​LEGAL

TERMS OF USE

Last Updated: 26 SEP 2020

1. As between ABODY.AI JSC, a Vietnamese corporation with headquarters at 31/1 Bis Nguyen Van Lac street, Ho Chi Minh city, Vietnam and the individual whose personal data, including data about body dimensions, weight and age, is collected, stored or otherwise processed through the Platform (User), these terms of use (Terms) govern the use of the Abody.ai's platform (the Platform) by the User.

2. The User acknowledges that he or she may interact with Abody.ai's commercial partners making an offering through the Platform (Customers) and acknowledges that the relevant Customer is the User's single point of contact for all enquiries related to the relevant Customer's offering through the Platform (Offering).

3. The User may use the Platform to engage with Offerings on condition that the User complies with these Terms and with the additional terms and conditions presented by the Customer in relation with the Offering. The User must not use the Platform for any illegal or immoral purposes and/or any purposes incompatible with engaging with Offerings. The User agrees to keep his or her login credentials confidential.

4. The User agrees that the Platform may be discontinued at any time and for any reason for all or some of the Users in Abody.ai's sole discretion, or be continued only on condition that the User accepts changed terms of use or agrees to pay a fee for the continued use of the Platform.

5. The User agrees that the use of the Platform is at his or her sole risk and that the Platform is provided on an "as is" basis without warranty of any kind from Abody.ai. Abody.ai expressly disclaims all warranties and liabilities of any kind, whether express or implied.

6. The User and Abody.ai exclude their liability to each other for any and all damages, except for damages caused willfully or with gross negligence.

7. The User understands that Abody.ai and the Customers act as independent data controllers in relation with the User's personal data. The User may make requests under applicable data protection law to Abody.ai for personal data controlled by Abody.ai to the contact indicated in Abody.ai's privacy policy, available at https://www.abody.ai/privacy

8. These Terms are governed by Vietnam law, and Abody.ai and the User submit to the exclusive jurisdiction of the courts of Vietnam in relation to any dispute (contractual or non-contractual) concerning these Terms.

PRIVACY POLICY​

Last Updated: 26 SEP 2020

Introduction

Privacy is a matter of trust, and your trust is important to us. We have therefore published this privacy policy (Privacy Policy).

The European General Data Protection Regulation (GDPR) is important to us even though it is a regulation of the European Union. We wish to provide the GDPR's high level of protection to all individuals whose personal data we process, whether or not the GDPR applies to us (though some exceptions may apply). This Privacy Policy is therefore based on the GDPR. It is important to us that you are fully informed about how we process your personal data. It is important to us that you understand:

  • which personal data we collect about you;

  • when we collect your personal data;

  • the purpose for which we use your personal data;

  • how long we retain your personal data;

  • who has access to your personal data; and

  • what rights you have with regard to your personal data.

You will find corresponding notes and explanations below. If you have any questions, please do not hesitate to contact us. You can find our contact details below.

Who we are

For every data processing operation there is a responsible entity (called the "controller"). The following entity (also "Abody.ai", "we" or "us") is the controller for the data processing explained in this Privacy Policy:

Abody.AI JSC, 31/1Bis Nguyen Van Lac street, Ho Chi Minh city, Vietnam

Phone: +84 28 35154590

Abody.ai Privacy & Compliance Representative: pcr@abody.ai

Personal data we process

This privacy policy applies to all processing of personal data in connection with our business activities, including processing of personal data that we have received earlier or will receive in the future. Additional Privacy Policies may apply for certain services. We will inform you of these provisions in an appropriate manner where such is the case.

Personal data is all information that relates to a particular individual (provided that under Vietnam law, information relating to a legal entity is also considered to be personal data). Personal data includes the following information, for example:

  • login information;

  • contact information such as names, addresses, e-mail addresses and telephone numbers;

  • other personal information such as gender, age, body measurements and physical features, as well as information about suitable types and sizes of apparel and other products.

