This website is owned and managed by GENE SOLUTIONS JOINT STOCK COMPANY. By accessing and using this website, the Customer has implicitly agreed to the Policy set out herein. Therefore, the Customer is requested to read and study carefully before further use.

I. General principles

1. Notification

This Security and Data Privacy Policy (the “Policy”) is implemented by the group of companies under Gene Solutions Joint Stock Company (hereinafter collectively referred to as “Gene Solutions”, “Company”, “GS” or “We”) including: Gene Solutions Joint Stock Company, Gene Solutions Lab LLC (“GSL”), Medical Genetics Joint Stock Company (“MGJ”), and subsidiaries and affiliated companies in other countries (collectively “GS” or “Gene Solutions”) and describes Gene Solutions’ activities related to the collection and processing of personal data of Gene Solutions customers.

2. Scope of Policy

This Policy describes how Gene Solutions Company collects, receives, aggregates, stores, uses, processes, discloses, shares, and ensures the safety of the Customer Information of organizations and individuals (“Client” or “Customer”), including customers, agents, suppliers, contractors and partners, collaborating experts…: (i) cooperate in providing services and/or use services provided directly at GS or other services provided by GS; (ii) access and use customer interaction channels owned by GS, including but not limited to the website,, applications “Genesolution HCPs” and groups on social networking sites (such as Facebook, LinkedIn, etc.) owned by GS (items (i) and (ii) below are collectively referred to as the “Service”).

To stay informed of the latest modifications, GS encourages you to regularly review the “Security and Data Privacy Policy”. Gene Solutions reserves the right to change, modify, add, or remove the contents of the Policy at any time. If you continue to use our services or use the website after any changes, it means you have accepted those changes.

This Policy is part of the general terms and conditions and is an integral appendix to any Service Contract of each product, service, and/or Cooperation Contract… that you have established with Gene Solutions.

3. Personal data

Types of personal data that Gene Solutions collects (hereinafter collectively referred to as the “Customer information”) is any information or data that can be used to identify the Customer or based on which the Customer is identified, such as name, gender, place of birth, residential address, nationality, racial/ethnic origin, phone number, payment card and bank details, personal preferences, living habits, living environment, email address, location, photos, ID/card information Citizen identification, date of birth, marital status, insurance information, transaction information, access history, customer journey, biometric data, genetic information, family medical history, profile Medical records/health information…

4. This Policy is bilingual in Vietnamese and English.

If there is a difference between the Vietnamese and English versions, the Vietnamese version will prevail.

5. This Policy includes the following contents:

5.1. The Customer Information collected by us

5.2. How we protect the Customer Information

5.3. How we use the Customer Information

5.4. How we share the Customer Information

5.5. Access and selection

5.6. Communications, notices, and modifications

5.7. Some additional information for overseas data transfers

6. Policy Terminology

Current laws are all laws, regulations, or binding regulations applicable to Gene Solutions according to the law of Vietnam.

Personal data is information in the form of symbols, letters, numbers, images, sounds, or similar forms in the electronic environment associated with a specific person or helping to identify a specific person. Personal data includes basic personal data and sensitive personal data.

Personal Data processing is one or more activities affecting personal data, such as: collection, recording, analysis, validation, storage, editing, disclosure, combination, access, retrieval, recall, encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy personal data or other related actions.

Third-party are individuals and organizations that are not legal entities of Gene Solutions and have a contract with Gene Solutions to provide products or services, including but not limited to:

  • Independent individuals or companies;
  • Entities that Gene Solutions directly or indirectly owns;
  • The term “third party” in this notice includes suppliers and other partners and organizations.

II. The Customer Information collected by us

We collect the Customer Information during the provision of Service and communications with you; from GS’s websites, mobile applications, interactive or automatic data collection technologies, or other means.

Below are the types of information that we collect:

1. Information you provide to us

a) We collect any information you provide in connection with the Service in the course of carrying out such activities, such as

(i) use the Service, cooperate in providing services or participate in scientific research projects/topics and clinical trials conducted by Gene Solutions;

(ii) register to open an account, log in, and interact with GS Channels;

(iii) participate in seminars, customer events, contests, games, surveys/investigations or other events jointly organized by GS or our partners;

(iv) use biometric functions to identify individuals and authenticate transactions;…

b) The Customer is responsible for ensuring that the information provided by the Customer is complete, accurate, and most up-to-date so as to ensure the Customer’s rights according to the regulations of using the respective service. Gene Solutions is not responsible if the Customer provides inaccurate or incomplete information according to the provisions of the Service. When using the Service or cooperating with Gene Solutions, you confirm that you have learned and been fully informed about all of our Services and operations, and accordingly you agree to provide all detailed information to use the services that we provide. The Customer hereby agrees to allow Gene Solutions to perform data processing activities from its service provision activities, including but not limited to: collection, recording, analysis, confirmation, storage, edit, disclose, combine, access, retrieve, retrieve, encode, decrypt, copy, share, transmit, make available, transfer, delete, destroy personal data, or other relevant actions. Gene Solutions may use the Customer’s residual samples and de-identified information for scientific research on cancer screening. These studies can be published in scientific journals or used to develop products and services. The Customer agrees that Gene Solutions will not be required to notify or pay for these research activities.

c) For Customers under 18 years old, please ensure that you have full consent and approval from your father, mother, or legal representative for providing the Customer Information to Gene Solutions; The father, mother, or representative will be bound by this Policy and responsible for the Customer’s conduct. Gene Solutions has the right to refuse Customer’s access to the Gene Solutions Channel or provide related Service in cases where there are grounds that the Customer is under 18 years old and has not received the above consent and approval from their parents or legal representative.

d) In case of Customer provides information of any third party, the Customer represents and warrants that the Customer has obtained the full consent and approval of such third party for the Customer’s provision of information to Gene Solutions and for Gene Solutions’ use of such information in the manner specified under this Privacy Policy. Gene Solutions will not bear any responsibility to a third party in case the Customer provides information without the consent or approval of that third party. In this case, the Customer will bear all responsibilities arising from the act of providing information, including resolving, at the Customer’s expense, any claims/claims of third parties against the Customer and/or Gene Solutions, indemnify Gene Solutions for any amount payable by Gene Solutions to third parties, if any, in connection with the above claim/suit.

2. Automatic information

We automatically collect certain types of information when you interact with the Service.

Gene Solutions has the right to collect information and data related to activities that the Customer performs within the framework of the Service, including but not limited to information and data about parties providing service and goods to the Customer, transaction information that the Customer makes (type of goods, services, location, transaction time), payment method (without storing important data of the payment card used for payment including detailed card number, CVV number or other authentication code of equivalent legal value), device information (such as IP address, operating system, browser type, hardware specifications , UDID, MEIDs, geolocation, address of referring website (if any), pages that the Customer visits from Gene Solutions Channel and mobile applications, number of visits, responses, file names, sessions advertising copy and identification and other related information (if any)).

3. Collection and use of cookies

a) We use cookies, pixels, and other similar technologies (collectively “cookies”) to recognize your browser or device, learn more about your preferences, provide you with essential features and services and for other additional purposes, including:

b) Identify you when you log in to use our Service. This allows Gene Solutions to provide you with recommendations, display personalized content, and provide other customized features and services.

c) Pay attention to the options you have accepted. This allows Gene Solutions to respect your likes and dislikes, such as the language and configuration you choose.

d) Conduct research and analysis to improve our Service.

e) Prevent fraud.

f) Improved security

g) Providing content, including advertising, relevant to your interests on our websites and third-party websites.

h) Measure and analyze the quality of the Service.

i) Cookies allow you to take advantage of some of our essential features. For example, if you block or reject our cookies, you will not be able to use certain products or services that require you to log in, or you may have to manually adjust some preferences or set your language each time you revisit our websites.

j) Approved third parties may also set cookies when you interact with the Service. These third parties typically include search engines, measurement and analytics providers, social networks, and advertising companies. Third parties use cookies in the delivery of content, including advertising relevant to your interests, to measure the effectiveness of advertising and to perform certain services on our behalf.

k) You can manage browser cookies using your browser settings. The ‘Help’ feature on most browsers will tell you how to prevent your browser from accepting new cookies, how the browser notifies you when you receive a new cookie, how to disable cookies, and when a cookie expires. If you disable all cookies on your browser, neither we nor third parties will be able to transfer cookies to your browser. However, if you do this, you may have to manually adjust some preferences each time you revisit the website, and some features and services may not function.

