PAYMENT SECURITY AND PRIVACY POLICY

I - PAYMENT SECURITY POLICY
1.1. Privacy statement
- The card payment system is provided by payment gateway partners (“Payment Gateway Partners”) that have been licensed to operate legally in Vietnam. Accordingly, card payment security standards at Emddi.com ensure compliance with industry security standards.

1.2. Security regulations
- Payment transaction policy by international and domestic cards (internet banking) ensures compliance with security standards of Payment Gateway Partners including:
- Customer's financial information will be protected during the transaction process using SSL (Secure Sockets Layer) protocol.
- Payment information data security standard certification (PCI DSS).
- One-time password (OTP) is sent via SMS to ensure authenticated account access.
- 256 bit MD5 encryption standard.

-Information security principles and regulations in the banking and finance industry according to regulations of the State Bank of Vietnam.
- EMDDI's payment transaction security policy applies to Customers:

✶ EMDDI provides token storage facility - only stores the encrypted string provided to EMDDI by the Payment Gateway Partner. EMDDI does not directly store customer card information. Security of Customer payment card information is performed by a licensed Payment Gateway Partner.
✶ For international cards: Customer's payment card information that can be used to establish transactions is not saved on EMDDI's system. The Payment Gateway Partner will store and secure it.
✶ For domestic cards (internet banking), EMDDI only stores the order code, transaction code and bank name.
✶ EMDDI commits to ensuring strict implementation of necessary security measures for all payment activities performed on the Emddi.com website.
II - PRIVACY
This privacy policy describes how EMDDI Joint Stock Company collects and uses Users' personal information in connection with the services We provide at the Emddi.com website (collectively, "Services"). Our Services").

2.1. PERSONAL INFORMATION COLLECTED BY US
We collect Users' personal information in the course of providing Our Services to Users. Personal information is information sufficient to accurately determine an individual's identity, including at least the following information: full name, date of birth, occupation, title, contact address, address. only email, phone number, ID card number, passport number. Personal confidential information includes medical records, tax filings, social insurance card numbers, credit card numbers and other personal secrets.

Below are the sources of information we collect:
- Information Users Provide to Us: We collect any information Users provide in connection with Our Services.
- Automatic information: We automatically collect certain types of information when Users and drivers interact with Our Services.
- Information from other sources: We may collect information about Users from other publicly available and legal sources.

2.2 HOW WE USE PERSONAL INFORMATION
We may use Users' personal information to operate, provide and improve Our Services. Our purposes of using personal information include:

- Providing Our Services: We may use Users' personal information to provide Our Services and process transactions related to Our Services.
- Measure, support and improve Our Services: We may use Users' personal information to measure usage, analyze performance, fix errors, provide support, improve quality and development of Our Services.
- Make recommendations and personalize experiences: We may use your personal information to recommend - Our Services that you may be interested in, identify your interests and personalize your User experience with Our Services.
- Compliance with legal obligations: In certain cases, We have a legal obligation to collect, use or store Users' personal information.
- Communications with Users: We may use Users' personal information to communicate with Users regarding Our Services through various channels (e.g. email, chat) and to Respond to User requests.
- Marketing: We may use Users' personal information to market and promote Our Services in accordance with the law. We may display advertising on Our Services based on User interests.
Fraud and abuse prevention, credit risk: We may use Users' personal information to prevent and detect fraud and abuse to protect the security of Users, Us and others. others. We may also use scoring methods to assess and manage credit risk.
- Some specific purposes require User consent: We may ask for User consent to use personal information for a specific purpose when We contact Users.

2.3. COLLECTION AND USE OF COOKIES
We use cookies, pixels and other similar technologies (collectively “cookies”) to recognize your browser or device, learn more about your interests, provide you with essential features and services and for other additional purposes, including:

- Identify Users when Users log in to use Our services. This allows Us to provide Users with recommendations, display personalized content, and provide other customized features and services.
- Pay attention to the options that the User has approved. This allows Us to respect the User's likes and dislikes, such as the language and configuration of the User's choice.
- Conduct research and analysis to improve Our Services.
- Prevent fraud.
- Improved security.
- Provide content, including advertising, relevant to User interests on Our websites and third party websites.
- Measure and analyze the quality of Our Services.
Cookies allow Users to take advantage of some of Our essential features. For example, if you block or reject our cookies, you may not be able to use certain services that require you to log in or you may have to manually adjust certain preferences or settings. set the language each time Users revisit Our websites.

Approved third parties may also set cookies when Users interact with Our Services. These third parties typically include search engines, measurement and analytics providers, social networks and advertising companies. Third parties use cookies in the delivery of content, including advertising related to User interests, to measure the effectiveness of advertising and to perform certain services on Our behalf.


Users can manage browser cookies using their browser settings. The 'Help' feature on most browsers will tell the User how to prevent the browser from accepting new cookies, how the browser notifies the User when the User receives a new cookie, how to disable cookies and when the cookie expires term. If the User disables all cookies on his or her browser, neither We nor third parties will be able to transfer cookies to the User's browser. However, if the User does this, the User may have to manually adjust some preferences each time the User revisits the website and some features and services may not function.

2.4. HOW WE SHARE PERSONAL INFORMATION
Information about Users is an important part of Our operations, and We do not provide Users' personal information to any third party except in the cases set out in section (i). We also share personal information with EMDDI and the company in accordance with this Privacy Policy or a similar policy.

