OneXBots - Multichannel AI chatbot platform for modern businesses | OneXBots

Privacy Policy

Last updated: 6/17/2025

Sparkle 1
Sparkle 2
Sparkle 3
Sparkle 4
Sparkle 4
Sparkle 5
Sparkle 6
Sparkle 7

OneXBots User Privacy Policy

This policy complies with Vietnamese legal regulations and is effective as of July 1, 2025

 

This Privacy Policy (hereinafter referred to as the “Policy”) specifies the categories of information collected on or through OneXBots website at onexbots.com and affiliated websites, the services we provide, as well as all communication and information exchange with users via written correspondence, email, phone, or any other method. This Policy complies with and is an integral part of OneXBots Terms of Service.

  1. Definitions

In this Policy, the following terms are defined as follows:

1.We/us refers to the team behind the development of the OneXBots product.

2. OneXBots shall refer to the product solution provided by OneXAPIs Tech Solutions Joint Stock Company  and the underlying servers and software used to provide such solutions

3. OneXBots Customers are organizations or individuals who use OneXBots under a legally binding contract between the customer and us. A contract is legally established when:

(i) both parties sign a written agreement, or

(ii) the customer registers a OneXBots account on the website and agrees to the Terms of Service published on OneXBots official website.

4. Users are individuals who directly access, use, and operate within the OneXBots software system by logging in, as assigned, authorized, or permitted by a OneXBots Customer.

5. Guests are individuals who are not Users but have access to public areas on OneXBots website or public links created by OneXBots Users.

6. Contract refers to the software service agreement signed between a customer and us, in which we act as the Data Processor under the instructions of the Data Controller.

Services include:

(i) The official OneXBots website: onexbots.com 

(ii) The web application provided by OneXBots: onexbots.com 

(iii) Other services provided by OneXBots.

  1. OneXBots Customer Data refers to data stored on the OneXBots system by customers or users.
  2. Personal Data includes any information linked to a specific individual, comprising both Basic Personal Data and Sensitive Personal Data as defined by Vietnamese law.
  3. Basic Personal Data and Sensitive Personal Data refer to the information specified in Clauses 3 and 4, Article 2 of Decree No. 13/2023/ND-CP dated April 17, 2023, on personal data protection (hereinafter referred to as “Decree 13”).
  4.  Data Subjects are individuals whose personal data is processed, including OneXBots customers, users, and guests.
  5. Public Area is an area accessible to both Users and Guests without requiring login.
  6.  Restricted Area is an area accessible only to logged-in Users.

II. Information and Data We Collect

  1. Data Provided by OneXBots Customers

When a customer enters into a contract with us, we may collect information such as name, email address, phone number, payment details, and other relevant data to provide services.

  1. Data Provided by Users

Users may upload personal information such as profile pictures, full names, job titles, and email addresses while using OneXBots. This data can be modified or deleted based on permissions set by OneXBots Customers.

  1. Automatically Collected Data

When Users or Guests access the Services, we may automatically collect information from their devices, including:

  • IP address
  • Web browser information
  • Access time and activity logs
  • Cookies and other tracking technologies
  1. Integrated Services

Users may choose to log in to OneXBots via third-party accounts (Google, Apple, Microsoft, etc.). In such cases, we collect personal data based on the user’s permission granted through the integrated service.

Please carefully review the Terms of Service and Privacy Policies of each integrated service before connecting them to OneXBots Services.

  1. Data Collected from Other Sources

We may collect information from partners, vendors, or publicly available data on the internet.

  1. Data We Do Not Collect

We do not actively collect Sensitive Personal Data or Children’s Data. We recommend that Users and Guests refrain from uploading such data onto our Services.

If you discover such data on our system, please notify us via email at hello@onexbots.com so that we can take appropriate action.

Please note that while we commit to deleting unauthorized data, due to technical or system errors, complete removal may not always be possible. In such cases, we will ensure the data is inaccessible, unused, or protected to the fullest extent possible.

III. Purpose of Data Collection

We collect and use personal data of OneXBots customers, users, and guests for the following purposes:

  1. Providing and Operating the Service

Establishing, maintaining, and granting access to the OneXBots system.

Authenticating user accounts and ensuring secure logins.