4. Information from other sources

Gene Solutions may collect information about you from other sources, including service providers, partners, and publicly available sources.

III. Protecting the Customer Information

1. At Gene Solutions, security is our highest priority. Our system is designed with the ability to ensure the safety and privacy of the Customer Information. All Customer Information is stored and kept confidential by the system of Gene Solutions or service providers for Gene Solutions in accordance with the law and this Policy.

2. When collecting data, Gene Solutions will make maximum efforts within the allowable scope to store and secure the Customer Information on server systems and other storage media, and the Customer Information is secured by firewall systems, access control measures, and data encryption. Gene Solutions has appropriate technical and security measures to prevent, to the maximum extent possible, unauthorized access and use of the Customer Information. Gene Solutions also regularly coordinates with security experts to update the latest information on network security to ensure the safety of the Customer Information.

3. Your payment card information issued by financial institutions is protected by us according to international standards, with the principle of not storing important payment card data (card number, full name, CVV number, or other authentication code with equivalent legal value) on our system. Your payment transaction is made on the system of the relevant bank or service affiliate/cooperating unit through the GS Channel.

4. The Customer is not allowed to use any tools, programs, or other measures to illegally interfere with the system or change the data structure of any Service, nor perform any other actions to spread or encourage activities with the purpose of interfering, sabotaging, or infiltrating Gene Solutions system data, as well as other acts that violate the law of Vietnam. If we detect that you have committed a violation, we may transfer information about the violation to the competent authorities for handling in accordance with the law.

5. You are responsible for protecting your account information and do not provide any information related to your account, password, or authentication methods (e.g., OTP) accessed on websites, applications, software, or other tools (if any). The Internet is not a secure environment, and GS cannot absolutely guarantee that your personal data shared using the Internet will always remain secure. When you use the Internet to transmit personal data, you should only use secure systems to access websites, applications, or devices. You are responsible for keeping your access credentials for each website, application, or device secure and confidential. You should immediately notify GS if you detect any abuse of your login information and change your access password immediately.

6. We store the Customer Information to ensure your continued use of the Service, and for the period necessary to achieve the Purpose, or as required by the law (including for tax and accounting purposes), or to perform other tasks as notified to you in advance. The duration for which Gene Solutions retains specific Customer Information varies depending on the Purpose. When the Customer Information is no longer necessary for the provision of the Service or the Purpose or Gene Solutions no longer has a business or legal purpose to retain the Customer Information, we will take steps to prevent access to or use of the Customer Information for any purpose other than compliance with this Privacy Policy, or for safety, security, fraud detection, and prevention purposes; or delete the identifying information part of the Customer Information according to law.

7. The Customer Information may be stored in, accessed from, or transferred to many countries, including Vietnam. When we transfer your Customer Information to other countries, we will ensure that it is transferred in accordance with this Policy and as permitted by relevant laws and regulations.

IV. Purpose of Processing Customer Personal Data

We use the Customer Information to operate, provide, and improve the Service for purposes (the “Purpose”) including:

1. Providing the Service:

We use the Customer Information to:

a) provide Gene Solutions’ Service to the Customer and process transactions related to the Service, including subscriptions and payments;

b) recommend the Service that you may be interested in, identify your preferences, and personalize your experience with the Service;

c) carry out scientific research activities, conduct data analysis, testing and research, monitoring, etc., improve the Service and internal activities necessary to provide services, including fixing software errors and improving service delivery and Customer experience;

d) protect the security or integrity of the Service and any facilities or equipment used to provide the Service;

e) confirm transactions and make payments;

f) create, manage, and update Customer accounts, verify Customer identity;

g) Allow interaction between the Customer and Gene Solutions or between the Customer and affiliated partners (if any).

2. Measure, support, and improve the Service:

We use the Customer Information to measure usage, analyze performance, correct errors, provide support, and improve and develop the Service.

