en en
Careers Contact us Sign in About us

PACE PERSONAL DATA PROTECTION POLICY

PACE Institute of Management (hereinafter referred to as "PACE", "we", "us") highly values the privacy and protection of Personal Data of our Customers, Partners, and Related Parties (hereinafter referred to as "You").

This Personal Data Protection Policy (hereinafter the “Policy”) explains transparently how we collect, use, disclose, store and safeguard your personal data when you access, purchase, or register for PACE products or services, in compliance with applicable laws and PACE’s security standards.

This Policy constitutes the "Notification of Personal Data Processing and Protection". PACE may amend, update, or adjust the contents at any time as necessary. Supplements and adjustments will be posted on our official website.

The "Notification of Personal Data Processing and Protection" is part of the General Terms and Conditions for the relationship between PACE and You. This notification should be read and interpreted in conjunction with the General Terms and Conditions, applying to us as the Personal Data Controller and/or Processor of Your Personal Data, and explains what information we collect about You, how it is used, who it is shared with, and how it is stored to ensure that such information remains private and secure.

I. PRINCIPLES OF PERSONAL DATA PROTECTION

We commit to the following principles: 

  • Transparency: Personal data processing will be clear and understandable.
  • Lawful and Fair Use: We only process Personal Data lawfully (always ensuring the prior consent of the Data Subject) and when there is a legitimate reason to do so.
  • Purpose Limitation: We only process Personal Data for specific purposes and will not use it for any other incompatible purpose, unless we have complied with the procedures permitted by data protection laws to do so lawfully.
  • Data Adequacy and Minimization: We ensure that we only process Personal Data appropriately. We will maintain a reasonable balance to ensure that (i) We process just enough Personal Data to fulfill specific purposes, and (ii) do not process Personal Data beyond what is necessary.
  • Data Accuracy: We maintain appropriate standards regarding the accuracy, integrity, and necessary rectification, updates, and supplementation of data. We implement policies related to data accuracy, including necessary procedures to prevent Personal Data from not being updated.
  • Privacy by Design: We implement processes to ensure that new products and services or changes to existing products and services are designed in compliance with data privacy laws. We ensure that every individual involved in processing Personal Data is aware of their obligations regarding Personal Data and their responsibility to comply with these principles.
  • Documentation: We appropriately store documents to demonstrate compliance with data privacy laws.
  • Rights of Data Subjects: We respect the rights of data subjects regarding their Personal Data in accordance with data protection laws.
  • Storage and Data Security: We maintain reasonable security standards for the Personal Data we process. We delete or destroy Personal Data when it is no longer needed for a legitimate purpose. We ensure that only authorized personnel with access rights to the Personal Data we are processing are allowed to perform such deletion or destruction.
  • Data Transfer: In the event of a voluntary transfer of Personal Data to a legal entity within the PACE system, a third party, or another law enforcement agency, we ensure that such transfer complies with data privacy laws. When necessary, we will review the privacy and information security policies of the data recipient to ensure they are applying standards equivalent to the above principles.
  • Safety Assurance: We proactively prevent, detect, stop, combat, and strictly handle any violations of Personal Data protection laws in a timely manner.
  • Third Parties: When appointing a supplier or business partner, we will review their privacy and information security policies to ensure they are applying standards equivalent to the aforementioned principles.

II. PERSONAL DATA WE COLLECT

"Personal Data" refers to digital data or information in other forms that identifies or helps identify a specific individual, including: Basic Personal Data and Sensitive Personal Data. Personal Data, after de-identification, is no longer Personal Data. The Personal Data we collect about You is information necessary for You to use our products and services ("Products", "Services") and for other purposes stated in this Notification of Personal Data Processing and Protection, including:

1. “Basic Personal Data”:

We may collect Basic Personal Data about You as prescribed by law, including:

  1. Surname, middle name, and birth name, other names (if any);
  2. Date of birth; date of death or missing status;
  3. Gender;
  4. Place of birth, place of birth registration, permanent residence, temporary residence, current residence, hometown, contact address;
  5. Nationality;
  6. Personal image;
  7. Phone number, personal identification number (ID), passport number, driver's license number, license plate number;
  8. Marital status;
  9. Information on family relationships (parents, children, spouse);
  10. Information on the individual's digital account;
  11. Other information associated with a specific person or helping to identify a specific person that does not fall under "Sensitive Personal Data".

