Privacy Policy

Real-Time Analytics (RTA)

Acknowledging the importance of the confidentiality issue and the responsibility to protect
customer’s privacy, the RTA team try our best to secure your information. We want to help you
understand what information we collect, the reasons behind it, and how you can manage your
information.

By using, accessing the products and services in any way, whether as a Business, Member or
Individual User, or whether you are creating or obtaining any content from our servers, or you are
just browsing rooms as invited tester or guest from RTA or Business Users, you are agreed to and
bound by the all the terms and condition presented in our Terms of Service and Privacy Policy
documents. Please note that violations of this document are subjected to legal responsibility and
investigation. If you disagree to any terms and conditions, please refrain from using and accessing
our products and platforms.

1. Collect information and rationale

The information we collect is for the purpose of providing services for our customers, maintain
and improve our services, develop new services and provide personalized services via RTA
platforms.

1.1 Information we collect as you use RTA services

Your apps, browsers & devices

When you perform an activity with RTA service which contacts our servers, such as downloading a form
or checking for automatic updates, we will collect information about the apps, browsers, and
devices you use to to access the services. The information includes unique identifiers, browser
type and settings, device type and settings, operating system, mobile network information such as
carrier name and phone number, and application version number. This will help us provide features
like automatic updates, dimming your screen if your battery runs low and notify when you are not
charging your device. We also collect information about the interaction of your apps, browsers, and
devices with our services, including IP address, crash reports, system activity, and the date,
time, and referrer URL of your request.

Your activity

We collect information about your activity in our services in order to provide certain functions
such as those you want to use when you want to wake up the App. These information may include:
views and interactions with content, voice and audio information when you use microphone and
camera, people with whom you communicate or share content with, activity on third-party sites and
apps that use our services.

If you use our services to make and receive calls or send and receive messages, we may collect
telephony log information such as your phone number, calling-party number, receiving-party number,
forwarding numbers, time and date of calls and messages, duration of calls, routing information,
and types of calls.

Your location information

We collect information about your location when you use our services, which helps us offer features
such as driving directions or taking the polygon of your farm. Your location can be determined with
varying degrees of accuracy by: GPS, IP address, sensor data from your device, information about
things near your device, such as Wi-Fi access points, cell towers, and Bluetooth-enabled devices.

We also use various technologies to collect and store information, including cookies, pixel tags,
local storage, such as browser web storage or application data caches, databases, and server logs.
Please note that our systems mostly ask for user permission before collecting data. Currently, we
are working on providing users the records of their data sharing history as soon as possible.

Your contact book

We provide the functionality for you to see in the app your contacts in the contact book. When you use the functionality, the app will ask you to grant it the permission to read the contact book.

Collection of Photos and Videos

When you use features in our app that involve capturing photos or videos, we may collect and process this media for the intended functionality. This includes but is not limited to features such as uploading profile pictures, attaching images to messages, or utilizing video recording functionalities within the app.

What types of images/video are collected?

We collect images and videos that users voluntarily capture and upload through our app. These may include profile pictures, photos attached to messages, and videos recorded within the app.

How are the images/video collected?

The images and videos are collected through the app’s built-in camera and gallery functionalities. Users can choose to capture new media using the camera or select existing media from their device’s gallery.

Why are the images/video collected?

The collection of images and videos is essential for the proper functioning of features within the app. For instance, profile pictures enhance user identification, and attaching images to messages facilitates effective communication. Video recording functionalities serve specific purposes within the app’s features.

How are the images/video used?

The collected images and videos are used solely for the intended functionalities within the app. This may include displaying profile pictures, sharing images within messages, or utilizing videos in features designed for that purpose.

With whom are the images/video shared?

We do not share images or videos collected through the app with third parties. The media is only shared within the app as per user actions, such as sending images in messages or updating profile pictures.

How long are the images/video retained?

The retention period for images and videos varies based on their usage. Profile pictures and attached images may be retained for as long as the user maintains their account, while temporary media used in certain features may be deleted after a specific duration.

What are the user’s choices with respect to the collection, use, and sharing of their images/video?