 

Some personal data are considered to be particularly critical and warranting special protection. This includes "sensitive personal data" (or "special categories" of personal data), for example data revealing race or ethnic origin, genetic data, biometric data if it is used to confirm the identification of an individual, health data etc.

We process personal data of

  • users of our services and apps;

  • visitors of our own and our customers' websites;

  • individuals using or interested in our products and services;

  • employees and contacts of our suppliers and other business partners;

  • persons who apply for a job with us;

  • persons who otherwise communicate with us.

 

Generally, you need to be 16 years or older to use our products and services. If you are younger than 16 years and wish to use our products and services, please send us an e-mail to info@abody.ai in order for us to obtain parental consent.

 

Personal data is generally collected from you directly when you use our services and apps, register with us and/or visit our or our customers' websites. However, personal data might also be collected from other sources. For example, we may obtain information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our services from a mobile device, that device may send us data about your location based on your phone settings.

Purposes for which we process personal data

We process personal data -- which may include sensitive personal data -- in the following situations and for the following purposes:

  • Use of our services: We collect and process personal data to provide our services as described in our terms of use and by our commercial customers in their own general terms and conditions and/or privacy policy(s) in relation with their offerings, to measure the use of these service, and to make improvements and to develop additional services;

  • Authorize access: We process personal data to authorize access to our services;

  • Visiting websites and using apps: We process your personal data when you visit our websites and/or use an app as explained below;

  • Communication: We process personal data when you contact us or when we contact you, e.g. when you contact our customer service as well as when you write or call us. We use this data in order to provide you with information, process your request and to communicate with you.

  • Business partners: We work together with various companies and business partners, for example suppliers, service recipients, cooperation partners and service providers. We process personal data about the contact persons in these organizations, for example names, functions and titles, in order to enter into and process contracts and business relationships, but also for customer relationship management.

  • Applicants: We process personal data about you when you apply for a job with us, in order to process and evaluate your application and to prepare for an employment should your application be successful. As a general rule, we require the usual information and documents as well as information mentioned specifically in a job advertisement.

  • Other purposes: We process personal data for other purposes including, for example, to comply with legal requirements, such as disclosing information to an authority if we have good reason or are legally obliged to do so; to protect our rights, e.g. to assert claims in and out of court and before local and foreign authorities or to defend ourselves against claims; to prepare and consummate company transactions such as sales and purchases of assets; and for other purposes whenever legal obligation require processing.

Using our website and / or platform

Log data: When you visit our website or a third-party website where our services are integrated, or when you install or use an app from us, we process a set of basic information such as information about the time the website, app or service was accessed, the duration of the visit and the pages and services accessed. We use this personal data to ensure and improve IT security, but also to improve the user-friendliness of our websites and services.

Cookies: We also use cookies, small files that are stored on your device when you visit our or our customers' websites or use our services. We may use session cookies, which are erased after your visit of a website, for example to maintain a product basket for a virtual fitting room application. We also use permanent cookies, which remain stored after the browser session is closed, in order to recognize a returning visitor. These cookies help us to improve convenience and usability of websites where our services are being offered, for example by saving access tokens and personal settings, and to adapt our online services to your needs and provide targeted services. Moreover, third-party cookies enable the companies concerned to provide services for us or to address you with advertising that might interest you. The most important example is Google Analytics (see below).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Google Analytics: This website uses Google Analytics, a web analytics service provided by Google LLC ("Google"). Google Analytics uses cookies (see above) that generate information about your use of this website (including your IP address), which will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purposes of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. This integration of Google Analytics anonymizes your IP address by shortening your IP address within the European Union or European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US. You can opt out of Google Analytics by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

 

Firebase: Our platform uses the following Firebase services:

  • Cloud Firestore

    • Support background notifications to logged in users regarding profile changes.

  • Authentication

    • Is used to authenticate users on our platform based on Email or other unique identifier (provided by our integration partner).

