Privacy Policy
Last Updated: January 15, 2024
At Hexagon Technology, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our services or visit our website.
1. Information We Collect
1.1 Personal Information
We may collect the following types of personal information:
- Contact Information: Name, email address, phone number, business address
- Company Information: Company name, job title, business registration details
- Account Information: Username, password, and account preferences
- Payment Information: Billing address, payment card details (processed securely through third-party payment processors)
- Communication Data: Messages, inquiries, and correspondence with our team
1.2 Technical Information
When you visit our website or use our services, we automatically collect:
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Data: Pages visited, time spent, clicks, navigation paths
- Cookies and Similar Technologies: See Section 7 for details
- Server Logs: Access times, error logs, system activity
1.3 Business Information
For our IT services and consultancy:
- Technical Requirements: Infrastructure details, system configurations
- Business Needs: Project requirements, technical specifications
- Service Usage: How you use our technology services and platforms
2. How We Use Your Information
We use the collected information for the following purposes:
2.1 Service Delivery
- Providing and maintaining our IT services
- Processing transactions and sending invoices
- Managing user accounts and access
- Providing technical support and customer service
- Implementing infrastructure and security solutions
2.2 Communication
- Responding to inquiries and requests
- Sending service updates and notifications
- Providing technical support and assistance
- Sharing important security alerts
2.3 Improvement and Analytics
- Analyzing usage patterns to improve our services
- Conducting research and development
- Measuring effectiveness of our solutions
- Identifying and fixing technical issues
2.4 Legal and Security
- Complying with legal obligations
- Protecting against fraud and security threats
- Enforcing our terms and conditions
- Resolving disputes
3. Legal Basis for Processing (GDPR)
For users in the European Union, we process your data based on:
- Contractual Necessity: To fulfill our service agreements
- Legitimate Interest: To improve services and ensure security
- Legal Compliance: To meet regulatory requirements
- Consent: Where explicitly provided by you
4. Data Sharing and Disclosure
We may share your information with:
4.1 Service Providers
- Cloud hosting providers (AWS, Google Cloud)
- Payment processors
- Email service providers
- Analytics platforms
- Security and monitoring tools
4.2 Business Partners
- Technology partners for service delivery
- Consultants and professional advisors (under confidentiality agreements)
4.3 Legal Requirements
- Law enforcement or regulatory bodies when required by law
- In response to legal proceedings or court orders
- To protect our rights, property, or safety
4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
We do not sell your personal information to third parties.
5. Data Security
We implement industry-standard security measures to protect your data:
5.1 Technical Safeguards
- Encryption: Data encrypted in transit (TLS/SSL) and at rest
- Access Controls: Role-based access and authentication
- Firewalls: Network security and intrusion detection
- Regular Audits: Security assessments and vulnerability scanning
5.2 Organizational Measures
- Employee Training: Privacy and security awareness programs
- Confidentiality Agreements: All staff bound by confidentiality
- Incident Response: Procedures for data breach management
- Regular Backups: Secure backup systems with 30-day retention
5.3 Physical Security
- Secure data center facilities
- Environmental controls and monitoring
- Restricted physical access
6. Data Retention
We retain your information for as long as necessary to:
- Active Accounts: Duration of the business relationship
- Closed Accounts: Up to 7 years for legal and accounting purposes
- Marketing Data: Until you withdraw consent
- Technical Logs: 90 days for security and troubleshooting
- Legal Hold: As required by applicable law
You can request deletion of your data (subject to legal retention requirements).
7. Cookies and Tracking Technologies
7.1 Types of Cookies We Use
- Essential Cookies: Required for website functionality
- Analytics Cookies: To understand how you use our site (Google Analytics)
- Preference Cookies: To remember your settings
- Security Cookies: For authentication and fraud prevention
7.2 Managing Cookies
You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.
Third-Party Analytics: We use Google Analytics. See Google’s Privacy Policy for details.
8. Your Rights and Choices
Depending on your location, you may have the following rights:
8.1 Access and Portability
- Request a copy of your personal data
- Receive your data in a portable format
8.2 Correction and Deletion
- Update or correct inaccurate information
- Request deletion of your data (“right to be forgotten”)
8.3 Restriction and Objection
- Restrict processing of your data
- Object to processing based on legitimate interests
- Opt-out of marketing communications
8.4 Withdrawal of Consent
- Withdraw consent at any time (where processing is based on consent)
8.5 Complaint
- Lodge a complaint with your local data protection authority
To exercise your rights, contact us at: contact@hexagontech.vn
9. International Data Transfers
Our services may involve transferring your data outside Vietnam to:
- Cloud service providers (AWS, Google Cloud) with global infrastructure
- Analytics platforms (Google Analytics)
- Business partners in other countries
We ensure appropriate safeguards through:
- Standard contractual clauses
- Adequacy decisions by regulatory authorities
- Privacy Shield frameworks (where applicable)
10. Children’s Privacy
Our services are not directed at children under 16. We do not knowingly collect personal information from children. If we learn we have collected such data, we will delete it promptly.
11. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these sites. Please review their privacy policies separately.
12. Data Protection Officer
For privacy inquiries or to exercise your rights, contact our Data Protection Officer:
Email: dpo@hexagontech.vn Phone: +84 902 585 979 Address: Ricco Building, 363 Nguyen Huu Tho, Da Nang, Viet Nam
13. Updates to This Policy
We may update this Privacy Policy periodically to reflect changes in:
- Our data practices
- Legal requirements
- Service offerings
Notification of Changes: We will notify you of material changes via email or website notice. Continued use of our services after changes constitutes acceptance.
14. Compliance
This Privacy Policy complies with:
- Vietnam: Law on Personal Data Protection (Decree 13/2023/ND-CP)
- EU: General Data Protection Regulation (GDPR)
- Industry Standards: ISO 27001, SOC 2 Type II
15. Contact Us
For questions or concerns about this Privacy Policy or our data practices:
Hexagon Technology Ricco Building, 363 Nguyen Huu Tho Da Nang, Viet Nam
- Phone: +84 902 585 979
- Email: contact@hexagontech.vn
- Website: https://hexagontech.vn
- DPO Email: dpo@hexagontech.vn
Your Consent
By using our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.
Last Review Date: January 15, 2024 Next Scheduled Review: July 15, 2024
We are committed to transparency and protecting your privacy. If you have any questions or concerns, please don’t hesitate to contact us.
