Welcome to the Rabbit EVC e-commerce application, a platform providing monitoring, charging, and electric vehicle charging station search services. The application is established and owned by ZIOT SMART SOLUTIONS CORPORATION ("We").
Please read these terms and conditions ("Terms & Conditions") carefully before engaging in any transactions ("Service") on the application.
By accessing our application, you signify that you agree to these Terms & Conditions. We may change, modify, supplement, or remove these Terms & Conditions at any time without prior notice. Your continued use of the application following the posting of changes means you accept those changes.
Please check regularly for updates.

1.1 Scope of Application

These Terms & Conditions apply to customers who access and install the application and use the services within the territory of Vietnam, including:

(i) Individuals aged 16 and above, with legal capacity to perform transactions on the Rabbit EVC application.

(ii) Organizations established and legally operating under the regulations of Vietnamese law.

1.2 Rabbit EVC Account

When registering an account, you must meet the conditions mentioned in section 1.1 above. You can choose to create an account and provide specific information, including a valid phone number and password. You must register an account with authentic information about yourself and update it if there are any changes. Each user is responsible for their password, account, and activities on the application. Furthermore, you must inform us of any unauthorized access to your account. We are not liable for any direct or indirect damages resulting from customers' failure to comply with our regulations and instructions. By providing your information, you agree to be contacted by us about your interests in us, either via email, phone, or other contact information you have chosen to provide.

2. Return and Warranty Policy

Products and services are not eligible for return or warranty.

3. Service Provision Process

- Service Fee: The service fee is updated on the application.
- Service Provision Process:
    + Recharge points through direct payment or electronic wallets.
    + Receive corresponding points after payment.
    + Use these points to pay for services within the application.

4. Obligations

Seller's obligation: Provide complete information and service prices.

User's obligation: Provide accurate and truthful information. Read the application's terms and conditions carefully before engaging in transactions.

5. General Terms

We reserve the right to change, modify, suspend, or terminate all or any part of the application or any services provided by us at any time. We are not responsible for the release of services or features of services with trial versions that may not be accurate or completely similar to the final version. We have the right to restrict certain features or access of customers to a part or the entirety of the application without prior notice or responsibility.

These Terms & Conditions are governed by the laws of Vietnam. Any disputes or differences arising from or related to the content of these Terms & Conditions will be resolved through negotiations in a spirit of goodwill within thirty (30) days. If it cannot be resolved within thirty (30) days, the dispute or complaint may be settled in a court of competent jurisdiction.

Online payment on the application is facilitated through the method of purchasing points, which are converted from money via popular electronic wallet payment gateways throughout Vietnam such as Zalopay, MoMo, VNPay, etc.
Note: Customers will make the payment immediately after utilizing the services provided by the application.

Security Commitment

1.1. The online payment system of Rabbit EVC is provided by intermediary payment service providers (including but not limited to electronic payment gateways and electronic wallet services) that have been legally licensed to operate in Vietnam ("Payment Partners"). Accordingly, the security standards for online payments adhere to the security standards of the Payment Partners.

1.2. Members must not disclose detailed information about payment, account/card information, passwords, and other transaction authentication information to any third party through any form of communication. Rabbit EVCis not responsible for any damages or risks that Members may incur in disclosing payment information.

1.3. Members are strictly prohibited from directly or indirectly using, distributing, or disseminating any program, code, tool, or form to unauthorizedly infiltrate, interfere with, or alter the data structure of Rabbit EVCand other Members. Any violation will be processed in accordance with these Regulations and legal provisions.

1. Purpose and Scope of Information Collection

- If you choose to use our Services, you agree to the collection and use of information in accordance with this policy. The Personal Information we collect is used to provide and improve the Services. We will not use or share your information with anyone except as described in this Privacy Policy.

- The Personal Information we collect includes but is not limited to: Full name, phone number, email, and other information on your mobile device, with the permission of the customer upon app installation.

2. Use of Information

The application utilizes third-party services that may gather information to identify you.

Links to privacy policies of third-party service providers used by the application:
- Google Play Services
- Google Analytics for Firebase
- Firebase Crashlytics
- Facebook

3. Log Data

We would like to inform you that whenever you use our Service, in the case of an application error, we collect data and information (through third-party products) on your phone referred to as Log Data. This Log Data may include information such as your device's Internet Protocol ("IP") address, device name, operating system version, app configuration during the use of our Service, time and date of your Service usage, and other statistics.

