+855 968769978

Contact us
regulamin

Polityka prywatności

Privacy Policy

Effective date: 12.01.2024

Website: https://fivoweb.com


Controller / Operator: F.I.V.O.(CAMBODIA) CO.LTD.

Registered address: Bhumi Emeral 149 Block 2, St.444, Phum 2, Phnom Penh, Cambodia

Contact email: office@fivoweb.com

F.I.V.O.(CAMBODIA) CO.LTD. (“we”, “us”, “our”) operates this Website and acts as the controller of personal data provided via the Website. This Policy explains what data we process, why and how we process it, with whom we share it, how long we keep it, your rights, and how to contact us.

We align with globally recognised standards, including EU GDPR and ePrivacy for cookies, UK GDPRCCPA/CPRA(California), LGPD (Brazil), PDPA (Singapore), PIPEDA (Canada), Australia Privacy Act / APPs, and applicable Cambodian regulations (Law on E-Commerce; Sub-Decree No. 252 on identification data). We will update this Policy if new national rules (e.g., a Cambodian Personal Data Protection Law) take effect.


1) Scope and Definitions

  • Personal data means any information relating to an identified or identifiable natural person.
  • Processing means any operation performed on personal data (collection, storage, use, disclosure, deletion, etc.).
  • This Policy applies to visitors, customers, and individuals contacting us via forms, chat, or email, and to data collected by cookies and similar technologies.


2) How we collect data

  • Directly from you: forms (contact, newsletter, support), chat, email, account/checkout.
  • Automatically: server logs, cookies, SDKs, and analytics tags.
  • From third parties: payment providers, anti-fraud tools, delivery/courier systems (where applicable).


3) Categories of data we process

  • Identification & contact: name, email, phone, company, country.
  • Account & profile (if enabled): username/ID, photo/avatar, bio, preferences.
  • Transactional & logistics (if applicable): billing/shipping addresses, order details, payment status (tokenised; we do not store full card data), invoices, returns/claims.
  • Content you submit (if enabled): comments, forum posts, listings, attachments, chat transcripts.
  • Technical/telemetry: IP address, device/user-agent, timestamps, referrer, pages viewed, event logs; cookie IDs, advertising IDs (where consented).
  • Marketing preferences: newsletter opt-ins/outs, consent records, campaign interactions.


4) Purposes and legal bases

We process data for:

  • Handling enquiries and pre-contract steps (quotes, demos, RFP/RFQ) — contract / legitimate interests.
  • Providing services (project delivery, support, maintenance, SLAs) — contract / legitimate interests.
  • Account & profile features (if used) — contract / legitimate interests.
  • Order fulfilment & invoicing (if e-commerce is used) — contract / legal obligation (tax/accounting).
  • Security & fraud prevention (access logs, rate-limiting, abuse detection) — legitimate interests.
  • Analytics & service improvement — legitimate interests (anonymised/aggregated) or consent where required (e.g., EU).
  • Marketing & remarketing (newsletters, ads) — consent (opt-in per local law); you can opt out anytime.
  • Legal compliance & claims — legal obligation / legitimate interests.

Where laws require a legal basis (e.g., GDPR/UK GDPR/LGPD), we rely on consentcontractlegal obligation, or legitimate interests as specified above.


5) Newsletter, comments, forum, live chat, classifieds (if enabled)

If these features are active, we process the content and metadata you provide, display user profiles to other users as configured, and moderate content per our Terms of Use. We retain moderation logs for security and compliance.


6) Hosting and server logs

Our Website is hosted by reputable providers. For reliability and security, server logs may include: requested URLs, timestamps, HTTP identifiers, error codes, referrers, browser info, IP addresses, diagnostics for self-service orders, and email routing details. Logs are retained per our security schedule.


7) Data sharing and international transfers

We share data only as necessary and under appropriate agreements with:

  • Hosting/cloud & IT vendorspayment processorscouriers/postaccountinglegal/debt collection (if needed), analytics/marketing providers (consent-based), and authorised contractors under our instructions.

Data may be transferred internationally. We apply contractual and technical safeguards (e.g., controller-processor agreements, standard contractual clauses or equivalent where applicable, encryption, access controls) and do not transfer data where prohibited by local law.


8) Retention

We keep data only as long as needed:

  • Contract & billing: statutory periods under accounting/tax law.
  • Support & enquiries: for the lifecycle of the case + audit window.
  • Marketing: until consent is withdrawn or after up to 3 years of inactivity.
  • Security logs: per our security policy (e.g., up to 12 months).
  • We may retain minimal records to demonstrate compliance (consent logs, suppression lists).


