IPO & Capital Raising

A company’s initial public offering (IPO) is a transformational event in its growth, whether it has a history of operations or is a startup venture. Apolat Legal understand the IPO process and use our experience and relationships to assist our clients across a full range of industry sectors in choosing the most appropriate course of action to achieve their IPO objective.

Apolat Legal is highly proficient in assisting and advising our clients on the legal frameworks surrounding listed shares, bonds and long-term investments. We provide legal advice and compliance services for our clients on laws, decrees, exchange listing rules , circulars, guidance and regulations in relation to listing on the stock market and IPO process collectively; listing requirements; takeovers of public companies; filings; delisting and relevant matters. We are also specialized in legal and regulatory affairs and our services in relation to takeover included due diligence; negotiations; transactional services; and delisting.

The protection and enhancement of our clients’ legal interests is always Apolat Legal’s overriding concern. We work together with clients to create a tailored issuance concept for clients’ successful placement on the stock exchange.

KEY CONTACT

Dinh Quang Long

Managing Partner

Pham Hong Manh

Senior Partner

RELATED ARTICLES

Legal framework for venture capital funds in Viet Nam 

In recent years, Viet Nam has become an emerging regional startup hub. In this context, Vietnamese government has also introduced new regulations to pave the development of startup wave in Viet Nam. Alongside the effect of the Law on Supporting Small and Medium-Sized Enterprises in 2018, in the same year, the government also issued Decree No.38/2018/ND-CP on investment in SMEs and startups, as well as innovative businesses, which outlined solutions to create favorable conditions for them to access venture capital. The legal framework for venture capital funds under the Decree 38 creates an attractive investment climate and opens capital channels into early stage startups in Viet Nam.

Under Decree 38, a venture capital fund (as Innovative investment fund under the wording of Decree 38) means a fund which is formed from investments of private investors to invest in innovative startups. The fund is established by investment made from no more than 30 investors. Investors may make contributions to a venture capital fund by VND cash, gold, land-use rights and other assets which may be valued in VND. Investors are not entitled to contribute borrowed capital to a venture capital fund. Especially, the Decree requires that total investment made in a startup shall not exceed 50% of the startup’s charter capital after receiving investments.

The other concern is the ability of foreign investors to invest in venture capital funds. With respect to this, Decree 38 does not have any specific regulation. Generally, foreign investors who seek opportunities to invest in venture capital must comply with the same regulations (and limitations) on market-access restrictions for foreign investors investing in a Vietnamese company as provided by investment laws, such as limitations under Viet Nam’s WTO Commitments related to business lines closed to foreign investors or conditional sectors. Due to lacking clear regulations, the question is that, regarding the foreign investment into venture capital funds, if the current investment licensing procedures and regulations on foreign currency management is applied?

The fund’s investors may either establish or hire a company to take charge of managing the venture capital fund. The fund management company shall carry out procedures for establishment of the venture capital fund and apply for registration of its additional business sector, which is management of venture capital fund, in accordance with the regulations on company registration. 

To provide protections for venture capital investors, Decree 38 requires all venture capital investors to enter into an agreement controlling the governance of the fund. Unless otherwise specified in the fund’s charter, the fund management company shall submit reports to the fund’s Board of representatives/ Director on a three-month basis. Besides, the venture capital fund’s charter must state that the purpose of the fund is engaging in high-risk investments. To control transactions between related parties, the consent of investors is required in transactions between the venture capital fund and a startup whose legal representative is related to the investor who owns at least 35% of the fund’s paid-in capital or a smaller percentage thereof prescribed in the fund’s charter.

Regulatory trends show that the government is trying to create favorable conditions for the development of the startups community. Although some topical areas such as fintech, e-commerce, high-tech agriculture will need specific legislations to rapidly grow, the introduction legal framework for the operation of venture capital funds will be the first key step to speed up the startup environment in Viet Nam.

Read more...

Protection Of Consumers’ Information Under Vietnamese Laws

In the digital age, customers’ information has become the ultimate weapon accelerating an enterprise’s competitiveness. Through the act of collecting, archiving and analyzing the pool of customers’ data, enterprises can learn the customers’ demands and shopping habits to improve their services, develop relationships with the customers as well as identify new business opportunities.

In fact, besides enterprises which use customers’ information to enhance their services and take care of their customers, there are a lot of enterprises which sell their customers’ information for benefits. The fact that customers’ personal information is being illegally disclosed, stolen and made into goods for selling ubiquitously on the internet poses many potential risks for the customers. Consequentially, the protection of personal information in general and consumers’ information, in particular, has become one of the most burning issues that need to be taken into account.

Therefore, by this article, the author will briefly discuss the regulations of Vietnamese laws regarding the protection of consumers’ information. 

