Information privacy policy

1. Introduction

Welcome to the DriverPlus Application, operated by Car Doctor Vietnam Joint Stock Company (hereinafter collectively referred to as “Car Doctor” or “We”).

We take our responsibilities regarding information security seriously, in compliance with Vietnam’s regulations on personal data protection. We are committed to respecting the privacy rights of all Users of our System and mobile application.

2. General Provisions

  1. We recognize the importance of Personal Data that Users have entrusted to us and believe that we have a responsibility to properly manage, protect, and process such data. This Privacy Policy (hereinafter referred to as the “Policy”) is issued to help Users understand how we collect, use, disclose, and/or process the Personal Data provided to us. It also aims to assist Users in making informed decisions before sharing their Personal Data with us.
  2. The contents of this Privacy Policy and its periodic updates apply to all Users when using the System.
  3. Personal Data is stored on our servers in compliance with legal requirements. We are committed to employing appropriate measures to safeguard and protect Personal Data from unauthorized access.
  4. By registering an account or accessing our System, Users agree to the terms outlined in this Privacy Policy when using the System. Users also acknowledge and consent to the privacy policies of our partners and affiliated entities in cases where the System is linked with other platforms.
  5. We may update this Privacy Policy from time to time. Any changes to this Policy will be communicated to Users through the System. Users acknowledge that they are responsible for regularly reviewing and checking this Policy for any updates or modifications before continuing to use the System.
  6. Continued use of the System after an update to this Policy constitutes confirmation and acceptance of all changes made to the Privacy Policy.
  7. If Users do not agree with any terms in this Policy or its updates, they are requested to discontinue using the Services and contact us for support.

3. Data Collected from Users

  1.  We collect personally identifiable information, including data that can identify, describe, relate to, or reasonably be associated with a User.
  2. Personal Data is collected when Users voluntarily provide it.
  3. Personal Data includes, but is not limited to, full name, gender, date of birth, contact details, phone number, mailing address, and email address.
  4. Personal Data related to activities within the System includes, but is not limited to, images, videos, and communication content exchanged between Users (such as interactions with Car Doctor specialists and staff) before, during, and after transactions involving Products/Services.
  5. Payment data, including bank card details, credit card information, bank account numbers, and payment account details.
  6. Feedback data, survey responses, marketing interaction data, interests, conversations, emails, and call history between Users within the System or with third parties (if applicable).
  7. Data provided by third parties about Users, including shared content, contact information, and references made by others within the System, such as shared images featuring the User or contact details.
  8. Location data collected from Users’ devices or voluntarily provided while accessing and using our System, such as GPS location.
  9. Data collected from Users’ devices and applications linked to the System, including personal account details or device information uploaded, synchronized, or imported by the User. We collect information from computers, phones, and other web-connected devices that integrate with our application.
  10. Device attributes: Information such as operating system, hardware and software versions, battery level, signal strength, available storage, plugins, browser type, file and application names, and types.
  11. Device activity: Information about interactions and behaviors on the device, such as whether a window appears in the foreground or background, and mouse movements (this helps distinguish between real users and bots).
  12. Device settings data: Information Users allow us to collect when syncing data from their devices, such as address books, contact lists, call logs, SMS logs, photos, and videos.
  13. Cookie Data: Cookies are small text files (typically including letters and numbers) stored in the memory of the User’s browser or device when visiting a website or viewing a message. Cookies help us recognize a particular device or browser. They cannot read data on the User’s hard drive or extract information from cookies set by other websites. Cookies do not harm the User’s system. Users may choose to accept or reject cookies.
  14. Network and connection data: Information such as mobile network provider or ISP name, language, time zone, mobile number, and automatically generated information when Users access the System, such as IP address, cookies, and login data.

