DreamDeco AI Interior Simulation Service Privacy Policy

Service Provision and Operation:

• Member identification, account management, identity verification
• Generation of AI interior simulations and provision of results
• Credit purchase and payment processing
• Restricting use for members who violate the terms of service

How We Use Google User Data:

• Account Creation and Authentication: Your Google email address is used to create and authenticate your DreamDeco account
• User Identification: We use your Google profile information to identify you within our service and personalize your experience
• Communication: Your Google email address may be used to send you service-related notifications, updates, and support responses
• Account Recovery: Your email is used for password reset and account recovery purposes

We do not use your Google user data for advertising, profiling for advertising purposes, or any purposes other than those explicitly stated above.

Enhancement of User Experience:

• Recommending customized content by analyzing service usage patterns
• Improving service design and functionality
• Developing new services and research

Customer Support and Communication:

• Responding to inquiries and handling complaints
• Notifying important information such as announcements and changes to terms

Security and Legal Compliance:

• Preventing and monitoring fraudulent activities
• Fulfilling obligations under relevant laws

Storage Location and Method:

• Data Storage: Your personal information and Google user data are stored on secure cloud servers with industry-standard security measures
• Geographic Location: Data is primarily stored in secure data centers with appropriate safeguards
• Access Control: Access to user data is strictly limited to authorized personnel who require access to perform their job functions

Security Measures for Protecting Google User Data:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols
• Encryption at Rest: Sensitive data, including passwords and personal information, is encrypted when stored in our databases
• Authentication Security: OAuth 2.0 protocol is used for Google Sign-In, ensuring secure authentication without storing your Google password
• Network Security: Firewalls and intrusion detection systems protect against unauthorized access
• Regular Security Audits: We conduct regular security assessments to identify and address potential vulnerabilities
• Employee Training: Staff handling user data receive regular training on data protection and security best practices
• Incident Response: We maintain an incident response plan to quickly address any security breaches

Additional Technical Safeguards:

• Multi-factor authentication options for enhanced account security
• Regular software updates and security patches
• Secure backup systems with encryption
• Activity monitoring and logging for suspicious behavior detection

Company"s Internal Policy:

• Record of fraudulent use: Retained for 1 year after membership withdrawal
• Complaint and dispute resolution records: Retained for 3 years
• Service usage statistics: Retained for 3 years

Google User Data Retention:

• Active Accounts: Your Google user data (email and profile information) is retained as long as your account remains active
• After Account Deletion: Upon account deletion request, your Google user data is permanently deleted within 30 days, except where retention is required by law
• Backup Systems: Data in backup systems is deleted within 90 days of account deletion

Relevant Laws:

• Records on contracts or withdrawal of offers: 5 years (Vietnam Law on E-commerce)
• Records on consumer complaints or dispute resolution: 3 years (Vietnam Law on Protection of Consumer Rights)
• Login records: 3 months (Vietnam Law on Cybersecurity)
• Payment-related records: 5 years (Relevant Vietnamese laws)

How to Request Data Deletion:

Users have the right to request deletion of their personal information and Google user data at any time. You can request data deletion through the following methods:

• Account Settings: Navigate to your account settings and select "Delete Account" to initiate the deletion process
• Email Request: Send an email to dreamdeco@bigmouth.vn with the subject line "Data Deletion Request" and include your registered email address
• Written Request: Submit a written request to our contact address provided in this policy

Data Deletion Process:

• Verification: We will verify your identity to ensure the request is legitimate (typically within 3 business days)
• Processing Time: Once verified, your data will be deleted within 30 days
• Confirmation: You will receive a confirmation email once the deletion is complete
• Scope of Deletion: The deletion includes all personal information, Google user data, uploaded content, and service usage records

Exceptions to Immediate Deletion:

In certain limited circumstances, we may be unable to immediately delete all data:

• When retention is required by Vietnamese law (as specified in Article 5)
• When necessary for ongoing legal proceedings or dispute resolution
• Data in backup systems (automatically deleted within 90 days)

In these cases, we will inform you of the specific reason and expected timeframe for complete deletion.

Revoking Google Account Access:

You can revoke DreamDeco"s access to your Google account data at any time through:

• Your Google Account settings at https://myaccount.google.com/permissions
• Deleting your DreamDeco account as described above

Note: Revoking access will prevent you from signing in with Google, but your DreamDeco account will remain active unless you also delete your account.

Your Rights:

• Right to Access: View all personal information we hold about you
• Right to Rectification: Correct any inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information (as detailed in Article 6)
• Right to Data Portability: Request a copy of your data in a structured, commonly used format
• Right to Object: Object to certain processing of your personal information
• Right to Withdraw Consent: Withdraw consent for data processing at any time

How to Exercise Your Rights:

• To view or modify personal information, access your account settings
• To terminate membership or exercise other rights, contact us through the designated channels below
• Users can contact the Chief Privacy Officer in writing, by phone, or by email at dreamdeco@bigmouth.vn
• For children under 14, the legal representative has the right to view or modify the child"s personal information

Purpose of Using Cookies:

To analyze the frequency of user access and visit times, identify user preferences and interests, track traces, and provide targeted marketing and personalized services.

Installation and Refusal of Cookies:

Users have the option to install cookies through their web browser settings. However, if you refuse to install cookies, you may have difficulty using some services that require login.

Technical Measures:

• Encryption of personal information (passwords and sensitive data)
• Network security using intrusion prevention systems (firewalls)
• Access control to the personal information processing system
• Encryption of data transmission through SSL certificates

Managerial Measures:

• Minimization and training of staff handling personal information
• Establishment and implementation of an internal management plan
• Regular self-audits for security compliance

Physical Measures:

• Restricted physical access to locations where personal information is stored
• Document security and access control

Chief Privacy Officer:

• Name: CHOI JUN HO
• Position: CEO
• Email: dreamdeco@bigmouth.vn

Complaint Handling Organizations:

• Personal Data Protection Commission of Vietnam
• Cybersecurity Department of the Ministry of Public Security of Vietnam