- About Us
- Business overview
- Products & Services
- Activities
- Recruit
Contact
MENUCLOSE
The First Penguin
Company
Company
Contact
MENUCLOSE
Issued date: May 19, 2025
Sorimachi Vietnam Co., Ltd.’s personal data protection policy applies to customers in Vietnam.
Sorimachi Vietnam Co., Ltd. (hereinafter referred to as “Company”) is committed to respecting and protecting customers personal data in accordance with the provisions of Decree 13/2023/NĐ-CP on personal data protection and other relevant legal provisions.
This Policy applies to individuals (hereinafter referred to as “Users” or “Customers”) using the services provided by the Company in Vietnam (hereinafter referred to as the “Services”), including information such as full name, address, telephone number, email address, date of birth, gender and other identifying data (hereinafter referred to as “Personal Data”).
We kindly request that Customers carefully examine the content of this Policy before providing any personal data to our company during the use of the Service.
Unless otherwise specified, the definitions of terms used in this Policy shall be governed by the definitions in Government Decree No. 13/2023/NĐ-CP dated April 17, 2023 regulating personal data protection (hereinafter referred to as “Decree 13/2023/NĐ-CP”).
(1) Our Company will collect personal information and personally relevant information of Customers and their transaction partners through appropriate methods, for the purpose of providing, managing and improving the quality of our Service. In addition, for personally relevant information received from third parties, if such information is capable of being used to identify a specific individual, the Company will treat those informations as Personal Data and apply protection measures in accordance with the provisions of Vietnamese law.
Personal information and personally relevant information related to our company Services:
Information such as name, address, postal code, age, day of birth, contact information, organization affiliation, information of the transaction related to the use of our company Service, information about the use of our company Service, information about bank acounts, transaction status of affiliated banks, IP adress, information specific to terminals used by Customers (e.g specific ID of terminal), server access log, browser information, browser language settings status, cookies infromation and others identifiers, ADID/IDFA (Advertising identifiers (Advertising IDs) on mobile devices are used to display advẻtisements that are relevant to your interests.), other advertising identifiers, connection information to our company Service, browsing history and behavioral history, information regarding enquiries and contacts from Customers to our Company, information regarding users’s business partners and other information that relevant with or incidental to the use of our company Services.
(2) Methods of aquisition
Our Company complies with the applicable laws and regulations regarding personal information of Customers and adopts appropriate security control measures by appointing a person responsible for the management of personal information in each department handling personal information and by implementing strict security measures.
Our Company may acquire customers personal information to the extent necessary in the manner described in Item 2 of the preceding paragraph. We use Customers personal information to fulfil contracts with them, to develop better products and services, and to provide customers with useful information. Specifically, we use Customers personal information for the following purposes.
However, please note that some services cannot be used if the Customer does not provide personal information.
Except for the cases below, our Company will not collect, use or provide to third parties sensitive information, including: Political views, religious views; Health status and private life recorded in medical records; excluding information on blood type; Origin, place of origin, health status, medical condition, sexual life; Data on crimes, criminal acts collected and stored by law enforcement agencies; Customer information of credit institutions, foreign bank branches, payment intermediary service providers, other licensed organizations, including: customer identification information according to the provisions of law, account information, deposit information, deposit asset information, transaction information, information on organizations, individuals who are guarantors at credit institutions, bank branches, payment intermediary service providers; Data on individual location determined through positioning services; Other personal data as prescribed by law is specific and requires necessary security measures (the above types do not include information within the scope of personal information requiring special attention) and except for information that has been made public by the government, government agencies, local authorities, academic research organizations… or information that is clear in form and can be collected through direct observation or personal recording.
(1) When required by law or regulation.
(2) When it is necessary for the protection of the life, body or property of a person.
(3) When it is particularly necessary for the improvement of public health or the promotion of healthy child development.
(4) When it is necessary to cooperate with government agency, local government, or a person commissioned by them in carrying out duties prescribed by law.
(5) When necessary to carry out withholding tax procedures, etc., to acquire, use, or provide to a third party sensitive information about employees, etc., regarding their affiliation or membership in political, religious, or other organizations or labor unions.
(6) When sensitive information is acquired, used, or provided to a third party to the extent necessary to carry out the transfer of rights and obligations due to inheritance procedures.
(7) When it is necessary to ensure the proper operation of the insurance or other financial business, sensitive information is acquired, used, or provided to a third party with the consent of the individual to the extent necessary for the performance of business operations.
(8) When biometric information classified as sensitive information is used for identity verification with the consent of the individual.
(1) Our company will not provide customers personal data to third parties except in the following cases. However, this does not apply in any of the following cases.
In the event that the personal data of Customers is entrusted to a third party, the third party will be contractually obliged to manage the data appropriately and supervise it appropriately.
(2) Our Company may provide personal information to a third party. In such case, assuming that the said third party will combine personal information with customer-identifiable information to collect it as personal data, our Company will provide it to the third party after fully fulfilling its obligations under Decree No. 13/2023/NĐ-CP. In addition, when Customer agrees to this policy and uses the service, it means that the customer also agrees to allow the third party to collect personal information as personal data. In addition, we may send personal data to the said third party via the internet. When sending personal data, we will implement security management measures in a manner that our ompany deems reasonable, but in practice we cannot completely prevent unauthorized access from third parties due to the public nature of the internet. Therefore, we would like Customers to understand that in the process of sending personal data to our Company’s website or sending from our Company’s website to a desired third party, there is a possibility that the data will be accessed without authorization and that personal information will be disclosed or used by a third party not intended by our Company.
Our Company has implemented organisational, personnel, physical and technical safety management measures to prevent the loss or damage of personal data.
For more information about the security control measures taken by our Company, please contact the inquiry desk.
In case Customer do not provide personal information, they can still access most of our Company’s website, but we hope that Customer understand and agree that they may not receive certain services and special options from our Company if they do not provide personal information.
Our Company website uses tools to record and measure customer access for the purpose of building a better website by aggregating the number of accesses and measuring the effectiveness of advertising. This access information (log) includes the Customer’s IP address, computer operating system, browser environment and the address of the page viewed, but this information does not identify or distinguish individual Customers.
Our Company website may use Cookies and Web Beacons. Cookies are small text files that are stored in the browser of the user’s computer, tablet or smartphone when the website user accesses the website, the web server refers to the Cookie to identify customer device so that they can use our website efficiently. Customer can also set their browser to refuse to receive Cookies. Web Beacons are small graphics with a unique identifier that function similarly to Cookies and is a mechanism to determine when content on a page is viewed and other relevant information by embedding a Web Beacon in a certain page.
Information obtained by our company through Cookies and Web Beacons that is personally identifiable or can be combined with other information to identify an individual will be handled in accordance with this Policy.
The websites operated by our Company may be linked to or from third-party websites. But we are not responsible for the protection of Customer personal data on third-party websites linked to our company’s website.
If our Company receive a complaint about the handling of personal information etc., we will investigate the nature of the complaint and endeavour to deal with it appropriately and promptly, within a reasonable period of time. Complaints and other enquiries from customers regarding the handling of personal information etc. are accepted at the contact point published by our Company.
(1) In accordance with the provisions of Decree 13/2023/NĐ-CP, our company may receives requests from customers regarding the personal data that our Company is retaining of the Customer; these requests include notification of the purpose of use, disclosure of personal data or records provided to third parties, correction, addition or deletion of personal data, suspension or cancellation of the use of personal data, cessation of provision to third parties … (hereinafter collectively referred to as “Request for Disclosure”).
In case of receiving a Request for Disclosure from customer, we will verify that this request is actually from the owner.
In case of verifying that the Request for Disclosure is from the owner, the Customer may request the Company to disclose his/her personal data at any time, according to the process prescribed by the Company. If the Company confirms that the Disclosure Request is valid and within the scope of the applicable law, it will process the request in a reasonable manner in accordance with the established internal procedures, ensuring the Customer’s rights to his/her personal data.
Upon receipt of the Disclosure Request, we will charge a fee for processing the Disclosure Request procedure as specified in the next section. We ask for the Customer’s understanding and prior notice of this.
(2) Fees for disclosure
The following fees will be charged for disclosure procedures, etc.
Our company may process personal information collected from Customers to create pseudonymized information. In this case, we will comply with the following provisions
(1) Our Company will process pseudonymized information within the scope of the purposes of use specified in Article 3.
(2) When creating pseudonymized information, the Company will handle personal information in accordance with the standards prescribed by law.
(3) When our Company creates or collects pseudonymized information that is personal information, we will promptly announce the corresponding purpose of use, except in cases where the purpose of use has been announced in advance. In addition, in case the purpose of use changes, our Company will also announce the purpose of use after the change.
(4) When our Company creates pseudonymized information, or when we collects pseudonymized information together with deleted information related to such pseudonymized information, we will take safety management measures for the deleted information in accordance with the standards prescribed by law.
(5) When our Company no longer needs to use the personal data that has been assigned a pseudonym and the information has been deleted, we will promptly delete such data and information.
(6) Except in cases where required by law, our Company will not provide pseudonymized information (excluding information classified as personal information) to third parties.
(7) When handling pseudonymized information as personal information, our Company will not compare it with other information to identify the individual in relation to the original personal information.
(8) When handling pseudonymized information as personal information, our Company will not use the contact information or other information contained in the pseudonymized information to contact the subject of the original personal information.
Our Company may process personal information obtained from customer to create anonymised processed information. In this case, we will comply with the following items.
(1) Our Company handle anonymously processed information within the scope of the purposes of use set out in Section 3.
(2) When creating anonymously processed information, our Company will change personal information according to the standards prescribed by law.
(3) When creating anonymously processed information, our Company take security control measures with regard to the processing method and other information and the anonymously processed information in accordance with the standards stipulated by law.
(4) When our Company have created anonymously processed information, we will make public the items of information contained in such information.
(5) When providing anonymously processed information to a third party, our Company will make public the items of information to be provided and the method of provision, and clearly indicate to the recipient that the information concerned is anonymously processed information.
(6) Our company will not collate anonymously processed information with other information for the purpose of identifying the individual to whom the original personal information relates.
Our Company will share personal data as following items.
(1) Items of personal data to be shared
Each item listed in paragraph 2, item 1
(2) Scope of joint users
The companies belonging to the same group (Sorimachi Tech Group) are listed in the link below.
(3) Purpose of joint use by the parties
(4) Persons responsible for managing joint use
Representative Director and President Sorimachi Hideki
Sorimachi Vietnam Co,. Ltd.
Company address: 9th Floor, Tuoi Tre Tower, 60A Hoang Van Thu Str., Duc Nhuan Ward, Ho Chi Minh City
In the future, our Company may amend this Policy in whole or in part to respond to changes in law or make necessary improvements to the protection of Customers personal information. In case of significant changes, we will notify Customers through announcement on the Company’s website or by other appropriate means.
For enquiries about the disclosure, modification of personal information or need to discuss and resolve complaints, please contact us via E-mail hotro@sorimachigroup.vn.
SORIMACHI VIETNAM CO,. LTD.
Director
Takahashi Akihiko
SORIMACHI VIETNAM CO,. LTD.
Director
Takahashi Akihiko
Issued date: May 19, 2025
Sorimachi Vietnam Co., Ltd.’s personal data protection policy applies to customers in Japan.
Sorimachi Vietnam Co,. Ltd. (hereinafter referred to as “Our company”) believes that it is our company social responsibility to protect and respect personal information such as address, name, age, sex, telephone number and e-mail address of individuals (hereinafter referred to as “Customers”) including users from various services we provided in Japan (hereinafter referred to as “Our services”) and users entrusted by Sorimachi Tech Group for offshore development ((hereinafter referred to as “Users”).
The following Basic Policy of Personal Information Protection (hereinafter referred to as the “Policy”) introduces our company’s basic policy on handling of personal information and other related matters.
Customers are requested to understand our company’s Basic Policy before providing personal information to the company.
The definitions of terms used in this policy that are defined in the “Act on the Protection of Personal Information (Act No. 57 of May 30, 2003)” (hereinafter referred to as the “Personal Information Protection Act”) shall be as defined in the Personal Information Protection Act unless otherwise specified.
(1) For the purposes of use listed in Section 3, we will acquire the personal information and personally relevant information of customers and business partners as specified in Item 1 by the method specified in Item 2. In addition, personally relevant information acquired from third parties will be acquired as personal data.
Personal information and personally relevant information related to our company services:
Information such as name, address, postal code, age, day of birth, contact information, organization affiliation, information of the transaction related to the use of our company service, information about the use of our company service, information about bank accounts, transaction status of affiliated banks, IP address, information specific to terminals used by customers (e.g specific ID of terminal), server access log, browser information, browser language settings status, cookies information and others identifiers, ADID/IDFA (Advertising identifiers (Advertising IDs) on mobile devices are used to display advertisements that are relevant to your interests.), other advertising identifiers, connection information to our company service, browsing history and behavioral history, information regarding enquiries and contacts from customers to our company, information regarding user’s business partners and other information that relevant with or incidental to the use of our company services.
