EN VIE
Search
Online Leasing Calculator
Search
BIDV-SuMi TRUST Leasing Co., Ltd BIDV-SuMi TRUST Leasing Co., Ltd
EN VIE
Search
Online Leasing Application
Online Leasing Calculator
Contact (024) 3928 4688

Personal Data Processing Notice

Personal Data Processing Notice

Welcome to the Sumi TienVay mobile application (hereinafter referred to as the “Application” or “Platform”). This application is developed and operated by BIDV - SUMI TRUST LEASING COMPANY. LTD (hereinafter referred to as the “Platform” or “We”), aiming to provide users with legal, safe, and compliant lending services. We strictly adhere to Vietnamese laws and regulations concerning personal data protection, cybersecurity, consumer rights protection, and relevant financial management policies to ensure that the collection, use, and processing of users' personal information are carried out legally, safely, and transparently. We have built an internal management system and necessary technical measures to provide a stable, safe, and legal lending service environment. Your use of the Application signifies that you have read, understood, and agreed to all the contents of this Policy as well as the contents of the Comprehensive Authorization Document. If you do not agree with any content of this Policy, please do not continue using the Application or withdraw the granted permissions. PART I. SCOPE OF APPLICATION This Policy applies to all personal information, device information, usage behavior data, and other information related to lending services that users provide when using the Sumi TienVay application and related services provided by the Platform. The scope of application includes, but is not limited to, activities such as account registration, loan application submission, identity verification, account management, payment obligations, and the use of other financial services provided by the Platform. This policy also applies to the entire process of storing, using, sharing, transmitting, backing up, deleting, anonymizing, and managing information collected by the Platform in accordance with legal regulations. PART II. EXPLANATION OF PERSONAL INFORMATION AND RELATED DATA TYPES According to this Policy, personal information includes, but is not limited to, information proactively provided by users during the use of the service, information automatically collected by the system, and other information legally collected for the purpose of legal compliance and risk management. Related information types may include personally identifiable information, device information, usage behavior data, risk assessment information, and other data collected in accordance with applicable legal regulations. PART III. COLLECTION AND USE OF ACCESS RIGHTS To ensure the smooth, secure, and risk-controlled operation of the service and to maintain system stability, the Application will, upon your clear notification and consent, request and use certain access rights. The use of these rights adheres to the principles of legality, reasonableness, necessity, and minimality, and will only be activated in relevant business situations. 3.1 Approximate Location (Location Information) Purpose: To determine the service area, suggest suitable products and services, and assist in identifying unusual or risky behavior. Explanation: This information is used only for area analysis and risk management; it is not used for real-time location tracking or for purposes outside the scope of the service. 3.2 Camera Access Permission Purpose: To capture and upload images of documents or papers for account registration, identity verification, or business processing. Explanation: The camera is only activated when the user actively uses the relevant function; it does not operate in the background. Image data is only used for verification or business review purposes. 3.3 Photo Library Access Permission Purpose: To upload or add necessary identity verification documents, business records, or images. Explanation: This is only used when the user actively selects images to upload; it does not scan, collect, or access other content on the device without authorization. Image data is not used for advertising or marketing purposes. 3.4 Calendar Access Permission Purpose: To assist users in planning payments, reminding them of loan deadlines and important financial events. Explanation: It does not read, edit, or delete the user's existing calendar content and is not used for other purposes. 3.5 SMS Access Permissions Purpose: To analyze messages related to financial services for risk assessment and account security. Explanation: Messages unrelated to loan activities will not be collected or used. 3.6 List of Installed Applications Purpose: To identify the device environment, assess risks, and detect unusual devices to ensure system security. Explanation: Only for security analysis; does not collect usage behavior or data from other applications. 