Privacy Policy
The subject Privacy Policy shall take effect from September 10, 2023.
SONG LONG ELECTRONIC TRADING SERVICE COMPANY LIMITED (hereinafter referred to as “Company”) establishes and presents the privacy policy as follows, in order to protect the personal information of data subjects who use “Ví Nut” (collectively, “Application”), and resolve any relevant complaint.
1. Purpose of Processing Personal Information
Company collects and uses personal information for the following purposes.
(1) Membership registration and management: confirmation of membership intent, identification/authentication, maintenance and management of membership, prevention of illegal use of services, sending various notices, etc.
(2) Provision of goods or services: provision of service, delivery of contract/invoice, provision of basic service and customized service, verification of identity, age verification, bill payment and settlement, debt collection, etc.
(3) Managing consumer complaints: identification of the data subject, confirmation of complaints, contact/notification for fact-finding, and notification of processing results
(4) Improvement of existing services and development of new and customized services
(5) Processing of pseudonymized information for statistical preparation, scientific research, and preservation of records in the public interest.
2. Items of Personal Information Processed
Company collects and processes the following personal information of users of Application.
(1) Information collected through membership registration (obligatory): phone number, password, nickname
(2) Information collected when using paid service (if so)
- When paying by credit card: payment information such as the name of the card company and card number
- In case of bank transfer: payment information such as the name of the account holder, account number, and bank holding the account
- When paying by mobile phone number: payment information such as phone number and telecommunication company
(3) When using the service, the following personal information items are automatically created and collected: cookies, service use records (visit records, bad use records), device information (mobile phone model name, OS name, and version information), Location data (e.g., mobile device location, time zone setting),Phone data (e.g., contact lists, types and nature of mobile applications found on your mobile device)etc.
(4) For managing consumer complaints: collects and processes necessary information among the above from the user
3. Period of Retention and Use for Personal Information
(1) Company retains and uses the user's personal information while the user uses services as a member, and when either the user requests withdrawal from membership or Company achieves the purpose of collection and use of personal information, the Company will immediately destroy the relevant personal information. However, if the Company terminates the service use contract according to the Terms of Use, the relevant personal information will be preserved for one year to prevent unauthorized re-registration and use of service, and the information is deleted immediately after the end of the relevant period.
(2) Notwithstanding the foregoing, the following information is retained for the period specified for the following reasons.
- Personal information related to use of service (log records): 3 months (Communications Secret Protection Act)
- Records on withdrawal of contract or subscription, etc., and records on payment and supply of goods: 5 years (Consumer Protection Act in Electronic Commerce, Etc.)
- Records on handling consumer complaints or disputes: 3 years (Consumer Protection Act in Electronic Commerce, Etc.)
4. Provision of Personal Information to Third Parties
(1) The company may provide personal information to third parties only with the consent of the data subject or when there are special provisions in the Personal Information Protection Act or other laws.
(2) The Company may provide pseudonymized information to a third party, and in that case, the Company shall comply with Personal Information Protection Act.
5. Use and Provision of Personal Information within the Scope Reasonably Related to the Purpose of Collection
The Company may use or provide personal information to a third party without the consent of the data subject, considering each of the following criteria within a reasonable scope and the original purpose of collection.
(1) Whether or not it is related to the original purpose of collection: Judgment based on whether the original purpose of collection and the purpose of additional use and provision are related in terms of their nature or tendency;
(2) Whether or not the further use or provision of personal information is predictable considering the circumstances in which the personal information was collected or the processing practices: Judgment based on the relationship between the personal information controller and the data subject, the level of technology, and the rate of development, and general circumstances (practice) established over a substantial amount of time;
(3) Whether the interests of the data subject are unreasonably infringed: Judgment based on whether the interests of the data subject are substantially infringed in relation to the additional purpose of use and whether the infringement of the interests is unreasonable; and
(4) Whether measures necessary to secure safety, such as pseudonymization or encryption, have been taken: Judgment by considering whether safety measures are taken in consideration of the possibility of infringement.