3. Compliance with legal obligations:

We are legally obliged to collect, use or store your Customer Information in certain circumstances, including when requested, advised, recommended or required by our legal advisors or any legal regulations, by-laws, documents or requests of the government or local or foreign competent authorities, requests of competent state agencies including but not limited to obligations to disclose information, report according to legal regulations on promotions, record keeping, auditing, investigation and resolution of complaints or disputes, compliance with court orders or other legal, regulatory or other governmental or regulatory requirements; or other agreements; and protect our rights or property in the event of a claim or dispute.

4. Contact with you:

We use the Customer Information to communicate with you regarding the Translation through various channels (e.g., email, chat) and to respond to your requests.

5. Marketing:

We use the Customer Information to market and promote the Service. We may display the Service advertisements based on your interests.

6. Prevention of fraud and abuse, property, and credit risks:

We use the Customer Information to prevent and detect fraud and abuse to protect the security of our customers, us, and others. We can also use scoring methods to assess and manage asset and credit risk.

7. Some specific purposes that may require your consent:

In case there arise purposes not stated herein, or other relevant documents, or in accordance with relevant laws, we may seek additional consent from you regarding the use of the Customer Information for a specific purpose when we contact you.

8. Surveillance camera (CCTV) footage, in specific cases, can also be used for the following purposes:

(i) for quality assurance purposes;

(ii) for public security and occupational safety purposes;

(iii) detect and prevent suspicious, inappropriate, or unauthorized uses of our facilities, products, services, and/or facilities;

(iv) detect and prevent criminal acts; and/or

(v) conduct investigations into incidents at the request of state agencies.

V. Regulations on Sharing Customer Information

The Customer information is an important part of our operations, and we do not transfer your Customer Information to any third party. We only share the Customer Information as set forth below and to the extent permitted by law. Third parties that receive the Customer Information in accordance with this Policy are responsible for complying with this Policy, other similar policies, and relevant legal regulations.

1. Comply with the requests of competent state agencies, or according to the law;

2. Transactions involving third parties:

We provide you with services, software, and content provided by third parties for use on or through the Service. You can tell when a third party is involved in your transactions, and we will share information related to those transactions with that third party.

3. Third-party service providers:

We use and/or partner with healthcare organizations and other partners to perform some work on our behalf, including collaborative service delivery, scientific research cooperation, data protection and storage cooperation, etc.; sending communications; processing payments; assessing credit risk and compliance; analyzing data; providing marketing support and sales (including advertising and event management); customer relationship management; and training. These third-party service providers may share the Customer Information as necessary to perform their functions, but may not use it for other purposes. Additionally, they must comply with this Policy and related privacy laws.

4. Business Restructuring and Transfer:

During the business development process, we may sell or buy businesses or restructure other businesses or services in accordance with the law. In such transactions, the Customer Information, and databases and the right to use information in general are among the business assets transferred, but the transferee must still comply with the provisions of this Policy (or when approved by the customer). Additionally, if Gene Solutions or substantially all of its assets are acquired by another company, the Customer information will be part of the transferred assets.

5. Protect us and others

We release accounts and other Customer Information when we believe it is appropriate to comply with the law, to enforce or apply our terms and other agreements, or to protect our rights, our property or security, our customers, or any other person. The above tasks may include exchanging information with other companies and organizations to prevent and detect fraud and reduce credit risks.

6. Subject to your choice:

In addition to the cases listed above, you will receive notice when the Customer Information about you may be shared with third parties and your choices regarding information sharing.

7. Cases of sharing that do not require consent:

According to current law, the Customer Information belonging to your medical information, at the discretion of the person in charge of the medical examination and treatment facility, may be shared by us to improve the quality of diagnosis, care, and treatment of patients among practitioners in the group directly treating patients or allow some record collectors, including interns, researchers, and practitioners in medical examination and treatment facilities, to borrow on-site medical records to read or copy for research or professional and technical work; or at the request of Vietnamese competent authorities.

VI. Comply with HIPAA laws and Customer Medical Information Security Rules:

HIPAA stands for Health Insurance Portability and Accountability Act, a law enacted by the United States federal government in 1996 to establish rules for accessing, authenticating, storing, auditing, and transferring Electronic medical records.

