TeamPal User Privacy Policy

This Privacy Policy (hereinafter referred to as the “Policy”) specifies the categories of information collected on or through TeamPal’s website at https://teampal.ai/ and affiliated websites, the services we provide, as well as all communication and information exchange with users via written correspondence, email, phone, or any other method. This Policy complies with and is an integral part of TeamPal’s Terms of Service.

1. Definitions

In this Policy, the following terms are defined as follows:

TeamPal or we/us refers to the team behind the development of the TeamPal product.
TeamPal Customers are organizations or individuals who use TeamPal software under a legally binding contract between the customer and TeamPal. A contract is legally established when:

(i) both parties sign a written agreement, or

(ii) the customer registers a TeamPal account on the website and agrees to the Terms of Service published on TeamPal’s official website.

Users are individuals who directly access, use, and operate within the TeamPal software system by logging in, as assigned, authorized, or permitted by a TeamPal Customer.
Guests are individuals who are not Users but have access to public areas on TeamPal’s website or public links created by TeamPal Users.
Contract refers to the software service agreement signed between TeamPal and a customer, in which TeamPal acts as the Data Processor under the instructions of the Data Controller.
Services include:

(i) The official TeamPal website: https://teampal.ai/

(ii) The web application provided by TeamPal: https://app.teampal.ai/

(iii) Other services provided by TeamPal.

TeamPal Customer Data refers to data stored on the TeamPal system by customers or users.
Personal Data includes any information linked to a specific individual, comprising both Basic Personal Data and Sensitive Personal Data as defined by Vietnamese law.
Basic Personal Data and Sensitive Personal Data refer to the information specified in Clauses 3 and 4, Article 2 of Decree No. 13/2023/ND-CP dated April 17, 2023, on personal data protection (hereinafter referred to as “Decree 13”).
Data Subjects are individuals whose personal data is processed, including TeamPal customers, users, and guests.
Public Area is an area accessible to both Users and Guests without requiring login.
Restricted Area is an area accessible only to logged-in Users.

2. Information and Data We Collect

2.1 Data Provided by TeamPal Customers

When a customer enters into a contract with TeamPal, we may collect information such as name, email address, phone number, payment details, and other relevant data to provide services.

2.2 Data Provided by Users

Users may upload personal information such as profile pictures, full names, job titles, and email addresses while using TeamPal. This data can be modified or deleted based on permissions set by TeamPal Customers.

2.3 Automatically Collected Data

When Users or Guests access the Services, we may automatically collect information from their devices, including:

IP address
Web browser information
Access time and activity logs
Cookies and other tracking technologies

2.4 Integrated Services

Users may choose to log in to TeamPal via third-party accounts (Google, Apple, Microsoft, etc.). In such cases, we collect personal data based on the user’s permission granted through the integrated service.

Please carefully review the Terms of Service and Privacy Policies of each integrated service before connecting them to TeamPal’s Services.

2.5 Data Collected from Other Sources

We may collect information from partners, vendors, or publicly available data on the internet.

2.6 Data TeamPal Does Not Collect

TeamPal does not actively collect Sensitive Personal Data or Children’s Data. We recommend that Users and Guests refrain from uploading such data onto our Services.

If you discover such data on our system, please notify us via email at [email protected] so that we can take appropriate action.

Please note that while TeamPal commits to deleting unauthorized data, due to technical or system errors, complete removal may not always be possible. In such cases, we will ensure the data is inaccessible, unused, or protected to the fullest extent possible.

3. Purpose of Data Collection

We collect and use personal data of TeamPal customers, users, and guests for the following purposes:

3.1 Providing and Operating the Service

Establishing, maintaining, and granting access to the TeamPal system.
Authenticating user accounts and ensuring secure logins.
Supporting customers in using the service, resolving technical issues, and handling support requests.

3.2 Improving and Enhancing Service Quality

Analyzing trends and usage habits to optimize the user experience.
Developing new features to improve productivity and team management.
Enhancing the interface, performance, and system stability.

3.3 Ensuring Security and Protection

Preventing fraud, unauthorized access, or misuse.
Detecting, investigating, and handling security incidents or policy violations.
Protecting personal data and business information from cybersecurity threats.

3.4 Communication and Customer Support

Sending updates about new features or policy changes.
Providing technical support and responding to customer inquiries.
Notifying users about TeamPal events, workshops, or promotions (if consent is given).

3.5 Compliance with Legal Obligations

Meeting regulatory requirements under applicable laws.
Ensuring transparency in data collection, processing, and storage.
Fulfilling legal obligations related to user data management.

TeamPal commits to using personal data solely for the above purposes and will not share or disclose it beyond what is necessary to operate the service, except as required by law.

4. How Data is Disclosed

TeamPal is committed to protecting the personal data of TeamPal customers, users, and guests and does not disclose data to third parties except in the following cases:

4.1 Data Publicly Shared by Users

When users voluntarily upload or share personal information in public areas of the platform (e.g., profile pictures, forum comments, internal blog posts), this data may be visible to other users.
Users have control over their information-sharing preferences within the system.

4.2 Internal Sharing within TeamPal Customer Systems

Certain user data (name, job title, email) may be shared with the administrator of the organization using TeamPal.
Depending on internal settings and policies, data may be shared among users within the same system.

4.3 Disclosure to Third-Party Service Providers

We collaborate with third-party service providers to support system operation and improvement, including:

Cloud storage services: Secure data storage on trusted servers.
Data analytics services: Evaluating performance and optimizing user experience.
Customer support services: Ensuring prompt and accurate responses.
Payment processing tools: Handling secure financial transactions.

TeamPal shares only the necessary data for service providers to perform their tasks and requires them to comply with strict security standards.

4.4 Disclosure for Legal Compliance

We may disclose personal data in the following circumstances:

To comply with legal obligations under Vietnamese law.
Upon request from competent authorities, such as courts or law enforcement.
To protect TeamPal’s legal rights, customers, or users in legal disputes.

4.5 Data Transfer in Case of Ownership Changes

If TeamPal undergoes a merger, acquisition, or structural changes, user data may be transferred to the acquiring entity.
In such cases, we will provide clear notifications and ensure compliance with equivalent privacy standards.

4.6 Anonymous and Statistical Data Disclosure

We may aggregate and anonymize user data for research, trend analysis, and service improvement.
Such reports and statistics do not contain identifiable personal information and may be shared with partners or the public.

Note: TeamPal does not sell, trade, or provide personal data for marketing or advertising purposes without the explicit consent of data subjects.

5. Rights and Obligations of Data Subjects

TeamPal implements the necessary technical and organizational measures to ensure that TeamPal customer data and personal data are securely stored and processed, protecting them from risks such as loss, destruction, unauthorized access, or unauthorized disclosure.

5.1 Rights of Data Subjects

TeamPal respects the privacy and personal data of data subjects, ensuring their legitimate rights in accordance with current legal regulations. Data subjects have the following rights concerning their personal data:

(1) Right to be Informed: To be notified of the purpose, scope, and methods of processing personal data.

(2) Right to Consent: To agree to or refuse the collection, processing, and use of personal data.

(3) Right to Access: To request access to and receive copies of their personal data.

(4) Right to Withdraw Consent: To withdraw previously granted consent at any time.

(5) Right to Erasure: To request the deletion or removal of personal data from the system.

(6) Right to Restrict Processing: To request limitations on the processing of data under specific circumstances.

(7) Right to Data Portability: To request the transfer of personal data to another organization or individual.

(8) Right to Object to Processing: To object to the processing of data for marketing or other undesired purposes.

(9) Right to File Complaints, Reports, or Lawsuits: To file complaints or lawsuits if violations concerning the processing of personal data are identified.

(10) Right to Compensation for Damages: To request compensation for damages caused by unlawful data processing activities.

(11) Right to Self-Protection: To proactively protect their rights under legal provisions.

To exercise these rights, data subjects may:

Use the available features or options on TeamPal’s services.
Submit requests directly via email at [email protected] or other official support channels.

Regarding personal data controlled by TeamPal:

For personal data where TeamPal acts as the Data Controller, we commit to processing requests within a reasonable timeframe (a maximum of 30 bú days from the date of receipt).
In cases where absolute compliance with the request is not feasible due to technical issues, TeamPal will take appropriate measures to ensure the data is not accessed or processed unlawfully.

Regarding personal data within TeamPal Customer Data:

For personal data included in TeamPal Customer Data (where customers act as the Data Controller), the customer will handle the request. TeamPal will support by forwarding the data subject’s request to the customer for resolution.

