PRIVACY POLICY

FLINTERS Company Limited

General Director Sato Kenji 

FLINTERS Vietnam Co., Ltd. (hereinafter referred to as the "Company") conducts business activities such as contractual system development and processing of personal information in this business. Our company is aware of the importance of personal information protection and has established a personal information protection management system to maintain and manage. We hereby declare that we are a company that cares fully about handling personal information, handling the personal information of customers, business partners and employees appropriately, and protecting personal information. Below, we will publish and explain the purpose of use of personal information and other handling of personal information at our company based on relevant laws on Personal Data Protection.

1. Our company collects, uses and provides personal information to the extent necessary for our business operations. Personal information will only be used within the scope of the purpose agreed by the individual and measures will be taken to prevent the use beyond the scope of the purpose of use.

2. Our company complies with laws, national guidelines and other regulations related to the handling of personal information.

3. Our company will take measures to prevent leakage, loss and damage of personal information, etc. We will also take any necessary corrective measures.

4. Our company has established a personal information consultancy department as below to receive complaints and advise on our handling of personal information and will respond appropriately.

5. Our company builds and operates a management system to protect personal information and continuously reviews and improves that system.

Personal Information Consultancy Desk

Company name: Flinters Vietnam Company Limited

Person in charge: Information Security Department

Address: Room 1801, 18th floor, CMC Building, Duy Tan Street, Dich Vong Hau Ward, Cau Giay District, Hanoi City

- Email: backoffice@flinters.vn

Working hours of the consultancy office: Weekdays from 10:00 to 16:00 (except for holidays, New Year's Day and New Year designated by our company)

Revised on March 28th 2024

About the handling of personal information, etc.

FLINTERS Vietnam Co., Ltd 

General Director: Sato Kenji

FLINTERS Vietnam Co., Ltd. (hereinafter referred to as the "Company") endeavors to appropriately collect and use information about individuals obtained in connection with our business and process such information as follows. The processing of personal information by our company in each individual service or initiative will be determined individually for each service or initiative.

1. Collection of information about individuals

In connection with our business, our company collects personal information which complies with Septeni Group's regulations and Vietnamese law, in case of conflict, Vietnamese law shall prevail. The collecting method is as below:

a.  Obtaining information directly from the person

( Example) We obtain information by filling out a form or entering it into a web form .

b.  Indirect acquisition from the person

( Example) Acquiring personal information that has been made public in publications or on the Internet, etc.

c.  Directly or indirectly obtained from websites operated by our company

( Example) Automatic acquisition of on-site behavior history using tags installed on websites operated by our company .

d.  Indirectly from a third party

( Example) Obtained from a data management platform or social networking service .

Notes: Personal information

(2) We may obtain personal information, etc., by means of methods that are not easily noticeable to the individual. Please refer to Appendix 1 for information on the use of cookies on our website and the external transmission (※) of information on users of our website and app (if any) (hereinafter referred to as "Users").

*What is personal data? 

“Personal data” refers to electronic information in the form of symbols, letters, numbers, images, sounds, or equivalences associated with an individual or used to identify an individual. The personal data includes general personal data and sensitive personal data.

*What is "external transmission of user-related information"?

This refers to the transmission of user-related information to a third-party server when a user uses our website or app, regardless of the user's wishes.

2. Purpose of use

The purpose of using personal information, etc. obtained by our company is as follows.

a. To sign contracts with customers and business partners (including membership registration on our company's website)

b. To handle requests from customers, business partners and performing contracts with customers and business partners

c. Communication with customers and business partners

d. To provide information about exhibitions, seminars, products, services, etc. of our company and our group companies.

e. To develop, improve and enhance the quality of products and services of our company and our group companies.

f. To sell, sell and promote products and services of our company and our group companies.

g. To generate statistical data.

h. To analyze the browsing status and use it to improve our website.

3. Provision of personal information to third parties and entrusted processing

a. Our company will only provide personal information to third parties when permitted by law (including obtaining that person's consent and carrying out procedures required by law).

b. Our company may entrust the processing of personal information to third parties to the extent necessary to achieve the purpose of use mentioned in clause 1. In that case, the Company will assign such work to the person who meets the Company's standards to select the companies that handle personal information, enter into a contract with the company that handles the personal information, and then manage the operations of this company appropriately.

4. Common using of personal information

Our company will jointly use personal information in the following way.

a. Items of personal information that will be used collectively:

- Information obtained in connection with contracts between customers, business partners and our company

- Contact information of customers and business partners

b. Shared user scope: Our group companies   

(http://www.septeni-holdings.co.jp/septenigroup.pdf)

c. Purpose of use of shared users:

- To request the appropriate group company to answer questions related to the products and services of our group companies.

- To develop, improve and enhance the quality of products and services of companies in our group

- For the sales, marketing and promotion of products and services of our group companies

d. The person responsible for managing jointly used personal data:

8-17-1 Shinjuku Nishi-Shinjuku, Tokyo

Septeni Holdings Company Limited

Representative Director Yuichi Kono

e. Collection method: written and electronic data, etc.

f. The voluntariness of a person providing personal information and consequences for that person if that person does not provide information

The provision of personal information to our company is voluntary, but if you do not provide it, you may not receive the service or feedback you are seeking.

