1. For shareholders

The company strives to deliver the highest and sustainable benefits to the shareholders with high and sustainable investment efficiency, create solid trust for the shareholders and well implement internal control mechanisms to protect the legitimate interests of the shareholders.

2. For customers

The company strives to satisfy customers based on deep understanding and the best response to customers’ needs with dedication, and constantly improve capacity to become a leading provider in the operating fields. We also strive to Fulfill our commitments to customers; Deliver products and services on time and with committed quality; Provide full pre- and post-sales support; Improve capacity to provide products and services to the markets and potential customers; Provide products and services with high quality and up-to-date technologies in a dedicated, professional manner and with compliance with business ethics.

The company sets its own goals in addition to the general policies and objectives of FPT Corporation, specifically:

• Respond promptly and fully to customer requirements according to the signed contracts
• Provide customers with the most appropriate technology solutions.

Information update, modification, and deletion
We update, modify, and delete the currently stored Information upon Customer’s request from time to time. However, the deletion, modification, restriction, or termination of the right to process Information may lead to changes and limitations to the use of relevant Services that we provide to the Customers.

3. For the management personnel

The company strives to build a strong governance apparatus at all levels with inheritance, creating opportunities for each management personnel to demonstrate their best and succeed together with the company.

4. For employees

The company strives to build a strong team, preserve and promote the company’s core values, and ensure the material and spiritual rights of the employees for the common growth purpose.

5. For partners and the community

Partners
The company strives to establish a strong and sustainable relationship with mutual benefits and success with partners on the basis of deep understanding of each side’s strengths, maximization of the power of cooperation, commitment to long-term cooperation, with an aim towards business expansion and development of new products and services.

Community
The company strives to contribute and provide benefits to the community and enhance its image and credibility in the community, taking that as a fulcrum for sustainable development.

Establish the following processes and regulations:

• Risk management
• Information security inside the organization
• HR security
• Asset management
• Asset management
• Asset management
• Asset management
• Asset management
• Communication security
• System reception, development, and maintenance
• Supplier management
• Information security incident management
• Business continuity assurance
• Compliance

…to ensure that

• Legal, regulatory and contractual requirements are complied with
• The reliability of information is assured
• The integrity of information is maintained
• The availability of information for business processes
  is maintained
• The information is classified and security areas are separated to prevent unauthorized access, business continuity plans are tested and maintained
• Information security training is conducted for all employees
• Information security violations (actual or suspected) are reported to the Information security personnel and are seriously investigated
• Organizational assets accessed by vendors are protected
• FPT IS’s information security system is continuously improved
• Information security policies are evaluated annually or when any significant changes occur to ensure continued appropriateness, accuracy, and effectiveness.

FPT IS’s Service Management System – SMS

FPT IS sets up an effective and fully operational Service Management System (SMS) to ensure that:

• The SMS processes and services are compliant with the international standard ISO/IEC 20000-1:2018 on service management
• Training, skills, and competency requirements for SMS operations are understood and complied with
• Requirements according to contracts or written agreements with customers are complied with
• The effectiveness and efficiency of the SMS and Managed Services are continuously improved

Changes to the service management policy including its scope are managed according to the Document management process.
This policy is the basis for establishing service management goals of FPT IS.
The policy is communicated within FPT IS to relevant management levels and employees and is available to interested parties as required.
The top management reviews the service management policy on annual basis or when significant changes are required.

1. Information collection

Service information collection: Customer information, service usage information, and other information from affiliated sources.

Customers agree that we may collect and store customers’ information.

We are committed to collecting only necessary information and to the minimum extent to serve the purposes specified in Part 2 of this Policy.

2. Use of information

Purpose of use of information
Information is used for the purpose of providing services to the Customers, specifically:

• Manage and grant permission for use of Services; Send notifications to Customers in case there are changes to the Services.
• Send notifications to remind Customers of registering, upgrading products, or renewing services when the Service term is about to expire.
• Carry out after-sales customer care and support activities.
• Communicate and resolve complaints.

Information update, modification, and deletion

We update, modify, and delete the currently stored Information upon Customer’s request from time to time. However, the deletion, modification, restriction, or termination of the right to process Information may lead to changes and limitations to the use of relevant Services that we provide to the Customers.

Transfer of Information to third parties

The Information may be transferred to our affiliates and subcontractors. When doing so, we are committed to transffering the Information to the above-mentioned third parties only for the purposes specified in Part 2 of this Policy. The third parties receiving the Information will be required to sign Information safety commitment, the contents of the commitment comply with the provisions of this Policy.

3. Information protection

Methods of protection

We establish and maintain an internal network information security and safety system to minimize the impacts, loss, leakage, unauthorized access or use of Information during the process of Information handling, meanwhile, build incident response and information system restoring plans in case unexpected incidents occur. Our Information Storage Center is compliant with international standards and certificates on quality and information security, specifically:

• ISO 9001:2015 on Quality Management System;
• ISO 27001:2013 on Information Security Management System;
• ISO 22301:2012 on Business Continuity Management.

Notifications

• We provide Customers the rights to access and make reasonable edits to the Customer Information page.
• In case of a breach or loss of Information security, we will immediately notify the Information owner and competent state agencies in order to minimize possible loss and damage.

4. Waivers

Our commitments under this Policy do not apply where the use and disclosure of Information is for the purpose of complying with relevant laws and upon legal requests of competent state agencies to ensure national security, or protect the legitimate rights and interests of Customers. In case the Information is used and disclosed for the aforementioned purposes, we will immediately notify the Customer. Meanwhile, we ensure that the use and disclosure of Information will be done in a confidential manner.

5. Governing law and validity

This Policy is construed and governed by Vietnamese laws.

This policy is valid from June 1, 2021, and may subject to changes and updates from time to time.