HIPAA protected health information includes personally identifiable demographic data relating to information about past, present, and future health or condition, as well as information about services that provide health care to individuals. HIPAA helps simplify document handling in the healthcare system, ensuring the security of sensitive patient information. As a medical and healthcare services provider, Gene Solutions is committed to strict compliance with the HIPAA Privacy Rules.

Health care providers are responsible for how protected health information (PHI) is reviewed, used, and disclosed. Accordingly, all Gene Solutions users are guaranteed benefits according to HIPAA regulations.

VII. Access and selection

1. Unless otherwise provided by law, the Customer may view, update, and delete certain information about the Customer’s account and interactions with the Service. If you are unable to access or update your information yourself, you can always contact us for support.

2. You have many choices regarding the collection and use of the Customer Information. Many Services include functionality that gives you options about how your information is used. You can choose not to provide certain information, but then you may not be able to take advantage of certain Service.

a) Account information: If you want to add, update, or delete information related to your account, please send an email to [email protected] and follow Gene Solutions’ instructions. When you update or delete any information, we usually keep a copy of the previous version for technical purposes.

b) Communication: If you do not want to receive promotional messages from us, please unsubscribe or adjust your communication preferences. Please send an email to [email protected] and follow Gene Solutions’ instructions. If you do not want to receive in-app notifications from us, please adjust the notification settings in your app or device.

c) Advertising: If you do not want to see interest-based advertising, please send an email to [email protected] and follow Gene Solutions’ instructions.

d) Browsers and devices: The Help feature on most browsers and devices will tell you how to prevent your browser or device from accepting new cookies, how to have your browser notify you when you receive a new cookie, or how to completely turn off the cookie function.

VIII. Communications, notices, and modifications

Our business is constantly changing, and this Policy may be amended. You should visit and check our website regularly to stay informed of the most recent changes. Unless otherwise stated, our current Policy applies to all Customer Information we have about you and your account.

If you have any questions about privacy at Gene Solutions or would like to contact our information controller, please contact us, and we will endeavor to answer your questions. You can also contact us at the address below: [email protected]

XIX. Some additional information for overseas data transfers

We provide some additional information about the privacy, collection, and use of the Customer Information of our potential and existing customers in Asia-Pacific countries.

1. Customer Information Controller.

Gene Solutions JSC (address at No. 186-188 Nguyen Duy Duong, Ward 2, District 10, Ho Chi Minh City, Vietnam) is the controller of the Customer Information collected or processed according to this Policy.

2. Handle. We process the Customer Information based on one or more of the following legal bases:

a) It is necessary to enter into a contract with you or the organization you represent, to carry out contractual obligations, to provide the Service, to respond to requests from you, or to support the Customer;

b) When we have a legitimate interest, as described in Section 2 of this Privacy Policy;

c) Necessary to comply with laws and legal obligations;

d) To respond to lawful requests; or

e) Based on your consent.

3. Your Rights. According to the law, you have the following rights:

a) ask whether we hold the Customer Information about you and request a copy of the Customer Information and information about how it is processed;

b) request correction of inaccurate Customer Information;

c) request the removal of the Customer Information that is no longer necessary for the purposes of the processing, the information was processed based on consent but that consent has been withdrawn, or the information is processed inconsistently with current legal regulations;

d) request that we temporarily stop processing the Customer Information when processing activities are inappropriate;

e) object to the processing of personal data;

f) request the transfer of the Customer Information you have provided to us (excluding information derived from the information collected), in case the processing of such Customer Information is carried out on the basis of your consent or contract and is carried out automatically; and

g) file a complaint with the competent authority if you believe that we have violated your privacy rights.

You can exercise your rights of access, rectification, deletion, request for suspension, objection, and request for portability of information by contacting us. If you wish to exercise any of the above rights and you are our customer, please contact us. If you are not our customer, please contact us at the address in Section V above.

Where you have given us your consent to process your Customer Information for a specific purpose, you may withdraw that consent at any time, and we will stop all processing of your data for that purpose.

4. Transfer information abroad.

When we transfer the Customer Information collected and stored in Vietnam abroad, we will do so in accordance with the terms of this Privacy Policy and applicable privacy laws. This may include data transfers pursuant to data transfer agreements that include Standard Contractual Clauses approved by the Ministry of Public Security.