(2) Methods of acquisition
Our company complies with the applicable Japanese laws and regulations regarding personal information of customers and adopts appropriate security control measures by appointing a person responsible for the management of personal information in each department handling personal information and by implementing strict security measures.
Our company may acquire customers’ personal information to the extent necessary in the manner described in Item 2 of the preceding paragraph. We use customers’ personal information to fulfil contracts with them, to develop better products and services, and to provide customers with useful information. Specifically, we use customers’ personal information for the following purposes.
However, please note that some services cannot be used if the customer does not provide personal information.
Our company (personal information requiring special consideration, as well as information relating to labor union membership, family origin, domicile, health care, and sexual life (excluding any of the above that fall under the category of personal information requiring special consideration) (excluding information that has been made public by the individual, a national institution, a local government, an academic research institution, etc., or information that is clearly obtained by visually inspecting or photographing the individual) will not acquire, used or provided any sensitive information to third parties, except in the following cases.
(1) When required by law or regulation.
(2) When it is necessary for the protection of the life, body or property of a person.
(3) When it is particularly necessary for the improvement of public health or the promotion of healthy child development.
(4) When it is necessary to cooperate with government agency, local authorities, or a person commissioned by them in carrying out duties prescribed by law.
(5) When necessary to carry out withholding tax procedures, etc., to acquire, use, or provide to a third party sensitive information about employees, etc., regarding their affiliation or membership in political, religious, or other organizations or labor unions.
(6) When sensitive information is acquired, used, or provided to a third party to the extent necessary to carry out the transfer of rights and obligations due to inheritance procedures.
(7) When it is necessary to ensure the proper operation of the insurance or other financial business, sensitive information is acquired, used, or provided to a third party with the consent of the individual to the extent necessary for the performance of business operations.
(8) When biometric information classified as sensitive information is used for identity verification with the consent of the individual.
(1) Our company will not provide customers personal data to third parties except in the following cases. However, this does not apply in any of the following cases.
In the event that the personal data of customers is entrusted to a third party, the third party will be contractually obliged to manage the data appropriately and supervise it appropriately.
(2) We may provide personal data to third parties. In this case, if the third party is expected to obtain the personally relevant information as personal data by matching it with information that identifies customers, we will provide such information to the third party only after fulfilling our obligations as required under the Personal Data Protection Act. If the customer agrees to this policy and uses our company services, their agreement to this policy also means that they agree to the third party acquiring their Personally Relevant Information as Personal Data.
We may also transmit personal data via the Internet to the third parties mentioned above. Although we take security control measures during the transmission of personal data in a manner that we consider reasonable, due to the open nature of the internet, it is not possible to completely prevent unauthorized access by third parties. Therefore, please be aware that unauthorized access to our website or during the transmission of personal data from our website to intended third parties may result in the disclosure or use of personal data by third parties for whom we have no intention of disclosing personal data. Please be aware of this.
Our company has implemented organizational, personnel, physical and technical safety management measures to prevent the loss or damage of personal data.
For more information about the security control measures taken by our company, please contact the inquiry desk.
Please note that although customers can visit most websites even if they do not provide personal information, if they do not provide it, they may not be able to take advantage of certain options, services, etc.
Our company website uses tools to record and measure customer access for the purpose of building a better website by aggregating the number of accesses and measuring the effectiveness of advertising. This access information (log) includes the customer’s IP address, computer operating system, browser environment and the address of the page viewed, but this information does not identify or distinguish individual customers.
Our website may use Cookies and Web Beacons. Cookies are small text files that are stored in the browser of the user’s computer, tablet or smartphone when the website user accesses the website, the web server refers to the Cookie to identify your device so that customer can use our website efficiently. Customer can also set their browser to refuse to receive cookies. Web Beacons are small graphics with a unique identifier that function similarly to cookies and is a mechanism to determine when content on a page is viewed and other relevant information by embedding a Web Beacon in a certain page.
Information obtained by our company through cookies and Web Beacons that is personally identifiable or can be combined with other information to identify an individual will be handled in accordance with this policy.
The websites operated by our company may be linked to or from third-party websites, but we are not responsible for the protection of customer personal data on third-party websites linked to our company’s website.
