Information Privacy Policy

Last Updated: January 1, 2025

At Thurnix, we are committed to protecting the privacy and personal information of our clients. This privacy policy explains how we collect, use, store, and protect your information when you use our SEO and web design services.

1. Information We Collect

1.1 Personal Information

We may collect the following information:

• Contact Information: Full name, email, phone number, address
• Business Information: Company name, job title, industry
• Website Information: Domain, URL, technical website information
• Payment Information: Billing information, payment method (we do not store credit card information)

1.2 Technical Information

• Cookies and Tracking Data: IP address, browser type, operating system
• Google Analytics: Data on user behavior on the website
• SEO Data: Keywords, rankings, traffic data from SEO tools

1.3 Automatically Collected Information

• Web server log files
• Device and browser information
• Access times and pages viewed

2. Purpose of Using Information

We use your information for the following purposes:

2.1 Providing Services

• To perform the agreed-upon SEO and web design services
• To analyze and optimize client websites
• To provide technical support and consultation

2.2 Communication and Support

• To send notifications about project progress
• To provide monthly SEO reports
• To respond to support requests

2.3 Improving Services

• To analyze service effectiveness to improve quality
• To research the market and SEO trends
• To develop new products and services

2.4 Marketing and Communication

• To send newsletters about SEO and digital marketing (with consent)
• To share case studies (with client permission)
• To run targeted marketing campaigns

3. How We Share Information

3.1 General Principles

Thurnix does not sell, rent, or trade clients’ personal information with third parties for commercial purposes.

3.2 Permitted Sharing Cases

We only share information in the following cases:

• With explicit consent from the client
• With service partners: Companies providing support services (hosting, email marketing, analytics) under strict confidentiality agreements
• Upon legal request: When required by competent authorities according to legal regulations
• To protect our rights: To protect the legal rights of Thurnix or to prevent fraud

3.3 Third-Party Partners and Tools

• Google Analytics: To analyze website traffic
• Google Search Console: To monitor SEO performance
• Email marketing platforms: To send newsletters (with consent)
• CRM systems: To manage customer relationships
• Cloud storage: To securely store project data

4. Information Security

4.1 Security Measures

We apply advanced security measures:

• SSL/TLS Encryption: All data is transmitted over an encrypted connection
• Firewall and Antivirus: Protecting the system from security threats
• Access Control: Only authorized personnel can access data
• Regular Backups: Periodic and secure data backups
• Security Monitoring: 24/7 security monitoring

4.2 Data Storage

• Data is stored on secure servers in USA and AWS
• Backups are performed daily and encrypted
• Access logs are recorded and monitored

4.3 Employees and Security

• All employees sign a confidentiality agreement
• Regular training on security best practices
• Principle of least privilege - only necessary access rights are granted

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

• Essential cookies: Necessary for the website to function
• Analytics cookies: Google Analytics to understand user behavior
• Marketing cookies: To display relevant advertisements
• Preference cookies: To store personal settings

5.2 Managing Cookies

You can:

• Disable cookies in your browser settings
• Use the cookie consent banner to select cookie types
• Delete cookies at any time from your browser

5.3 Google Analytics

We use Google Analytics to:

• Measure traffic and engagement
• Understand traffic sources and user behavior
• Improve website performance

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

6. Your Rights

6.1 Right to Access and Rectification

You have the right to:

• Access: Request to see the personal information we store
• Rectify: Update or correct inaccurate information
• Export Data: Receive a copy of your data in a readable format

6.2 Right to Erasure and Restriction

• Right to Erasure: Request the deletion of personal information (Right to be forgotten)
• Right to Restriction: Request to restrict the processing of your data
• Right to Object: Object to the processing of data for marketing purposes

6.3 Right to Data Portability

• Receive your data in a structured, machine-readable format
• Transfer your data to another service provider

6.4 How to Exercise Your Rights

To exercise the rights above, please contact:

• Email: privacy@thurnix.com
• Phone: 0925 604 604
• Address: No. 5, Street 9 (Cityland Park Hills), Go Vap Ward, HCMC, Vietnam 70000

7. Data Retention Period

7.1 Retention Principles

We only retain data for the period necessary to:

• Provide the agreed-upon services
• Comply with legal requirements
• Fulfill the purposes stated in this policy

7.2 Specific Periods

• Active customer information: Throughout the partnership + 3 years
• SEO and analytics data: 5 years from collection
• Invoices and financial information: 10 years (according to accounting regulations)
• Website cookies: From 30 days to 2 years depending on the type
• Email marketing: Until unsubscribe + 30 days

7.3 Data Deletion

After the retention period, data will be:

• Completely deleted from the system
• Anonymized so it cannot be personally identified
• Archived as required by law

8. International Data Transfers

8.1 Transfer Principles

• Data is primarily stored in USA
• Some partner services (Google, AWS) have international servers
• Transfers comply with international security standards

8.2 Protection Measures

• Standard Contractual Clauses (SCCs) with EU partners
• Adequacy decisions for countries with equivalent protection levels
• Binding Corporate Rules for multinational corporations

9. Children’s Privacy

9.1 Minimum Age

• Our website and services are intended for individuals 18 years of age and older
• We do not knowingly collect information from children under 16
• If discovered, such information will be deleted immediately

9.2 Parental Responsibility

• Parents are responsible for monitoring their children’s internet use
• Contact us immediately if you suspect a child has provided us with information

10. Policy Updates

10.1 Notification of Changes

• This policy may be updated to reflect changes in our services or the law
• Significant changes will be announced via email or on the website
• The last updated date will be clearly stated at the top of the page

10.2 Acceptance of Changes

• Continued use of the service after an update constitutes acceptance of the new policy
• If you do not agree, you may discontinue using the service and request data deletion

11. Contact and Complaints

11.1 Contact Information

Thurnix Company Limited

• Address: No. 5, Street 9 (Cityland Park Hills), Go Vap Ward, HCMC, Vietnam 70000
• Main Email: privacy@thurnix.com
• Hotline: 0925 604 604
• Website: https://thurnix.com
• Working Hours: 8:00 AM - 6:00 PM (Monday - Friday)

11.2 Data Protection Officer (DPO)

• Email: dpo@thurnix.com
• Officer: Khoa Minh Nguyen - CTO
• Responsibility: To oversee data security compliance and handle complaints

11.3 Complaint Process

1. Submit Complaint: Email to privacy@thurnix.com with detailed information
2. Confirmation: We will confirm receipt of the complaint within 48 hours
3. Investigation: Investigation and response time within 30 days
4. Resolution: Notification of the outcome and remedial measures (if any)

11.4 Right to Complain to Authorities

If you are not satisfied with how your complaint is handled, you have the right to complain to:

• Ministry of Information and Communications (USA)
• Authority of Information Security (USA)
• Your local data protection authority (if you are in the EU)

12. Legal Compliance

12.1 Applicable Laws

This policy complies with:

• Law on Cybersecurity 2015 (USA)
• Decree 13/2023/NĐ-CP on personal data protection (USA)
• GDPR (EU) - for EU customers
• CCPA (California) - for California customers

12.2 Commitment to Compliance

• Regular audits to ensure compliance
• Employee training on data protection laws
• Updating policies according to legal changes

Summary of Key Points

✅ We commit to:

• Protecting your personal information with advanced security measures
• Only using information for the stated purposes and with your consent
• Not selling or sharing information for commercial purposes
• Fully complying with data protection regulations

🔒 Your Rights:

• To access, rectify, and delete your personal information
• To opt-out of marketing communications
• To request data export or transfer
• To complain about data processing

📞 Contact us now: privacy@thurnix.com | 0925 604 604

This policy is effective as of January 1, 2025, and is updated regularly to ensure legal compliance and the best protection of customer rights.