3.7 Device Information Purpose: To prevent account hijacking, detect unusual logins, and enhance system security. Explanation: Includes device model, operating system version, and necessary technical identifiers; used only for technical and security purposes, not for commercial advertising. PART IV. PURPOSE OF USING INFORMATION Account and identity management: user verification, fraud prevention, and account security. Risk management and credit assessment: loan profile analysis, monitoring unusual behavior, and risk identification. Service provision and optimization: displaying loan products, transaction confirmation, notification sending, and improving user experience. Legal compliance and government regulatory requirements: fulfilling legal obligations and inspections by competent authorities. System Security Management: Monitoring operations and detecting anomalies. Notifications and Reminders: Payment reminders, policy updates, and important announcements. PART V. INFORMATION SHARING AND DISCLOSURE Internal Sharing: Limited to departments necessary for business operations, risk management, and compliance. Third-Party Service Providers: May share necessary information with legally regulated partners such as payment processing units, identity verification agencies, or related organizations. Legal or Government Requests: Providing information as legally required by competent authorities. Non-Commercial Use: Personal information will not be sold, leased, or used for unauthorized marketing purposes. PART VI. STORAGE AND TECHNICAL SECURITY MEASURES Data is stored on a secure server system (www.bslease.com) and is encrypted during transmission and storage. Technical measures include data encryption, firewalls, access control, and system logging. Management measures include personnel authorization, training, confidentiality agreements, and internal approval processes. PART VII. DATA RETENTION AND PROCESSING PERIOD The platform determines the retention period for personal information based on legal requirements and business needs. After the retention period expires, data will be deleted or anonymized as required, unless otherwise stipulated by law. After a user cancels their account or terminates the service, the information will be processed according to legal regulations and will only be retained to the extent necessary for compliance, auditing, or dispute resolution purposes. Users can also submit requests to delete personal data or cancel accounts via the official email address published in this Agreement (office@bslease.com). When submitting a request, users must provide the necessary verification information for the platform to check the authenticity of the requester. The platform will review and process the request within 7 business days. PART VIII. USER RIGHTS Users have the right to access their personal information and how that information is used. Users have the right to edit or update their information. Users have the right to refuse or withdraw optional rights. Refusing or withdrawing permission may affect some related functions but does not affect other basic services of the Platform and will not be considered a breach of any existing agreement. Complaint and consultation channel: office@bslease.com PART IX. PROTECTION OF MINORS The application does not provide lending services to individuals under 18 years of age. The Platform's services are only for individuals with full legal capacity. In the event of detecting the collection of information from minors, the Platform will promptly process and delete the data as required. Guardians can contact the Platform through the contact information provided in this Policy. PART X. HANDLING SECURITY INCIDENTS In the event of detecting unusual logins or account hijacking, the Platform will notify and take necessary measures such as temporarily suspending the account. In the event of a data leak, the Platform will assess the extent of the impact, notify users and relevant authorities, and implement remedial measures. Fraudulent or illegal activities will be investigated, prevented, and coordinated with relevant authorities as prescribed. PART XI. APPLICABLE LAW AND DISPUTE RESOLUTION The signing, implementation, interpretation, and resolution of disputes arising from this Policy are governed by Vietnamese law. Any disputes will be primarily resolved through negotiation; if no agreement is reached, the dispute will be settled in a competent court in Vietnam. PART XII. POLICY UPDATES AND NOTIFICATIONS The Platform may update this Policy as required by law or due to operational adjustments. Updates will be announced through the Application or other reasonable means. Continued use of the service after the Policy is updated signifies your acceptance of the revised content. PART XIII. FINAL CLAUSES The Platform reserves the right to the final interpretation of this Policy. This Policy takes effect from the moment the user confirms their use of the Application and completes the authorization process. This Policy, together with the Comprehensive Authorization Document, forms the general rules regarding privacy and access management within the Application. If you have any questions, comments, or complaints regarding the protection of personal information, please contact us using the information below. We will receive and respond within a reasonable timeframe as required by law. CONTACT INFORMATION Company Name: BIDV - SUMI TRUST LEASING COMPANY. LTD Address: 23rd Floor, TNR Tower – 54A Nguyen Chi Thanh Street, Lang Thuong Ward, Dong Da District, Hanoi, Vietnam Email: office@bslease.com