Privacy Policy

Article 1

Introduction

ONEADX Co., Ltd. is committed to protecting the privacy and personal data of Hidemyacc users. This Privacy Policy describes how we collect, use, store, and protect Customer information, in compliance with Decree 13/2023/ND-CP on personal data protection in Vietnam.

By using Hidemyacc, you agree to this Privacy Policy. If you do not agree, please stop using the service.
Article 2

Data We Collect

2.1 — Data You Provide Directly

  • Account information: email, password (stored as hash), phone number or social media ID;
  • Payment information: we do not store card numbers directly — transactions are processed through third-party payment gateways;
  • Support communications: questions, images, error reports you send us.

2.2 — Data Collected Automatically

  • IP address, device type, operating system, software version;
  • Usage logs: login times, in-app activity, errors encountered;
  • Encrypted data: cookie identifiers and active tab URLs (used only for sync features);
  • Anonymous analytics data for product improvement.

2.3 — Data We Do NOT Collect

  • Original passwords (stored only as one-way hashes, cannot be reversed);
  • Content of websites you visit through your profiles;
  • Financial information such as bank card numbers or bank account details.
Article 3

Purpose of Processing & Legal Basis

We process your data on the following legal bases:

PurposeLegal Basis
Account authentication, service delivery, payment processingContract performance
Sending technical notifications, software updatesContract performance
Fraud detection, system securityLegitimate interests of the Company
Anonymous usage analytics for product improvementLegitimate interests of the Company
Sending marketing information, user surveysConsent (withdrawable at any time)
Providing data to government authoritiesLegal obligation
Article 4

Data Retention

We retain data only for as long as necessary for each purpose:

Data TypeRetention Period
Account dataDuration of active account + 30 days after termination
System logsMaximum 12 months
Payment data / invoices5 years (per accounting and tax requirements)
Customer support history24 months from resolution
After the retention period, data will be permanently deleted or fully anonymized.
Article 5

Sharing Data with Third Parties

The Company does NOT sell Customer personal data. We only share data in the following cases and to the minimum extent necessary.

5.1 — General Sharing Cases

  • Technical service providers: cloud services (servers in Singapore), payment gateways, email services — solely to operate the service;
  • Legal requirements: upon court order or request from competent government authority;
  • Protecting Company interests: when necessary to prevent fraud or protect system security;
  • Business transfers: in the event of merger or acquisition — Customers will be notified in advance.

5.2 — Requests from Government Authorities

In accordance with the Law on Cybersecurity 2018 and applicable Vietnamese law, ONEADX Co., Ltd. is legally obligated to provide account information, usage data, and activity logs of Customers to competent government authorities — including the Police, Procuracy, Courts, and other investigative agencies — upon receipt of a lawful written request or order.

In such cases, the Company is not required to notify the affected Customer prior to disclosure, unless expressly permitted to do so by the requesting authority.

Customers who use Hidemyacc for activities that violate applicable law shall not be entitled to any data confidentiality protection from the Company in the event of an investigation by competent authorities.

>
⚠ IMPORTANT COMMITMENT

We never share your personal information with third parties for advertising or commercial purposes without your explicit consent.

Article 6

Data Security

6.1 — Technical Measures

  • Data in transit encrypted with TLS/SSL;
  • Passwords stored as one-way hash (bcrypt), not reversible;
  • Servers in Singapore meeting enterprise-grade security standards;
  • Regular data backups on separate server systems.

6.2 — Organizational Measures

  • Only employees with specific duties may access personal data;
  • Staff receive regular information security training;
  • Regular security audits of systems.

6.3 — Data Breach Response

In the event of a serious data security breach, the Company commits to:

  • Notifying affected Customers within 72 hours of discovery;
  • Describing the nature of the breach, data potentially affected, and remedial measures;
  • Notifying competent government regulatory authorities as required by law.
Article 7

Your Rights Over Your Data

Under applicable law, you have the following rights over your personal data:

RightDescription
Right of AccessRequest a copy of the data we hold about you
Right to RectificationRequest correction of inaccurate or incomplete data
Right to ErasureRequest deletion of data (except data required by legal obligation)
Right to Restrict ProcessingRequest temporary suspension of processing in certain cases
Right to ObjectObject to processing of your data for marketing purposes
Right to Withdraw ConsentWithdraw consent for processing based on your consent
To exercise these rights, please send a request to [email protected]. We will respond within 15 business days.
Article 8

Cookies & Tracking

Hidemyacc uses cookies and similar tracking technologies to:

  • Maintain login sessions and authentication;
  • Remember user preferences;
  • Collect anonymous analytics data to improve the product.

You may control cookies through your browser settings. However, disabling cookies may affect your experience using the software.

Article 9

International Data Transfers

Your data is stored and processed on servers located in Singapore. By using Hidemyacc, you consent to this cross-border data transfer. We ensure a level of data protection equivalent to or higher than the standards required in Vietnam.

Article 10

Contact Information

For any requests related to personal data, please contact: