Vietnam

● Decree No. 13/2023/ND-CP on the Protection of Personal Data : This law, promulgated on April 17, 2023, is the first law of the government to integrate personal data regulations, which provides for the definition, classification and processing principles of personal data. The Decree also stipulates specific measures and conditions for the protection of personal data, including administrative and technical measures that organizations and individuals shall take in connection with the processing of personal data.

● Law No. 24/2018/QH14: This law was promulgated on June 12, 2018 to maintain cybersecurity and information security in Vietnam, setting out rules and responsibilities for the use of cyberspace, as well as penalties for cybercrimes.

● Law No. 86/2015/QH13: This law was enacted on November 19, 2015 to ensure the security and privacy of personal data in the online environment and to prevent data leakage, abuse, and illegal access. Data processing principles, data subjects' rights, data processors' obligations, and supervision and punishment related to personal data are stipulated in laws.

● The Amended Law No. 20/2023/QH15: This law was enacted on June 20, 2023 to regulate electronic transactions by state agencies and the private sector and generally prohibits the use, provision or disclosure of data related to electronic transactions without consent.

● Law No. 67/2006/QH11: This law, promulgated on 29 June 2006, regulates the application and development of information technology and establishes the rights and obligations of the institutions, organizations and individuals engaged in these activities. It also regulates the collection, processing, use, storage and provision of personal data in an online environment.

HUAWEI Cloud Vietnam Privacy Compliance Instruction shares Huawei Cloud's experience and best practices in privacy protection with you to help you meet the compliance requirements of Vietnam privacy law.

Huawei Cloud is committed to providing you with secure and compliant infrastructure and services. Each service has built-in security features and is guaranteed to run securely through continuous O&M. Huawei Cloud ensures that the infrastructure and services it provides have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

When using Huawei Cloud services, you are responsible for the security and compliance of internal applications and custom configurations of your workloads on the cloud. As the owner and controller of your data, you are responsible for data security configuration, confidentiality, integrity, availability, as well as identity authentication and authorization for data access.

You are also responsible for compliance with the applicable regulatory requirements for your workloads on the cloud.

You can download HUAWEI CLOUD Security White Paper to view details about the responsibilities of Huawei Cloud and yours.

For more security and compliance issues, contact your account manager or Huawei Cloud.

Huawei Cloud is committed to building secure and trusted cloud services. The infrastructure and services provided by Huawei Cloud have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

Huawei Cloud is compliant with a wide range of international standards and practices, including:

• Security standards: ISO 27001, ISO 27017, CSA STAR , PCI 3DS , PCI DSS, ISO 27034 , and NIST cyber security framework (CSF) , and more

• Privacy standards: ISO 27018, ISO 27701, BS 10012, ISO 29151, and ISO 27799

• Other standards: ISO 22301 (for business continuity management), ISO/IEC 20000 (for IT service management) , TL 9000 and ISO 9001 (for quality management), SOC 1, SOC 2, and SOC 3(for audit)

Learn more from Compliance Certificates in the Compliance Center.