2. “Sensitive Personal Data”:

In some cases, the Personal Data we collect may be Sensitive Personal Data, and we only collect Sensitive Personal Data with Your consent and/or in strict compliance with applicable laws. Sensitive Personal Data includes:

  1. Data revealing racial or ethnic origin;
  2. Political opinions, religious or philosophical beliefs;
  3. Information about private life, personal secrets, family secrets;
  4. Health status;
  5. Biometric data, genetic data;
  6. Data revealing sex life or sexual orientation of the individual;
  7. Data on crimes and legal violations collected and stored by law enforcement agencies;
  8. Location of the individual identified via location services;
  9. Information on usernames and passwords for accessing personal electronic identity accounts; Images of ID cards, citizen identification cards, identity cards;
  10. Usernames and passwords for bank accounts; Bank card information, data on transaction history of bank accounts; Financial information, credit information, and information on activities, financial transaction history, securities, insurance of customers at credit institutions, foreign bank branches, payment intermediary service providers, securities, insurance, and other authorized organizations;
  11. Data tracking behavior, usage activities of telecommunications services, social networks, online media services, and other services in cyberspace;
  12. Other Personal Data prescribed by law requiring confidentiality or strict security measures.

III. HOW WE COLLECT PERSONAL DATA

We collect Your Personal Data in specific cases, including but not limited to:

  • Provided by You or by Your Employer/Business Representative with Your prior consent;
  • When You access or interact with PACE’s websites, social networks, and/or social networks we cooperate with partners on;
  • When You use PACE’s Products and Services;
  • Indirectly from You through public, official, and lawful sources;
  • Through receiving necessary shared data from member companies or partners collected during their cooperation with PACE to provide Products/Services to You, with Your permission to share;
  • Through interactions between Us and You (face-to-face, mail, phone, online, call center systems, electronic communication, or any other means), including Customer surveys;
  • From audio and video recording devices placed at PACE offices or locations where part or all of PACE's operations are conducted, where You meet, appear, or interact with us. The placement of recording devices aims to contribute to protecting social order and safety, and protecting the legitimate rights and interests of You and PACE in accordance with the law;
  • When You participate in events, training programs, seminars, competitions, interviews, etc., organized by us (offline or online). This information is only collected when You voluntarily provide it to us before participating.

Note regarding Third-Party Data: If You provide us with Personal Data of another person, You must have that person's permission as required by applicable law, and must explain and ensure that person understands how we will process their Personal Data.

Device Fingerprinting: Besides information provided by You, during Your interaction with our digital platforms (including the PACE website www.PACE.edu.vn or websites belonging to the PACE system, MY PACE Learning Home, and online survey forms), we use "Device Fingerprinting" technology to automatically collect certain technical data.

  • Purposes:
    • Security and Anti-Fraud: Helps the system identify abnormal access, prevent unauthorized logins or other abusive behaviors, ensuring the safety of Your account when attending studies/contacting PACE.
    • Data Integrity: When You conduct online surveys (especially public surveys not requiring prior login), this technology helps us accurately link Your survey responses to the corresponding profile, ensuring data is recorded fully and correctly.

We may use this information to notify You of and introduce products, services, and other marketing materials that we believe are suitable for Your interests. Similarly, the use of "Device Fingerprinting" technology is strictly employed for security and data management purposes. You may choose to receive these materials via email and may always opt out of receiving them. At any time You wish for us to stop sending emails, please contact us; Your request will be responded to within two (02) working days and processed within a maximum of fifteen (15) days from the date PACE receives the request. We will fulfill Your request and ensure that You are not included in future marketing promotional mailing lists.

Upon receiving a REQUEST to (i) withdraw consent for Personal Data processing, (ii) restrict Personal Data processing, or (iii) object to Personal Data processing in accordance with the Data Subject's proper procedures, we will respond within two (02) working days, providing You with full information regarding the procedure to stop processing Personal Data, and execute the request within fifteen (15) days, except where Personal Data processing does not require Your consent as prescribed in Article 19 of the Law on Personal Data Protection. In cases where it is necessary to request the Personal Data Processor or a third party to stop processing Your Personal Data, this shall be executed within twenty (20) days.

Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding fifteen (15) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.

Upon receiving a REQUEST to (i) view, (ii) rectify, or (iii) request rectification of Personal Data, or (iv) provide Personal Data in accordance with Your proper procedures, we will respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within ten (10) days. In cases where it is necessary to request the Personal Data Processor or a third party to rectify Your Personal Data, we will execute this within fifteen (15) days.

Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding ten (10) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.

Upon receiving a REQUEST to (i) delete Personal Data in accordance with Your proper procedures, we will respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within twenty (20) days. In cases where it is necessary to request the Personal Data Processor or a third party to provide, delete, or restrict the processing of Your data, we will execute this within thirty (30) days.

Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding twenty (20) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.

Upon receiving a REQUEST to (i) implement measures and solutions to protect Your Personal Data in accordance with Your proper procedures, we shall respond within two (02) working days, providing You with full information regarding the procedure, and execute the request within fifteen (15) days.

Depending on the nature and complexity of the request, if an extension of the processing time is required, it may be extended by a maximum of one (01) time for a period not exceeding fifteen (15) days; we will notify You of the reason for the extension and bear the responsibility of proving that the extension is necessary and reasonable.

IV. HOW WE PROCESS DATA

We may process Your Personal Data for the following purposes ("Purposes"), including but not limited to:

  • Verifying the accuracy and completeness of information provided by You; Identifying or authenticating Your identity and performing customer verification procedures;
  • Processing Your registration for any Products or Services proposed or provided by us (including but not limited to third-party products);
  • Evaluating Your suitability for the use of our Products and Services;
  • Providing Products and Services of PACE or organizations within the PACE system;
  • Contacting You to exchange information, deliver invoices, reports, or other relevant documents;
  • Managing and evaluating business activities including designing, improving, and enhancing the quality of Products and Services or performing marketing communication activities;
  • Preparing operational reports or other related reports required by law;
  • Conducting market research, surveys, and data analysis related to any Products or Services provided by us (whether by PACE or in cooperation with another party) that may relate to You;
  • Using Your Personal Data in the form of symbols, writing, numbers, images, sounds, or similar forms in the electronic environment... for the purpose of introducing and promoting training and communication activities at the office, on the website, or other social media channels managed by us;
  • Protecting our legitimate interests and complying with relevant legal regulations; Performing other obligations in compliance with laws applicable to PACE or organizations within the PACE System;
  • Preventing or minimizing threats to the life, health of others, and public interest;
  • Other reasonable purposes related to the purposes stated above.

If we process Your Personal Data for purposes other than the Purposes herein, we will notify You of how we process such Personal Data and obtain Your additional consent before processing Your Personal Data for such purposes in accordance with applicable laws and regulations.  

To fulfill the aforementioned Purposes, we process Your Personal Data by performing one or more activities such as collecting, recording, analyzing, confirming, storing, rectifying, disclosing, combining, accessing, retrieving, recovering, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, destroying Personal Data or other relevant actions.

