Privacy Policy

I. INFORMATION PRIVACY POLICY

1. Purpose and Scope of Data Collection

Grand Cru – Modern Wine Bar (“the Company”) does not sell, share, or otherwise transfer any personal data collected on this website to any third party, except as expressly stated in this Policy or as required by law.

Personal data collected will be used solely for the purpose of providing products and services to the customer.

When you subscribe to our newsletter, engage in live chat, submit comments, or enter information for the purpose of purchasing goods, the personal data collected may include, but is not limited to: full name, address, telephone number, and email address.

In addition to personal data, we may collect information related to the transaction or service, including product name, quantity, and delivery schedule.

During the payment process on the Grand Cru – Modern Wine Bar website, we retain only order details after payment has been completed. Banking information, including account numbers, is not stored on our system.

You are solely responsible for maintaining the confidentiality of your account credentials, including username, password, and associated email account, as well as for all activities conducted under your account. You are further responsible for notifying Grand Cru – Modern Wine Bar promptly of any unauthorized use, misuse, or security breach involving your credentials so that appropriate remedial measures can be taken.

2. Scope of Data Usage

Personal data collected will be used internally within Grand Cru – Modern Wine Bar for one or more of the following purposes:

*Providing customer support;

*Delivering information related to our services;

*Processing orders and providing products, services, and information as requested by the customer through our website;

*Sending product and service updates, information on upcoming events, or recruitment notices, subject to your subscription preferences;

*Managing customer accounts, confirming, and completing financial transactions related to online payments;

*Preventing fraudulent activity or misuse of customer accounts;

*Communicating with and resolving issues involving customers in exceptional circumstances;

Using personal data only for purposes related to transaction confirmation and fulfillment;

*Complying with legal obligations to disclose personal data upon valid request from judicial or regulatory authorities, including the Prosecutor’s Office, courts, or law enforcement agencies.

3. Data Retention Period

*Personal data will be stored and processed on our internal systems for the duration of product or service provision to the customer.

*Retention periods shall comply with applicable laws and the Company’s data storage objectives.

*Upon written request from the customer, submitted via email to info@grandcru.vn, we will delete personal data from our systems.

4. Authorized Access to Personal Data

Access to personal data is restricted to the following entities:

*Grand Cru Co., Ltd.;

*Contracted service providers who perform certain services on behalf of the Company, subject to contractual obligations ensuring compliance with this Policy.

5. Data Controller Contact Information

Grand Cru Co., Ltd.
Address: K7TT1-SH08, Central Area, Tay Ho Tay Urban Area, Xuan Dinh Ward, Hanoi, Vietnam
Email: info@grandcru.vn
Tel.: 0904 799 009
Website: grandcru.vn

6. Methods for Accessing and Amending Personal Data

The Company does not collect personal data directly through automated website forms. Data is collected via direct email communication to info@grandcru.vn or telephone communication to 0904 799 009.

Customers may contact us through these channels to request corrections or updates to their personal data.

7. Complaint and Dispute Resolution Mechanism

Grand Cru – Modern Wine Bar is committed to protecting your personal data. We will not share, sell, or lease your personal data to any third party, except as set forth herein. Your data may only be used for the following purposes:

*Service quality enhancement;

*Dispute resolution;

*Compliance with legal requirements.

For any questions, complaints, or concerns regarding this Privacy Policy or suspected misuse of your personal data, please contact us at 0904 799 009 or info@grandcru.vn.

II. PAYMENT INFORMATION PRIVACY POLICY

1. Security Commitment

Our card payment system is provided by licensed Payment Gateway Partners operating legally in Vietnam, and complies with industry-standard payment security requirements.

2. Security Standards

Policies for transactions conducted via international and domestic cards (including internet banking) comply with the security standards of our Payment Gateway Partners, including:

*Encryption of customer financial information during transmission using Secure Sockets Layer (SSL) protocol;

*PCI DSS (Payment Card Industry Data Security Standard) certification provided by Trustwave;

*One-Time Password (OTP) authentication via SMS;

*128-bit MD5 encryption;

*Compliance with information security regulations established by the State Bank of Vietnam.

Additional Provisions:

*We store only tokenized data provided by the Payment Gateway Partner. Card details are not stored on our systems.

*For international cards: payment card details that can be used to authorize a transaction are not stored on our systems but are retained by the Payment Gateway Partner.

*For domestic cards (internet banking): we retain only the order code, transaction code, and bank name.

III. COOKIE POLICY

When you visit www.grandcru.vn, we collect standard internet log information and details of visitor behavior patterns for the purpose of improving website performance and service quality.

We do not attempt to identify visitors personally, nor do we link this data to personally identifiable information from any source. If personal data collection becomes necessary, we will provide advance notice and a clear explanation of its intended use.

Cookies in Use:

*First-party cookies – used to track how visitors find and use our website.

*Third-party cookies – used through widely adopted third-party plugins for marketing and user convenience. These cookies are controlled by the third party, which may view and manage the contained data. We control whether such third-party services are implemented on our site but do not control the cookies themselves.

Summary: While our cookies do not pose a security risk, we believe in transparency regarding their purpose and scope. Visitors may delete cookies between sessions via their browser settings.