Privacy Policy
Last Updated: 2026-05-18
Our guiding principle is simple: we collect only what we need, we use it only for what we said we would, and we never sell it. Here's what that means in practice.
1. Who We Are
oDesk Software Co., Ltd operates odesk.me. We're an IT outsourcing company based in Ho Chi Minh City, Vietnam — we build software products, websites, and digital systems for partners, businesses, and startups. This policy applies to everyone who visits or interacts with our Site.
2. What We Collect
What you give us directly
When you submit our contact form, you share:
| Field | Why we ask |
|---|---|
| Full Name | So we can address you properly |
| Email Address | To respond to your inquiry and keep you updated |
| Phone Number | For consultation calls and project discussions |
| Company Name | To understand your context and tailor our response |
That's it. We do not collect credit card details, government IDs, or any sensitive financial information through the Site.
What we collect automatically
When you browse the Site, we pick up basic technical data — things like your IP address, browser type, operating system, which pages you visited, how long you stayed, and how you got here. This helps us keep the Site running well and understand what's useful to visitors.
Cookies
We use a minimal set of cookies. Nothing invasive.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Session cookies | Keep your browsing session intact | Until you close the browser |
| Preference cookies | Remember display or language settings | Up to 1 year |
We do not use advertising cookies, cross-site tracking cookies, or third-party behavioral pixels.
3. How We Use It
We use what we collect for a small number of clear purposes:
- To respond to you — When you contact us, we use your name, email, phone, and company name to understand what you need and get back to you.
- To run your project — Once we're working together, we use your contact details to send updates, documents, and invoices.
- To improve the Site — Aggregated, anonymized analytics help us understand what's working and what isn't.
- To keep things secure — Technical data like IP addresses helps us spot and prevent unauthorized access.
We do not use your data for advertising, behavioral profiling, or any automated decision-making that affects you in a significant way.
Legal basis for processing (for GDPR purposes):
| Purpose | Legal Basis |
|---|---|
| Responding to contact form inquiries | Legitimate interest / Pre-contractual steps |
| Project communications | Contractual necessity |
| Site analytics (aggregated) | Legitimate interest |
| Legal compliance | Legal obligation |
4. Who We Share It With
We treat everything you submit as confidential. Your data stays internal and is never published or sold.
Our team: Contact form submissions are only accessible to the oDesk Software staff involved in business development and project delivery. Your name, email, phone, and company name are never displayed on the Site or handed to third parties for marketing.
Service providers: We work with a small number of trusted vendors to keep the Site running — hosting and infrastructure providers, and email delivery services for routing contact form notifications. They're bound by confidentiality obligations and are not allowed to use your data for their own purposes.
Legal requirements: On rare occasion, we may be required to disclose information by Vietnamese law, a court order, or a government request. When we do, we'll notify you if the law permits it.
Business transfers: If oDesk Software Co., Ltd is ever acquired or merged, your information may be part of that transfer. We will let you know before it happens.
We do not sell your personal information — ever.
5. How Long We Keep It
We hold on to data only as long as there's a clear reason to.
| Data Type | Retention Period | Why |
|---|---|---|
| Contact form submissions | 3 years from last contact | Business records and client history |
| Project communication records | Duration of engagement + 5 years | Legal and contractual obligations |
| Server/access logs | 90 days | Security monitoring |
| Analytics data (aggregated) | 24 months | Site performance analysis |
When data is no longer needed and no legal obligation requires us to keep it, we securely delete or anonymize it.
6. How We Protect It
We take reasonable steps to keep your data safe:
- All data in transit is encrypted via HTTPS/TLS
- Contact form data is stored in a secured, access-controlled database
- Internal access is limited to staff who genuinely need it
- We review our data handling practices periodically
If a breach ever occurs that affects your personal information, we will notify you and the relevant authorities as required by law, and act quickly to contain the damage.
7. Your Rights — EEA and UK Residents (GDPR)
If you're in the European Economic Area or the United Kingdom, you have real, enforceable rights over your data:
- Access — Ask for a copy of what we hold about you
- Rectification — Ask us to fix inaccurate or incomplete data
- Erasure — Ask us to delete your data when there's no overriding reason to keep it
- Restrict Processing — Ask us to limit how we use your data
- Data Portability — Receive your data in a machine-readable format
- Object — Push back on processing based on our legitimate interests
- Withdraw Consent — Change your mind at any time
- Lodge a Complaint — Go to your local Data Protection Authority if you're not satisfied with our response
Email us at info@odesk.me. We'll respond within 30 days.
8. Your Rights — California Residents (CCPA)
If you're in California, you have rights too:
- Right to Know — What we collect, how we use it, and who we share it with
- Right to Delete — Ask us to remove your personal information
- Right to Opt-Out — We don't sell data, so there's nothing to opt out of here
- Right to Non-Discrimination — Exercising your rights won't affect how we treat you
- Right to Correct — Ask us to fix inaccurate information
Reach us at info@odesk.me.
Personal information collected in the past 12 months:
| CCPA Category | Collected | Examples |
|---|---|---|
| Identifiers | Yes | Name, email, phone number |
| Commercial information | No | — |
| Internet activity | Yes | Page views, session data |
| Geolocation | No | — |
| Professional information | Yes | Company name |
| Sensitive personal information | No | — |
9. Children
This Site is not for children under 13. We do not knowingly collect information from them. If you believe a child has submitted information through our Site, let us know at info@odesk.me and we'll delete it promptly.
10. International Transfers
We're based in Vietnam, which means data you submit is processed here. If you're reaching out from the EEA, UK, or another region with its own data protection laws, your information will be transferred to and processed in Vietnam. We take appropriate steps to make sure it stays protected in line with this policy.
11. Updates to This Policy
We'll update this policy when our practices change or when the law requires it. When we do, the "Last Updated" date at the top will change. For significant changes, we'll reach out by email where we have your contact details. Your continued use of the Site after any update means you're okay with the revised policy.
12. Questions?
If anything here is unclear or you want to exercise your data rights:
- Email: info@odesk.me
- Address: 108 Tran Dinh Xu, Cau Ong Lanh Ward, Ho Chi Minh City, Vietnam