Legal
Privacy Policy
Last updated: 2026-05-19 · Applies to idsolutions.com.vn and any service operated by IDS AI SOLUTIONS.
1. Who we are
IDS AI SOLUTIONS (operating as "IDS AI Solutions", "we", "us", or "our") is a Vietnam-registered enterprise AI consultancy with business registration number 0313184404. Our registered head office is at 67 Tran Thi Do Street, Thanh Loc Ward, Ho Chi Minh City, Vietnam.
For the purposes of EU GDPR, we act as the data controller for personal data we collect through this website. For the purposes of Vietnam's Decree 13/2023/ND-CP on Personal Data Protection (the "PDPD"), we act as the Personal Data Controller and, where applicable, the Personal Data Processor.
Questions about this policy or your data should be sent to privacy@idsolutions.com.vn or by post to the head office above.
2. What personal data we collect
We collect personal data only when you actively give it to us through:
- Contact, partner, and inquiry forms — name, business email, company, phone (optional), the topic of inquiry, and the content of your message.
- Newsletter sign-up — email address and the timestamp of your consent.
- Job applications — your name, contact details, CV / resume, cover letter, links to professional profiles (LinkedIn, GitHub, portfolio), and the contents of your application. By submitting an application you authorize us to process this data for recruitment purposes.
- Server logs (automatic) — IP address, browser user-agent, requested URL, and timestamp. Retained for up to 30 days for security and abuse-prevention purposes.
- Privacy-respecting analytics — we use a cookieless analytics tool (Plausible) that does not place tracking cookies, does not identify individual visitors, and does not transfer data to advertising networks. Aggregated metrics include the page visited, referrer, country (derived from anonymized IP), and browser. See our Cookie Policy.
We do not collect special-category personal data (health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, biometric data) through this website. Do not include such data in submissions.
3. Why we process your data (lawful basis)
| Purpose | GDPR lawful basis | PDPD basis |
|---|---|---|
| Responding to inquiries you submit | Art. 6(1)(b) — performance of pre-contractual steps | Necessary for contract performance |
| Sending the newsletter | Art. 6(1)(a) — your explicit consent | Explicit consent of the data subject |
| Recruitment / job applications | Art. 6(1)(b) — pre-contractual steps at your request | Necessary for contract performance |
| Security, abuse prevention, server logs | Art. 6(1)(f) — legitimate interest | Lawful interest of the controller |
| Anonymized analytics | Art. 6(1)(f) — legitimate interest (no cookies, no profiling) | Lawful interest of the controller |
| Complying with legal obligations (e.g. tax, audit) | Art. 6(1)(c) — legal obligation | Compliance with statutory obligation |
4. How long we keep your data
- Inquiry messages: 24 months from last interaction, then deleted or anonymized.
- Newsletter subscriptions: for as long as you remain subscribed, plus 12 months after unsubscribe for suppression-list purposes (so we don't email you again by mistake).
- Job applications: 12 months after the hiring decision for the role you applied to, unless you give us explicit consent to keep your file on record for future openings (up to 24 months).
- Server logs: 30 days, then permanently deleted.
- Contracts, invoices, and records required by law: retained for the period required by applicable Vietnamese tax, commercial, and accounting law (typically up to 10 years).
5. Who we share your data with
We do not sell personal data. We share personal data only with service providers and authorities that need it to operate our business:
- Email delivery — Gmail / Google Workspace (Google Ireland Ltd, EU data center) or our configured SMTP provider, used to send the transactional emails our forms generate.
- Cloud and hosting providers — the infrastructure that runs this website and our databases. Subject to data processing agreements (DPAs) that require GDPR/PDPD-compliant handling.
- Professional advisors — legal counsel, auditors, and accountants, bound by duties of confidentiality.
- Public authorities — where required by law (e.g. court order, regulatory request, anti-fraud, national security).
A current list of sub-processors is available on request to privacy@idsolutions.com.vn.
6. International transfers
Our primary infrastructure is located in Vietnam and within the EEA (European Economic Area). Where personal data must be transferred outside the EEA or outside Vietnam, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission (Decision 2021/914) for EEA-to-third-country transfers.
- Cross-border transfer impact assessments and notification to Vietnam's Ministry of Public Security as required under Article 25 of the PDPD.
- Encryption in transit (TLS 1.2+) and at rest (AES-256 or equivalent) for all transfers.
7. Your rights
Under GDPR (if you are in the EEA or UK) and under the PDPD, you have the right to:
- Access the personal data we hold about you and receive a copy.
- Rectify inaccurate or incomplete data.
- Erase your data ("right to be forgotten") where one of the GDPR Article 17 / PDPD Article 14 conditions applies.
- Restrict processing while we evaluate a complaint or objection.
- Object to processing based on legitimate interest.
- Withdraw consent at any time, without affecting the lawfulness of prior processing.
- Data portability — receive your data in a structured, machine-readable format.
- Not be subject to fully automated decisions producing legal or similarly significant effects.
- Lodge a complaint with a supervisory authority — your local EU/EEA data protection authority (a list is at edpb.europa.eu), or in Vietnam the Department of Cybersecurity and High-Tech Crime Prevention (A05) at the Ministry of Public Security.
To exercise any of these rights, email privacy@idsolutions.com.vn. We will respond within 30 days (GDPR) and within 72 hours for urgent requests under the PDPD where applicable.
8. How we secure your data
We follow industry-standard administrative, technical, and physical safeguards including: encryption in transit (TLS 1.2+) and at rest, role-based access control, least-privilege principles, regular access reviews, audit logging, vulnerability scanning, dependency monitoring, secure software development practices, periodic third-party penetration testing for high-impact systems, and incident-response procedures.
In the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours (per GDPR Article 33) and notify affected individuals without undue delay where required.
9. Children's data
This website is intended for business professionals. We do not knowingly collect personal data from individuals under 16 (GDPR) or under 15 (PDPD). If you believe a minor has provided us with personal data, contact privacy@idsolutions.com.vn and we will delete it promptly.
10. Cookies and similar technologies
See our Cookie Policy for a complete list of cookies and similar technologies, their purposes, and your choices.
11. Changes to this policy
We may update this policy from time to time. Material changes will be announced on this page and, where appropriate, by email to subscribed users. The "Last updated" date above will always reflect the most recent version.
12. Contact
IDS AI SOLUTIONS67 Tran Thi Do Street, Thanh Loc Ward, Ho Chi Minh City, Vietnam
Email: privacy@idsolutions.com.vn
Phone: +84 986 724 701