum confidentiality in accordance with FPT Telecom’s regulations and the law. The processing of personal data of each customer shall only be carried out with the customer’s consent, except where otherwise provided by law.
4.2. FPT Telecom does not use, transfer, provide, or share any customer’s personal data with any third party without the customer’s consent, except where otherwise provided by law.
4.3. Other principles as prescribed by current laws.
5.1. Customers agree to allow FPT Telecom to process their personal data and share the results of data processing for the following purposes:
a) Support Customers, update Customer information when purchasing, using products, services provided by FPT Telecom or FPT Telecom’s partners.
b) Provide FPT Telecom’s products and services, and collaborate with partners to serve Customers.
c) Organize introductions and promote commerce, market research, public opinion polls, and intermediation.
d) Research and develop new services and provide suitable products, services to Customers.
e) Business marketing services, introduce advertising products.
f) Measure, analyze data, evaluate, and perform other processing to improve and enhance the quality of services provided by FPT Telecom to Customers.
g) Investigate and resolve Customer complaints, grievances.
h) Adjust, update, secure, and improve the products, services, and devices that FPT Telecom is providing.
i) Verify identity and ensure the security of Customer information.
j) Notify Customers of changes to policies, promotions of products, services provided by FPT Telecom.
k) Prevent fraud, identity theft, and other illegal activities.
l) Comply with current laws, relevant industry standards, and other existing policies of FPT Telecom.
m) Any other purpose specific to FPT Telecom’s operation and any other purpose notified by FPT Telecom to customers at the time of collecting customers’ personal data or before starting related processing or as otherwise permitted by current laws.
5.2. In case it is necessary to process customer’s personal data for other purposes or at the customer’s request, FPT Telecom will notify the customer through FPT Telecom’s transaction channels for the customer’s consent before processing
6.1. FPT Telecom Joint Stock Company, tax code 0101778163. Headquartered at Level 2, FPT Cau Giay Building, No. 17 Duy Tan Street, Dich Vong Ha Ward, Cau Giay District, Hanoi, Vietnam.
6.2. FPT Telecom may share or jointly process personal data with the following organizations and individuals:
a) FPT Corporation and its subsidiaries.
b) Subsidiaries directly or indirectly owned by FPT Telecom.
c) Contractors, agents, partners, and service providers of FPT Telecom.
d) Branches, business units, and employees working at the branches, business units, and agencies of FPT Telecom.
e) Telecommunication businesses in cases where customers violate service payment obligations.
f) Commercial shops and retailers related to the implementation of FPT Telecom’s promotional programs.
g) Professional advisors of FPT Telecom such as auditors, lawyers, as required by law.
h) Courts, competent state authorities in accordance with the provisions of the law and/or when required and permitted by law.
FPT Telecom commits to sharing or jointly processing personal data only when necessary to fulfill the Purposes of Processing stated in Article 4 of this Policy or as required by law. Organizations and individuals receiving customers’ personal data must comply with the provisions of this Policy and relevant laws on the protection of personal data.
Although FPT Telecom will make every effort to ensure that Customer information is anonymized/ encrypted, it cannot completely exclude the risk that such data may be disclosed in certain unavoidable cases.
6.3. In the event of the involvement of other organizations in the processing of personal data as mentioned in this article, Customers agree that FPT Telecom will notify them through FPT Telecom’s transaction channels before FPT Telecom proceeds with the processing.
FPT Telecom ensures the processing of Customers’ personal data fully complies with the requirements of the law in the following specific cases:
7.1. Footage from surveillance cameras (CCTV), in specific cases, may be used for the following purposes:
a) For quality assurance purposes;
b) For public security and occupational safety purposes;
c) To detect and prevent suspicious, inappropriate, or unauthorized use of FPT Telecom’s utilities, products, services, and/or facilities;
d) To detect and prevent criminal acts; and/or
e) To investigate incidents.
7.2. FPT Telecom always respects and protects the personal data of children. In addition to the data protection measures provided by law, before processing the personal data of children, FPT Telecom will verify the age of the child and obtain the consent of:
a) Children and/or
b) Parents or guardians as required by law.
7.3. In addition to compliance with other relevant legal provisions, regarding the processing of personal data related to personal data of missing persons/deceased persons, FPT Telecom shall obtain the consent of one of the relevant parties as required by the current law.
FPT Telecom commits to store Customers’ personal data only in cases related to the purposes stated in this Policy.
FPT Telecom may also need to store Customers’ personal data for a certain period, such as when required by the current law.
9.1. Customers have the right to be informed about the processing activities of their personal data, except as otherwise provided by law.