V. HOW WE SHARE PERSONAL DATA

To fulfill the "Purposes" stated in Section IV, we may share Your Personal Data with the following organizations and individuals:

  • Organizations within the PACE system (www.PACE.edu.vn);
  • Business partners, service providers, advertisers, charitable organizations, or non-profit organizations of the PACE system (including their employees, management, and staff);
  • Domestic and foreign law enforcement agencies and competent authorities;
  • Any organization or individual that is Your representative or authorized party dealing with us;
  • Payment service providers based on Your authorization or approval;
  • Third parties to whom You agree or we have a legal basis to share Your Personal Data.

Data sharing will be conducted in accordance with the order, method, and applicable legal regulations. Parties receiving Personal Data are obligated to keep Your Personal Data confidential in accordance with this Policy, PACE’s Personal Data Protection regulations, processes, standards, and applicable laws.

VI. CROSS-BORDER TRANSFER OF PERSONAL DATA

To fulfill the Purposes stated in Section IV, we may share Your Personal Data with our relevant third parties, and these third parties may be in Vietnam or anywhere else according to the law.

When transferring Personal Data, PACE will require the recipient to ensure that Your Personal Data transferred to them remains confidential and secure. We comply with legal obligations and regulations related to the transfer of Your Personal Data.

VII. START AND END TIME OF PERSONAL DATA PROCESSING

Personal Data is processed from the time we or the Transferee receive the Personal Data provided by You and we have an appropriate legal basis to process the data according to the law;

To the extent permitted by law, Personal Data will be processed until the data processing purposes have been fulfilled;

Your Personal Data stored by PACE or the Transferee will be kept confidential. We (and we will require the Transferee) will implement reasonable measures to protect Your Personal Data. To the extent permitted by law, we or the Transferee may store Your Personal Data in Vietnam or abroad, including on cloud computing storage solutions. We (and we will require the Transferee) apply global data security standards of the PACE system, consistent with applicable laws;

We (and we will require the Transferee) store Your Personal Data for the period necessary to fulfill the stated Purposes, unless a longer retention period is required or permitted by applicable laws;

We (and we will require the Transferee) will delete or destroy Your Personal Data after completing the transfer purpose.

VIII. RIGHTS AND OBLIGATIONS OF DATA SUBJECTS

1. Unless the law provides otherwise, You may exercise Your rights by contacting us according to the information provided below, including:

  1. Right to Know: You have the right to know about the processing of Your Personal Data.
  2. Right to Consent/Withdraw Consent: You have the right to consent, disagree, or withdraw consent to the processing of Your Personal Data.
  3. Right to Access/Rectify: You have the right to request to view, correct, or request correction of Your Personal Data.
  4. Right to Delete/Restrict: You have the right to request the provision, deletion, or restriction of the processing of Personal Data; You have the right to object to the processing of Your Personal Data.
  5. Right to Complain/Litigate: You have the right to file complaints, denunciations, lawsuits, and claim damages in accordance with the law.
  6. Right to Self-Protection: You have the right to request competent authorities or relevant organizations/individuals to implement measures to protect Your Personal Data.

Note: Exercising these requests may result in limitations, suspension, cancellation, or prohibition of the Products and Services we provide to You, depending on the case. Therefore, such requests may also be considered a termination by You of any contractual relationship with us, and we reserve our legal rights and remedies in such cases.

2. Your Obligations

  • Self-protect Your Personal Data and request relevant others to protect Your Personal Data.
  • Respect and protect the Personal Data of others.
  • Provide Your Personal Data fully and accurately according to the law, contract, or when consenting to processing.
  • Comply with legal regulations and obligations of a data subject under contracts. The exercise of rights and obligations must aim to protect the legitimate rights and interests of the data subject themselves.
  • Do not hinder or obstruct the performance of legal rights and obligations of the Personal Data Controller or Processor.
  • Participate in disseminating Personal Data protection skills.
  • Comply with laws on Personal Data protection and participate in preventing violations.
  • Other obligations as prescribed by applicable laws and regulations.

