Privacy Policy

We collect the following data when you use MarginVN: **Account data:** Email address, display name, profile picture (from Google if using OAuth login). **Usage data:** Profit calculation results, analysis history, custom settings. We do NOT store original Excel/CSV files — only processed results. **Technical data:** IP address (for security and legal compliance), browser type, timezone. **Payment data:** Only transaction status (success/failure). Card/account details are processed by PayOS — we do not store payment information.

We process your data for the following purposes: • **Service delivery:** Profit calculations, saving analysis history, generating reports. • **Security:** Identity verification, preventing unauthorized access. • **Product improvement:** Aggregate (anonymized) analytics on feature usage. • **Legal notifications:** Notifications about e-commerce fee changes and terms updates. • **Marketing (with your consent):** Emails about new features and promotions. We do NOT sell personal data, share with third parties for marketing, or use data beyond stated purposes.

We only share data with partners necessary to provide the service: Supabase (data storage), PayOS (payment processing), AWS SES (email delivery), Google (OAuth login if chosen). All partners have Data Processing Agreements with us.

Account data is retained until deletion + 30-day grace period. Calculation history follows plan limits. Consent logs are retained for 5 years for compliance. All personal data is fully deleted within 30 days of account deletion.

Under Applicable local data protection laws, you have the following rights: • Right to access your personal data • Right to correct inaccurate data • Right to delete your data • Right to data portability • Right to withdraw consent • Right to lodge a complaint To exercise your rights: Settings → My Data in the app, or email dpo@marginnvn.vn. We respond within 72 hours.

All data is transmitted over HTTPS/TLS 1.3. Passwords are hashed with bcrypt. Row Level Security ensures users only see their own data. In case of a data breach, we will notify Applicable local data protection authority and affected users within 72 hours.

Data Protection Officer: dpo@marginnvn.vn Supervisory Authority: Applicable local data protection authority #