Privacy Notice for Vendors

Logo PDPD

Privacy Notice for Vendors

Long Son Petrochemicals Co., Ltd respects your privacy. This notice explains how we process your personal data, in electronic and other formats, in accordance with Vietnam’s Personal Data Protection Laws.

1. Definitions

1.1. “We” means Long Son Petrochemicals Co., Ltd.

1.2. “You” means individual vendors, directors of corporate vendors, operators, and vendor staff.

1.3. “Processing” means any act impacting personal data: collecting, recording, analyzing, confirming, storing, editing, publicizing, disclosing, combining, accessing, retrieving, encrypting, decrypting, copying, sharing, transmitting, transferring, deleting, destroying.

1.4. “Vietnam Personal Data Protection Laws” refers to applicable Vietnamese laws, including Decree No. 13/2023/NĐ‑CP on Personal Data Protection (and its amendments).

2. Purposes of Processing

2.1. We process your data to:

  1. Perform contractual obligations: procurement, inspection, payment, relationship management, and work evaluation as per purchase orders and contracts.
  2. Manage and develop operations: website/app administration, research (interviews, questionnaires), fraud/crime prevention, IT maintenance.
  3. Protect security: data protection, access control, identity authentication for your user account.
  4. Send you news, promotions, and privileges via email, SMS, apps, social media, phone, and mail.
  5. Conduct marketing and data analysis: market research, surveys, interviews.
  6. Ensure physical security: premises access control, epidemic management, identity verification.
  7. Establish or defend legal claims.
  8. Protect vital interests: emergency contact, disease prevention.
  9. Comply with legal obligations.
  10. Perform public-interest tasks or exercise official authority.

This list is illustrative and may be updated when necessary.

2.2. For consent‑based processing, we will inform you at the time of collection and in later sections.

3. Personal Data We Collect

We collect data directly from you and indirectly from government agencies, SCG Group companies, partners, and trusted service providers.

3.1. Vendor Data

  1. Contact: email, phone, office address, social media, messaging accounts.
  2. Identity Verification: ID cards, ID number, title, name, DOB, mobile, email, photo.
  3. Work Info: employment details, safety/hygiene records, bank account, remuneration, position, driver’s license, credentials, client references.
  4. Identification: citizen ID, passport, driver’s license, social security, tax ID.
  5. Immigration: stay permit, residence permit, work permit, visa.

3.2. Premises Visits

We collect images/video via CCTV in designated areas; signage will notify you.

3.3. Contact & Participation

  1. Personal: name, DOB, photo, ID/passport.
  2. Contact: phone, email, address, messaging.
  3. Complaints: details of complaints.
  4. Participation: activity history, photos.

3.4. Other Data: tax ID, family card, workshop photos.

3.5. Additional Data: we will notify you and comply with law if more data is needed.

3.6. Sensitive Data

  1. Facial recognition or fingerprint for identity verification.
  2. Health data (allergies, vaccination) for events and compliance.
  3. Unintended sensitive data (e.g. religious beliefs) will be redacted or not processed.
  4. May include financial and location data.

3.7. If you share others’ data, you must have the right and inform them of this notice.

4. Cookies

4.1. We use cookies and similar tech per our Cookies Notice.

5. Consent, Withdrawal & Consequences

5.1. You may withdraw consent anytime; prior processing remains valid.

5.2. Withdrawal/refusal may prevent some processing.

5.3. Withdraw via consent channels or contact Section 11.

5.4. Under‑16s or incapacitated persons need guardian authorization.

5.5. Consenting on others’ behalf requires legal authority.

6. Retention Period

6.1. Retain data as needed, unless law requires longer.

6.2. Delete/destroy when no longer necessary.

6.3. If consent‑based, stop processing on withdrawal but retain for records.

7. Disclosure

7.1. Shared with:

  1. SCG Group companies (inside & outside Vietnam) per report at https://scc.listedcompany.com/ar.html
  2. Other parties (dealers, logistics, postal, data processors, marketing, contractors, finance, IT, regulators, advisors) as needed.

7.2. Recipients may have their own notices; please review them.

7.3. On restructuring, transfers, mergers, we may disclose data to counterparties/advisors under compliance.

7.4. Recipients must protect data and process only as necessary.

8. International Transfers

8.1. May transfer data to SCG or others outside Vietnam when necessary.

8.2. Data may be stored offshore; providers must ensure security.

8.3. We comply with laws and ensure your rights; recipients must protect data and process only as needed.

9. Security Measures

9.1. We apply encryption, access controls, and training to protect data.

9.2. Physical, technical, and administrative safeguards with periodic reviews.

9.3. Additional measures for sensitive personal data.

10. Your Rights & Obligations

10.1. You have rights to: be informed, consent & withdraw, access & correct, object to marketing, delete/anonymize, restrict processing, portability, and file complaints or claims.

10.2. We will respond within a reasonable timeframe under law.

10.3. To exercise rights, contact compliance@lsp.com.

10.4. You must provide complete and accurate data when consenting.

11. Data Controller & DPO

11.1. Data Controller: Long Son Petrochemicals Co., Ltd.

11.2. Address: Hamlet 2, Long Son commune, Vung Tau city, Ba Ria – Vung Tau province.

11.3. Contact: compliance@lsp.com.

If this notice is amended, the new version will be published on our website or other channels, effective immediately upon posting.

Power By Reddot digital co.,ltd.