Privacy Policy

This Policy applies to:

• Candidates, job seekers, users who post profiles.
• Employers/businesses posting jobs or using candidate introduction services.
• Learners/customers of Training & Development services.
• Website visitors and users of career consulting services.

Depending on the service you use and your consent, we may collect:

We process data to:

• Deliver core services: Executive Search (headhunt), candidate recommendation/nomination, job posting, job-seeker profile posting, career consulting, Training & Development, and account operation.
• Recruitment matching: Share candidate profiles/job interests with suitable employers; share employer/company needs with potential candidates.
• Company profile display: Show your company information on job postings and company pages for candidates to view.
• Recommendations & experience optimization: Analyze profiles and behavior to suggest jobs/candidates/courses/content; improve products.
• Transactions & support: Process payments; customer care; handle complaints/disputes.
• Verification & compliance: Verify authenticity (with consent), comply with legal/government requests; prevent fraud.
• Selective marketing: Send information about jobs, courses, events, newsletters, promotions… unless you opt out.

We only process beyond the above purposes with an appropriate legal basis or your additional consent.

We use cookies, pixels and similar technologies to:

• Remember sessions, display preferences, and items/jobs you "bookmark."
• Analyze traffic and measure content/recruitment effectiveness.
• Personalize recommendations for content/jobs/candidates.

How to manage Cookies:

• Disable cookies in your browser settings
• Use the cookie management tool on our website (if available)
• Reject non-essential cookies when first visiting our website through the cookie banner

Note: Disabling some cookies may affect your browsing experience and some features may not function fully.

• Your consent (e.g., allowing your CV to be discoverable by employers, receiving marketing).
• Performance of a contract/service between you and us.
• Legal obligations (e.g., invoice retention, lawful government requests).
• Legitimate interests (security, fraud prevention, service improvement) — balanced against your rights.

We do not sell personal data. We may share data in these cases:

• Employers/recruitment partners: When you apply, enable discoverability, or consent to nomination/recommendation.
• Processors acting on our behalf: Hosting, analytics, marketing, customer support, payment gateways… (access limited by purpose, bound by confidentiality).
• Government authorities: Upon lawful request.
• Corporate transactions: Mergers, acquisitions, reorganization (data remains protected at least equivalently).
• Training/event partners: When you register for our events/courses or co-hosted programs.

In some cases (e.g., cloud infrastructure, analytics/ATS tools), data may be transferred to and stored outside Vietnam. Data transfers are conducted in compliance with Articles 25 and 26 of Personal Data Protection Law No. 91/2025/QH15.

Under Articles 24 to 28 of Personal Data Protection Law No. 91/2025/QH15, as the data controller, we have the following obligations:

We retain personal data for as long as necessary for stated purposes or as required by law. Specific retention periods by data type:

When the retention period expires or when there is no longer a purpose/legal basis for the data, it will be permanently deleted or anonymized according to our internal procedures.

Under Article 9 of Personal Data Protection Law No. 91/2025/QH15, you have the following rights (subject to applicable conditions):

• Be informed about personal data processing activities.
• Access and obtain a copy of your personal data.
• Rectify/update/supplement inaccurate or incomplete data.
• Withdraw consent (without affecting prior lawful processing).
• Request deletion, restriction, or object to processing in certain cases under law.
• Complain or file a claim with competent authorities.
• Right to data portability: Receive your data in a structured, commonly used format.
• Right to object to personal data processing in certain circumstances.
• Right to request compensation when there is a data protection violation causing damage.

We implement appropriate technical and organizational measures (encryption, access control, monitoring, backup, periodic risk reviews…). However, no method is absolutely secure on the Internet; please:

• Keep your login credentials confidential; sign out after use; be cautious on shared/public devices.
• Notify us immediately if you suspect unauthorized account access.

Incident response: If a breach occurs, we will notify affected individuals and competent authorities as required, take remedial actions, and provide guidance to mitigate risks.

Our website/services are not directed to users under 16. If we inadvertently collect data of a user under 16 without valid parental/guardian consent, we will delete it as soon as notified.

Some fields are mandatory to deliver services (clearly indicated during registration/application/purchase). If you refuse to provide or withdraw consent for core purposes, we may be unable to continue the corresponding services.

As required by law, we conduct Data Protection Impact Assessments (DPIA) before carrying out data processing activities that may pose high risks to the rights and legitimate interests of data subjects.

Our site may contain links to third-party sites/services (e.g., payment tools, social networks, ATS). Their privacy policies govern the data you provide there. When using third-party login (if available), you allow us to receive information within the scope you consented to with that provider.

We may update this Policy to reflect legal or operational changes. Updates will be published on the website with an effective date. Your continued use after the effective date constitutes acceptance.