POLICY ON COLLECTION AND PROCESSING OF PERSONAL DATA

Lancs Network Technology Joint Stock Company (abbreviated as Lancs Net., JSC) announces this Personal Data Collection and Processing Policy to publicly disclose how we collect, store, and process personal information or data (“Personal Information”) of our customers through our authorized distribution partner, Lancs Network Technology Retail Joint Stock Company (abbreviated as Lancs Retails), or directly through our website.

We are committed to protecting our customers’ personal information and will make every effort and use appropriate measures to ensure that the information provided by customers during the use of our products/services is kept confidential and protected from unauthorized access in accordance with the law.

 

ARTICLE 1. DEFINITIONS

1. Lancs Net., JSC: is the abbreviated name of Lancs Vietnam Network Technology Joint Stock Company, Business Registration Certificate No. 0109148558
2. Customer/Customer: is (i) an individual and/or (ii) an organization that provides personal data to purchase and register for the use of Lancs Net.’s products and services.
3. Products and services are any products or services that the Customer purchases or registers for use provided by Lancs Net., JSC and/or provided by Lancs Net., JSC in cooperation with partners.
4. Personal data: is information in the form of symbols, writing, numbers, images, sounds or similar forms in an electronic environment associated with a specific Customer or helping to identify a specific Customer. Personal data includes basic personal data and sensitive personal data.
5. Basic personal data includes information such as:
   • Surname, middle name and given name, other names (if any);
   • Date of birth; date of death or disappearance;
   • Gender;
   • Place of birth, place of birth registration, permanent residence, temporary residence, current residence, hometown, contact address;
   • Nationality;
   • Personal photograph;
   • Phone number, national identity card number, citizen identification number, personal identification number, passport number, driver’s license number, vehicle license plate number, personal tax code, social insurance number, health insurance card number;
   • Information about family relationships (parents, children);
   • Information about the individual’s digital account;
   • Information about the customer’s use of telecommunication services, including: email. Information related to the use of voice and messaging services (including but not limited to the phone number initiating the call, the phone number receiving the call, the time of call initiation and termination, the call duration, the phone number sending the message, the phone number receiving the message, the time of sending and receiving the message); registered service packages and billing information (information on usage charges, outstanding charges, prepaid charges, etc.); service fees, charges; mobile data usage history (SMS, value-added services, data, etc.), mobile data usage time; usage volume, history and frequency of use of Products, goods, and services; IP address; information on product, goods, and service reviews/ complaints/ requests for repair/ troubleshooting;
   • Personal data reflecting activities and activity history on the cyberspace, including but not limited to data related to websites/social networks or applications; Technical data (including device type, operating system, browser type, browser settings, IP address, language settings, date and time of connection to the Website, Application usage statistics, Application settings, date and time of connection to the Application, other technical contact information); account name; password; security login details; usage data; cookie data; browsing history; clickstream data; channel viewing history, VOD (video on demand);
   • Other information associated with a specific Customer or that helps identify a specific Customer that does not fall within the scope of Sensitive Personal Data as defined in Clause 6 of this Article.
6. Sensitive personal data: refers to personal data linked to the privacy of customers, the infringement of which would directly affect the legitimate rights and interests of customers, including but not limited to the following types of data:
   • Customer’s telecommunications account information, including payment history, account top-ups, and telecommunications account balances;
   • Information related to the customer’s use of intermediary payment services, including: customer identification information as prescribed by law, account information, deposit information, information on deposited assets, transaction information, information on organizations and individuals acting as guarantors at credit institutions, bank branches, and intermediary payment service providers;
   • Information relating to ethnic origin, physical attributes, and unique biological characteristics that the Customer provides to Lancs Net., JSC or that Lancs Net., JSC obtains during the Customer’s purchase and use of Products, goods, and services;
   • Data on the Customer’s location determined through location services;
   • Other personal data that is legally defined as specific and requires necessary security measures.
7. Personal Data Processing: refers to one or more activities affecting Personal Data, such as: collecting, recording, analyzing, verifying, storing, modifying, publishing, combining, accessing, retrieving, retrieving, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, destroying personal data, or other related actions.
8. Personal Data Controller: is the organization or individual that determines the purpose and means of processing Personal Data.
9. Personal Data Processor: is the organization or individual that performs the processing of Personal Data on behalf of the Personal Data Controller, through a contract or agreement with the Personal Data Controller.
10. Personal Data Controller and Processor: is the organization or individual that simultaneously determines the purpose, means, and directly processes Personal Data.
11. Lancs Net.,JSC’s transaction channels: include the hotline, the official website (https://lancsretails.com), and physical transaction channels (stores, business locations, etc. of Lancs Net.,JSC and its agents), or other transaction channels provided or authorized to be provided to customers by Lancs Net.,JSC from time to time.

 

ARTICLE 2. TYPES OF DATA PROCESSED

1. Personal data processed includes data provided by Customers to Lancs Net., JSC when purchasing and using products and services, and data generated during the Customer’s purchase and use of Lancs Net., JSC’s products and services, as follows:
   • Basic personal data as stipulated in Clause 5, Article 1 of this Document
   • Sensitive personal data as stipulated in Clause 6, Article 1 of this Document.
2. Personal data is processed in accordance with each corresponding type of Product and Service.

 

ARTICLE 3. PURPOSE OF PROCESSING PERSONAL DATA

Personal data as described in Article 2 above may be processed for the following purposes:

1. Providing products and services to customers under contract and fulfilling the rights and obligations of Lancs Net., JSC as stipulated by law, including but not limited to:
   • Serving business management activities; operating, exploiting, and optimizing the quality of services/software provided by Lancs Net., JSC;
   • Authenticate and execute payment transactions; reconcile payments, exchange and provide information related to service users to prevent evasion of contractual obligations within the scope permitted by law; reconcile with Lancs Net., JSC’s partners for the purpose of providing Products and services to Customers;
   • Provide, activate, or verify Products and services requested by Customers according to the Request Form/Contract or through Lancs Net., JSC’s transaction channels or other requests from Customers arising during the use of Products and services;
   • For the purpose of contacting and notifying Customers;
   • Exercising Customers’ rights related to Personal Data as stipulated by law and agreements between Customers and Lancs Net., JSC;
   • Fulfilling contractual obligations of the Client and obligations of Lancs Net., JSC to relevant agencies, organizations, and individuals as prescribed by law;
   • Disclosing Client’s personal data as prescribed by law;
   • Fulfilling Lancs Net., JSC’s obligations regarding inspection, auditing, statistics, reporting, finance, accounting, and taxation;
   • Performing data security operations; ensuring the security of Lancs Net., JSC’s information systems such as backup, recovery, monitoring, resource optimization, and protection of client personal data;
   • Sending notification messages, communicating, campaigning, and soliciting support related to the National Humanitarian Information Portal and as requested by state management agencies;
   • Detecting and preventing violations of the law in cyberspace at the request of competent state agencies and legal regulations, including but not limited to: spam messages, spam emails, spam calls, messages with fraudulent purposes, emails with fraudulent purposes, calls with fraudulent purposes;
   • Detecting and preventing fraud, deception, attacks, intrusions, illegal appropriation, criminal acts and other illegal acts;
   • In cases of national defense and security emergencies, social order and safety emergencies, major disasters, dangerous epidemics;
   • When there is a threat to national defense and security but not to the extent of declaring a state of emergency; preventing and combating riots, terrorism, crime and violations of the law as prescribed by law;
   • Serving the operations of state agencies in accordance with specialized laws and regulations.
2. Providing customer support when purchasing and using products and services provided by Lancs Net., JSC in accordance with contracts and legal regulations, including:
   • Updating and processing information when customers purchase and use products and services;
   • Customer care, receiving and resolving customer inquiries and complaints regarding Lancs Net., JSC’s products and services;
   • Using and transferring personal data, information on problems, incidents, and error reports reported by customers to partners to identify and resolve product and service issues; repairing customer equipment; and performing other customer care and support activities.
3. Improving the quality of products and services that Lancs Net., JSC provides to its customers:
   • Providing information that customers have requested or that Lancs Net., JSC believes customers may find useful, including information about Lancs Net., JSC’s products and services as required by law;
   • Improving the technology and interface of the website to ensure convenience for customers;
   • Managing customer accounts and loyalty programs;
   • Storing information, conducting market research, analysis, statistics, and other internal management activities to enhance customer experience;
   • Reporting, statistically analyzing internal data to research, build, develop, manage, measure, provide, and improve products and services, as well as operate Lancs Net., JSC’s business;
   • Developing marketing campaigns for products and services and determining how Lancs Net., JSC can personalize those products and services;
   • Developing and providing new, personalized products and services tailored to the specific needs and conditions of customers, using effective measurement methods;
   • Introducing and offering promotional programs for products and services, as well as promotions and offers from Lancs Net., JSC and its partners;
   • Evaluating the likelihood of customers purchasing and using Lancs Net., JSC’s products and services through their telecommunications rating scores to best support the provision of products and services to customers.
4. Lancs Net., JSC engages in the business of providing marketing, advertising, and product promotion services tailored to the needs of its clients, or in terms of what it believes clients are interested in, based on the following content, format, and frequency:
   • Content: Introducing information about products, services, and offers provided by Lancs Net., JSC and its partners;
   • Method: Via advertising messages (SMS, USSD, MMS…), IVR calls, announcements on Lancs Net., JSC’s transaction channels, or other methods as prescribed by law;
   • Format: Sent directly to customers via electronic devices or other forms on the internet as prescribed by law;
   • Frequency: As prescribed by advertising laws.
5. Business activities include market research services, public opinion polling, and brokerage.
6. Organization of trade fairs and promotional events.

 

ARTICLE 4. DATA PROCESSING FOR CUSTOMERS UNDER 16 YEARS OF AGE

1. During the provision of Products and Services, Lancs Net., JSC will have individual Customers aged from 7 (seven) years old to under 16 (sixteen) years old (“Child Customers”). Lancs Net., JSC will carry out the necessary procedures to verify the age of Child Customers before processing Personal Data.
2. In the event that a Child Customer purchases, registers for, or uses the Products and Services, the content in Appendix 01 of this Document will be marked for confirmation by the Child Customer. The parent or guardian of the Child Customer will mark to confirm their consent regarding the processing of the Child Customer’s Personal Data as stipulated in Appendix 02 of this Document, unless otherwise provided by law.

 

ARTICLE 5. METHODS OF DATA PROCESSING

1.Collection method

Personal data is collected directly from you in the following cases:

• From Lancs Net., JSC’s Websites: We may collect Personal Data when you access any of Lancs Net., JSC’s websites (collectively referred to as “Websites”) or use any features or resources available on or through the Websites. When you access the Websites, Lancs Net., JSC collects information about your device and browser (such as device type, operating system, browser type, browser settings, IP address, language settings, date and time of connection to the Websites, and other technical communication information);
• From the Application: We may collect Personal Data when Customers download or use mobile applications (collectively referred to as “Applications”). These Applications may record certain information (including Application usage statistics, device type, operating system, Application settings, IP address, language settings, date and time of connection to the Application, and other technical communications);
• Regarding Products and Services: Lancs Net., JSC may collect Personal Data when you purchase, register for, or use any Products or Services through any means (SMS, USSD, IVR, website, wapsite, application, etc.); Lancs Net., JSC’s transaction channels, cyberspace; and/or other methods as prescribed by law;
• From exchanges and communications with Customers: We may collect Personal Data through interactions between Us and You (in person, by mail, telephone, online, call center systems, electronic communication or any other means) including Customer surveys;
• From social media: This refers to the social media platforms of Lancs Net., JSC and/or social media platforms that we collaborate with our partners on;
• From audio and video recording devices placed at stores, business locations, or places where part or all of Lancs Net., JSC’s business activities are conducted, where you encounter, appear, or interact with us. The placement of these recording devices aims to contribute to the protection of social order and safety, and to protect the legitimate rights and interests of customers and Lancs Net., JSC in accordance with the law;
• From interactions or automated data collection technologies: We may collect information including IP addresses, referring URLs, operating systems, web browsers, and any other information automatically recorded from the connection:

+ Cookies, flash cookies, plug-ins, pixel tags, email beacons, third-party social network connectors, or other tracking technologies;

+ Any technology capable of tracking personal activity on devices or websites;

+ Other data provided by a device.

• Other means: We may collect Personal Data when you interact with Lancs Net., JSC through any other means.

We may also indirectly collect Personal Data from you through publicly available, official sources; or through receiving necessary data from subsidiaries and partners that they collect in the process of cooperating with Lancs Net., JSC in providing Products and services to you and with your permission to share it..

2.Storage method

Personal data is stored in Vietnam in Lancs Net., JSC’s Customer database system or anywhere we or our branches, subsidiaries, affiliates, partners or service providers have facilities and create backup copies for data centers in other locations.

During your access to Lancs Net., JSC’s website, wapsite, application, and social media, we may also temporarily store information via cookies, clickstream, or similar browsing data storage tools to store data that web servers in the domain can retrieve.

3.Methods for transferring/sharing data

We will use necessary security measures to ensure the transfer/sharing of your Personal Data to (i) other telecommunications businesses; (ii) individuals/organizations involved in the Personal Data Processing process as stipulated in Article 9 of this Document; or (iii) competent state agencies, ensuring information security, preventing data leaks and breaches, and requiring the parties receiving Personal Data to take data security measures.

4.Analysis method

The analysis of personal data is carried out according to Lancs Net., JSC’s internal procedures. We have a strict monitoring mechanism for each data analysis process, which requires verification of compliance with legal requirements for data security and information security for the IT system before proceeding with the analysis. We also have strict rules to ensure that personal information is anonymized or de-identified at the appropriate stage in the processing.

5.Encryption method

Personal data collected is encrypted using appropriate encryption standards when necessary during data storage or transfer, to ensure that the data is protected, authentic, intact, and cannot be altered after it has been transmitted.

6.How to delete data

When you cease using Lancs Net., JSC’s products and services and make a valid request, we will proceed to delete all personal data that you have provided and/or that we have collected during your use of the products and services, except where otherwise provided by law and in certain cases where this is not possible, as follows:

• The law stipulates that data deletion is not permitted or that data storage is mandatory;
• Personal data is processed by competent state agencies for the purpose of serving the activities of state agencies as prescribed by law;
• Personal data has been made public as prescribed by law;
• Personal data is processed to serve legal requirements, scientific research, and statistics as prescribed by law;
• In cases of national defense emergencies, national security emergencies, social order and safety emergencies, major disasters, dangerous epidemics; when there is a threat to national security and defense but not to the extent of declaring a state of emergency; in the prevention and control of riots, terrorism, crime, and violations of the law;
• Responding to emergency situations that threaten the life, health, or safety of the Customer or other individuals.

 

ARTICLE 6. PRINCIPLES OF DATA SECURITY OF LANCS NET., JSC

1. Your personal data is protected in accordance with this document and applicable laws.
2. We are responsible for ensuring network security in accordance with the law, safeguarding national defense and security, protecting state secrets, maintaining political stability, social order and safety, and promoting socio-economic development.
3. We always ensure the legitimate rights and interests of our customers are protected in handling network security incidents.
4. Network security activities are carried out regularly, continuously, promptly, and effectively.

 

ARTICLE 7. POTENTIAL UNINTENDED CONSEQUENCES AND DAMAGES

1. We employ various information security technologies such as the international PCI standard, SSL, firewalls, encryption, etc., to protect and prevent unauthorized access, use, or sharing of your personal data. However, no data can be completely secure. Therefore, we cannot guarantee absolute security of your personal data in certain cases, such as:
   • Hardware or software errors during data processing resulting in the loss of customer data;
   • Security vulnerabilities beyond our control, system attacks by hackers causing data leaks.
2. We advise you to keep your account login password, OTP code, or service activation code secure and not share this information with anyone else.
3. You should be aware that whenever you disclose and make your Personal Data public, that data may be collected and used by others for purposes beyond your and our control.
4. We advise you to keep your personal devices (phones, tablets, personal computers, etc.) safe while using the service; you should log out of your account when you are not using it.
5. In the event that the data storage server is attacked resulting in the loss, leakage, or unauthorized access of Customers’ Personal Data, Lancs Net., JSC will be responsible for notifying the relevant authorities for timely investigation and handling, and informing the Customers in accordance with legal regulations.
6. The internet is not a secure environment, and we cannot guarantee that your Personal Data shared online will always be secure. When you transmit Personal Data online, you should only use secure systems to access websites, applications, or devices. You are responsible for keeping your login credentials for each website, application, or device secure and confidential.

 

ARTICLE 8. START AND END TIMES FOR PROCESSING PERSONAL DATA

1. Personal data is processed from the moment we receive the Personal Data you provide and we have the appropriate legal basis to process the data in accordance with the law.
2. To the extent permitted by law, Personal Data will be processed until the purposes for which the data is being processed have been fulfilled.
3. We may need to retain your Personal Data even after the contract between you and Lancs Net., JSC has terminated in order to fulfill our legal obligations under applicable laws and/or requirements of competent government authorities.

 

ARTICLE 9. ORGANIZATIONS AND INDIVIDUALS PARTICIPATING IN THE PROCESSING OF PERSONAL DATA

1. Depending on the circumstances, we may be the Personal Data Controller or the Personal Data Controller and Processor.

At this time, we are announcing the roles and responsibilities regarding the collection and processing of personal data as follows:

• Address of the unit responsible for managing and processing information 

Company name: Lancs Network Technology Joint Stock Company (Lancs Net., JSC)

Address: 6th Floor, 122 Hoang Quoc Viet Street, Nghia Do Ward, Hanoi City.

Tax identification number: 0109148558

2. To the extent permitted by law, you understand that we may share your Personal Data for the purposes mentioned in Article 3 with the following organizations and individuals:
   • Subsidiaries, member companies, and affiliated companies of Lancs Net., JSC within the territory of Vietnam;
   • Organizations and individuals providing services and/or cooperating with Lancs Net., JSC, including but not limited to: agents, consulting firms, auditors, lawyers, notaries, and business partners providing information technology solutions, software, applications, operational services, management, troubleshooting, and infrastructure development;
   • Any individual or organization acting as a representative or authorized agent of the Client, or acting on behalf of the Client;
   • Payment service providers operate based on authorization or consent from the Customer. Data sharing will be carried out in accordance with the procedures, methods, and applicable legal regulations. Parties receiving Personal Data are obligated to protect your Personal Data in accordance with this Document; the regulations, procedures, and standards on Personal Data Protection of Lancs Net., JSC; and applicable legal regulations.
3. We may share your information with competent government agencies for the purposes of processing personal data as stated in Article 3 of this document, in accordance with the law.

 

ARTICLE 10. CUSTOMER RIGHTS

1. You have the right to be informed about how your personal data is processed, unless otherwise provided by law.
2. You have the right to decide whether to give consent regarding the processing of your personal data, except where otherwise provided by law.
3. You have the right to access, view, edit, or request editing of your Personal Data, except as otherwise provided by law..

We will modify your Personal Data upon your request or as required by relevant laws. If this is not possible, we will notify you in accordance with our agreement and applicable laws.

4. You have the right to delete or request the deletion of your Personal Data in accordance with Clause 6, Article 5 of this Document.
5. You have the right to request restrictions on the processing of your personal data in accordance with the law. We will implement these restrictions upon your request, subject to technical conditions, unless otherwise stipulated by law or agreed upon by the parties.
6. You have the right to request that we provide you with your Personal Data, unless otherwise required by law. Lancs Net., JSC will provide your Personal Data upon your request, unless otherwise required by law.
7. You have the right to withdraw your consent to the processing purposes for which you have agreed to allow Lancs Net., JSC to process your data, unless otherwise provided by law. Upon receiving such a request, Lancs Net., JSC will inform you of the consequences and potential damages that may result from withdrawing your consent.

In the event that your withdrawal of consent affects the performance of the contract between Lancs Net., JSC and you, the legal obligations of Lancs Net., JSC, your life, property and legitimate rights and interests, those of other organizations and individuals, or the duty to protect national security and social order, we have the right to restrict, suspend, terminate, or cancel part or all of the contract for the supply of Products and Services between Lancs Net., JSC and the Customer. We shall not be liable for any legal responsibility or compensation for any losses incurred by you in this case.

8. You have the right to object to Lancs Net., JSC’s processing of your personal data to prevent or limit the disclosure of personal data or for other reasons as prescribed by law.

We will process your objection request upon receipt, unless otherwise provided by law.

In the event that your objection affects the performance of the contract between Lancs Net., JSC and you, the legal obligations of Lancs Net., JSC, the life, property and legitimate rights and interests of you, other organizations and individuals, or the duty to protect national security and social order, we have the right to restrict, suspend, terminate, or cancel part or all of the contract for the supply of Products and Services between Lancs Net., JSC and the Customer. We will not be liable for any losses incurred by you in this case.

