Privacy Policy

What Information We Collect

Running a compliance reporting system means we need certain information to work effectively. Here's what we collect and why it actually matters.

How We Collect This Information

Most of what we collect comes directly from you when you create an account, upload financial documents, or use our reporting features. Some technical information gets collected automatically through cookies and similar technologies when you access our platform.

We also receive information from third-party sources like banks or accounting software when you authorize integrations to streamline your reporting process.

How We Use Your Information

Everything we collect serves a specific purpose. We don't gather data just to have it sitting around.

• Generate Compliance Reports: Processing your financial data to create accurate regulatory reports that meet Vietnam's compliance requirements
• Account Management: Maintaining your account, processing payments, and providing customer support when you need help
• System Improvements: Analyzing usage patterns to enhance our automated reporting features and fix technical issues
• Security Monitoring: Detecting unusual activity, preventing fraud, and protecting your data from unauthorized access
• Legal Obligations: Meeting regulatory requirements and responding to lawful requests from authorities when legally required
• Communication: Sending you reports, system updates, security alerts, and important account notifications

We don't use your financial data for marketing purposes or sell it to third parties. Period.

Data Sharing and Disclosure

We keep your information within our organization wherever possible, but some situations require sharing data with specific parties.

Service Providers We Work With

Our platform relies on trusted service providers who help us operate effectively. These include cloud hosting providers, payment processors, and technical support services. Each provider signs strict confidentiality agreements and can only access data necessary for their specific function.

Regulatory Authorities

When Vietnamese regulatory bodies or tax authorities request information as part of legitimate compliance checks or investigations, we're legally required to cooperate. We only share what's specifically requested and notify you when legally permitted.

Business Transfers

If CerevoCon merges with another company or gets acquired, your data would transfer to the new entity. We'd notify you in advance and ensure the new organization maintains equivalent privacy protections.

What We Never Do

We don't sell your data to marketers, share it with advertising networks, or provide it to data brokers. Your financial information stays within the compliance reporting context where it belongs.

How We Protect Your Data

Financial compliance data requires serious security measures. Here's what we've implemented to keep your information safe.

No security system is completely invulnerable, but we invest heavily in protecting your data and continuously improve our defenses against emerging threats.

Data Retention Periods

We keep your information only as long as necessary for legitimate business or legal reasons. Here's our retention approach for different data types.

After retention periods expire, we securely delete data through methods that prevent recovery. Some information may persist in backup systems for up to 30 additional days before permanent deletion.

International Data Transfers

Our primary servers are located within Vietnam to comply with local data residency requirements. However, some technical services we use operate globally, which means your data might occasionally process outside Vietnam.

When we transfer data internationally, we ensure adequate protection through standard contractual clauses and verification that receiving countries maintain appropriate data protection standards. Any provider accessing your data must meet security requirements equivalent to Vietnamese regulations.

For clients who require strict data residency within Vietnam, we offer enhanced service tiers that guarantee all processing happens within Vietnamese borders. Contact us to discuss these options.

Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to function properly and provide a better experience.

Essential Cookies

These cookies are necessary for basic platform functionality. They remember your login session, security preferences, and technical settings. You can't disable these without breaking core features.

Performance Cookies

We use analytics cookies to understand how people use our system, which features matter most, and where technical problems occur. This information is aggregated and doesn't identify you personally.

Your Cookie Choices

You can manage cookie preferences through your browser settings, though disabling certain cookies might affect platform functionality. We don't use advertising or third-party tracking cookies.

Changes to This Privacy Policy

We update this policy occasionally to reflect new features, legal requirements, or changes in how we handle data. When we make significant changes, we'll notify you via email and display a notice on our platform.

Continuing to use CerevoCon after changes take effect means you accept the updated policy. If you disagree with changes, you can close your account before they become effective.

We post the revision date at the top of this policy so you can see when it was last updated. Previous versions are available upon request if you want to review what changed.

Children's Privacy

Our compliance reporting system is designed for businesses and professional use. We don't knowingly collect information from individuals under 16 years old. If you believe we've inadvertently collected data from a minor, contact us immediately and we'll delete it.