We commit to doing our best for customer benefits:
- Do not exchange and sell information for any purposes excluding these purposes in this Privacy Policy.
- Do not use information for any illegal purposes.
- Do not provide information for any third-parties unless requested by competent authority in accordance with the laws of the Socialist Republic of Vietnam.
- Keep the provided information secure in accordance with laws and Privacy Policy.
- Comply with non-disclosure commitment with customers.
- Take responsibility if we constitute any violations.

In specific cases, the information we collect will include:
- Identifiable information which includes personal information to identify users.
- Unidentified information which does not include personal information to identify users.
- Other information if necessary. In this case, we will request specific information and take appropriate information security measures to have the providers' consent and trust.

We collect information in legally ways including:
- Collect information directly from forms, official website of Rabiloo, meetings or contracts, agreements.
- Collect information indirectly from individuals, intermediary legal entities having rights to provide, and share information or from analysis and statistical service parties such as Google Analytics.

The scope we use collected information is:
- The information will be stored and used only within the system of Rabiloo and capital affiliated companies, branches and representative offices.
- The information will be strictly managed by the information security system and only authorized people will have rights to access.
- The sharing of information will be done to related people and we guarantee that all people who are shared must take the information security measures we committed. In case of sharing with third parties to improve service quality, we will request to have the information providers' consent in writing.
- The collected information will be stored in our system for the time specified by us. In case there is a request to delete information from providers, such information will be deleted after 02 (two) years from the date of the request or the time parties agreed.

We always uphold information security. Therefore, we always take the most optimal and effective information security measures, and also constantly improve new measures under domestic and international standards.
- Protect customer information and provided information in accordance with current laws and privacy policy of the company.
- Develop, manage and train human resources with knowledge and a high sense of responsibility for information security.
- Commitment to responsibility for customers and information providers by transparent legal documents.
- Develop and apply working process systems in accordance with ISO/IEC/27001:2013 Information Security Standard and always reduce information risk and data loss.

All information that has expired retention period in accordance with this privacy policy or at the request of the information provider will be handled as follows:
- The information in the form of a hard copy (with a delivery note) will be returned to the information provider via the post office with a delivery notice or directly certified by the recipient.
- The information in the form of copies or soft copies stored in the system will be deleted at the end of the retention period or at the request of the information providers. The information deletion will be performed in accordance with the specific process of Rabiloo.
- The information can be processed in accordance with specific provisions that two parties agree by written.

The information providers have full rights for the information they provide, such as changing, withdrawing, and requesting to stop using information. In this case, the information providers need to send an email or make a written notice with full legality in accordance with current laws. Email or text addresses are provided at the end of this Privacy Policy.
The information providers need to be the owners of the information or the people who have the right to provide information. Information providers have the obligation to provide information truthfully, completely and accurately and must not infringe, or falsify information of any individual or organization.

We uphold and comply with the relevant laws:
- Laws of the Socialist Republic of Vietnam.
- International Treaties to which Vietnam and countries of customers, information providers are members.
- Principles and regulations of ISO/IEC/27001:2013 Information Security Standard.
- In case the parties agree to perform a separate agreement to specify the content of information security, the parties agree that such agreement will supersede this Privacy Policy and will be used to resolve issues arising (if any).

If you have questions, comments, requests or issues regarding information security, please contact us in the following ways to get support:
- Email: [email protected]
- Hotline: +842462536815
- Address: 3th floor, B1 Roman Plaza Building, To Huu street, Dai Mo ward, Nam Tu Liem district, Hanoi city, Vietnam.