Users have the option to control the collection and use of their images and videos through the app settings. They can update or remove their profile pictures, manage permissions related to media capture, and choose whether to share media within the app’s features. Additionally, users can delete specific images or videos they have shared within the app.

Collection of Audio: Voice or sound recordings, Music files

Certain features of our app may require access to your device’s microphone or storage to capture and process audio, including voice or sound recordings, and music files. This is done to enable functionalities like voice messaging, audio recording, or playing music within the app.

Collection of a user’s files or documents, or any information about a user’s files or documents. For example, file names.

In some instances, our app may need access to your device’s files or documents for specific features. This may involve collecting information about your files or documents, such as file names, to facilitate actions like file sharing, document uploading, or other relevant functionalities within the app.

1.2 Private Data

Federal regulations (Protection of Human Subjects 2009) define “private information” as the
“information about behavior that occurs in a context in which an individual can reasonably assume
that no observation or recording is taking place, and information which has been provided for
specific purposes by an individual and which he or she can reasonably expect will not be made
public.” We understand that there are certain private data of the user such as the contents share
in private chat or private notes. We guarantee that there is no access to your private data unless
you actively provide those to other users, including RTA system, your Business User, your fellow
Member User and Individual User. According to RTA Terms of Service, the Business User or RTA admins
can only get access to your private information upon request from you or Third Parties upon
Enforcement Requests and Applicable Laws specified in session 2.4.

1.3 Information we collect when serving as intermediaries

As we provide a variety of services, sometimes we serve more than one client on the same project. In
that case, we will serve as intermediaries and will need certain information from both clients.
Therefore, we suggest that customers read the terms of usage and privacy for each product
thoroughly before using it.

1.4 Our usage of ‘cookies’

Cookies are small files that enables the site’s or service provider’s system to recognize your
browser and collect and remember certain information when they transfer them to your computer’s
hard drive through your Web browser with your consensus. We use cookies to understand your
preferences by looking at your previous or current site activity and provide you with better
services. Cookies also help us to compile aggregate data about site traffic and site interaction
which enables us to offer better site and tools in the future.

You have the option of turning off all cookies or setting your browser to have your computer warn
you each time a cookie is being sent.. We suggest that you look at your browser’s Help menu to
learn the correct way to modify your cookies setting because each browser is different from each
other.

If you disable cookies, some minor features might be disabled.

2. What Information is Shared With Third Parties and Why?

To support communications and operations between users on different platforms or products, your
username, display name, messages and files are sometimes shared with other services that are
connected with RTA

Federation / Distributed content

RTA system shares user data with the wider ecosystem such as Matrix.org and Mastodon.social over
federation.

  • Whenever you produce contents including all messages and files in a federated room on our
    platform, a copy of the data is sent to all participants in the room. If these participants
    are on remote servers, your username, display name, messages and files may be replicated
    across each participating server.
  • We will forget and erase your copy of data upon your request. We will also forward your request
    to be forgotten onto federated servers. However, we cannot guarantee the request will be
    fulfilled by federated parties.
  • Federated servers can be located anywhere in the world, and are subject to local laws and
    regulations.

If the way in which data is shared is not acceptable to you, please use a different server or
service.

Bridging

Some RTA functions and platforms are bridged to third-party services, such as IRC networks, maps or
email. When a function has been bridged, your username, display name, location, messages and file
transfers may be duplicated on the bridged service where supported.

  • It may not be technically possible to support your management of your data once it has been
    copied onto a bridged service.
  • Bridged services can be located anywhere in the world, and are subject to local laws and
    regulations.

RTA are working on a notification system providing information whenever user start to transfer to
bridged service. However, due to the two above reasons, we cannot guarantee your data privacy
relating to bridged functions and services. If this is not acceptable to you, please do not use
bridged services.

Integration Services (Bots)

The RTA platforms provide a range of integrations in the form Bots (automated participants in chat
rooms) for specific purposes such as detecting errors. Bots currently have access to all the
messages and files in any room in which they participate, although we are adding a more
sophisticated access control system.