6. User’s Rights and Methods for Exercising the Rights
(1) The user can exercise the right to read, correct, delete and suspend processing his or her personal information against the Company at any time.
(2) The exercise of the rights pursuant to Paragraph 1 can be made to the Company in writing, by phone, or by e-mail, and the Company will take action without delay.
(3) The exercise of rights pursuant to Paragraph 1 may be done through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, a power of attorney must be submitted to the Company.
(4) In accordance with relevant laws such as Article 35(4), Article 36(1), and Article 37(2) of the Personal Information Protection Act, the exercise of the user's right to access, correct, delete, or suspend the processing of personal information may be restricted.
(5) Request for correction and deletion of personal information cannot be requested if the information is required to be collected according to other laws.
(6) The Company confirms whether the person who made the request, such as a request for reading, correction, or deletion, or request for suspension of processing, holds such right or is a legitimate agent.
7. Destruction Procedures and Methods for Personal Information
(1) The Company destroys the personal information without delay when the personal information becomes unnecessary, such as in the cases of the expiration of the personal information retention period, or achievement of the purpose of processing.
(2) If personal information needs to be preserved in accordance with the laws and regulations even when the personal information retention period agreed by the user has elapsed or the purpose of processing has been achieved, the personal information will be moved to a different place or stored in a separate database (DB).
(3) The destruction procedures and methods are as follows:
- Destruction procedures: The Company selects the personal information that needs to be destroyed, and destroys the personal information with the approval of the Company's personnel for management of personal information.
- Destruction method: The Company destroys personal information recorded and stored in electronic file format using technical methods so that the information cannot be reproduced, and personal information recorded and stored in paper documents is destroyed by crushing or incineration with a shredder.
8. Technical and Administrative Measures to Ensure Safety of Personal Information
For users’ personal information, Company is taking the following technical/administrative measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.
(1) Administrative measures: establishment and implementation of internal management plans for personal information, regular employee training, etc.
(2) Technical measures: password encryption, security program installation, etc.
9. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
The Company uses 'cookies' to store and frequently retrieve usage information to provide users with individually customized services. Cookies are a small amount of information sent to the user's PC browser by the server (HTTP), which are used to operate the website, etc., and are also stored in the user's hard disk in the computer.
(1) Purpose of using cookies: It is used for security management and improving services, developing new services, and providing customized services and advertisements by analyzing access frequency and visit time of users, identifying the patterns of service usage and tracking traces, secure access status, and the number of users.
(2) Installation, operation, and rejection of cookies: Users have the option with regard to the installation of cookies. Therefore, the users can accept all cookies via options in the mobile device, order to request for confirmation each time a cookie is saved, or refuse to save all cookies.
However, if you refuse to store cookies, it may be difficult to use some services of Company that require login.
10. Protection of personal information of children
Our service is not directed at children. The Company does not knowingly collect personal information of children under the age of 13 or an equivalent minimum age as prescribed in the laws of the relevant jurisdiction.
11. Personnel for Management of Personal Information
(1) The Company has designated the person in charge of personal information management and handling complaints about personal information, and the contact information is as follows.
- Personal information manager
- Name: KIEU KHANH VINH
- Affiliation: CEO
- Contact: song_long_elc@outlook.com
- website: www.soloelc.com
(2) The user can inquire about all personal information protection-related inquiries, handling complaints, damage relief, etc. that occurred while using the Company's service (or business) to the person in charge of personal information protection and the department in charge. The Company will respond and handle the inquiries without delay.
12. Amendment
If there are any additions, deletions, or changes to the contents of this Privacy Policy, we will notify users in advance through a notice on the website at least 7 days prior to the revision. However, we will notify users at least 30 days in advance of any major changes such as the items of personal information to be collected or provision of third parties.