Privacy Policy

1. Who we are

The Services are operated by General Department of Taxation Tower (“GDT Tower”, “we”, “us”, “our”), located at GDT Tower, Russian Federation Boulevard, Phnom Penh, Cambodia. For privacy questions, data access requests, or to exercise the rights described below, contact our data protection point of contact at gdtapp@tax.gov.kh or 023 266 668 / 023 886 708.

We act as the data controller for personal information processed through the Services. Your tenant company (employer) may also act as a controller for data you provide in the course of using the GDT Tower Tenant app on its behalf.

2. Scope

This policy applies to:

• The public website at gdttower.tax.gov.kh, including meeting room, ballroom and auditorium booking flows.
• The GDT Tower Tenant mobile application for iOS and Android, distributed through the Apple App Store and Google Play.
• Related back-end services that process bookings, visitor passes, maintenance requests, announcements and notifications.

The mobile app is intended only for occupants and authorised personnel of tenant companies leasing space in GDT Tower. Access to the app requires a profile pre-provisioned by the GDT Tower facility administrator on behalf of your tenant company; the app does not offer public sign-up. It is not directed to the general public.

3. Information we collect

3.1 Account & identity (mobile app)

Tenant app accounts are created in advance by the GDT Tower facility administrator on behalf of your tenant company. As part of provisioning we hold your name, work email, phone number, employee ID, job title, the tenant company you belong to, the floor or unit you are assigned to, and your role within the building (for example, host, receptionist or facilities contact). The app does not offer self sign-up.

To sign in to your pre-provisioned account, you use Sign in with Apple or Google Sign-In. We receive a verified identity token containing your full name, email address and a stable provider user ID, which we match against the account your administrator created. We do not receive your social-network password. If you choose Apple’s “Hide My Email” option, we receive only the relay address Apple gives us; if you later disable the relay in your Apple ID settings, email from us will stop reaching you and you will need to ask your administrator to update your contact email.

3.2 Visitor pre-registration (mobile app)

When you, as a host, pre-register a visitor for entry to the building, you provide and we process the visitor’s name, contact details (phone, email, company), expected arrival and departure times, the meeting location inside the building, the floors they may access, vehicle plate, and an optional emergency contact and notes.

Optionally, you or building reception may capture a visitor’s photograph and scan a passport or national ID card to extract the document number, name, date of birth, nationality and document expiry from the Machine Readable Zone (MRZ). The MRZ scan runs entirely on-device using Google’s ML Kit text recognition — no part of the document image is sent to Google during scanning. After you confirm the captured data, the photograph of the document and the extracted text are uploaded to our servers and stored in association with the visit record.

Hosts are responsible for obtaining each visitor’s informed consent before entering or capturing their personal data. If a visitor objects, do not register them through the app.

3.3 Building service requests

We process information you submit when raising maintenance tickets, parking requests, support requests, room bookings, RSVPs, and other building services, including any free-text descriptions, photographs you attach, the unit or location affected, and the priority you assign.

When you organise a meeting through the app, the participant picker may surface colleagues from your own tenant company — their name, department and recent collaborations with you — so you can invite them. This directory is scoped to your tenant company; you cannot see users from other tenants.

3.4 Meeting room and venue bookings (website)

For meeting room, ballroom and auditorium reservations made through the public website, we process the booking contact’s name, email, phone, company name, the rooms and dates booked, any add-ons selected, special requirements, and payment details required to take a deposit and final balance.

3.5 Payment processing (website venue bookings)

Payments for venue bookings made through the public website are processed by PayWay (ABA Bank) using KHQR — Cambodia’s national QR-code payment standard. You complete the transfer in your own banking app, so we do not receive or store any card or bank-account details. We retain the PayWay transaction identifier, payer reference, amount, currency, status and the invoice records required to satisfy Cambodian tax and accounting law.

The Tenant mobile app does not display invoices, balances or billing information and does not process payments in this version. Settlement of any amounts owed between your tenant company and GDT Tower takes place outside the app.

3.6 Device and notification data

The Tenant app registers a Firebase Cloud Messaging (FCM) device token with our servers so we can send push notifications about visitor arrivals, maintenance updates, announcements and emergency alerts. The token is bound to your account and rotated automatically by Firebase. We also record the device platform (iOS or Android), app version and operating system version to triage compatibility issues.

We do not use third-party advertising SDKs and we do not track your activity across other companies’ apps or websites for advertising purposes.

3.7 Diagnostic and security logs

Our servers log API requests, source IP addresses, timestamps, the action taken, authentication outcomes (success, failure, refused), and crash diagnostics. These logs are used to detect abuse, investigate incidents and meet our security obligations.

3.8 Website cookies and similar technologies

The website uses strictly necessary cookies to remember your locale preference and an in-progress booking draft. We do not use third-party advertising or cross-site-tracking cookies.

4. How we use information

• Authenticate you and keep your session secure across devices.
• Operate the building services you have requested — visitor passes, maintenance tickets, parking, announcements, and venue bookings made through the website.
• Send transactional and operational notifications about those services, including push notifications and email.
• Issue, screen and verify visitor passes at building reception, and produce the QR codes used at check-in.
• Process payments and issue tax invoices for venue bookings made through the website.
• Send safety and emergency alerts to occupants of the building.
• Detect and investigate fraud, abuse, security incidents and breaches of these terms.
• Comply with applicable law, including Cambodian tax, accounting and law enforcement requirements.
• Improve the Services through aggregated, non-identifying usage analysis.

5. Legal bases for processing

Where applicable law requires us to identify a legal basis, we rely on:

• Performance of a contract with you or with your tenant company — for account, booking, billing and service-delivery processing.
• Legitimate interests — for building security, fraud prevention, system administration and improvement of the Services.
• Consent — for optional features such as marketing communications and capture of a visitor’s photograph and ID document. You may withdraw consent at any time.
• Legal obligation — for tax records, tenancy compliance and lawful requests by competent authorities.
• Vital interests — for safety notifications during a fire, evacuation or other building emergency.

6. Who we share information with

We do not sell or rent personal information. We share it only with:

• Your tenant company. Your employer may see bookings, visitor pre-registrations and maintenance tickets created on its behalf.
• Building operations and security personnel. Visitor records, including photo and ID details, are visible to reception and security staff to enable identity verification at check-in.
• Service providers acting as processors, including Google LLC (Firebase Cloud Messaging, Sign-In, ML Kit on-device processing), Apple Inc. (Sign in with Apple, Apple Push Notification service), PayWay by ABA Bank for website KHQR payments, and our infrastructure and email providers. Each processor is contractually bound to handle your data only on our instructions.
• Government authorities when required by valid legal process, court order, or to protect the vital interests of building occupants.
• Successors in the event of a merger, acquisition or transfer of GDT Tower’s operations, subject to equivalent privacy commitments.

7. International transfers

Some of our processors (notably Google and Apple) operate globally and may process data in countries outside Cambodia, including in the United States and the European Union. Where we transfer personal data internationally we rely on the processors’ published safeguards, such as Standard Contractual Clauses and equivalent transfer mechanisms. Payment processing through PayWay (ABA Bank) takes place inside Cambodia.

8. Data retention

• Account data is retained for as long as your account is active and for up to 24 months after closure to handle disputes and comply with tax record-keeping rules.
• Visitor records, including photographs and ID-document captures, are retained for up to 12 months from the date of the visit, after which they are deleted or anonymised, unless a longer period is required for an active investigation or legal claim.
• Website venue-booking, payment and invoice records are retained for the period required by Cambodian tax law (currently ten years).
• Diagnostic and security logs are retained for up to 90 days, except where a longer period is needed to investigate a specific incident.
• Push notification tokens are deleted within 30 days of you signing out, deleting the app, or the token being invalidated by Apple or Google.

9. Your rights

Subject to local law, you have the right to:

• Request access to the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your data (see Section 10).
• Object to or restrict certain processing.
• Withdraw consent at any time, where processing is based on consent.
• Receive a copy of the data you have provided in a portable format.
• Lodge a complaint with the competent supervisory authority in your jurisdiction.

To exercise any of these rights, email gdtapp@tax.gov.kh. We will respond within 30 days. We may need to verify your identity before acting on your request.

10. Account and data deletion

You can request deletion of your GDT Tower Tenant account and associated personal data at any time:

• In the mobile app: open More → Profile → Delete account, or
• Email gdtapp@tax.gov.kh from the address registered to your account.

On deletion we will permanently remove or irreversibly anonymise your profile, authentication identifiers, push notification tokens, app preferences and visitor pre-registrations you created. We will retain only the limited security and audit records we are legally required to keep, in archived form not used for any other purpose.

Account deletion is also offered as a web option at gdttower.tax.gov.kh/account/delete in line with Google Play’s Data Safety requirements.

11. Mobile app permissions

The Tenant app requests the following device permissions. Each is requested only when needed and you may decline or revoke any of them in your device settings.

• Camera — to scan visitor passport or ID-card MRZ during pre-registration, scan QR codes at check-in, and capture photos for maintenance tickets. The camera feed is processed live on-device and only the resulting photo or extracted MRZ data is sent to our servers.
• Notifications — to deliver visitor arrival, maintenance, booking, announcement and emergency alerts.
• Internet — to communicate with our back-end services.

The app does not access your photo library, contacts, calendar, microphone, precise location, motion sensors or health data.

12. Push notifications and emergency alerts

You can disable non-essential push notifications at any time in your device settings. Building safety and emergency alerts are sent at the highest priority available to a standard push notification; we may, in future versions of the app, request your permission to deliver these as time-sensitive or critical alerts at the operating system level.

13. Security

We protect personal data using TLS-encrypted transport, encryption at rest for authentication tokens (iOS Keychain and Android EncryptedSharedPreferences), short JWT lifetimes with rotating refresh tokens and reuse detection, role-based access control on administrative tools, audit logging of administrative actions, and regular dependency and infrastructure patching. No system is perfectly secure; if we become aware of a breach affecting your personal data, we will notify you and the competent authority as required by law.

14. Children

The Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact gdtapp@tax.gov.kh and we will promptly delete it.

15. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page indicates when it was last revised. Material changes will be communicated through the app or by email at least 14 days before they take effect. Continued use of the Services after the effective date constitutes acceptance of the revised policy.

16. Contact us

• Email (privacy enquiries and general): gdtapp@tax.gov.kh
• Telephone: 023 266 668, 023 886 708
• Postal address: GDT Tower, Russian Federation Boulevard, Phnom Penh, Cambodia.