Privacy Policy

1. Introduction

CBT Technology Co., Ltd. ("we", "our", or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cbttech.io, use our services, or engage with us for software development and technology consulting services.

By using our services or providing us with your personal information, you consent to the practices described in this Privacy Policy.

2. Scope of This Policy

This Privacy Policy applies to:

• Our website (cbttech.io)
• Mobile applications developed and published by CBT Technology
• Software development services and consulting engagements
• Any other services where this Privacy Policy is referenced

For mobile applications, this policy covers both our own apps and apps we develop for clients where we are identified as the developer or co-developer.

3. Information We Collect

3.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, company name, job title
• Professional Information: Business information, project requirements, technical specifications
• Communication Data: Messages, feedback, and correspondence with our team
• Account Information: Login credentials, user preferences (if you create an account with us)

3.2 Technical Information

We automatically collect certain technical information when you visit our website or use our mobile applications:

• Device Information: IP address, browser type, operating system, device type, device identifiers (IDFA for iOS, Advertising ID for Android), mobile network information
• Usage Data: Pages visited, time spent on pages, links clicked, referral sources, app features used, crash reports
• Location Data: Approximate location based on IP address (we do not collect precise GPS location unless explicitly required for app functionality and with your permission)
• Cookies and Similar Technologies: Session cookies, preference cookies, analytics cookies

3.3 Project-Related Information

When you engage our services, we may collect:

• Project specifications and requirements
• Business processes and workflows
• Technical documentation and source code
• Test data and development materials

3.4 Information We Do NOT Collect

Unless explicitly required for specific app functionality and disclosed separately, we do NOT collect:

• Health and fitness data
• Financial information (credit card numbers, bank account details)
• Contacts from your device
• Photos or camera access (unless needed for specific features)
• Microphone access (unless needed for specific features)
• Precise GPS location (unless needed for specific features)

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide software development, blockchain development, web/mobile development, and technology consulting services
• Project Management: To communicate about projects, deliverables, and timelines
• Customer Support: To respond to inquiries, provide technical support, and resolve issues
• Business Operations: To process payments, maintain records, and manage contracts
• Service Improvement: To analyze usage patterns and improve our website and services
• Marketing Communications: To send newsletters, updates, and promotional materials (with your consent)
• Legal Compliance: To comply with legal obligations and protect our legal rights
• Security: To detect, prevent, and address technical issues and fraudulent activities

5. Information Sharing and Disclosure

We may share your information with the following parties:

5.1 Third-Party Service Providers

We may share information with third-party service providers who assist us in:

• Cloud hosting and infrastructure (e.g., AWS, Google Cloud, Azure)
• Email services and communication platforms
• Analytics and performance monitoring (e.g., Google Analytics, Firebase Analytics)
• Payment processing
• Project management and collaboration tools
• Crash reporting and debugging services

Important: We do NOT sell your personal information to third parties for their marketing purposes. We do NOT share your data with data brokers.

5.2 Business Partners

With your consent, we may share information with technology partners and subcontractors who assist in delivering services to you.

5.3 Legal Requirements

We may disclose your information when required by law, legal process, or to protect our rights, property, or safety, or that of our clients or the public.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.5 Aggregate and De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, or marketing purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and audits
• Secure development practices and code reviews
• Employee training on data protection
• Incident response and disaster recovery procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to:

• Fulfill the purposes outlined in this Privacy Policy
• Comply with legal, accounting, or reporting requirements
• Resolve disputes and enforce our agreements
• Maintain business records and project documentation

Typically, we retain client project data for 3-5 years after project completion, unless otherwise required by law or contractual obligations.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request access to your personal information we hold
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Objection: Object to processing of your personal information
• Data Portability: Request transfer of your data to another service provider
• Withdraw Consent: Withdraw consent for marketing communications at any time
• Opt-Out: Opt-out of cookies through browser settings

To exercise these rights, please contact us at support@cbttech.io

9. International Data Transfers

Our services may involve transferring your information to countries outside Vietnam, including the United States, European Union, and other jurisdictions where our service providers operate. We ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by relevant authorities
• Data processing agreements with third-party providers
• Compliance with applicable data protection regulations

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. You can control cookie preferences through your browser settings. Types of cookies we use:

• Essential Cookies: Required for website functionality
• Performance Cookies: Collect anonymous usage statistics
• Functionality Cookies: Remember your preferences
• Marketing Cookies: Track effectiveness of marketing campaigns (with consent)

11. Third-Party Links

Our website may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

13. Client Confidentiality

As a software development outsourcing company, we understand the importance of confidentiality. We commit to:

• Sign Non-Disclosure Agreements (NDAs) with clients
• Maintain strict confidentiality of project information
• Implement access controls and need-to-know policies
• Train employees on confidentiality obligations
• Securely handle and store client source code and intellectual property

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

16. Governing Law

This Privacy Policy is governed by the laws of Vietnam. Any disputes arising from this policy or our data practices shall be subject to the exclusive jurisdiction of the courts in Ho Chi Minh City, Vietnam.