3. Sharing Data with Third Parties upon Enforcement Requests and Applicable Laws

As much as we try to protect your data, we might have to share information about you with a third
party if that is crucial to

(a) meet a lawful government request, regulation or any applicable law

(b) protect the security or integrity of our products and services (e.g.
for a security audit),

(c) protect RTA and our users from harm or illegal activities, or

(d) prevent serious harms to any person in case of emergency

4. How Do We Handle Passwords?

We never store passwords in plain text. Instead, they are stored hashed (data rested) and encrypted
using SSL once sent to the server (data in transmission). If you forget your password (and you have
registered an email address) you can use the password reset facility to reset it. We will never
change a password for you. If you are a Member User, your Business User can reset the password for
you.As a user, you are responsible for keeping your own username, password and other sensitive
information confidential.

Any action using your credentials will have to face service termination, civil and criminal
penalties. If you detect any unauthorized use of your account, you must notify us at support@rta.vn.
We also encourage users to change their passwords under these circumstances.

5. How Can I Access or Correct My Information?

In the case of rtWork and rtSurvey, since RTA works with Business Users as our direct clients,
Business Users have access and controls over the information of their users including admins and
Member users. However, Member Users do have the rights to choose which information they want to
share and decide whether to comply with the request to send their information to the server. Since
Business owners can apply their own policies on which information they allow their member-users to
see and edit, RTA cannot interfere with their decisions on such matter. For Individual Users, you
can always review and update information by visiting the services you use after signed in.

6. Who Can See My Messages and Files In The Messaging System?

In unencrypted and encrypted chat rooms, each member user connecting to RTA platform will be able to
see messages and files according to the access permissions configuration of each room.

In encrypted rooms, the data is stored in our databases but the encryption keys are stored only on
your devices or by yourself. Therefore, nobody can see your messages and files content in our
database, and if you lose access to your encryption keys you lose access to your messages forever.

We use HTTPS to transfer all data. End-to-end encrypted messaging data is stored encrypted using
AES-256, using message keys generated using the Olm and Megolm cryptographic ratchets.

7. Who Else Has Access to Your Data?

Only authorized database administrators have access to users’ data. We use secure private keys when
accessing servers via SSH, and protect our system passwords locally with a password management
tool. We also log application data such as username, user IP and user agent. Please note that
without consent from user, the system cannot collect certain data, as specified in session 2.2.3 of
the Terms of Service.

8. How Is Your Data Protected from Another User’s Data?

All of our users’  data for the Service are currently located in servers hosted in serviced data
centers. We use software best practices to guarantee that only people who you designate as viewers
of your data can access it. We are doing our best to protect user’s data to the highest level;
however, like every other service that hosts their user data on the Internet, we cannot guarantee
that it is immune to a sophisticated attack.

9. What Should I Do If I Find a Security Vulnerability in the Service?

If you have encountered a security concern, please email us at support@rta.vn.
We will look into the issue to understand it thoroughly and address your concern accordingly. We
strive to prioritize matters raised by users and work to resolve them as soon as possible.

Please be mindful with our users’  data when you disclose information. We always endorse white hat
security researchers.

10. Data Retention

At RTA, we are committed to safeguarding your privacy and ensuring the secure handling of your data. We seek to retain only the data necessary to effectively conduct our program activities and work in fulfillment of our mission. We collect and retain the minimum amount of data required to provide our services and enhance your user experience.

Scope

The need to retain certain information may be mandated by federal or local law, federal regulations, legitimate business purposes, as well as the EU General Data Protection Regulation (GDPR).

Data Retention Duration

We store your personal information for a period of time that is consistent with our business purposes until it is no longer necessary to provide our services or until your account is deleted – whichever comes first.

When you delete your account, we also delete any linked information from identity providers that you used to connect with your account in our system. By deleting the data from our application, you revoke our access to any accounts linked to identity providers, and any associated data will be promptly deleted from our servers.

If you choose not to delete your account but want to temporarily stop using our products, you can request us to deactivate your account instead. To delete your account at any time, please visit the Account Workspace settings.