5. Procedures for requesting disclosures, etc.

a. Individuals may make the following requests (hereinafter referred to as "requests for disclosure, etc.") in relation to personal information processed by the Company, to the extent permitted by law: 

- Purpose of processing personal data;

- Types of personal data processed;

- Organizations and individuals may process personal data;

- Rights and obligations of data subjects

- Other information as prescribed by law.

b. The procedure for requesting disclosure, etc. is as follows:

- The information subject directly or authorizes another person to come to the Company's headquarters to request personal information;

- Submit a request to provide personal information according to Forms 01, 02 in the Appendix to this Regulation via electronic network, postal service, fax;

The company is responsible for guiding organizations and individuals requesting to provide information to fill out the contents of the Request to Provide Personal Information Form.

In case the organization or individual requesting information is illiterate or has a disability and cannot write the request, the Company is responsible for filling in the contents of the request form to provide personal data.

6. Safety management measures

Our company endeavors to keep the personal information that we have acquired or intend to acquire accurate and up-to-date, and will take the necessary and appropriate safety control measures as follows to protect against unauthorized access, falsification, leakage, loss, and damage.

a. Develop basic policies

In order to ensure proper handling of personal information, our company has established basic policies regarding "compliance with laws, relevant instructions, etc." and "point of contact for resolving inquiries and complaints."

b. Establish regulations relating to the handling of personal information

Our company establishes rules for processing personal information related to the method of processing, responsible persons and their duties, etc. for each stage of collection, use, storage, provision, deletion/processing, etc.

c. Safety management measures of the organization

- Our company will appoint a person responsible for processing personal information, clarify the employees who handle personal information and the scope of personal information processed by such employees, and identify any facts or signs of violation of laws or processing regulations. We will set up a reporting system for the person in charge in case of an incident.

- Our company periodically conducts self-inspections on the status of processing personal information.

d. Personnel safety management measures

- The Company will provide regular training to employees on matters of note related to the handling of personal information.

- Our company stipulates issues related to personal information security in its working regulations.

e. Physical safety controls

- In areas where personal information is handled, the Company will manage the entry and exit of employees, restrict the devices they bring in, and take measures to prevent unauthorized persons from viewing personal information.

- The Company takes measures to prevent theft or loss of equipment, electronic media, documents, etc. that handles personal information, and when carrying such electronic devices, media, etc., including when moving around the office, the Company will take measures to prevent personal information from being stolen or lost. We will take measures to prevent information from being disclosed.

f. Technical safety controls

- Our company implements access control to limit the scope of processing of personnel and personal information databases, etc.

- The Company shall introduce a mechanism to protect information systems that handle personal information from unauthorized access from outside or unauthorized software.

- Learn about the external environment: when processing personal information overseas (including when we engage a third party located outside Vietnam to process personal information), we will process personal information in the country where the personal data is stored. We implement safety management measures after understanding the protection system.

7. Respond to accidents such as leaks

In the event of an incident such as personal information leakage, our Company will report to the competent authorities in accordance with the law on personal information protection and related instructions no later than 72 hours after the incident occurs. In case of notification after 72 hours, our Company will explain along with the reason for late notification.

And our Company will take measures to prevent similar incidents from occurring or recurring in accordance with the provisions of law,  instructions of competent authorities. We will take necessary measures as precautionary measures.

8. Personal information protection manager

8.1. Personal information approval person in charge

General Secretary of the Information Security Department: 

- Mr. Kenji Sato   

- Mr. Kieu Cao Thang 

8.2. Personal information management and protection person in charge

- Project Managers   

9. Contact us

For inquiries regarding the handling of personal information, complaints, consultations, disclosure requests, etc., please contact the personal information consultancy below.

Company name: Flinters Vietnam Company Limited

Person in charge: Information Security Department

Address: Room 1801, 18th floor, CMC Building, Duy Tan Street, Dich Vong Hau Ward, Cau Giay District, Hanoi City

- Email: backoffice@flinters.vn

Working hours of the consultancy office: Weekdays from 10:00 to 16:00 (except for holidays, New Year's Day and New Year designated by our company)

Issue: 

Revised on:  Feb 20th, 2025

Regarding the use of Cookies and transmitting information to outside parties

1. Use of cookies

To improve the convenience of website users, add content and prevent unauthorized access, the company uses cookies (information sent from the server to the user's browser and stored on the user's computer). user for server-side user identification) and access logs. Information collected and used includes IP address, browser type, pages viewed, etc. Additionally, users can set their browser not to accept cookies. By not accepting cookies, users may not be able to use all/part of the company's services..

2. Transmit information to the outside

The Company uses technologies such as advertising technology (Advertising Technology) on the website or application (if any). Information collected by the technology is sent to the technology provider and managed based on the privacy policy set by the provider. Service/provider name, user information collected/transmitted, purpose of use, privacy policy, etc. related to each type of technology are as follows. Depending on the type of technology, users may be able to opt out (pause) the collection and use of information. The company is not responsible for any damage caused to users due to any type of technology.