1. Purpose and Scope of Application

ThingIQ (“We”) understand that customer privacy and data security are top priorities in the digital era. This Privacy Policy is designed to clearly, transparently, and comprehensively explain how we collect, use, share, protect, and store personal information as well as data from IoT systems, sensors, and other connected platforms.

This policy applies to all individuals and organizations accessing the thingiq.ai website, registering an account, using services, engaging in partnerships, or interacting with our system in any form. By continuing to use our services, you are deemed to have read, understood, and agreed to all contents of this policy.

2. Information We Collect

To operate the system and provide IoT/AI services effectively, ThingIQ may collect various types of information. The collection process is always conducted based on the principles of necessity, legality, and transparency.

2.1. Personal Information Provided by Users

When you contact us, register, or use our services, we may request the following information:

– Full name, email address, phone number, and contact address.

– Business or organizational information (if you use the service at the enterprise level).

– Account login information, including username and password (passwords are encrypted and cannot be accessed in their original form).

2.2. Technical Data and Online Activity

When you visit our website or use the platform, the system automatically records:

– IP address, browser type, operating system, and device you are using.

– Access time, approximate geographic location, and browsing behavior on the site.

– Cookies and similar identifiers are used to remember sessions and personalize your experience.

2.3. IoT and Sensor Data

Due to the nature of IoT operations, ThingIQ may collect:

– Operational data from sensors, devices, or integrated systems.

– Device location information, operating status, environmental measurements, vehicle tracking data, security systems, and other relevant data.

– System logs and communication data between devices and the analytics platform.

2.4. Information from Third Parties

We may receive data from partners or linked platforms (e.g., Microsoft, IoT service providers, or third-party APIs) if you integrate or agree to connect.

3. Purpose of Data Use

All data collected aims to enhance service quality and ensure system security. Specifically:

– Service provision: Data helps us activate, maintain, and optimize IoT solutions for businesses and individuals.

– Authentication and security: Ensuring that service users or visitors are legally authorized.

– Product improvement: Analyzing usage behavior and system logs to optimize performance and develop new features.

– Customer support: Resolving issues, responding to inquiries, and providing user guidance.

– Notifications: Including service updates, newsletters, or marketing materials (if you agree to receive them).

– Legal compliance: Storing and processing data as required by law or competent authorities.

4. Legal Basis for Data Processing

We only process data when there is a clear legal basis, including:

– Your consent: For example, when you accept cookies or subscribe to newsletters.

– Contract performance: When data is required to provide the service you registered for.

– ThingIQ’s legitimate interests: Such as improving security, developing features, or system analysis.

– Legal obligations: When we must comply with requests from authorities.

5. Data Sharing and Disclosure

ThingIQ is committed to not selling users’ personal information to any third party. However, in certain cases, we may share data:

– With trusted service providers (e.g., cloud services, payment gateways, data analytics systems) to ensure smooth service operation.

– With business partners in cases where system integration or joint IoT solutions are required.

– With law enforcement agencies if there is a legitimate request, subpoena, or mandatory legal regulation.

– In case of mergers, acquisitions, or corporate restructuring, data may be transferred to the successor entity.

All data recipients are bound by confidentiality agreements and may only process data for purposes authorized by ThingIQ.

6. Data Storage and Security

ThingIQ applies international security standards to ensure data safety, including:

– Data encryption: Using AES-256, TLS/SSL to protect data during transmission and storage.

– Access control: Only authorized employees can access data, following the principle of “least privilege.”

– System monitoring: Using firewalls, intrusion detection/prevention systems (IDS/IPS), and DDoS protection.

– Backup and recovery: Data is regularly backed up to minimize loss risk.

Data is stored only for as long as necessary to fulfill the stated purposes. Once no longer needed or upon your request, the data will be securely deleted unless the law requires longer retention.

7. Cookies and Similar Technologies

Cookies help ThingIQ personalize your experience. We use cookies to:

– Remember login status, language, and display preferences.

– Analyze browsing behavior to improve the website’s interface and content.

– Measure the effectiveness of marketing campaigns.

You can refuse or delete cookies through your browser settings. However, disabling cookies may cause some features to not function properly.

8. User Rights

ThingIQ respects user rights in accordance with international standards (GDPR, CCPA), including:

– Right of access: You may request to view your personal data stored by us.

– Right to correction: Request correction of inaccurate or incomplete information.

– Right to erasure: Request deletion of personal information when no longer necessary.

– Right to restrict processing: In case you want to limit the scope of data processing.

– Right to object: Refuse data processing for direct marketing purposes.

– Right to data portability: Request provision of data in a format transferable to another system.

9. IoT and Enterprise Data Security

For sensitive data from IoT devices and systems, we implement:

– Multi-factor authentication (MFA) and OAuth 2.0 standards for API access.

– End-to-end encryption for sensor data during transmission.

– Detailed access control for each user group within an enterprise.

– Continuous security monitoring and full activity logging to detect anomalies.

10. International Data Transfers

In some cases, data may be stored or processed on servers located outside Vietnam. ThingIQ ensures that all international transfers comply with current data protection regulations (e.g., EU GDPR or California CCPA).

11. Policy Changes

We may modify this Privacy Policy to reflect legal or business changes. All updates will be published publicly on our website with an effective date. Continued use of the service after the change means you accept the new policy.

12. Contact

If you have questions or complaints about personal data processing, please contact us at:

Email: [email protected]

Phone: 077 413 5678

Address: 7A Thoại Ngọc Hầu, Tân Phú Ward, Ho Chi Minh City