Privacy Policy

Last updated: 26 June 2025

1. Introduction

CTechVN Solutions Pte. Ltd. (“CTechVN”, “we”, “our”, or “us”) operates the website https://www.ctechvn.com and all sub-sites, mobile sites, services and applications that link to or incorporate this Privacy Policy (collectively, the “Services”). We are committed to protecting the privacy and personal data of our customers, prospective customers, website visitors and other data subjects in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”), Vietnam’s Law on Cybersecurity and Personal Data Protection Decree 13/2023/ND-CP, the EU General Data Protection Regulation (“GDPR”) and all other applicable data-protection laws in the ASEAN region.

2. Definitions

“Personal Data” means any information whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

“Processing” includes collecting, recording, holding, organising, adapting, retrieving, consulting, using, disclosing, disseminating, aligning, combining, blocking, erasing or destroying data.

“Customer” means any legal entity or natural person that purchases or evaluates our AI, analytics, data-consulting or related services.

3. Scope

This Policy explains what Personal Data we collect, why we collect it, how we use, store, disclose and protect it, and the rights you may exercise. It applies to all visitors of our website, webinar attendees, trial users, paying customers, suppliers, job applicants and any other person whose data we process.

4. Controller and Contact Details

Data Controller:
CTechVN Solutions Pte. Ltd.
12 Marina View, #11-01 Asia Tower, Singapore 018961
Email: info@cvtechvn.com
Phone: +65 6789 1234

We have appointed a Data Protection Officer (“DPO”) who can be reached at dpo@cvtechvn.com.

5. What Personal Data Do We Collect?

5.1 Information you provide voluntarily

• Name, job title, company, business email, business phone, billing address.
• Login credentials (encrypted password hashes).
• Payment information (credit-card number, expiry, billing name) processed by PCI-DSS-compliant payment gateways; we store only the last 4 digits and token.
• Content of support tickets, chat messages or consultation requests.
• CV, cover letter, employment history (job applicants).
• Webinar or event registration details.
• Any other data you voluntarily submit through forms or surveys.

5.2 Information we collect automatically

• Device identifiers (IP address, browser type, operating system, language).
• Usage data (pages visited, time spent, links clicked, scroll depth, download errors).
• Cookies and similar technologies (see Section 10).
• Log files (authentication events, date/time stamps).
• Aggregated statistical data generated by our analytics scripts.

5.3 Information we receive from third parties

• LinkedIn, Google or other OAuth providers when you choose to sign-in with those services.
• Credit-reference agencies or anti-fraud databases (limited to what is legally permissible).
• Marketing partners that supply industry contact lists subject to your consent.

6. Legal Bases for Processing (GDPR alignment)

Purpose	Legal Basis
Account creation & contract performance	Art. 6 (1) (b) – performance of a contract
Customer support & troubleshooting	Art. 6 (1) (b) – legitimate interests
Product development & analytics	Art. 6 (1) (f) – legitimate interests (balanced against your rights)
Marketing emails to existing customers	Art. 6 (1) (f) – legitimate interests
Marketing to non-customers	Art. 6 (1) (a) – consent
Compliance with legal obligations	Art. 6 (1) (c) – legal obligation

7. Purposes of Processing

1. To provide, operate and maintain the Services (e.g., user accounts, virtual machines, dashboards).
2. To process and collect payments, send invoices and account statements.
3. To respond to enquiries, support tickets and provide training.
4. To send service-related communications (security alerts, maintenance notices).
5. To conduct R&D, improve algorithms, develop new features and perform statistical analysis on anonymised data.
6. To send marketing communications that we believe are of interest, subject to your consent where required.
7. To detect, prevent and respond to fraud, abuse or security incidents.
8. To comply with court orders, regulatory requests and applicable laws.

8. Data Retention

We retain Personal Data only as long as necessary for the fulfilment of the purposes outlined above, including any legal, accounting or reporting requirements:

• Customer account data – 7 years after contract termination (statute of limitations under Singapore law).
• Support tickets – 3 years after last interaction.
• Cookies and tracking data – maximum 24 months or until you revoke consent.
• Job applicant data – 1 year unless you consent to longer retention.
• Anonymised and aggregated datasets – may be retained indefinitely.

9. International Data Transfers

Our production servers are located in AWS regions in Singapore and Vietnam. Where we transfer data to third-party service providers outside ASEAN we execute Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions. All sub-processors are vetted for security and privacy compliance.

10. Cookies & Tracking Technologies

We use strictly necessary cookies to keep you logged in, functional cookies to remember preferences, analytics cookies (Google Analytics, Matomo) to measure performance, and marketing cookies (LinkedIn Insight, Google Ads) to serve relevant adverts. You can manage non-essential cookies via the cookie banner or browser settings. Opt-outs may affect site functionality.

11. Your Rights

Subject to local law you may have the right to:

• Access – receive a copy of your Personal Data.
• Rectification – correct inaccurate or incomplete data.
• Erasure – request deletion (“right to be forgotten”).
• Restriction – limit processing in certain circumstances.
• Object – to direct marketing or legitimate-interest processing.
• Data portability – receive data in a structured, machine-readable format.
• Withdraw consent – at any time without affecting prior lawful processing.
• Lodge a complaint – with your local supervisory authority (e.g., Singapore PDPC, Vietnam MIC).

Requests should be emailed to dpo@cvtechvn.com. We will respond within 30 calendar days.

12. Security Measures

We implement technical and organisational measures in line with ISO 27001 controls:

• TLS 1.3 encryption in transit; AES-256 at rest.
• Role-based access control and multi-factor authentication.
• Annual penetration tests and continuous vulnerability scanning.
• Segregated production and development environments.
• 24/7 security incident response team.

13. Links to Third-Party Sites

Our website may contain links to external sites. We are not responsible for the privacy practices or content of those third parties. We encourage you to read their privacy policies before submitting any Personal Data.

14. Children’s Privacy

The Services are not directed to children under 13. We do not knowingly collect Personal Data from minors. If you believe we have inadvertently collected such data, please contact us for immediate deletion.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Revisions will be posted on this page with a new “Last updated” date and, where changes are material, we will notify you via email or prominent notice on the website. Your continued use of the Services after such changes constitutes acceptance.

16. Contact Us

If you have any questions, concerns or complaints about this Privacy Policy or our data practices, please contact:

Data Protection Officer
CTechVN Solutions Pte. Ltd.
12 Marina View, #11-01 Asia Tower, Singapore 018961
Email: dpo@cvtechvn.com | General: info@cvtechvn.com
Phone: +65 6789 1234

If you are unsatisfied with our response you may file a complaint with:
Singapore Personal Data Protection Commission: https://www.pdpc.gov.sg
Or your local supervisory authority where applicable.