Privacy Policy

BMF's Statement on Privacy, Encryption Standards, and Liability Boundaries.

DATA SECURITY & PRIVACY

This document is established in strict compliance with the laws and regulations of the Socialist Republic of Vietnam, including: Cybersecurity Law 2018 and Decree 13/2023/ND-CP on the protection of personal data . BMF clearly defines the technical mechanisms and outlines insurmountable legal boundaries to protect the platform's neutrality.

1. Clearly Defining Legal Roles

To exclude any inference of joint liability during operations, BMF and Users (Customers) mutually define their roles as follows:

  • Customers are "Data Control Parties": Customers have full authority to decide on uploading, inputting, collecting, and the purpose of using the data. Customers are the sole subjects responsible for the legality, copyright, and content of the data.
  • BMF is "Infrastructure & Algorithm Provider": BMF only provides the server environment and the black-box algorithm to process information according to the instructions of the Customer. BMF does not participate, intervene, advise, or review the content of the Customer's data.
2. ABSOLUTE DISCLAIMER OF CONTENT

Based on the principle of providing neutral services, BMF establishes a legal firewall to protect the platform from any abusive actions by Users:

A. NO JOINT LIABILITY: If Users use the BMF platform to store, transmit, or process data that violates the law (including but not limited to: materials opposing the Socialist Republic of Vietnam, fraudulent data, obscene content, intellectual property violations, or malicious code), BMF is fully exempt from criminal, civil, and administrative liability. BMF is not an accomplice, does not incite, and has no duty to know about these actions (due to the nature of encryption).

B. NO BURDEN OF COMPENSATION: BMF rejects all claims for compensation (direct, indirect, lost profits, or reputational damage) from Users or any third parties arising from the use, inability to use, or data leaks caused by User errors (e.g., password exposure, virus-infected devices).

3. Zero-Knowledge Architecture as a Foundation for Defense

BMF's non-responsibility for content (in Section 2) is reinforced by the following technical facts:

  • End-to-End Encryption (E2EE): All data communication with the BMF system is hashed and encrypted. BMF does not hold the decryption key (Private Key).
  • Technical Information Blindness: Due to physical and algorithmic limitations, BMF's administration team has no ability to read, scan, or pre-moderate the plaintext content of Users. Therefore, the law cannot hold BMF responsible for content that its technical system cannot perceive.

4. Commitment to Not Exploiting Cross-Data

In order to strictly comply with regulations on protecting commercial privacy:

  • BMF commits to not using, not copying, not extracting Customer data/queries for training (Training) any Artificial Intelligence models.
  • BMF absolutely does not commercialize, sell, or exchange Customer identity information or usage habits with advertising companies or third parties.

5. Compliance with Requests from Government Authorities

BMF is a law-compliant organization. In the event of receiving valid requests/commands from courts, investigative agencies, or regulatory bodies with jurisdiction in Vietnam:

  • BMF will cooperate within the scope of its authority and technical capabilities.
  • However, due to the nature of the Zero-Knowledge Architecture, BMF asserts that it can only provide encrypted data files (Encrypted blobs) and metadata (Metadata/IP logs). BMF cannot provide the original content (Plaintext) and does not assume responsibility if the relevant authorities cannot decrypt the data. This cooperative action does not violate our privacy policy with customers.

6. Right of Destruction & Force Majeure

Customers hold the right to permanently delete their data (Kill-Switch). When executing a deletion command, the data will be overwritten multiple times (Shredding) and removed from all backup servers. This process cannot be undone.

Force Majeure Statement: BMF is not liable for any data leaks, loss, or service disruptions caused by events beyond its reasonable control, including: natural disasters, war, strikes, national telecommunications infrastructure failures, government interventions, or cyber attacks (Cyber-attacks/Zero-day exploits) that exceed the current technology's defensive capabilities.

7. Mandatory Confirmation

BMF system only provides services to users who are at least 18 years old and have full civil capacity. By continuing to use the service, you acknowledge that you have read, understood the technical nature of the service, and agreed to the waiver of 100% legal responsibility for BMF as outlined in this document.

BMF - A NEUTRAL TECHNOLOGY PLATFORM

Protecting your privacy - Clearly defining our responsibilities.