9.2. Customers have the right to consent or object to the processing of their personal data, except as otherwise provided by law.
9.3. Customers have the right to access, view, and request the correction of their personal data in writing to FPT Telecom, except as otherwise provided by law.
9.4. Customers have the right to withdraw their consent by sending documented request to FPT Telecom, except as otherwise provided by law.
The withdrawal of consent does not affect the legality of the data processing that was previously consented to by the customer with FPT Telecom.
9.5. Customers have the right to delete or request the deletion of their personal data by sending a documented request to FPT Telecom, except as otherwise provided by law.
9.6. Customers have the right to request the restriction of the processing of their personal data in writing to FPT Telecom, except as otherwise provided by law.
FPT Telecom will implement the data processing restriction within 72 hours after receiving the customer’s request, with respect to all personal data that the customer requested to restrict, except as otherwise provided by law.
9.7. Customers have the right to request that FPT Telecom provide them with their personal data in writing to FPT Telecom, except as otherwise provided by law.
9.8. Customers have the right to object to FPT Telecom, organizations authorized to process personal data according to Article 5 of this Policy, processing their personal data for the purpose of preventing or restricting the disclosure of personal data or its use for advertising or marketing purposes, except as otherwise provided by law.
FPT Telecom will implement the customer’s request within 72 hours after receiving the request, except as otherwise provided by law.
9.9. Customers have the right to make complaints, accusations, or file lawsuits as provided by law.
9.10. Customers have the right to claim compensation for actual damages in accordance with the law if FPT Telecom violates the provisions on the protection of their personal data, except as otherwise agreed by the parties or provided by law.
9.11. Customers have the right to self-defense in accordance with the provisions of the Civil Code, relevant laws, or request competent authorities or organizations to implement civil rights protection measures as provided in Article 11 of the Civil Code.
9.12. Other rights as provided by current laws.
9.13. Method of exercising rights: in writing to FPT Telecom, by calling the hotline number 19006600, or sending an email to hotrokhachhang@fpt.com for guidance.
10.1. Comply with the provisions of the law, regulations, and guidelines of FPT Telecom related to the processing of Customers’ personal data.
10.2. Provide complete, honest, and accurate personal data, as well as other information as required by FPT Telecom when registering and using FPT Telecom’s services, and promptly update this information when changes occur. FPT Telecom will secure the customer’s personal data based on the information provided by the customer during registration. Therefore, if there are any discrepancies in the information, FPT Telecom will not be responsible in cases where the information affects or limits the customer’s rights. In case of not providing timely notification, if there are risks or losses, the customer shall bear responsibility for any errors or misuse when using services due to their errors or failure to provide correct, complete, accurate, and timely information, including financial damages and costs arising from incorrect or inconsistent information provided.
10.3. Cooperate with FPT Telecom, competent state agencies, or third parties in cases of issues affecting the security of the customer’s personal data.
10.4. Take responsibility for protecting Customers’ personal data; proactively apply measures to protect their personal data during the use of FPT Telecom’s services; promptly notify FPT
Telecom when detecting errors or misunderstandings about Customers personal data or when suspecting a breach of Customers’ personal data.
10.5. Assume responsibility for the information, data, and approvals they create and provide on the network environment; take responsibility in case of personal data leakage or breach due to their errors.
10.6. Regularly update the provisions of Personal Data Processing Policy of FPT Telecom during each period as notified to Customers or posted on FPT Telecom’s transaction channels. Take actions according to FPT Telecom’s instructions to clearly express consent or non-consent to the purposes of processing personal data that FPT Telecom informs Customers of in each period.
10.7. Respect and protect the personal data of others.
10.8. Participate in disseminating and promoting personal data protection skills.
10.9. Other responsibilities as stipulated by law.
11.1 Process Customers’ personal data according to the agreed purposes, scope, and other content with the customer’s consent.
11.2 Be allowed to modify, supplement, or replace this Policy from time to time and ensure that Customers are informed through FPT Telecom’s transaction channels before implementation. If Customers continue to use products, services, execute, or enter into transactions with FPT Telecom after the time FPT Telecom notifies, it is understood that Customers accept all modifications, supplements, or replacements of this Policy by FPT Telecom.
11.3 Have the right to refuse illegal requests from Customers or for reasons of infrastructure, technology, or technical limitations that cannot be met.
11.4 Decide to apply appropriate measures to protect Customers’ personal data.
11.5 Be exempted from any obligations and responsibilities regarding the risks that may occur during the processing of personal data, including but not limited to data loss due to system errors or other objective reasons beyond the control of FPT Telecom.
11.6 Other rights as stipulated in this Policy and by law.
12.1. Comply with the provisions of the law in the process of processing Customers’ personal data.
12.2. Apply appropriate information security measures to prevent unauthorized access, alteration, use, or disclosure of Customers’ personal data.
12.3. Properly handle the lawful requests of Customers related to their personal data.
12.4. Ensure there are mechanisms allowing Customers to exercise their rights related to their personal data.
12.5. Coordinate with competent state authorities and other relevant organizations and individuals to minimize damages when detecting violations of the law related to Customers’ personal data.
12.6. Other obligations as stipulated in this Policy and by law.
FPT Telecom applies one or more data processing activities to personal data, such as collection, recording, analysis, verification, storage, modification, disclosure, combination, access, retrieval, retrieval, encryption, decryption, copying, sharing, transmission, provision, transfer, deletion, erasure of personal data, or other related actions.
14.1 FPT Telecom utilizes various information security technologies to protect Customers’ personal data from unauthorized access, usage, or sharing. However, no data can be 100% secure. Therefore, FPT Telecom commits to maximizing the security of Customers’ personal data.
Some unforeseen consequences and unexpected damages that may occur include, but are not limited to:
(a) Hardware or software errors in data processing that result in the loss of Customers’ data;
(b) Security breaches beyond the control of FPT Telecom, where the system is attacked by hackers, leading to data breaches;
(c) Customers inadvertently or due to deception disclose their personal data, access websites, or download applications containing malicious software…
14.2 FPT Telecom advises Customers to keep confidential information related to login passwords, OTP codes, and not to share their login passwords and OTP codes with anyone else.
14.3 Customers should take care of their electronic devices during use, lock, log out, or exit their accounts on FPT Telecom’s websites or applications when not in use.
14.4 In the event of a server storing Customer data being hacked, resulting in the loss of Customers’ personal data, FPT Telecom will promptly notify the incident to the competent authorities for investigation and inform the customer.
15.1 When Customers use or access FPT Telecom’s electronic pages, FPT Telecom may place one or more cookies on the customer’s device. “Cookie” is a small file placed on the customer’s device when accessing an electronic page. It records information about the device, the customer’s browser, and in some cases, the customer’s preferences and browsing habits. FPT Telecom may use this information to identify Customers when they return to FPT Telecom’s electronic pages, provide personalized services on FPT Telecom’s electronic pages, compile analytical data to better understand the operation of electronic pages, and improve FPT Telecom’s electronic pages. Customers can use their browser settings to delete or block cookies on their devices. However, if Customers decide not to accept or block cookies from FPT Telecom’s electronic pages, they may not be able to fully utilize all the features of FPT Telecom’s electronic pages.
15.2 FPT Telecom may process Customers’ personal information through cookie technology, as stipulated in this Policy. FPT Telecom may also use remarketing measures to distribute advertisements to individuals who have previously accessed their electronic pages.
15.3 In the scope of third parties that have placed content on FPT Telecom’s electronic pages (e.g., social media features), those third parties may collect Customers’ personal information (e.g., cookie data) if Customers choose to interact with the content of those third parties or use their services.
16.1. This Policy is effective from July 01, 2023. Employees understands and agrees that this Policy may be amended during each period and will be notified to CBNV through FPT Telecom’s internal communication channels before implementation. The changes and effective dates will be updated and announced on internal communication channels and other channels of FPT Telecom. If CBNV continues to fulfill their commitments in the employment contract after the notification period regarding the content of the amendments and supplements made during each period, it shall be deemed that CBNV has accepted those amendments and supplements.
16.2. Customers are fully aware and agree that this Policy also serves as a Notice of personal data processing as regulated in Article 13 of Decree 13/NĐ-CP/2023 and as amended and supplemented from time to time before FPT Telecom processes personal data. Therefore, FPT Telecom does not need to take any additional measures to notify Customers of the processing of their personal data.
16.3. Customers commit to strictly comply with the provisions of this Policy. For matters not provided for in this Policy, the Parties shall mutually agree to implement them in accordance with the provisions of the law and the instructions of competent state agencies and/or the amendments and supplements to this Policy notified to Customers in each period by FPT Telecom.
16.4. This Policy is entered into in good faith between FPT Telecom and Customers. In the course of implementation, if disputes arise, the Parties will actively resolve them through negotiation and reconciliation. In case reconciliation is not achieved, the dispute will be brought to the competent People’s Court for resolution in accordance with the law.
16.5. Customers have thoroughly read, understood, and agreed to all the rights and obligations and the entirety of the content of this Policy on personal data protection.