4. Cookies

Cookies are files with a small amount of data that are often used as anonymous unique identifiers. They are sent to your browser from the websites you visit and stored in your device's memory.

This Service does not explicitly use these "cookies." However, the application may use code and libraries from third-party sources that use "cookies" to gather information and enhance their services. You can choose to accept or decline these "cookies" and be notified when a "cookie" is sent to your device. If you choose to decline our "cookies," you may not be able to use certain parts of this Service.

5. Information Retention Period

We store Personal Information of Customers to ensure their continuous use of Our Products and keep them stored for the necessary duration to fulfill the objectives stipulated in this Privacy Policy, as required by law (including tax and accounting purposes), or to perform other tasks as notified to Customers in advance. The period we retain specific Personal Information varies depending on the purpose of use, and we will delete Customer's Personal Information as stipulated by current laws.

6. Individuals with Access to Information

Service Providers
We may hire third-party companies and individuals for the following reasons:
- Support for our Service
- Provide Services on our behalf
- Perform services related to the Service or assist us in analyzing how our Service is used. We want to inform users of this Service that these third parties have access to their Personal Information. The reason is to perform tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

7. Editing Information

Users can log into their accounts and edit information directly within the application. The application will update with the latest information provided by the user.

8. Handling Complaints

Customers have the right to file complaints about the disclosure of personal information to third parties with the Administration Board of the Rabbit EVC e-commerce application. Upon receiving these feedbacks, we will confirm the information, take responsibility for responding to the reasons, and guide the Customer to restore and secure the information.

We will actively support Customers in resolving complaints related to the misuse of personal information or scope as disclosed, according to the following procedure:
    - Step 1: The Customer Support department will receive Customer complaints, proactively resolve them quickly, and immediately respond to the resolution results if they are based on the policies we have announced.
    - Step 2: In complex cases or those not covered by the policies we have announced, the Customer Support department commits to responding to the Customer within a maximum of 7 (seven) days.
    - Step 3: Transfer the complaint resolution results to the relevant departments to carry out and call to confirm with the Customer about the resolved complaint results.

Customers can submit complaints to the address:
ZIOT INTELLIGENT SOLUTIONS JOINT STOCK COMPANY
Headquarters address: 585/8/15 Quốc lộ 13, Khu phố 3, Phường Hiệp Bình Phước, Thủ Đức City, Ho Chi Minh City, Vietnam
Hotline: 096 7171 311
Email: [email protected]
Facebook: https://www.facebook.com/rabbitevc/
Zalo: https://zalo.me/0967171311

9. Children's Privacy

This Service is not intended for individuals under 13 years old. We do not collect personally identifiable information from children under 13 years old. If we discover that a child under 13 years old has provided us with personal information, we will immediately delete this information from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we can take necessary actions.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Therefore, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.