4. How We Use the Data Collected from Users

  1. Improving Service Quality: We use Personal Data to reflect the quality of services associated with accounts and to prevent harmful behavior, detect and prevent spam, impersonation, and other negative experiences, maintain the integrity of the System, and enhance both on- and off-System safety and security. For example, we use the data we have to investigate suspicious activities or activities that violate our policies or terms, or to identify when someone may need assistance.
  2. User Communication: We use the information we have to send Users marketing communications and to inform them about matters related to our Services and System. We also use User information to respond when Users contact us.
  3. Legal and Operational Purposes: (a)To verify User identity for fraud detection purposes, (b) To process complaints, feedback, apply sanctions, and implement resolutions related to any content the User has interacted with on the System, (c) For statistics and research for internal reporting, legal compliance, and/or record-keeping requirements or for any other purposes that we inform Users of at the time we seek their consent.
  4. Cookies and Similar Technologies: Users agree that we may use information collected from cookies and similar technologies to enhance the User experience and the overall quality of our products and services, as well as to understand User behavior and preferences in order to develop, modify, and upgrade Services on the System.
  5. Understanding User Experience and Improving the App: We use Personal Data to gain a deeper understanding of User experience on the System, improve and enhance the System’s quality, and identify User interests and trends. This helps us better understand their needs and preferences, allowing us to provide better services and improve the application for a more convenient User experience.
  6. User Support: We use Personal Data to help address any issues Users may encounter while using the System. We may use email or phone numbers to inform Users about products, services, app updates, and new information related to topics they are interested in.
  7. Marketing and Advertising: We analyze characteristics related to Users based on the Personal Data they provide (to us or to third parties) to offer Users relevant information, products, and services provided by us or our partners, and/or provide regular programs, promotions, and marketing campaigns.
  8. Measurement, Analysis, and Other Business Services: We use Personal Data related to how Users use our System—such as the type of content they view or engage with, features they use, actions they take, and people they interact with.
  9. Enhancing Safety, Security, and Integrity: We use the information we have to detect fraud and prevent unauthorized access or other security threats.

5. Data Retention and Security

  1. Data is securely maintained from the moment of registration on the System.
  2. Data is stored until the User requests its deletion or until another predetermined retention period applies, depending on the System’s storage capacity at any given time, whichever occurs first.

6. Data on Children and Minors

  1. Users must confirm that they are at least 18 years old when providing personal information and using any of our products or services. Users shall not allow any individual under 18 to use their account for any activity on the System.
  2. We do not knowingly collect or retain any Personal Data or non-identifiable information of individuals under 18. If a User violates this provision and provides Personal Data of a minor, the User assumes full responsibility for any consequences. Car Doctor is exempt from any liabilities arising from such violations.
  3. We reserve the right to suspend accounts, delete Personal Data violating this provision, and impose applicable penalties as per prevailing policies.

7. Data Sharing with Third Parties

By using the System, Users consent to the sharing of their Personal Data with third parties under the following circumstances:

  1. Use of Third-Party Service Providers: We may use the services of a service provider or business partners to carry out certain activities related to the System such as repair, maintenance, upgrades, development, and expansion of the System. We require these third parties to comply with all Personal Data protection regulations in accordance with the law.
  2. Sharing Data with Other Users: We enable Users to have the right to share a User’s contact information (e.g., name, phone number, email) with other Users in order to: (1) facilitate or notify the resolution of complaints or disputes related to or arising from interactions between two or more Users of the System; or (2) facilitate the use of Services and features on the System.
  3. Legal Requirements: We may disclose personal data in cases where it is required by law.
  4. Business Transfers: In the event of a merger or partial/complete consolidation with another company, potential investors or investors who have completed the acquisition process will have the right to access, process, and use the information stored and maintained by us, including Users’ personal data. We require these third parties to comply with all Personal Data protection regulations in accordance with the law.

8. Data Security in Operations

  1. Technical Safeguards: We implement necessary technological measures to prevent unauthorized access to the System.
  2. Secure Operational Environment: Personal Data is stored in a secure environment, with access granted only to employees or authorized representatives on a need-to-know basis, who are bound by confidentiality agreements.
  3. Breach Response: In the event of a server breach leading to the exposure or loss of User Personal Data, we will cooperate with relevant authorities to investigate, address, and resolve the issue promptly, as well as notify affected Users.