9. Customers have the right to file complaints, denunciations, or lawsuits in accordance with the law.
10. Customers have the right to claim compensation for actual damages in accordance with the law if Lancs Net., JSC violates its regulations on the protection of personal data, unless otherwise agreed upon by the parties or provided for by law.
11. You have the right to self-defense under relevant laws, including but not limited to the Civil Code, or to request competent authorities or organizations to implement measures to protect your civil rights, such as compelling the cessation of infringing acts, compelling an apology, public correction, or compelling compensation for damages…
12. Other rights as stipulated in this Document and by law.

Customers can exercise their rights under clauses 1, 2, 3, 4, 5, 6, 7, 8, 9, and 10 of this Article by accessing the website: https://lancsnet.com/ or calling the hotline at 0868275959 or sending an email to: info@lancsnet.com or by other methods as prescribed by law and the regulations of Lancs Net., JSC at each given time. Lancs Net., JSC may verify the necessary information from the Customer to fulfill the Customer’s requests.

 

ARTICLE 11. CUSTOMER OBLIGATIONS

1. We comply with all applicable laws and regulations of Lancs Net., JSC regarding the processing of your personal data.
2. Provide complete, truthful, and accurate personal data and other information as requested by Lancs Net., JSC when searching for, accessing, purchasing, registering for, and using the Products and Services, and when there are changes to this information. We will protect your personal data based on the information you provide. Therefore, if there is any inaccurate information, we will not be responsible if that information affects or restricts your rights. In case of failure to notify us, if any risks or losses arise, you will be responsible for any errors or fraudulent activities when using the Products and Services due to your fault or failure to provide accurate, complete, and timely information changes; including financial losses and costs incurred due to incorrect or inconsistent information provided.
3. We will cooperate with you, the competent government agency, or a third party in the event of any issues affecting the security of your Personal Data.
4. You are responsible for protecting your personal data; requesting other relevant organizations and individuals to protect your personal data; proactively taking measures to protect your personal data while using Lancs Net., JSC’s products and services; and promptly notifying us if you discover any errors or mistakes in your personal data or suspect that your personal data is being compromised.
5. Respect and protect the personal data of others.
6. You are solely responsible for the information and data you create and provide online; and you are solely responsible in the event that your personal data is leaked or compromised due to your own fault.
7. Regular updates on regulations and policies related to the protection and processing of personal data by Lancs Net., JSC will be communicated to you through Lancs Net., JSC’s transaction channels.
8. Implement legal regulations on personal data protection and participate in preventing and combating violations of personal data protection regulations.
9. Other responsibilities as prescribed by law.

 

ARTICLE 12. GENERAL PROVISIONS

1. This policy is effective from the date of signing and also serves as a Notice of Personal Data Processing in accordance with current laws. Customers acknowledge that they have read, understood, and agree to all the contents of this document.
2. This document is created solely to regulate the processing of personal data in compliance with legal regulations. In other words, this document has independent legal effect and is not, and is not dependent on, the product or service supply contract between Lancs Net., JSC and the Customer.
3. Customers understand and agree that this Agreement may be amended from time to time and will be notified to Customers through Lancs Net., JSC’s transaction channels before it takes effect. Changes and effective dates will be updated through Lancs Net., JSC’s transaction channels and/or other methods. Where required by law, Lancs Net., JSC will obtain Customer consent for such changes.
4. This Policy applies only to our website and service software and does not include or relate to third parties that place advertisements or have links on the website. Therefore, we recommend that you carefully read and review this Policy.
5. The Customer has read, understood, agreed to, and commits to strictly comply with the terms and conditions stated in this Document. Matters not covered will be governed by applicable laws, guidelines from competent State authorities, and/or amendments and additions to this Document from time to time.
6. If a dispute arises, the parties will proactively negotiate in good faith and cooperation. If negotiation fails, the parties have the right to request the competent authority to resolve the dispute in accordance with the law.

 

We always welcome feedback and contact from our valued customers and are committed to protecting their rights and personal information. If you have any complaints regarding data security, you can send a complaint email to info@lancsnet.com or call 0868.275.959.