9) Security

We use TLS/SSL, role-based access, password rotation, backups, vulnerability scans, OWASP-aligned hardening, and regular updates. We minimise the scope, access, and duration of processing. No internet transmission is 100% secure; we maintain industry-standard safeguards appropriate to risk.


10) Cookies & similar technologies

We use cookies, local storage, and pixels/SDKs to run the site, remember preferences, secure sessions, and — with consent — measure and improve performance or deliver marketing.

Types:

  • Strictly necessary (session, auth, security, consent storage).
  • Preferences (language, UI).
  • Analytics (traffic, events; e.g., GA4) — consent-based in GDPR/UK/LGPD jurisdictions.
  • Marketing/remarketing (e.g., Meta Pixel, Google Ads) — consent-based where required.

You can manage choices via our cookie banner and your browser. Disabling cookies may limit functionality.


11) Your rights (global overview)

Your rights vary by jurisdiction; we honour the strongest applicable rights to your situation:

  • EU/EEA (GDPR) & UK GDPR: access, rectification, erasure, restriction, portability, objection (including to profiling/marketing), and the right to withdraw consent. Supervisory authority: your local DPA (e.g., ICO in the UK; EU DPAs per residence).
  • California (CCPA/CPRA): right to know/access, deletion, correction, portability, to opt-out of sale/share of personal information, to limit use of sensitive personal information, and non-discrimination.
  • Brazil (LGPD): confirmation of processing, access, correction, anonymisation/blocking/deletion, portability, information on sharing and consent, withdrawal of consent, and review of automated decisions.
  • Singapore (PDPA): access, correction, withdrawal of consent, and complaints to PDPC.
  • Canada (PIPEDA): access, correction, challenge compliance to the OPC.
  • Australia (APPs): access, correction, complaint to OAIC.
  • Cambodia (E-Commerce Law / Sub-Decree 252): correction/erasure of inaccurate data, withdrawal of consent, and complaints to competent authorities (e.g., MPTCCCF).

To exercise your rights, email office@fivoweb.com

 with the subject “Data request”. We may verify your identity before acting.


12) Children’s data

Our services are not directed to children under the age required by local law (e.g., 13/16). We do not knowingly collect data from children. If you believe we have collected such data, contact us to delete it.


13) Automated decision-making

We do not make decisions with legal/similar significant effects without human involvement. Limited profiling may occur for marketing segmentation with consent; you can object or withdraw consent.


14) “Do Not Sell/Share” (California)

We do not sell personal information for money. If we engage in cross-context behavioural advertising that qualifies as “share” under CPRA, we will provide a “Do Not Sell or Share My Personal Information” mechanism and honour opt-out signals (e.g., GPC) as required.


15) Do Not Track

Some browsers send DNT signals; there is no standardised response. Where law requires (e.g., CPRA’s Global Privacy Control), we honour applicable browser signals.


16) Complaints and contact

If you have concerns, contact office@fivoweb.com

. You may also complain to your local authority (EU DPA/ICO/PDPC/OPC/OAIC/California CPPA) or Cambodian authorities per local law.


17) Changes to this Policy

We will update this page with a new Effective date and, where significant, notify you in-product or by email.


Cookie Policy

Controller: F.I.V.O.(CAMBODIA) CO.LTD.

Contact: office@fivoweb.com


1) What are cookies?

Cookies are small text files stored on your device by websites. We also use similar technologies (local storage, pixels, SDKs).


2) Why we use them

  • Strictly necessary: security, load balancing, session/authentication, consent storage.
  • Preferences: language, UI settings.
  • Analytics: to understand usage and improve performance (e.g., GA4).
  • Marketing/remarketing: to measure campaigns and, where permitted, show relevant content (e.g., Meta Pixel, Google Ads).


3) Consent

In jurisdictions requiring prior consent (e.g., EU/UK, often Brazil), we only set non-essential cookies after you consent via our banner. You can withdraw or change preferences anytime via Cookie settings.


4) Managing cookies

You can manage via our banner and in your browser: Chrome, Edge, Safari, Firefox, Opera (desktop and mobile variants). Blocking cookies may affect some features.


5) Retention

  • Session cookies expire when you close your browser.
  • Persistent cookies remain for a defined period (typically 1–24 months) unless deleted earlier.


6) Third-party cookies & transfers

Some cookies are set by third parties. We contractually require appropriate safeguards and do not transfer data where prohibited by local laws.


Contact

Contact us