5.2 Obligations of Data Subjects

Data subjects must fulfill the following obligations to ensure their rights and safety during the use of services:

(1) Provide accurate, complete, and truthful information

Ensure the accuracy and legality of the personal information provided.

(2) Comply with personal data protection regulations

Adhere to the legal regulations and privacy policies of TeamPal or customers using the TeamPal system.
Avoid posting or sharing sensitive information or violating others’ privacy rights.

(3) Protect accounts and personal information

Take responsibility for protecting accounts, passwords, and access credentials.
Notify TeamPal immediately in case of security risks or unauthorized access.

(4) Cooperate with TeamPal in addressing violations

Assist TeamPal in resolving issues related to data breaches or security incidents.
Promptly report any signs of violations or unusual activities to TeamPal through official contact channels.

Note: Any violation by the data subject concerning their obligation to provide accurate information or misuse data for improper purposes will be subject to accountability under the law and TeamPal’s policies.

6. Third-Party Services

TeamPal’s services may include features or links to websites and services provided by third parties. Any information that TeamPal customers, users, or guests provide on third-party websites or services will be sent directly to the respective third party and will be subject to the third party’s policies and privacy regulations.

For example:
TeamPal may integrate certain services from third parties (e.g., analytics tools, gifting services, payment systems, content creation tools for videos, images, or text, and information lookup tools) to enhance user experience. In cases where users provide personal information to third parties via these integrated features, the information will be sent directly to the third party and subject to their policies.
TeamPal assumes no responsibility for risks arising from users providing information to third parties.

7. Data Protection

7.1 Data Protection Measures

Data Encryption: TeamPal encrypts data both at rest (encrypt-at-rest) and in transit (encrypt-in-transit) to ensure data security.
Secure HTTPS Protocol: All TeamPal services are accessed through the HTTPS protocol (SSL/TLS).
Password Security: User login passwords are encrypted using end-to-end encryption.
Secure Storage Infrastructure: TeamPal utilizes reliable cloud storage infrastructures that comply with international security standards.
Access Control: Only authorized and specially trained personnel can access sensitive data.

7.2 Security Features for Customers and Users

Single Sign-On (SSO): Integration of SSO through Google, Microsoft, or SAML 2.0 to enable administrators to efficiently manage user accounts.

7.3 Handling Security Incidents

If a security breach or evidence of data compromise is detected, TeamPal will:

Promptly notify affected data subjects and customers.
Report the incident to relevant authorities as required by law.
Take necessary measures to mitigate damage and prevent recurrence.

7.4 Unintended Consequences and Risks

Despite implementing optimal protection measures, TeamPal cannot guarantee that our systems are entirely immune to risks such as:

Technical or hardware failures.
Security vulnerabilities exploited by hackers.
Unforeseen incidents such as natural disasters or fires.

In the event of an incident, TeamPal is committed to resolving and mitigating the consequences to minimize damage.

8. Data Retention

Personal data is retained as long as the user account remains active or as needed to fulfill the purposes for which the data was collected. TeamPal does not claim ownership of the data that customers or users store on the system.

9. Data Transfer

TeamPal may transfer, process, and store data in data centers located inside and outside Vietnam. When personal data is transferred between Vietnam and other countries, TeamPal ensures compliance with applicable legal regulations and implements necessary security measures.

Currently, TeamPal stores Customer Data (including personal data) on Google Cloud Platform in Singapore and servers located in Vietnam.

10. Policy Updates and Adjustments

This policy may be updated periodically to reflect changes in laws, technology, or services. If an update involves significant changes to the content or terms of this policy, we will notify all TeamPal customers, users, and guests before implementing the update through available communication channels, such as announcements or articles on TeamPal’s website, or direct contact with TeamPal customers, users, and guests via services, email, or other appropriate methods. The effective date of each policy version will be specified.

Continued use of the services after the updated policy becomes effective constitutes agreement with the updated contents.

TeamPal recommends that TeamPal customers, users, and guests regularly review this policy to stay informed about TeamPal’s data collection and processing practices.

11. Contact TeamPal

If you have any questions, requests, or need assistance regarding this privacy policy, please contact us via:

📧 Email: [email protected]

🌐 Website: https://teampal.ai/

This policy complies with Vietnamese legal regulations and is effective as of December 1, 2024.