Thank you for contacting us!

We have received your message. We’ll reach you out immediately!

Back to homepage

Visit the blog

Let's connect!

Customer data protection policy


This Customer Data Protection Policy of Rabiloo Limited Company ( “Policy”) issued for the purpose of informing Customers of the processing of Customer Data, including the purposes of processing, the methods of processing, and the retention period applicable to Customer Data, in accordance with Vietnamese law.


This Policy applies to all digital platforms of Rabiloo Limited Company that interact with Customers in the digital environment.

Article 1: Definitions and Interpretation

For this Policy, the following terms shall be construed and interpreted as follows:


  1. “Company” means Rabiloo Company Limited Under this Policy, the Company acts as the Personal Data Controller or the Personal Data Controller and Processor (as applicable) in respect of Customer Data. Depending on the specific circumstances and at each relevant time, the Company may directly process Customer Data and/or engage one or more third parties to process Customer Data on its behalf in accordance with applicable laws.
  2. “Customer” means any individual or legal entity who: is interested in the Company’s products and/or services; has used and/or is using the Company’s products and/or services; and/or has been identified and contacted by the Company through its business activities and relationships.
    Under this Policy, the Customer is the data subject of Customer Data/personal data, or a party that has lawful rights to share Customer Data/personal data with the Company.
  3. “Customer Data” means all information and data in any form provided by the Customer to the Company, including but not limited to:

    1. (I) The Customer’s personal data in accordance with laws and regulations on personal data protection;

    2. (II) Information relating to relevant legal entities (if any);

    3. (III) Information relating to communications, consultations, and the Customer’s use of the Company’s products and/or services.

  4. “Processing of Customer Data” means any operation or set of operations performed on Customer Data, including but not limited to: collecting, recording, analyzing, storing, amending, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, erasing, and destroying information.

Article 2: Purposes of Processing customer data

  1. The Company is permitted to process Customer Data for the purposes set out below (collectively, the “Purposes of Processing Customer Data”):

    1. Provision of products and services: Processing Customer Data to provide products and/or services in accordance with contracts, agreements entered into between the Company and the Customer;

    2. Customer relationship management: The Company may process Customer Data to manage and maintain customer relationships, including managing Customer accounts (if applicable), implementing customer loyalty programs, and providing customer care and support before, during, and after the provision of products and/or services;

    3. Customer communications and support: The Company may contact and support the Customer in a timely manner upon receipt of requests or feedback, or where issues arise in connection with the products and/or services provided by the Company;

    4. Handling Customers’ requests, complaints, and disputes: The Company may receive, review, verify, and resolve requests, complaints, claims, and/or disputes raised by the Customer in relation to the Company’s products and/or services;

    5. Notices and customer satisfaction surveys: The Company may send notices, collect feedback, and conduct surveys regarding the Customer’s satisfaction with the quality of products and/or services and the handling of the Customer’s requests and complaints;

    6. Service improvement and Customer experience enhancement: The Company may analyze and improve Customer experience, including personalizing services, improving product and/or service quality, enhancing technology and user interfaces, and optimizing the performance and usability of the Company’s websites, applications, and other digital platforms;

    7. Research, development, and internal operations: The Company may support research and development activities, internal operations, and performance evaluations, including assessing the effectiveness of business, operational, and production activities of relevant units, and conducting market research;

    8. Marketing and promotion: Conducting marketing and promotional activities relating to the Company’s products and/or services in compliance with applicable laws;

    9. Compliance with legal obligations: The Company shall process and/or provide Customer Data to competent state authorities, regulatory bodies, and/or other relevant parties where such processing and/or disclosure is required by applicable laws and regulations, or upon a lawful request by competent authorities in accordance with Vietnamese law;

    10. Other lawful purposes: Any other purposes not prohibited by applicable laws and regulations.

Article 3: Processing customer data

  1. 1. Methods of collecting Customer Data
    The Company may collect Customer Data through the following methods:

    1. (I) Via the Company’s official websites, including: rabiloo.com; rabiloo.co.jp; rabiloo.com.vn;

    2. (II) Via electronic communications and other direct contact channels, including email, telephone, or other direct communications, where the Customer or the Customer’s lawful representative requests consultation, discussion, or support regarding the Company’s products and/or services;

    3. (III) In the course of entering into and performing contracts and/or other arrangements with the Company;

    4. (IV) Via other channels, including but not limited to business cards, websites, publicly available sources, meetings, conferences, social networks, events, seminars, workshops, and surveys;

    5. (V) Via organizations, third parties, and/or intermediary applications or services, provided that such collection is conducted lawfully and in compliance with applicable laws and regulations; and

    6. (VI) Other lawful methods as permitted under applicable laws and regulations.

  2. 2. Customer Data storage and management
    Customer Data shall be stored in the Company’s database systems and may also be stored in the database systems of the Company’s member entities 1 , entities having capital links with the Company, as well as the Company’s partners, service providers, and customers, for the purposes specified in Article 2 of this Policy and in accordance with applicable laws and regulations.
  3. 3. Sharing of Customer Data
    Customer Data may be shared with consultants, auditors, lawyers, notaries, providers of products and services, providers of information technology solutions, software and application providers, payment service providers, operational service providers, human resources management service providers, and/or other third parties, for the purposes specified in Article 2 of this Policy and in accordance with applicable laws and regulations.
  4. 4. Cross-border transfer of Customer Data
    Where it is necessary to transfer Customer Data across borders in order to fulfill the purposes specified in Article 2 of this Policy, the Company shall comply with all applicable requirements under Vietnamese law and other relevant laws and regulations (if any).
  5. 5. The Company shall implement additional security measures, including but not limited to technical measures, legal measures, recognized security frameworks, and internationally accepted certifications, as applicable, in connection with the processing of Customer Data.