  • Crashlytics

    • Is used to gather debug information about app functionality, performance & statistics.

  • Cloud Messaging

    • Is used to message users when our services are running or installed on mobile devices.

  • Dynamic Links

    • Is used to provide a seamless handoff between different devices (e.g. from desktop browser to mobile app).

 

We only process the minimum amount of personal data on Firebase that is necessary to provide authentication and crash reporting. This includes only the following personal information:

  • Email

  • Password

  • Mobile Phone Number (if provided for authentication)

  • IP address

  • Data provided by SSO provider (if SSO used)

  • Unique device identifiers

  • Device state information

  • Location data

  • Usage data

Under the following link you can find the Firebase privacy policy: https://firebase.google.com/support/privacy/

Persons with whom we share personal data

Our employees access personal data as necessary for their tasks for the purposes set out above. They act in accordance with our instructions and are bound to confidentiality when processing your personal data. We may also transfer your personal data to service providers who perform business operations on our behalf ("processors"), for example IT services such as hosting, cloud services, newsletter processing, data analysis etc. All processors are under an obligation to process personal data only on our behalf and according to our instructions.

Note that our commercial customers who provide their offerings using our services will collect personal data from you directly. Please refer to our terms of use and to the relevant customer's terms and conditions for additional information.

There are other cases where we may disclose your personal data to third parties, for instance:

  • in the context of corporate transactions. In such cases, it may not be possible to inform you in advance if your personal data is affected for reasons of confidentiality;

  • if required by law, for example to comply with a court order;

  • to assert or defend legal claims or if we consider it necessary for other legal reasons.

Security of your personal data

We apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk and protect it your personal data against unauthorized or unlawful processing and against accidental loss, destruction or damage. However, no system or network can ever be guaranteed to be 100% secure.

Personal data retention

We retain personal data for as long as necessary for the purposes for which it is collected and processed, and as long as we have a legitimate interest in keeping it for example for the enforcement of or the defense against claims, for archiving purposes or for ensuring IT security. We also retain your personal data as long as it is subject to a legal retention obligation. For example, some documents have a ten-year retention period. Other documents will be retained for a short period only.

You can delete your account with us at any time by sending a message to info@abody.ai from the account you have registered with. We will delete your account but may keep certain personal data as explained above.

Your rights

You may at any time object to the processing of your personal data, in particular against data processing for direct marketing purposes.

In addition, you have the following rights:

  • Access right: You have the right to request, at any time and free of charge, access to your personal data stored and processed by us.

  • Right to rectification: You have the right to have incorrect or incomplete personal data corrected or updated.

  • Right to erasure: You have the right to have your personal data erased if it is no longer necessary for the purposes pursued, if you have withdrawn your consent (provided there are no other grounds for processing) or have objected to the processing, or if your personal data is being processed unlawfully.

  • Right to restrict processing: Under certain circumstances, you have the right to request that the processing of your personal data be restricted.

  • Right to data portability: Under certain circumstances, you have the right to receive the personal data concerning you, which you have provided to us, free of charge, in a commonly used and machine-readable format.

  • Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority about the way we handle or process your personal data.

  • Right to withdraw consent: You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

Additional points to note

Applicable law permits our data processing activities, in particular, if they are based on valid consent, if they are necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, if they are necessary to fulfill a legal obligation or and if they are necessary for legitimate interests. Our legitimate interests include, for example, monitoring, ensuring and improving the security of our infrastructure and services; measuring and improving our services; developing additional services; and enforcing or defending claims.

 

You may wish or need to provide us with third party personal data. In this case you are obliged to inform the relevant persons accordingly and ensure that this data is accurate.

Changes to this Privacy Policy

We may modify this Privacy Policy from time to time if we change our data processing activities or if new legislation becomes applicable. We actively inform people registered with us of such modifications if this is possible without disproportionate effort. In general, however, a data processing activity is subject to the version of the Privacy Policy which is the latest version at the beginning of the relevant processing.