IX. POTENTIAL UNWANTED CONSEQUENCES AND DAMAGES

We use various information security technologies such as international standard SSL, firewalls, encryption... to protect and prevent Your Personal Data from unintended access, use, or sharing. However, no data can be completely secured.

Therefore, we cannot commit to absolute security of Your Personal Data in cases such as: (i) Hardware/software errors during data processing causing data loss, (ii) Security vulnerabilities beyond our control, or system attacks by hackers.

You should be aware that anytime You disclose and make Your Personal Data public, such data may be collected and used by others for purposes beyond Your and our control.

Recommendations for You:

  • Use high-security passwords for accounts/personal devices.
  • Regularly check and secure used devices (phones, tablets, PCs).
  • Do not access using public internet networks.
  • Log out of accounts when not in use.
  • Cyberspace is not a safe environment, and we cannot absolutely guarantee that Your Personal Data shared via cyberspace will always be secure.
  • You are responsible for keeping Your access credentials for each website, application, or device safe and confidential.

In the event of a server attack, PACE is responsible for notifying the authorities for timely investigation and notifying You in accordance with the law.

X. SECURITY

1. Our Commitment

  • Security is our top priority. PACE always strives to ensure Your Personal Data is protected against unauthorized or accidental access, processing, or deletion. 
  • We maintain this commitment by applying physical, electronic, and managerial measures. We will take all reasonable steps to ensure Your Personal Data is not retained longer than necessary and comply with legal requirements regarding storage. 
  • If Your Personal Data is transferred (with Your consent), we commit to requiring the Transferee to fully comply with obligations under this clause.

2. Your Commitment

  • By entering into this Agreement, You agree to:

(i) Allow the processing of Your Personal Data, unless the law provides otherwise.

(ii) Voluntarily and clearly understand the following information:

  • Types of Personal Data processed (Section II).
  • Purposes of processing (Section IV).
  • The Data Controller or Controller and Processor is Us and the Partner we will transfer to (if any).
  • Consent is valid until You change it or as prescribed by law.
  • You commit not to exploit or attempt to exploit governance vulnerabilities to access or disclose our Personal Data intentionally or unintentionally, for any purpose. If violated, You will be responsible before us and the law, and compensate for damages according to the Civil Code, Labor Code, Criminal Code, and related Laws. 
  • You must protect Your Personal Data by keeping this information confidential. If You suspect or detect unauthorized use of our Personal Data or disclosure to a third party, You are responsible for notifying us immediately to minimize loss and resolve the violation according to our regulations and the Law.

Contact Information:

PACE Institute of Management 

Highlight news

Understanding and Effective Application of Mindset, Skillset, and Toolset

Understanding and Effective Application of Mindset, Skillset, and Toolset

Individuals, leaders, or any business will be "as stable as a tripod" if they have the three elements of “Mindset, skillset, and toolset.” With the seamless combination of all three elements, we can not only maintain stability but also progress and develop strongly in everything from work to life.
3 STRATEGIES TO BUILD A RESILIENT WORKFORCE IN AN UNUSUAL ECONOMY

3 STRATEGIES TO BUILD A RESILIENT WORKFORCE IN AN UNUSUAL ECONOMY
Why Marketing Leaders Need to Harness the Power of AI Now?

Why Marketing Leaders Need to Harness the Power of AI Now?

Latest news

Page / 76

PACE Institute of Management

PACE Building
PACE Building
Hanoi Office
Coalimex Building (Floor 2)
33 Trang Thi Street, Cua Nam Ward
(former Hoan Kiem District)
(024) 3646.2828 (Hanoi)

8 PACE's AFFILIATED SCHOOLS

8 PACE's MEMBER COMPANIES

5 PACE’S NPOs

8 PACE's AFFILIATED SCHOOLS

8 PACE's MEMBER COMPANIES

5 PACE’S NPOs

8 GLOBAL PARTNERS