Supporting customers in using the service, resolving technical issues, and handling support requests.

  1. Improving and Enhancing Service Quality

Analyzing trends and usage habits to optimize the user experience.

Developing new features to improve productivity and team management.

Enhancing the interface, performance, and system stability.

  1. Ensuring Security and Protection

Preventing fraud, unauthorized access, or misuse.

Detecting, investigating, and handling security incidents or policy violations.

Protecting personal data and business information from cybersecurity threats.

  1. Communication and Customer Support

Sending updates about new features or policy changes.

Providing technical support and responding to customer inquiries.

Notifying users about OneXBots events, workshops, or promotions (if consent is given).

  1. Compliance with Legal Obligations

Meeting regulatory requirements under applicable laws.

Ensuring transparency in data collection, processing, and storage.

Fulfilling legal obligations related to user data management.

We commit to using personal data solely for the above purposes and will not share or disclose it beyond what is necessary to operate the service, except as required by law.

IV. How Data is Disclosed

We are committed to protecting the personal data of OneXBots customers, users, and guests and does not disclose data to third parties except in the following cases:

  1. Data Publicly Shared by Users

When users voluntarily upload or share personal information in public areas of the platform (e.g., profile pictures, forum comments, internal blog posts), this data may be visible to other users.

Users have control over their information-sharing preferences within the system.

  1. Internal Sharing within OneXBots Customer Systems

Certain user data (name, job title, email) may be shared with the administrator of the organization using OneXBots.

Depending on internal settings and policies, data may be shared among users within the same system.

  1. Disclosure to Third-Party Service Providers

We collaborate with third-party service providers to support system operation and improvement, including:

  • Cloud storage services: Secure data storage on trusted servers.
  • Data analytics services: Evaluating performance and optimizing user experience.
  • Customer support services: Ensuring prompt and accurate responses.
  • Payment processing tools: Handling secure financial transactions.

We share only the necessary data for service providers to perform their tasks and require them to comply with strict security standards.

  1. Disclosure for Legal Compliance

We may disclose personal data in the following circumstances:

  • To comply with legal obligations under Vietnamese law.
  • Upon request from competent authorities, such as courts or law enforcement.
  • To protect OneXBots legal rights, customers, or users in legal disputes.
  1. Data Transfer in Case of Ownership Changes

If we undergo a merger, acquisition, or structural changes, user data may be transferred to the acquiring entity.

In such cases, we will provide clear notifications and ensure compliance with equivalent privacy standards.

  1. Anonymous and Statistical Data Disclosure

We may aggregate and anonymize user data for research, trend analysis, and service improvement.

Such reports and statistics do not contain identifiable personal information and may be shared with partners or the public.

Note: We do not sell, trade, or provide personal data for marketing or advertising purposes without the explicit consent of data subjects.

V. Rights and Obligations of Data Subjects

We implement the necessary technical and organizational measures to ensure that OneXBots customer data and personal data are securely stored and processed, protecting them from risks such as loss, destruction, unauthorized access, or unauthorized disclosure.

  1. Rights of Data Subjects

We respect the privacy and personal data of data subjects, ensuring their legitimate rights in accordance with current legal regulations. Data subjects have the following rights concerning their personal data:

  • Right to be Informed: To be notified of the purpose, scope, and methods of processing personal data.
  • Right to Consent: To agree to or refuse the collection, processing, and use of personal data.
  • Right to Access: To request access to and receive copies of their personal data.
  • Right to Withdraw Consent: To withdraw previously granted consent at any time.
  • Right to Erasure: To request the deletion or removal of personal data from the system.
  • Right to Restrict Processing: To request limitations on the processing of data under specific circumstances.
  • Right to Data Portability: To request the transfer of personal data to another organization or individual.
  • Right to Object to Processing: To object to the processing of data for marketing or other undesired purposes.
  • Right to File Complaints, Reports, or Lawsuits: To file complaints or lawsuits if violations concerning the processing of personal data are identified.
  • Right to Compensation for Damages: To request compensation for damages caused by unlawful data processing activities.
  • Right to Self-Protection: To proactively protect their rights under legal provisions.

To exercise these rights, data subjects may:

  • Use the available features or options on OneXBots services.
  • Submit requests directly via email at hello@onexbots.com or other official support channels.