1. Consumers’ information 

Consumers’ information includes information about names, ages, contact addresses, phone numbers, credit card numbers or information on payment transactions that has been collected by enterprises through the sale of goods, provision of services or market surveys conducted by the enterprises. Such information is considered personal information because it is connected with the identification of a particular customer and is an important, commercially valuable source of data that can be utilized by enterprises for advertising, marketing, broadcasting and other customer care activities.

In general, all enterprises want their customers to provide as much information as possible, making it easier for them to consult and introduce appropriate products. However, when sharing their personal information, almost every customer fears that their information will be leaked and their right to privacy, hence, will be invaded. As a result, to ensure their right to privacy will not be violated, every customer wants to know why their personal information is being collected, as well as how it will be archived and used.

2. Regulations on the protection of consumers’ information

At the moment, Vietnamese regulations on the protection of consumers’ information are not concentrated in a specific law but are scattered in many different specialized statutory texts. In particular, the protection of consumers’ information is provided in Article 6 of the Law on the Protection of Consumers’ rights 2010. This provision acknowledges that consumers’ information will be kept safe and secret when they engage in transactions, purchase goods or use services unless otherwise requested by competent agencies. In case business organizations or individuals collect, use, or transfer consumers’ information, they have to perform their responsibilities to: (a) Clearly and publicly notify the consumers in advance of the purpose of collecting and using such information; (b) Use the information in accordance with purposes notified to the consumers after obtaining their consent; (c) Ensure safety, accuracy and completeness when collecting, using, transferring consumers’ information; (d) Take initiative in updating and amending information on discovery that it is inaccurate, or take measures to enable consumers to update and amend such information; (dd) Only transfer consumers’ information to a third party when the consumers consent, unless otherwise required in other laws.

In the field of credit and banking, the duty to ensure information confidentiality and not provide information about any customer’s account, deposits, assets and transactions is enumerated in Article 14 of the Law on Credit Institutions 2010.

As regards the field of e-commerce, Decree No. 52/2013/ND-CP on e-commerce has set forth many important provisions on the protection of consumers’ personal information in chapter 5 – safety and security in e-commerce transactions. This Decree has also contributed to produce a fairly comprehensive definition for the term “personal information” and this is the first time the phrase “information subject” (or data subject), which has existed in many countries’ personal information protection laws, is used.

Regulations on the protection of personal information safety continued to be perfected when the Law on Cyberinformation Security was passed in 2015. Accordingly, apart from joining forces with Decree No. 52/2013/ND-CP by introducing a definition for the term “information subject”, the Law on Cyberinformation Security also offered principles of protecting personal information in cyberspace (Article 16), requirements for the collection, use, updating, amendment and cancellation of personal information (Article 17 and Article 18), requirements of security assurance for personal information in cyberspace (Article 19) and responsibilities of state management agencies in protecting personal information in cyberspace (Article 20). 

Moreover, the issue of protecting personal information and the right to privacy have also been acknowledged in the Civil Code 2015. Correspondingly, Article 38 of the Civil Code 2015 stipulates that “private life, personal privacy and family privacy are inviolable and protected by law” and the collection, storage, use or publication of such information must be approved by the information subject and their family. 

In addition, Vietnamese laws have also issued certain sanctions against violation of personal information confidentiality in general and consumers’ information in particular. Accordingly, in Article 84 of Decree No. 15/2020/ND-CP on penalties for administrative violations in the field of posts, telecommunications, radio frequency, information technology and e-commerce transactions, the maximum administrative penalty for violations in collecting and using personal information is 30.000.000 VND together with remedial measures – compulsory cancellation of personal information gained from wrongful conduct. Likewise, Decree No. 98/2020/ND-CP on penalties for administrative violations in commercial activities, production of, trading in counterfeit or banned goods and protection of consumers’ rights also provided for sanctions against violations in protecting personal information in e-commerce activities (Article 65) as well as sanctions against violations in protecting consumers’ information (Article 46). 

Apart from administrative penalties, individuals and organizations engaging in violative acts towards personal data can also suffer criminal liabilities for the crimes of “Infringment upon another person’s secret information, mail, telephone, telegraph privacy or other means of private information exchange (Article 159 of the Criminal Code 2015)” or “Illegal provision or use of information on computer networks, telecommunications networks (Article 288 of the Criminal Code 2015)”.  