We may share Users' personal information for the following purposes:

- Transactions involving third parties: We provide Users with services, software and content provided by third parties for use on or through Our Services. Users may know when a third party is involved in the User's transactions and We will share information regarding the transactions with that third party.
- Third party service providers: We use and/or cooperate with other companies and individuals to carry out a number of tasks and programs such as promotional programs, cross-selling, etc. for Users. Examples include: sending communications, processing payments, assessing credit risk and compliance, implementing an interest rate subsidy program, analyzing data, providing marketing and sales support ( including advertising and event management), User relationship management and training. These third party service providers have access to personal information necessary to perform their functions, but may not use it for other purposes. In addition, they must comply with this Privacy Policy and related privacy laws.
- Restructuring, Business Transfer: During the business development process, We may sell or buy businesses or restructure other businesses or services in accordance with the provisions of law. In such transactions, personal information, databases and information rights are generally among the business assets transferred but the transferee must still comply with the provisions of the Policy this privacy (or as otherwise approved by the User). Additionally, in the event that EMDDI or substantially all of its assets are acquired by another company, User information will become one of the transferred assets.
- Protect Us and Others: We are permitted to release account and other personal information when We believe it is appropriate to comply with the law, to enforce or apply Our terms and other agreements, or to protect the rights, property or security of Us, Our Users, or any other person. The above tasks may include exchanging information with other companies and organizations to prevent and detect fraud and reduce property and credit risk.
Depending on the User's choice: In addition to the above provisions, the User will receive notice when personal information about the User may be shared with third parties and the User will have the right to not consent to such sharing. share information.

2.5. STORAGE OF PERSONAL INFORMATION
We store Users' personal information in accordance with relevant laws and apply appropriate technical measures to ensure that information is stored safely and securely.

2.6. HOW WE PROTECT PERSONAL INFORMATION
At Emddi.com, security is Our highest priority. Our system is designed with the ability to ensure the safety and privacy of User and driver information in mind.

We have appropriate technical and security measures to prevent unauthorized access and use of personal information. We also regularly coordinate with security experts to update the latest information on network security to ensure the safety of personal information. When collecting data, we store and secure personal information on the server system and this personal information is secured by firewall systems and access control measures. , Data encrypt.

User's payment card information issued by financial institutions is protected by us according to international standards with the principle of not recording important payment card data (card number, full name, credit card number). CVV) on our system. User's payment transactions are performed on the relevant bank's system.


2.7. INTERNET AND THIRD PARTY ADVERTISING
Our Services may include third-party advertisements and links to other websites and applications. Third-party advertising partners may collect information about Users when Users interact with their content, advertisements or services.

2.8. PERIOD OF STORAGE OF PERSONAL INFORMATION
We store Users' personal information to ensure Users' ability to continuously use Our Services, and for the period necessary to achieve the goals specified in the Policy. this privacy, or as required by law (including for tax and accounting purposes), or to carry out other tasks as notified to the User in advance. The length of time We retain specific personal information varies depending on the purpose of use and We will delete Users' personal information in accordance with applicable law.

2.9. CONTACT INFORMATION, NOTICES AND MODIFICATIONS
If you have any questions about privacy at EMDDI or would like to contact our information controller, please contact us and we will endeavor to answer your questions. . Users can also contact Us at the address below:

EMDDI JOINT STOCK COMPANY
Office Building 9th Floor, Song Da 9 Building, No. 2 Nguyen Hoang, My Dinh 2, Nam Tu Liem, Hanoi City, Vietnam
Email: cs@emddi.com
Phone: 0283 9143956

Our business is constantly changing and this Privacy Policy may also be amended. Users should visit and check Our website regularly to stay informed of the most recent changes. Unless otherwise stated, Our current Privacy Policy applies to all personal information We hold about Users and Users' accounts. Modifications to this Policy shall in no case reduce the level of protection of personal information collected in the past without notifying the Users concerned and giving Users the right to choose.

2.12. RESOLVE COMPLAINTS
Users have the right to submit complaints about disclosure of personal information to third parties to EMDDI. When receiving this feedback, We will confirm the information, be responsible for answering the reason and instruct Users to restore and re-secure the information.

We will actively support Users in resolving complaints related to personal information being used for the wrong purpose or scope as notified according to the following process:

- Step 1: EMDDI's User Care Department will receive User complaints, proactively resolve them quickly and immediately respond to the results of resolving the above complaints if there is a basis for the policies that We have announced.
- Step 2: In cases that are complicated or not specified in the policies that We have published, the User Care Department will commit to a response time limit of no more than 7 (seven) days.
- Step 3: Transfer the complaint resolution results to the relevant departments for implementation and call to confirm with the User that the complaint has been resolved.

Users can submit complaints at:

EMDDI JOINT STOCK COMPANY
Office Building 9th Floor, Song Da 9 Building, No. 2 Nguyen Hoang, My Dinh 2, Nam Tu Liem, Hanoi City, Vietnam
Email: cs@emddi.com
Phone: 0283 9143956

Company

About EMDDI

Recruitment

EMDDI JOINT STOCK COMPANY

Business registration number: 0314018142, issued by the Department of Planning and Investment of Ho Chi Minh City on September 19, 2016

Email: cs@emddi.com

Connect with Us

Get the EMDDI App

Services

News

Address: Lot T2-4, Street D1, Ho Chi Minh City Hi-Tech Park, Tan Phu Ward, Ho Chi Minh City, Vietnam

Solutions

© EMDDI GROUP