General regulations

  1. Scope of application
    1. This decree provides regulations on personal data protection and the responsibilities for personal data protection of relevant agencies, organizations, and individuals.
    2. This decree applies to:
      a) Vietnamese agencies, organizations, and individuals.
      b) Foreign agencies, organizations, and individuals in Vietnam.
      c) Vietnamese agencies, organizations, and individuals operating abroad.
      d) Foreign agencies, organizations, and individuals directly involved or related to personal data processing activities in Vietnam.
  2. Principles of personal data protection
    1. Personal data is processed in accordance with the regulations.
    2. Data subjects have the right to know about activities related to the processing of their personal data, except where otherwise provided by law.
    3. Personal data is processed only for the purposes registered or declared by the Data Controller, Data Processor, Data Controller and Processor, or Third Party regarding personal data processing.
    4. The personal data collected must be relevant and limited to the scope and purpose of processing. Personal data shall not be bought or sold in any form, except where otherwise provided by law.
    5. Personal data is updated and supplemented in accordance with the purpose of processing.
    6. Personal data is protected and secured during the processing, including protection against acts that violate personal data protection regulations and prevention of loss, destruction, or damage caused by incidents using technical measures.
    7. Personal data is only stored for a period suitable to the purpose of data processing, unless otherwise provided by law.
    8. The Data Controller and the Data Controller and Processor are responsible for complying with the data processing principles stated from clauses 1 to 7 of this Article and for demonstrating their compliance with these data processing principles.
  3. Handling violations of personal data protection regulations Agencies, organizations, and individuals that violate personal data protection regulations may be subject to disciplinary action, administrative penalties, or criminal prosecution depending on the severity of the violation.
  4. Prohibited actions
    1. Processing personal data in violation of personal data protection laws.
    2. Processing personal data to create information or data aimed at opposing the Socialist Republic of Vietnam.
    3. Processing personal data to create information or data that affects national security, social order and safety, or the legal rights and interests of other organizations or individuals.
    4. Obstructing personal data protection activities by competent authorities.
    5. Abusing personal data protection activities to violate the law.
  5. Rights of the data subject
    1. Right to be informed
      The data subject has the right to be informed about the processing of their personal data, unless otherwise provided by law.
    2. Right to consent
      The data subject has the right to consent or not consent to the processing of their personal data.
    3. Right to access
      The data subject has the right to access, view, edit or request edits to their personal data, unless otherwise provided by law.
    4. Right to withdraw consent
      The data subject has the right to withdraw their consent, unless otherwise provided by law.
    5. Right to erasure
      The data subject has the right to erase or request erasure of their personal data, unless otherwise provided by law.
    6. Right to restrict data processing
      a) The data subject has the right to request restriction of processing of their personal data, unless otherwise provided by law;
      b) The restriction of data processing shall be implemented within 72 hours after the data subject's request, for all personal data that the data subject requests to restrict, unless otherwise provided by law.
    7. Right to data portability
      The data subject has the right to request the Personal Data Controller, Personal Data Controller and Processor to provide them with their personal data, unless otherwise provided by law.
    8. Right to object to data processing
      a) The data subject has the right to object to the Personal Data Controller, Personal Data Controller and Processor processing their personal data in order to prevent or limit the disclosure of personal data or use for advertising, marketing purposes, unless otherwise provided by law;
      b) The Personal Data Controller, Personal Data Controller and Processor shall comply with the data subject's request within 72 hours after receiving the request, unless otherwise provided by law.
    9. Right to complain, denounce, and sue
      The data subject has the right to complain, denounce or sue in accordance with the law.
    10. Right to claim compensation
      The data subject has the right to claim compensation in accordance with the law when violations of their personal data protection regulations occur, unless the parties have agreed otherwise or the law provides otherwise.
  6. Consent of the data subject
    1. The consent of the data subject applies to all activities in the personal data processing procedure, unless otherwise provided by law.
    2. The consent of the data subject is only effective when the data subject voluntarily and clearly understands the following contents:
      a) Types of personal data to be processed;
      b) Purpose of personal data processing;
      c) Organizations and individuals authorized to process personal data;
      d) Rights and obligations of the data subject.
      • The consent of the data subject must be clearly and specifically expressed in writing, voice, checking a consent box, consent syntax via message, selecting technical consent settings or through another action that demonstrates this.
      • Consent must be obtained for the same purpose. When there are multiple purposes, the Personal Data Controller, Personal Data Controller and Processor list the purposes for the data subject to consent to one or more stated purposes.
      • The consent of the data subject must be expressed in a format that can be printed, copied in writing, including in electronic form or a verifiable format.
      • Silence or non-response of the data subject is not considered consent.
      • The data subject may consent partially or with attached conditions.
      • For processing sensitive personal data, the data subject must be informed that the data to be processed is sensitive personal data.
      • The consent of the data subject is effective until the data subject makes a different decision or when the competent state authority requests in writing.
  7. Withdrawal of consent