9. Access, Modification, and Updating of User Personal Data

  1. User Rights to Access and Manage Personal Data: Users always have the right to access their personal data during the use of the System. If the information is incorrect or inaccurate, Users may update, modify, or delete such information, except for data that we are required to retain under the law or to ensure the legality of the System. When updating personal data, we may require Users to verify their identity before processing their request.
  2. We may refuse requests that are unreasonably repetitive, require disproportionate technical effort, pose a risk to the privacy of others, or are otherwise impractical. (For example: changing a phone number more than 03 times per day).
  3. We may provide access and allow edits to information, and we offer this right free of charge unless doing so requires a disproportionate effort relative to the value of the request. If a User’s request exceeds the scope of what we offer for free, we may charge a reasonable fee to process and fulfill the User’s request to access their Personal Data. In such cases, we will inform the User of the estimated fee in advance before proceeding.
  4. We reserve the right to refuse to amend the User’s Personal Data in accordance with data protection laws where such laws require and/or allow an organization to decline the correction of Personal Data.
  5. We strive to maintain our products and services in a way that protects information from accidental or malicious destruction. Therefore, after a User deletes their Personal Data, we may not immediately remove the data from our servers and may not delete it from our backup systems.

10. Transfer of User Information Abroad

User information and/or Personal Data may be transferred, stored, or processed outside the User’s country for one or more Purposes. Car Doctor will only transfer the User’s Personal Data abroad in compliance with applicable personal data protection regulations.

11. Withdrawal of Consent, Restriction of Processing, Objection to Processing, Request for Personal Data Provision, Access, or Modification

11.1 Withdrawal of Consent, Request for Restriction, or Objection to Data Processing

Users may withdraw their consent, request restrictions, or object to the collection, processing, use, and/or disclosure of their Personal Data that we retain or control by modifying their preferences on their personal devices or by sending an email/notification to us. We will process such requests in accordance with our Privacy Policy and relevant legal provisions. However, the withdrawal of consent, request for restriction, or objection to data processing may result in our inability to continue providing services to the User, potentially leading to the termination of the current relationship and/or contract between the User and Car Doctor.

11.2 Request for Personal Data Provision

  1. Users have the right to request access to their Personal Data by contacting us via email or other official communication channels. Users may also request us to provide their Personal Data to third parties, provided they submit valid authorization documents or other legal proof of data subject consent, as required by applicable laws.
  2. A request is deemed valid and will be processed only when it contains all necessary information and follows the legally prescribed format and system security protocols.
  3. We may charge a fee for processing and handling requests for Personal Data provision. If a fee is applicable, we will notify Users in advance of the estimated cost in writing, depending on the specific case. Please note that we are not obligated to fulfill or process a request unless the User agrees to pay the specified fee.
  4. If a request is deemed valid under legal provisions and falls within circumstances where Car Doctor is permitted to disclose data, we will notify the User through appropriate communication channels regarding the time, location, format of Personal Data provision, associated costs (if any), payment methods and deadlines (if applicable), and other relevant legal procedures.

11.3 Request for Access or Modification of Personal Data

  1. If a User has registered an account with us, they may access and/or modify their Personal Data stored or controlled by us through the Account Settings page on our System. If the User has not registered an account but has engaged in transactions through our customer support, they may submit a written request for modification of their Personal Data. We require sufficient information to verify the User’s identity and the nature of their request in order to process it. Therefore, the User should submit their written request via email or official communication channels.
  2. Depending on the technical requirements necessary to process a User’s request, we may charge a fee for handling access requests. If applicable, we will notify the User in advance with an estimated cost in writing. Please note that we are not obligated to fulfill access requests unless the User agrees to pay the specified fee.

12. Complaint Handling Mechanism

  1. Any complaints regarding the risk of User Personal Data being disclosed, misused, or processed beyond the scope of our stated purposes may be submitted via the contact information provided on our System.
  2. Our staff will assess User complaints, and based on the nature and severity of the complaint, we will take appropriate measures to address the issue.

13. Effectiveness of the Privacy Policy

  1. This policy is effective from July 18, 2024.
  2. This policy is governed by and interpreted in accordance with the laws of Vietnam.
  3. The Privacy Policy may be updated from time to time based on actual circumstances. Any future changes will be communicated to Users through our System.

 

 

THE USER HAS READ AND AGREES TO ALL THE TERMS OF THIS SERVICE AGREEMENT AS WELL AS ANY FUTURE AMENDMENTS. BY CLICKING “I AGREE,” THE USER CONFIRMS THAT THEY HAVE FULLY UNDERSTOOD THE CONTENT OF THIS AGREEMENT AND COMMIT TO COMPLYING WITH ITS TERMS. THIS ELECTRONIC CONSENT CONSTITUTES A LEGALLY BINDING AGREEMENT BETWEEN THE USER AND THE COMPANY, EQUIVALENT TO A HAND-SIGNED CONTRACT.