Article 4: Commencement and termination of processing of customer data

  1. Customer Data shall be processed from the time the Company receives such Customer Data and has an appropriate lawful basis for processing in accordance with applicable laws and regulations, until the Customer requests deletion, destruction, or withdrawal of such Customer Data.
  2. Where otherwise required by applicable law, or upon lawful request by competent state authorities, the Company may continue to store, process, and/or provide Customer Data, including in cases where the Customer has requested deletion, destruction, or withdrawal of such Customer Data.
  3. In addition, the Company may proactively delete or destroy Customer Data in other circumstances as required for the Company’s internal management purposes or as required under applicable laws and regulations, without the need for a request from the Customer.

Article 5: Rights and obligations of customers

  1. The Customer shall have the following rights:

    1. Customers are entitled to be informed about the processing of Customer Data

    2. Customers may give or refuse consent, and may request the withdrawal of their consent permitting the processing of Customer Data;

    3. Customers may request the correction or update of Customer Data;

    4. Customers may request the deletion of Customer Data, request the restriction of the processing of Customer Data, and object to the processing of Customer Data;

    5. Customers may lodge complaints, make denunciations, initiate legal proceedings, and claim compensation for damages in accordance with applicable law if the Company unlawfully buys and sells Customer Data;

    6. Customers may request competent authorities to apply measures and solutions for the protection of Customer Data in accordance with applicable law;

    7. Customers may exercise other rights as provided under applicable law, this Policy, and other agreements and/or commitments between the Company and the Customer.

  2. Customers have the following obligations:

    1. Customers shall comply with applicable laws and the Company’s regulations relating to the processing of Customer Data;

    2. Customers shall provide Customer Data in a truthful and accurate manner. The Company shall not be responsible in the event that the Customer provides inaccurate or misleading information;

    3. Where the Customer provides information and/or data of other individuals or legal entities, the Customer warrants that it has obtained permission and consent from the relevant data subjects in accordance with applicable law and shall bear full responsibility for all related matters. In such case, the Company shall be fully exempt from any liability;

    4. Customers shall cooperate with the Company, competent state authorities, and/or third parties in the event that issues arise in relation to Customer Data;

    5. Customers shall respect and protect the information and data of other individuals and legal entities;

    6. Customers shall be responsible for any information and data created and/or provided by the Customer, and shall be responsible in the event that such information and data is leaked or infringed due to the Customer’s fault;

    7. Customers shall not cause difficulties or obstruct the exercise and performance of the lawful rights and obligations of the Company and relevant parties;

    8. Customers shall not infringe upon the lawful rights and interests of the State, agencies, organizations, and/or other individuals; and

    9. Customers shall perform other obligations as required under applicable law, this Policy, and the contracts and/or agreements entered into with the Company.

Article 6: Potential risks and possible unintended consequences

  1. The Company applies various information security measures to protect Customer Data and to prevent Customer Data from being accessed, used, or shared without authorization. However, no method can guarantee that information and data risks will never occur. Such risks may include, for example:

    1. Breaches committed by service providers, partners, customers, or other third parties;

    2. Hardware failures, software errors, and/or configuration errors during the processing of Customer Data;

    3. Security vulnerabilities beyond the Company’s control, or cyberattacks carried out by hackers resulting in the unauthorized disclosure of Customer Data;

    4. Unauthorized persons intruding into the Company’s premises;

    5. Fire, natural disasters, riots, strikes,...

  3. Accordingly, the Company cannot guarantee absolute security of Customer Data. The Customer acknowledges that the Customer has fully understood the potential risks that may arise in relation to the Customer’s information and data when providing such Customer Data to the Company. The Customer agrees to accept such risks and shall not request the Company to compensate or reimburse any amount in the event any risk, loss, or damage relating to Customer Data occurs.

Article 7: Governing law and dispute resolution

    1. This Policy shall be governed by and construed in accordance with the laws of Vietnam.

    2. Any matters relating to Customer Data shall be resolved before the courts of Vietnam.

Article 8: Contact details for customer requests relating to customer data

Department: Rabiloo Sales Department
Email: [email protected]
Or: Hotline (+84)90-1134-886

Article 9: Confirmation of consent to this policy

  1. By clicking the button indicating consent to the contents of this Policy and/or by providing Customer Data to the Company through other methods, the Customer hereby agrees to all contents of this Policy.
  2. The Customer represents and warrants that the Customer has read and fully understood this Policy and does not object to any of its contents.
  3. The Customer’s confirmation of consent to this Policy shall be retained for a period at least six (6) months longer than the retention period applicable to Customer Data.

Rabiloo Co., Ltd.

Office: 3rd Floor, Building B1, Roman Plaza, To Huu Street, Ha Dong Ward, Hanoi City, Vietnam.

Rabiloo Japan Co., Ltd.

Office: 252-0216, 3rd Floor, Araki Building, 1-1-17 Seishin, Chuo Ward, Sagamihara City, Kanagawa Prefecture, Japan

About us

How we built

How we serve

Customer stories

News

Services

AI Services

AI Consulting

AI Agent Development

AI Integration

Digital Transformation

Resources

Blogs

E-book

Webinar

©2026 Rabiloo. All rights reserved.