    1. The withdrawal of consent does not affect the legality of the processing of data that was consented to before the withdrawal of consent.
    2. The withdrawal of consent must be expressed in a format that can be printed, copied in writing, including in electronic form or a verifiable format.
    3. Upon receiving a request to withdraw consent from the data subject, the Personal Data Controller, Personal Data Controller and Processor shall inform the data subject about the consequences and potential damages that may occur when withdrawing consent.
    4. After implementing the provisions in Clause 2 of this Article, the Data Controller, Data Processor, Controller and Processor, and Third Party must cease and request related organizations and individuals to cease processing the data of the data subject who has withdrawn consent.
  8. Notification of personal data processing
    1. The notification is carried out once before proceeding with personal data processing activities.
    2. Content of the notification to the data subject about personal data processing.
    3. The notification to the data subject must be expressed in a format that can be printed, copied in writing, including in electronic form or a verifiable format.
    4. The Personal Data Controller, Personal Data Controller and Processor do not need to implement the provisions in Clause 1 of this Article in the following cases:
  9. Provision of personal data
    1. The data subject has the right to request the Personal Data Controller, Personal Data Controller and Processor to provide them with their personal data.
    2. The Personal Data Controller, Personal Data Controller and Processor
    3. The provision of personal data of the data subject shall be carried out by the Personal Data Controller, Personal Data Controller and Processor within 72 hours after the data subject's request, unless otherwise provided by law.
    4. The Personal Data Controller, Personal Data Controller and Processor do not provide personal data in cases where
    5. Forms of requesting personal data provision:
      The data subject directly or authorizes another person to come to the headquarters of the Personal Data Controller, Personal Data Controller and Processor to request the provision of personal data.
      The person receiving the request is responsible for guiding the organization, individual requesting to fill in the contents in the Personal Data Provision Request Form.
      In case the organization or individual requesting information is illiterate or disabled and unable to write the request, the person receiving the information request is responsible for helping to fill in the contents in the Personal Data Provision Request Form.
    6. The Personal Data Provision Request Form must be in Vietnamese and include the following main contents:
      a) Full name; place of residence, address; ID card number, citizen identification card or passport number of the requester; fax number, phone number, email address (if any);
      b) Personal data requested, clearly specifying the name of the document, file, material;
      c) Form of personal data provision;
      d) Reason and purpose for requesting personal data provision.
    7. In case of requesting personal data provision as stipulated in Clause 2 of this Article, it must be accompanied by a written consent of the related individual or organization.
    8. Receiving requests for personal data provision
      a) The Personal Data Controller, Personal Data Controller and Processor are responsible for receiving requests for personal data provision and monitoring the process and list of personal data provided upon request;
      b) In case the requested personal data is not under their authority, the Personal Data Controller, Personal Data Controller and Processor receiving the request must notify and guide the requesting organization or individual to the competent authority or clearly notify the inability to provide personal data.
    9. Resolving requests for personal data provision
      Upon receiving a valid request for personal data provision, the Personal Data Controller, Personal Data Controller and Processor are responsible for providing personal data, notifying about the deadline, location, form of personal data provision; actual costs for printing, copying, photographing, sending information via postal service, fax (if any) and the method, payment deadline; implementing the provision of personal data according to the order, procedures stipulated in this Article.
  10. Editing personal data
    1. Data subject:
      a) Has the right to access to view and edit their personal data after it has been collected by the Personal Data Controller, Personal Data Controller and Processor with consent, unless otherwise provided by law;
      b) In case direct editing is not possible due to technical or other reasons, the data subject may request the Personal Data Controller, Personal Data Controller and Processor to edit their personal data.
    2. The Personal Data Controller, Personal Data Controller and Processor shall edit the personal data of the data subject after obtaining the data subject's consent as soon as possible or according to specialized legal regulations. If it cannot be implemented, they shall notify the data subject within 72 hours from receiving the data subject's request to edit personal data.
    3. The Personal Data Processor and Third Party may edit the personal data of the data subject after obtaining written consent from the Personal Data Controller, Personal Data Controller and Processor, and knowing that the data subject's consent has been obtained.
  11. Illegal collection, transfer, purchase, and sale of personal data
    1. Organizations and individuals involved in personal data processing must apply personal data protection measures to prevent illegal collection of personal data from their systems and service equipment.
    2. The establishment of software systems, technical measures, or organization of activities to collect, transfer, buy, or sell personal data without the consent of the data subject is a violation of the law.
  12. Personal data protection measures
    1. Personal data protection measures are applied from the beginning and throughout the process of personal data processing.
    2. Personal data protection measures include:
      a) Management measures implemented by organizations and individuals involved in personal data processing;
      b) Technical measures implemented by organizations and individuals involved in personal data processing;
      c) Measures implemented by competent state management agencies according to the provisions of this Decree and relevant laws;
      d) Investigation and prosecution measures implemented by competent state agencies;
      e) Other measures as prescribed by law.

ENTERPRISE REPRESENTATIVE

(Signature, company stamp)