Logo
GDPR

GDPR Compliance

Our commitment to data privacy and protection under GDPR

Most recent updated version: January 2026

Tiemtaphoa.org is fully compliant with the EU General Data Protection Regulation (GDPR). This page explains how we handle personal data and your rights under GDPR.

Table of Contents

Quick navigation to sections

OVERVIEW
GDPR Overview
ARTICLE 1
Your Data Subject Rights
ARTICLE 2
Lawful Basis for Processing
ARTICLE 3
Data Protection Measures
ARTICLE 4
Data Breach Notification
ARTICLE 5
Contact Our Data Protection Officer
OVERVIEW

GDPR Overview

The General Data Protection Regulation (GDPR) is the EU's comprehensive data protection and privacy law. GDPR gives individuals greater control over their personal data and imposes strict obligations on organizations that process that data.

Tiemtaphoa.org is committed to full GDPR compliance and all applicable data protection laws. We have implemented appropriate technical and organizational measures to ensure the protection of your personal data.

This page supplements our Privacy Policy and provides specific information about your GDPR rights and how we protect them.

ARTICLE 1

Your Data Subject Rights

Under GDPR, you have several rights relating to your personal data.

1.1

Right of Access

You have the right to receive a copy of the personal data we hold about you. You can request this by contacting us at privacy@tiemtaphoa.org.

1.2

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data. You can update most of your information through your account settings.

1.3

Right to Erasure (Right to be Forgotten)

You have the right to request that we delete your personal data in certain circumstances. You can delete your account through your account settings or by contacting us.

1.4

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of the data.

1.5

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

1.6

Right to Object

You have the right to object to the processing of your personal data in certain circumstances, particularly for direct marketing.

1.7

Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

1.8

Right to Lodge a Complaint

You have the right to lodge a complaint with your data protection supervisory authority if you believe we have violated your data protection rights.

ARTICLE 2

Lawful Basis for Processing

GDPR requires us to have a lawful basis for processing your personal data.

2.1

Consent

For certain processing activities, we rely on your consent. For example, when you sign up for an account or subscribe to our newsletter.

2.2

Performance of Contract

We process your personal data when necessary to provide services to you under our Terms of Service.

2.3

Legitimate Interests

We may process your personal data when necessary for our legitimate interests, such as fraud detection, network security, and improving our services.

2.4

Legal Obligation

We may process your personal data when necessary to comply with our legal obligations, such as maintaining tax records or responding to law enforcement requests.

ARTICLE 3

Data Protection Measures

We implement robust technical and organizational measures to protect your personal data.

3.1

Technical Security

Our technical safeguards include:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Firewalls and intrusion detection systems
  • Regular security audits and penetration testing
  • Backup and disaster recovery
3.2

Organizational Measures

Our organizational safeguards include:

  • Data protection policies and procedures
  • Employee training on data protection
  • Access controls based on principle of least privilege
  • Data breach response procedures
  • Confidentiality agreements with employees and contractors
ARTICLE 4

Data Breach Notification

In the unlikely event of a data breach, we are committed to acting promptly and transparently.

4.1

Notification to Supervisory Authority

If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach.

4.2

Notification to Data Subjects

If the breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay.

4.3

Breach Information

Our notification will include:

  • The nature of the personal data breach
  • The likely consequences of the breach
  • The measures taken or proposed to address the breach
  • Contact information for further information
ARTICLE 5

Contact Our Data Protection Officer

If you have any questions about the processing of your personal data or wish to exercise any of your GDPR rights, please contact our Data Protection Officer.

5.1

DPO Contact Information

Data Protection Officer: Email: privacy@tiemtaphoa.org Address: 10th Floor, ABC Building, District 1, Ho Chi Minh City, Vietnam

5.2

Response Time

We will respond to your request within 30 days of receipt. In some cases, we may need additional time and will inform you of the reason for the delay.

Contact Us

If you have any questions about our GDPR compliance, please contact:

privacy@tiemtaphoa.org

We will respond within 30 days

Back to Top