Privacy Policy

Introduction

This Privacy Policy describes how DigiEx Group and its subsidiaries (hereinafter: "DigiEx Group", "we" or "us") handles Personal Data of its (prospective) customers’ representatives, website visitors. DigiEx Group takes your privacy very seriously and is committed to handling your Personal Data in a lawful, fair and transparent manner. This Privacy Policy explains in a detailed way how we do this. As we believe that the handling of your Personal Data is very important to both you and us, we encourage you to read this Privacy Policy carefully.

When we refer to "Personal Data" under this Privacy Policy, we mean any information through which we can identify you as an individual (e.g., your name, telephone number, e-mail address or other contact details). This does not include information which is related to legal entities, such as our customers’ company information. However, DigiEx Group will treat such business-to-business data in the same way as it would treat Personal Data.

Scope of this Privacy Policy

This Privacy Policy applies to the use of the Personal Data of our (prospective) customer representatives, website visitors.

(Prospective) customer representatives: when we do business with our customers, we collect the contact details of the (legal) representatives of the customer. We collect this Personal Data for example through forms submitted via our website or by having contact via e-mail or telephone. In addition, we collect Personal Data of our customer’s representatives to provide access to our platforms and services.Website visitors: when you visit our website, we collect your (contact) details when you browse through our website and when you fill in or download forms on or from our website, such as to request a demo or trial of our products.

DigiEx Group is responsible (as ‘data controller’) for collecting and using your Personal Data as described in this Privacy Policy. DigiEx Group has appointed info@digiex.asia as its DigiEx-representative. The contact details of both entities can be found under section “Contact us” of this Privacy Policy.

Please note that DigiEx Group does not process any personal data (either as data controller or data processor) which is placed on its platforms or solutions by its customers, other than the item details provided by the data owner to contact you for our services or solutions (as described in this Privacy Policy). Further information about how personal data is handled within DigiEx Group’ services or solutions can be found in the relevant product terms.

How we collect and use your Personal Data

The exact types of Personal Data that we collect and use are outlined below and depend on the relationship we have with you and the kind of services that we provide to you.

(Prospective) customer representatives: In order to establish business relationships with you as a client and provide you with access to the relevant products and services, we process the following Personal Data of our customer’s business representatives (acting on behalf of the company):Your contact details: your name, e-mail address, phone number and any other contact details you provide to us.Any other personal data: any Personal Data that you disclose in the form of your contractual relationship with us.Website visitors: when you visit our website, we collect the following Personal Data from you:Automatically collected data: when you access our website, we automatically collect some of your data through your browser or device such as through cookies (such as your IP address, analytics regarding your use of our website and other unique electronic identifiers).

The Legal Basis we have for processing your Personal Data

We will only process your Personal Data if we can rely on one of the following legal bases:

For the performance of our agreement with you (on behalf of the company you represent);To comply with a legal obligation;To act upon your consent;To pursue our legitimate business interests (or those of third parties).

Purposes for which we use your Personal Data

We will only process your data for specific and limited purposes which are linked to the legal bases that we set out in the section above. These purposes are:

For the performance of our agreement with you. To carry out the agreement that we concluded or will conclude with you on behalf of your company and to provide you with the information and services you request. For instance, we will need to process your Personal Data in order to keep in contact with you, manage and handle requests, provide (technical) support or customer service and to provide essential information regarding the services. We will also need to process your Personal Data in order to provide you with access to our products or services through a user account, as agreed with you.To comply with our legal obligations. To fulfill legal obligations such as maintaining appropriate business records and to comply with requests from governmental agencies, supervisory bodies or fiscal authorities and to comply with applicable laws and regulations.Based on your consent we may send marketing or other business-related communications to our prospective customers, such as newsletters via email, if you have consented thereto. For existing customers, we send e-marketing (such as newsletters via email) based on our legitimate interests, as set out below.For our legitimate (business) This includes the following:To send e-marketing (such as newsletters via email) to our existing customers for the purpose of advertising our products and services or otherwise engaging with our customers for marketing or commercial purposes, provided that you have not opted out.To manage our internal client database (CRM) system, in order to keep track of our financials and services.To operate and expand our business activities and services.To develop and improve the quality of our services (e.g., by conducting customer satisfaction surveys or analyzing the use of our website).To invite our customers’ representatives to relevant business events.To ensure and protect the integrity, security and safety of our systems. This includes the prevention of unauthorized persons from accessing our systems.

Sharing your Personal Data

Disclosure or transfer of your personal data shall not occur unless required by law, or unless permitted by clear and explicit consent of yours.

Storage Location of your Personal Data

All Personal Data of our (prospective) customer representatives and website visitors is primarily stored on our website server on AWS Cloud. We will implement adequate safeguards (and, where necessary, supplementary measures) to ensure that your Personal Data is afforded a level of protection which is essentially equivalent to the level of protection guaranteed within the ISO 27001.

You can request a copy of any documentation showing the adequate safeguards that have been taken by contacting our privacy team at info@digiex.asia.

