VietnamVPS.net (“we,” “us,” “our,” or “VietnamVPS”) is committed to protecting the privacy and personal data of all our users, including those residing in the European Union (EU) and European Economic Area (EEA). This page outlines our approach to complying with the General Data Protection Regulation (GDPR).

1. Our Commitment to GDPR

Even though our primary market is Vietnam, we recognize the importance of the GDPR and strive to comply with its principles when processing the personal data of EU/EEA residents. We aim to be transparent about how we collect, use, and protect your data.

2. Lawful Basis for Processing

We process personal data under the following lawful bases, as defined by the GDPR:

  • Consent: We may process your data based on your explicit consent for specific purposes (e.g., marketing communications). You have the right to withdraw your consent at any time.
  • Contractual Necessity: We process data necessary for the performance of a contract with you (e.g., providing VPS services, processing payments).
  • Legal Obligation: We may process data to comply with legal obligations (e.g., tax reporting, responding to lawful requests from authorities).
  • Legitimate Interests: We may process data based on our legitimate interests (e.g., improving our services, fraud prevention), provided those interests are not overridden by your data protection rights.

We will clearly identify the lawful basis for processing each type of personal data we collect.

3. Data We Collect

We may collect the following types of personal data, depending on how you interact with our Services:

  • Account Information: Name, email address, billing address, phone number, company name (if applicable).
  • Payment Information: Credit card details, payment history (processed securely through [Payment Processor Name, e.g., Stripe, PayPal]). We do *not* store full credit card numbers on our servers.
  • Service Usage Data: IP address, server logs, bandwidth usage, operating system, and other technical information related to your use of our VPS services.
  • Support Interactions: Information you provide when contacting our support team (e.g., support tickets, chat logs).
  • Cookies and Tracking Technologies: We use cookies and similar technologies to improve your browsing experience and analyze website traffic. See our Cookie Policy for details ([Link to Cookie Policy]).

4. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and manage your VPS services.
  • To process payments and manage your account.
  • To communicate with you about your account, service updates, and important notices.
  • To provide customer support.
  • To improve our services and develop new features.
  • To prevent fraud and ensure the security of our systems.
  • To comply with legal obligations.
  • To send marketing communications, *only if* you have given your explicit consent.

5. Data Sharing and Disclosure

We may share your personal data with the following third parties, only when necessary and under appropriate data protection safeguards:

  • Payment Processors: To process payments securely (e.g., [Payment Processor Name]).
  • Service Providers: Companies that provide services to us, such as data center providers, email service providers, and analytics providers. These providers are contractually obligated to protect your data.
  • Legal Authorities: We may disclose your data if required by law or legal process.

We do *not* sell your personal data to third parties.

6. Data Transfers

As a Vietnam-based company, your data is primarily stored in Vietnam. However, if we transfer personal data of EU/EEA residents outside the EEA, we will ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs): We may use SCCs approved by the European Commission to ensure adequate data protection.
  • Adequacy Decisions: We may transfer data to countries that the European Commission has deemed to provide an adequate level of data protection.
  • Other appropriate safeguards as permitted by GDPR.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Data encryption (in transit and at rest).
  • Access controls and authentication.
  • Regular security assessments and updates.
  • Data breach response plan.
  • Employee training on data protection.

8. Your Data Subject Rights

If you are an EU/EEA resident, you have the following rights under the GDPR:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data, subject to certain exceptions.
  • Right to Restrict Processing: You can request that we restrict the processing of your data in certain circumstances.
  • Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to the processing of your data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If we process your data based on consent, you can withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in the EU/EEA.

To exercise these rights, please contact us using the information provided below.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will securely delete or anonymize your data when it is no longer needed.

10. Data Protection Officer (DPO)

[Optional, but recommended if you process significant amounts of EU/EEA data] We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and compliance. You can contact our DPO at: [DPO Email Address or Contact Information].

11. Contact Us

If you have any questions or concerns about our GDPR compliance or your data protection rights, please contact us at: [Your Contact Information, e.g., Email Address, Phone Number, Physical Address].