PRIVACY POLICY

Effective Date: [01/01/2026]

Last Updated: [03/03/2026]

Version: v1.0

1. Introduction

PTRACKLY CO., LTD (“Company”, “we”, “our”, “us”) is committed to protecting personal data and ensuring transparency in how data is collected, processed, and safeguarded.

This Privacy Policy applies to all users of our services, website, and platform (“Services”).

2. Scope

This policy applies to:

Customers and end users
Website visitors
Business partners interacting with our platform

3. Categories of Personal Data Collected

We collect and process the following categories of personal data:

3.1 Identity Data

Full name
Email address
Phone number

3.2 Technical Data

IP address
Browser type and version
Device identifiers
Log data (access logs, system activity)

3.3 Usage Data

User interactions with the platform
Feature usage and behavior analytics

3.4 Communication Data

Support requests
Feedback and inquiries

4. Lawful Basis for Processing (GDPR)

We process personal data under the following legal bases:

Consent: When users explicitly provide consent
Contractual Necessity: To provide our services
Legal Obligation: Compliance with applicable laws
Legitimate Interests: Security, fraud prevention, service improvement

5. Purpose of Data Processing

We process personal data for the following purposes:

Service delivery and account management
Customer support and communication
Platform security and monitoring
Compliance with regulatory and audit requirements
Internal analytics and product improvement

6. Data Sharing & Disclosure

We may share personal data with:

Service Providers: Hosting, cloud infrastructure, analytics tools
Auditors & Compliance Partners: For certification and compliance verification
Regulatory Authorities: When required by law

We do not sell personal data.

7. Data Retention Policy

We retain personal data based on:

Duration of service usage
Legal and regulatory requirements
Audit and security needs

Retention examples:

User account data: retained while account is active
Logs & audit trails: retained for [6–12 months]
Compliance evidence: retained per audit requirements

8. Data Subject Rights (GDPR)

Users have the right to:

Access personal data
Correct inaccurate data
Request deletion (Right to Erasure)
Restrict processing
Object to processing
Data portability
[Data Request Form Link]

9. Data Request Handling Process (Audit Critical)

We maintain a structured process for handling data requests:

9.1 Submission

Requests are submitted via web form
Identity verification is required

9.2 Logging

Each request is assigned a unique ticket ID
Requests are logged in a tracking system

9.3 Processing

Requests are reviewed and processed within [X days]
Actions are documented (approved, rejected, completed)

9.4 Audit Trail

All requests and actions are logged
Logs are retained for compliance verification

10. Security Measures

We implement appropriate technical and organizational measures:

Access control and role-based permissions
Encryption (in transit and at rest where applicable)
Continuous monitoring and logging
Regular security reviews

11. Data Deletion & Retention Controls

We ensure:

Secure deletion upon valid request
Removal from active systems and backups (where feasible)
Logging of deletion actions

12. International Data Transfers

If personal data is transferred across borders, we implement safeguards such as:

Standard Contractual Clauses (SCCs)
Secure cloud infrastructure providers

13. Stakeholder & Regulatory Compliance (ISO 42001 Alignment)

We ensure:

Protection of customer data rights
Compliance with applicable regulations (GDPR, PCI DSS, etc.)
Consideration of societal and ethical impacts of data processing

14. Policy Review & Updates

This policy is reviewed quarterly
Updates follow internal change management procedures
Versioning is maintained for audit purposes

15. Contact Information

For any privacy-related inquiries:

Company Name: [PTRACKLY CO., LTD]

Email: [[email protected]]

Address: [Lot 9, An Thuong 40 Street, Ngu Hanh Son Ward, Da Nang City, Vietnam]