3. Reality of consumers’ information protection in Vietnam

The crisis of trade-in customers’ personal information is particularly alarming in Vietnam when advertisements for customers’ data are popping up ubiquitously on the internet. Just type the keywords “buy customers’ data” into Google and no longer than a second later, thousands of advertisements with prices ranging from tens of thousands to hundreds of thousands dongs will appear (https://danhsachkhachhang.com, https://danhsachmoi.com, https://fulldata.org,…). Customers’ data is marketed under various service packages such as facebook customers lists; insurance, banking individual customers lists; mobifone-using customers lists;….and such sales are executed in the following main two ways:

On the one hand, enterprises will actively collect and store customers’ information to create a data pool and proceed to analyze and process this information to operate their businesses.

On the other hand, enterprises will collect the personal information of customers and let their partners access this information without having any solid regulations on preventing their partners from transferring or selling such information to yet other partners.

As we can see, although Vietnamese laws have issued some regulations in an effort to protect personal information, it seems that such regulations are not really effective, and the sanctions are not heavy enough to resolve this worrisome issue.

Read more...

Transferring Land-Use Rights In Industrial Parks

Along with the investment increase into industrial parks, the transfer of land use rights in industrial parks and relevant legal issues are more and more interested. However, unlike other real estates, when transferring land-use rights in industrial parks, enterprises need to pay attention to the following issues:

1. Are your land use rights in industrial parks allowed to be transferred?

The statutory provisions on real estate permit enterprises who lease land in industrial parks to conduct the transaction of transferring land-use rights in the industrial park in the following case:

  • Point a, Clause 3, Article 149 and Point a, Clause 2, Article 174 of the 2013 Land Law (“the Land Law”) regulated that in case of subleasing land in industrial parks from the company investing and trading infrastructures of industrial parks in the form of subleasing land with one-off rental payment for the entire lease period, enterprises shall have the right to transfer land use rights and land-attached assets under their ownership.
  • Point a Clause 2, Article 185 of the Land Law also stipulates that foreign-invested enterprises subleasing land with one-off rental payment for the entire lease period shall have the rights and obligations stated in Article 174 of the Land Law, including the right to transfer land use rights and land-attached assets under their ownership.

Therefore, among the forms of land lease in industrial parks under Clause 3 Article 149 of the Land Law (including subleasing land with one-off rental payment for the entire lease period and subleasing land with annual rental payment), only organizations/individuals who sublease land with one-off rental payment for the entire lease period have the right to transfer the leased land use right.

2. Does the transferee have the right to lease land in the industrial park?

According to the provisions of Clause 3 Article 149 of the Land Law, subjects who are entitled to sublease land from the company investing and trading infrastructures of industrial parks include:

  • Economic organizations (being defined to include enterprises, cooperatives and other economic organizations as prescribed by civil law, excepting foreign-invested enterprises);
  • Households, individuals, Vietnamese residing abroad;
  • Foreign-invested enterprises.

The regulation on land users in Article 5 of the Land Law details the subjects allowed to allocate land, lease land by the State, recognize the land use rights, and receive the transfer of land use rights nut not refer to foreign individuals and organizations. In other words, Vietnam’s land law does not allow foreign individuals and organizations to lease land in industrial parks directly. So, when transferring land-use rights in industrial parks, enterprises also need to pay attention that the transferee must be eligible to sublease land in the industrial park as mentioned above.

3. Conditions for the transfer of land use rights under the land sublease contract with the unit that invests in the construction and commercial operation of infrastructure

As mentioned above, in the case of leasing land with one-off rental payment for the entire lease period, enterprises will have the right to transfer land use rights; this is a legal right and cannot be inhibited. However, in some cases, the land sublease contract between the enterprise and the company investing and trading infrastructures of industrial parks stipulate some procedures require enterprises must perform before carrying out the transfer, such as informing the transfer in writing before performing, liquidating of the old land lease contract, etc. Therefore, enterprises should pay attention to double-check the land sublease contract for restrictions or procedures that need to be executed before officially performing the transfer.

In addition, the law related to the transfer of land use rights does not have separate regulations on the procedures to transfer ownership, benefits and utilities associated with the land in the industrial park from the old enterprise to the new one. Depending on each case, the company investing and trading infrastructures of industrial parks will provide a different procedure guideline for transferring rights. Therefore, enterprises should pay attention and work with the infrastructure development unit for guidance on appropriate transfer procedures to avoid cases that after the legal transfer, the infrastructure development unit does not agree to transfer the lease contract or the facilities in industrial parks to the transferee.

The above issues are just general notes; depending on the specific transfer case, the transferors and transferees will have to check problems related to real estate more carefully and thoroughly. Making a list of to-do works and issues to pay attention to before conducting a real estate transfer or any transaction will help enterprises restrict most mistakes and risks before implementing.

Read more...