Regarding personal data controlled by us:

  • For personal data where we act as the Data Controller, we commit to processing requests within a reasonable timeframe (a maximum of 30 business days from the date of receipt).
  • In cases where absolute compliance with the request is not feasible due to technical issues, we will take appropriate measures to ensure the data is not accessed or processed unlawfully.

Regarding personal data within OneXBots Customer Data:

  • For personal data included in OneXBots Customer Data (where customers act as the Data Controller), the customer will handle the request. We will support by forwarding the data subject’s request to the customer for resolution.
  1. Obligations of Data Subjects

Data subjects must fulfill the following obligations to ensure their rights and safety during the use of services:

(i) Provide accurate, complete, and truthful information

  • Ensure the accuracy and legality of the personal information provided.

(ii) Comply with personal data protection regulations

  • Adhere to the legal regulations and privacy policies of us or customers using the OneXBots system.
  • Avoid posting or sharing sensitive information or violating others’ privacy rights.

(iii) Protect accounts and personal information

  • Take responsibility for protecting accounts, passwords, and access credentials.
  • Notify us immediately in case of security risks or unauthorized access.

(iv) Cooperate with us in addressing violations

  • Assist us in resolving issues related to data breaches or security incidents.
  • Promptly report any signs of violations or unusual activities to us through official contact channels.

Note: Any violation by the data subject concerning their obligation to provide accurate information or misuse data for improper purposes will be subject to accountability under the law and our policies.

 

VI. Data Protection

We implement the necessary technical and organizational measures to ensure that OneXBots customer data and personal data are securely stored and processed, protecting them from risks such as loss, destruction, unauthorized access, or unauthorized disclosure.

1.Data Protection Measures

  • Data Encryption: We encrypt data both at rest (encrypt-at-rest) and in transit (encrypt-in-transit) to ensure data security.
  • Secure HTTPS Protocol: All OneXBots services are accessed through the HTTPS protocol (SSL/TLS).
  • Password Security: User login passwords are encrypted using end-to-end encryption.
  • Secure Storage Infrastructure: We utilize reliable cloud storage infrastructures that comply with international security standards.
  • Access Control: Only authorized and specially trained personnel can access sensitive data.

2.Security Features for Customers and Users

Single Sign-On (SSO): Integration of SSO through Google, Microsoft, or SAML 2.0 to enable administrators to efficiently manage user accounts.

3.Handling Security Incidents

If a security breach or evidence of data compromise is detected, we will:

  • Promptly notify affected data subjects and customers.
  • Report the incident to relevant authorities as required by law.
  • Take necessary measures to mitigate damage and prevent recurrence.

4.Unintended Consequences and Risks

Despite implementing optimal protection measures, we cannot guarantee that our systems are entirely immune to risks such as:

  • Technical or hardware failures.
  • Security vulnerabilities exploited by hackers.
  • Unforeseen incidents such as natural disasters or fires.
  • In the event of an incident, we are committed to resolving and mitigating the consequences to minimize damage.

VII. Data Retention

Personal data is retained as long as the user account remains active or as needed to fulfill the purposes for which the data was collected. We do not claim ownership of the data that customers or users store on the system.

VIII. Data Transfer

We may transfer, process, and store data in data centers located inside and outside Vietnam. When personal data is transferred between Vietnam and other countries, we ensure compliance with applicable legal regulations and implements necessary security measures.

Currently, we store Customer Data (including personal data) on Google Cloud Platform and servers located in Vietnam.

VIIII. Policy Updates and Adjustments

This policy may be updated periodically to reflect changes in laws, technology, or services. If an update involves significant changes to the content or terms of this policy, we will notify all OneXBots customers, users, and guests before implementing the update through available communication channels, such as announcements or articles on OneXBots website, or direct contact with OneXBots customers, users, and guests via services, email, or other appropriate methods. The effective date of each policy version will be specified.

Continued use of the services after the updated policy becomes effective constitutes agreement with the updated contents.

We recommend that OneXBots customers, users, and guests regularly review this policy to stay informed about OneXBots data collection and processing practices.

X. Contact us

If you have any questions, requests, or need assistance regarding this privacy policy, please contact us via: