Privacy Policy

Last Updated: January 1, 2026

Pegasi (“we,” “us,” or “our”) recognizes the supreme importance of your personal privacy. This Privacy Policy outlines how we collect, use, disclose, process, and protect your information when you interact with our website located at https://pegasi.com.vn (the “Service”), our candidate portals, and our professional recruitment consultancy services.

By accessing or using our Service, you explicitly consent to the data practices described in this Privacy Policy. If you do not agree with any terms within this policy, you must immediately cease using our platform.

1. Personal Data We Collect

To effectively connect technical talent with leading enterprises, we collect both personal data you submit to us and automated technical information.

1.1. Candidate & User-Submitted Data

When you register, submit a CV, apply for an opening, or communicate with our consulting team, we collect:

Identity Data: Full name, date of birth, gender, nationality, and photograph.
Contact Data: Email address, telephone number, and residential address.
Professional History: Employment history, education details, technical skills, certifications, portfolios, salary expectations, and professional references.
Account Credentials: Usernames, encrypted passwords, and profile settings.
Social Authentication: If you log in via Google, LinkedIn, or Facebook, we collect the account username, email, profile picture, and the unique identifier provisioned by that platform.

1.2. Sensitive Personal Data

Depending on background screening requirements requested by prospective employers, we may occasionally process data that qualifies as "Sensitive Personal Data" under local laws (e.g., health data for work permits or specific background clearance details). We will never process this information without your separate, explicit, and written or digital affirmation.

1.3. Automated & Technical Data

When navigating our site, we automatically log:

Device type, browser configurations, operating system, IP address, and geographic location.
Navigation pathways, clickstreams, time spent on job listings, and referral URLs.

2. Cookies, Tracking, and Email Synchronization

We use cookies, web beacons, and technical identifiers to improve performance, save preferences, and coordinate communication histories.

Functional Cookies: Essential for keeping you logged into your applicant portal and securing your session.
Analytics & Performance: We utilize industry-standard tracking tools (such as Google Analytics) to generate aggregated traffic reports. You may adjust your browser preferences to reject cookies, though some platform features may cease to function correctly.
Email & Synchronization: For automated communication, interview scheduling, and draft synchronization, tracking pixels or invisible threading markers may be embedded inside email communications to maintain smooth, chronologically ordered conversations between recruiters and candidates.

3. How We Use Your Information

We process personal data strictly for legitimate operational purposes, including:

Matching & Placement: Assessing your technical suitability and career experience for active or future tech job vacancies.
Communication: Sending job alerts, application status updates, interview schedules, and transactional platform notices.
System Optimization: Maintaining, troubleshooting, and improving our application interface, internal candidate databases, and digital infrastructure.
Legal Obligations: Complying with local employment, labor, tax, and cyber-security regulations.

4. How We Share and Disclose Data

Pegasi does not sell your personal data to third parties. Your data is shared only under the following strict conditions:

Prospective Employers: We share candidate profiles and CVs with corporate clients who have matching job openings, only after obtaining the candidate’s explicit interest in the opportunity.
Corporate Affiliates: We may share data within the Pegasi corporate family for internal system management and resource optimization.
Legal Mandates: We will disclose data to judicial bodies or government agencies if required by law, subpoena, or to investigate fraudulent platform activities.
Business Transitions: In the event of an asset sale, merger, or corporate restructuring, user databases may be securely transferred to the acquiring entity under strict confidentiality guidelines.

5. Cross-Border Transfers & Data Storage

Pegasi maintains a highly secure data infrastructure.

Localization: In strict compliance with Vietnam’s Decree 13/2023/ND-CP, personal data concerning Vietnamese citizens is stored locally on secure servers or managed via localized cloud frameworks where required by law.
Cross-Border Transfers: If your data is transferred internationally (e.g., to a corporate client or cloud server based in Singapore or another regional tech hub), Pegasi ensures the receiving entity provides an equivalent standard of protection matching or exceeding regional standards, supported by verified impact assessments.

6. Data Security and Breach Notification

The security of your technical and personal data is paramount. We deploy rigorous physical, administrative, and electronic safeguards (including encryption protocols and access controls limited only to authorized personnel).

Data Breach Protocol: In the highly unlikely event of a data breach endangering personal information, Pegasi will investigate, contain the incident, and report the occurrence to relevant regulatory authorities within 72 hours of discovery. Affected users will be notified without undue delay if the breach poses a high risk to their rights and freedoms.

7. Data Retention Lifespan

We retain candidate profiles and resume data only as long as necessary to fulfill recruitment objectives or legal compliance.

Inactive candidate profiles are retained in our active talent pool database for a period of three (3) years from the date of last recorded interaction, after which the data is permanently deleted or anonymized, unless explicit consent is renewed.

8. Your Rights and Choices

You hold full ownership over your digital data. You can exercise any of the following rights at any time by contacting us:

Right to Access & Copy: Request an electronic summary of all personal information we hold on you.
Right to Correction: Correct inaccurate or outdated CV information, contact numbers, or salary expectations.
Right to Deletion ("Right to be Forgotten"): Request that we permanently wipe your profile and records from our databases.
Right to Opt-Out: Unsubscribe from promotional materials or career advice newsletters by clicking the "Unsubscribe" footer link in our emails.

To submit a request regarding your data rights, please email us directly at recruit@pegasi.com.vn with the subject line "Data Privacy Request". We will verify your identity before processing the request within legal time limits.

9. Governing Law and Dispute Jurisdiction

Depending on the context of your engagement:

For operations rooted within Vietnam, this policy is governed by and construed in accordance with the laws of the Socialist Republic of Vietnam (including Decree 13/2023/ND-CP).
For regional cross-border operations handled via our international channels, the laws of Singapore (PDPA) apply.
Any disputes arising under this policy shall be submitted to the exclusive jurisdiction of the competent courts in Ho Chi Minh City, Vietnam, or Singapore, respectively.

10. Data Protection Officer (DPO) Contact

For technical queries regarding this policy, security concerns, or regulatory compliance verification, please contact our designated Data Protection desk:

Pegasi Data Protection Team Email: recruit@pegasi.com.vn (Attn: Data Protection Officer) Primary Office: Ho Chi Minh City, Vietnam