If our company receives a complaint about the handling of personal information etc., we will investigate the nature of the complaint and endeavor to deal with it appropriately and promptly, within a reasonable period of time. Complaints and other enquiries from customers regarding the handling of personal information etc. are accepted at the contact point published by our company.
(1) In accordance with the Personal Data Protection Act, our company may receive requests from customers for notification of the purpose of use, disclosure of personal data or third-party provision records, correction, addition or deletion of personal data, suspension of use or erasure of personal data or suspension of provision to third parties (hereinafter referred to as “Disclosure requests”) in relation to customer personal data held by our company.
Upon receiving a Request for Disclosure, etc. from a customer, our company will confirm that the request is made by the customer in question.
If we can confirm that the request for disclosure, etc. is made by the person in question, customer may request the disclosure, etc. of their own personal data at any time in accordance with the procedures established by our company, and we will comply with their request and, if we can confirm that the request is within the scope permitted by the Personal Information Protection Act, we will take appropriate action regarding the personal information we hold about them.
Please note that when we receive a request for disclosure, etc., we will charge a processing fee for the disclosure, etc. request procedure as set forth in following items.
(2) Fees for disclosure, etc.
The following fees will be charged for disclosure procedures, etc.
We may process personal information obtained from customers to create pseudonymized information. In this case, we will comply with the following items.
(1) Our company handles pseudonymized information within the scope of the purposes of use set out in paragraph 3.。
(2) When creating pseudonymized information, our company processes personal data in accordance with the standards set out in the law.
(3) When we create or acquire pseudonymized information that is personal data, we will promptly disclose the purpose of its use, unless we have previously disclosed the purpose of its use. If the purpose of use is changed, we will also announce the changed purpose of use.
(4) When we have created the pseudonymized information or obtained the pseudonymized information and the deletion information relating to such pseudonymized information, we will take security control measures for the deletion information, etc. in accordance with the standards stipulated by law.
(5) If we no longer need to use personal data and deleted information, etc. that is processed pseudonymized information, we will endeavor to delete the personal data and deleted information, etc. that is such processed pseudonymized information without delay.
(6) Our company will not provide pseudonymized information (other than that which constitutes personal data) to third parties, except as required by law.
(7) In handling pseudonymized personal information, we do not match it with other information to identify the person to whom the original personal information pertains.
(8) In handling pseudonymized information that is personal data, our company shall not use the contact details or other information contained in such pseudonymized information to contact the person to whom the original personal data pertains.
We may process personal information obtained from customers to create anonymized processed information. In this case, our company will comply with the following items.
(1) We handle anonymously processed information within the scope of the purposes of use set out in Section 3.
(2) When creating anonymized processed information, we process personal information in accordance with the standards set out in the law.
(3) When we create anonymously processed information, we take security control measures with regard to the processing method and other information and the anonymously processed information in accordance with the standards stipulated by law.
(4) When we have created anonymized processed information, we will make public the items of information contained in such information.
(5) When providing anonymized processed information to a third party, we will make public the items of information to be provided and the method of provision and clearly indicate to the recipient that the information concerned is anonymized processed information.
(6) Our company will not collate anonymized processed information with other information for the purpose of identifying the individual to whom the original personal information relates.
In accordance with the Personal Data Protection Act, our company will share personal data as following items.
(1) Items of personal data to be shared
Each item listed in paragraph 2, item 1
(2) Scope of joint users
Our group companies listed in the following URL (Sorimachi Group to which we belong):
(3) Purposes of use by joint users
(4) Persons responsible for managing joint use.
Representative Director and President Sorimachi Hideki
Sorimachi Vietnam Co,. Ltd.
Company address: 9th Floor, Tuoi Tre Tower, 60A Hoang Van Thu Str., Duc Nhuan Ward, Ho Chi Minh City
In the future, our company may revise all or part of this policy with regard to the appropriate protection and use of customer personal information, in order to respond appropriately to amendments to laws and regulations and to make necessary improvements to the protection of customer information. Any significant changes will be notified to customers by publication on our company’s website or other appropriate means.
For enquiries about the disclosure, correction, etc. of personal data, as well as complaints and consultations, please contact hotro@sorimachigroup.vn.
SORIMACHI VIETNAM CO,. LTD.
Director
Takahashi Akihiko
SORIMACHI VIETNAM CO,. LTD.
Director
Takahashi Akihiko