Legal issues about collecting and using the customer’s information

In recent years, as a result of the strong technological development, e-commerce services have quickly become popular and attracted a huge amount of consumers due to their convenience. To conduct e-commerce transactions, consumers must provide their personal information to service providers or their partners. The collected personal information will be stored and managed by businesses, on the one hand, to meet the demands of customers in transactions. On the other hand, it will be used to take care of and provide after-sales service to customers through discounts, promotions, or advertising. Businesses can easily reach their old customers through available customer data mining, improve and adjust their services properly, thereby expand their market share. This personal information when accessed (like above mention) can become valuable data, therefore, all businesses desire to access, collect, use and exploit the customers’ personal information. However, not most businesses are aware of the regulations to collect and use customers’ personal information legally.

In the scope of the article, we will highlight some legal regulations that businesses should note and comply with when collecting and using customer information, especially personal information collected through cyberspace. 

So, what types of information are included in personal information?

Personal information is information contributing to identifying a particular individual, including his/her name, age, home address, phone number, medical information, account number, information on personal payment transactions, and other information that the individual wishes to keep confidential.

Requirements when collecting customer information

Collecting personal information is to create a database that collects the personal information of many consumers who are customers or potential customers of the businesses. Currently, Vietnamese law, in general, and Law on Protection of consumer’s rights, in particular, really appreciate protecting customer information. Accordingly, when customers conduct transactions, use goods and services, they will be guaranteed the safety and confidentiality of their information. Businesses are not allowed to provide customers’ personal information to third parties, except in case there is a request from a competent authority or the consent of that customer.

In order to collect customer information for business purposes, businesses need to take the following responsibilities:

  • Notify clearly and openly the customer of the purpose of the collection and use of customer information before such activities being done;
  • Use the information in conformity with the purpose informed to customers, and with the consent by the customers;
  • Ensure safety, accuracy, completeness during collection, use, and transfer of customer information;
  • Update or adjust by themselves or help customers to update and adjust as the information is found to be incorrect;
  • Not provide, share, spread the customer information collected, assessed, controlled by businesses to third parties, except in case getting the consent of the customer or complying with the law. 

Thus, in order to collect and use customer information legally and avoid possible risks in the future, businesses need to develop and publish an Information Security Policy for customers’ personal information. Accordingly, this policy should clearly stipulate the following contents:

  • Purpose(s) of collection of personal information;
  • Scope of information use;
  • Duration of information storage;
  • Persons or organizations that may access such information;
  • Address of the information collection and management unit, indicating how consumers can ask about the collection and processing of information relevant to them;
  • Method and tools for consumers to access and modify their personal data on the e-commerce system of the information collection unit. ;

The Information Security Policy needs to be specifically communicated to customers by the businesses before or at the time the businesses collect information. Businesses may post/publicize the Information Security Policy at an easy-to-spot position on these websites, email, message, or other methods as agreed between the two parties.

In addition, businesses need to ensure that there is a mechanism to ask for permission from customers when collecting their information through online functions on their websites. Businesses also need to have their own mechanism so that customers can choose to allow or not allow the use of their information in the following cases:

  • Sharing, disclosure or transfer of information to a third party;
  • Use of personal information for sending advertisements, product introductions and other commercial information.

On the other hand, in some special cases, businesses are entitled to collect information from customers without their prior consent as follows:

  • Collection of personal information already published on e-commerce websites;
  • Collection of personal information for concluding or performing goods and service purchase and sale contracts;
  • Collection of personal information for calculating prices or charges for use of information, products and services online. 

After collecting and storing customers’ information, businesses shall assure safety and security of the information, and prevent the following acts: (i) hacking or illegally accessing information; (ii) Illegally using information; (iii) Illegally altering or destroying information. Business shall formulate mechanisms for receiving and settling customer complaints about the use of personal information for improper purposes or beyond the notified scope. In case an information system is hacked, posing a risk of loss of customers’ information, businesses shall notify the incident to a functional authority within 24 hours after detecting it. 

Businesses also need to have a plan to change customer information when there is a request to change, update, adjust or cancel by doing it themselves or providing tools for customers to self-check, update and adjust their personal information. In addition, businesses must destroy stored personal information when the purpose of use has been fulfilled or the storage period expires and must notify the customer unless otherwise provided for by law.

In case the businesses fail to comply with the above regulations, businesses may be administratively sanctioned, and depending on the particular violation, the administrative sanction may be up to VND 60,000,000. If the relevant information is customers’ confidential information, the fine can be up to VND 80,000,000. In addition, customers have the right to claim damages due to violations in the provision of personal information.

The above are a number of legal issues related to the collection and use of customers’ personal information that businesses need to understand and comply with, in order to properly perform, limit errors that lead to unfortunate consequences.

Read more...

    Contact Apolat Legal