Protecting your Personal Data

Effective security of your Personal Data is important to us. We have therefore taken adequate technical and organizational security measures to protect your Personal Data against unauthorized or unlawful use or access. We take steps to limit access to your Personal Data to those individuals who need to have access for one of the purposes listed in this Privacy Policy.

These measures include practices such as:

Keeping Personal Data on a secured server behind a firewall;Using secure socket layer ("SSL") technology;Using regular malware and vulnerability scanning;Internal reviews of our data collection practice;Physical security measures to guard against unauthorized access to systems where we store Personal Data.

Retaining your Personal Data

We ensure that your Personal Data will not be stored longer than is necessary for the purpose which it was obtained (such as to provide you with our services, to answer queries or resolve issues or to fulfil our contractual obligations), unless a longer period is necessary to comply with legal obligations (such as fiscal or legal obligations) or to defend ourselves against a legal claim. Generally, we will only retain Personal Data throughout the term of our business relationship and delete it as soon as possible thereafter, unless we are legally required to retain the data for a longer period. If you would like to receive further information on how long we store your Personal Data, please contact info@digiex.asia.

Your Rights with respect to your Personal Data

You have several rights in relation to the Personal Data processed by DigiEx Group. For example, you have the right to access, update, delete or restrict the Personal Data that we collect about you and at any time you can obtain a copy of your Personal Data that we hold or request that the information is transmitted to another data controller.

You also have the right to object to the processing of your Personal Data and if you have given us consent, for example to receive newsletters, you may withdraw this consent if you have changed your mind. Please note that a withdrawal of consent does not affect the lawfulness of any processing which has taken place prior to your consent being withdrawn and that we can only act on your request in accordance with applicable law.

If you wish to exercise your rights, you can contact us by sending an e-mail to our privacy team at info@digiex.asia. In order for us to comply with your request in the best way possible, please indicate which Personal Data you would like to receive, have changed or removed or what limitations you would like to put on our use of the data.

If you are unsatisfied with how we process your Personal Data or if you believe that your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority in the country where you live or where you believe your rights have been infringed.

Additional Disclosures for Viet Nam Residents: Your Rights Under Decree 13/2023/NDCP

Right to be informed: Identifiers (including name and last name) and professional information (Including business contact information).Right to consent: You have the right to give consent to the processing of your personal data, other than in cases specified in Article 17 of this Decree.Right to access personal data: You have the right to access your personal data in order to look at, rectify or request rectification of your personal data, unless otherwise provided for by law.Right to withdraw consent: You have the right to withdraw your consent, unless otherwise provided for by law.Right to delete personal data: You have the right to delete or request deletion of your personal data, unless otherwise provided for by law.Right to obtain restriction on processing: You have the right to obtain restriction on the processing of your personal data, unless otherwise provided for by law.Right to obtain personal data: You have the right to request the Personal Data Controller and the Personal Data Controller-cum-Processor to provide you with your personal data, unless otherwise provided for by law.Right to object to processing: You have the right to object to the Personal Data Controller and the Personal Data Controller-cum-Processor processing your personal data in order to prevent or restrict the disclosure of personal data or the use of personal data for advertising and marketing purposes, unless otherwise provided for by law.Right to file complaints, denunciations and lawsuits: You have the right to file complaints, denunciations and lawsuits as prescribed by law.Right to claim damage: You have the right to claim damage as prescribed by law when there are violations against regulations on protection of your personal data, unless otherwise agreed by parties or unless otherwise prescribed by law.Right to self-protection: You have the right to self-protection according to regulations in the Civil Code, other relevant laws and this Decree, or request competent agencies and organizations to implement civil right protection methods according to regulations in Article 11 of the Civil Code.

Viet Nam’s "Dân Sự" law (Civil Code 91/2015/QH13, Article 11) permits users of our website who are Viet Nam residents to request certain information regarding our disclosure of personal information to third parties for their direct purposes. To make such a request, please send an email to info@digiex.asia.

Children's Personal Data

DigiEx Group is a business-to-business service directed to and intended for use only by those who are 18 year-old or older. We do not target DigiEx Group at children, and we do not authorize people under 18 years of age to directly request our services. In the unlikely event that a minor has submitted Personal Data to DigiEx Group, and if you are the parent or guardian of the minor who has provided personally identifiable information to DigiEx Group, please inform us by contacting us at info@digiex.asia and we will remove such information from our database.

Links to Other Websites

From time to time, maybe you can find links to other websites on the DigiEx Group website. As these websites are owned by other parties, DigiEx Group is not responsible for the handling of your Personal Data on these websites or for the privacy of the information that is collected by the services these websites provide. We strongly recommend you to carefully read the privacy notices applicable to these websites and services.

Changes to this Privacy Policy

This Privacy Policy is subject to changes from time to time, so please make sure you check this page regularly. We will inform you separately about fundamental changes to this Privacy Policy. Your continued use of this website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Contact us

If you have any questions or concerns about this Privacy Policy or the processing of your Personal Data in general, or if you wish to exercise any of your rights, please email DigiEx Group at info@digiex.asia indicating the nature of your query.