Privacy Policy
Last Updated: January 15, 2025
Introduction and Scope
Neurglowflowsys operates under Taiwan's Personal Data Protection Act (PDPA) and maintains strict compliance with international privacy standards. This policy explains how we collect, process, and protect your personal information when you use our financial data interpretation services.
Our commitment to data privacy reflects our understanding that financial information requires the highest level of protection. We've designed our systems to minimize data collection while maximizing the value we provide to our users.
Information We Collect
Personal Information
- Contact information including name, email address, and phone number
- Company information and professional role details
- Account credentials and authentication data
- Communication preferences and language settings
Financial Data
We process financial documents and data that you voluntarily upload for interpretation services. This includes spreadsheets, reports, and numerical datasets. We never store raw financial data beyond the processing period required for your specific analysis.
Technical Information
- IP addresses and device information for security monitoring
- Session data and usage patterns to improve service performance
- Browser type and operating system for compatibility optimization
How We Use Your Information
| Purpose | Legal Basis | Retention Period |
|---|---|---|
| Service delivery and financial analysis | Contract performance | Duration of service + 3 years |
| Account management and support | Legitimate business interest | Account lifetime + 2 years |
| Legal compliance and audit requirements | Legal obligation | 7 years as per Taiwan regulations |
| Security monitoring and fraud prevention | Legitimate interest | 12 months maximum |
We believe in purpose limitation – your data is only used for the specific reasons you've agreed to. We don't engage in data mining or create user profiles for marketing purposes.
Data Security and Protection
Financial data requires exceptional security measures. Our protection framework includes multiple layers of defense designed specifically for sensitive financial information.
Technical Safeguards
- AES-256 encryption for all data at rest and in transit
- Multi-factor authentication for all user accounts
- Regular security audits and penetration testing
- Secure data centers with physical access controls
- Automated backup systems with encryption
Administrative Controls
Access to personal data is restricted to authorized personnel who require it for their specific job functions. All staff undergo privacy training and sign confidentiality agreements. We maintain detailed access logs and conduct regular reviews of data handling practices.
Your Rights Under Taiwan PDPA
Quick Reference: Your Data Rights
Taiwan's Personal Data Protection Act grants you comprehensive control over your personal information. These rights are fundamental to our relationship with you.
Right to Access
You can request a complete copy of all personal data we hold about you. We'll provide this information within 15 days of your request, along with details about how we've used your data and who we've shared it with.
Right to Correction
If any information we hold is inaccurate or incomplete, you have the right to have it corrected immediately. This includes updating contact details, company information, or correcting any errors in your account data.
Right to Deletion
You can request deletion of your personal data when it's no longer necessary for the original purpose, or if you withdraw consent. However, we may retain certain information if required by Taiwan's financial regulations or for legitimate business purposes.
Right to Data Portability
You can obtain your personal data in a structured, machine-readable format and transfer it to another service provider. We'll provide your data in CSV or JSON format within 30 days of your request.
How to Exercise Your Rights
To exercise any of these rights, send a written request to our Data Protection Officer at help@neurglowflowsys.com. Include your full name, account details, and specify which right you wish to exercise. We may require identity verification before processing your request.
International Data Transfers
While our primary data processing occurs within Taiwan, some technical services may involve transfers to other jurisdictions. Any international transfers are governed by adequacy decisions or appropriate safeguards as required by Taiwan's PDPA.
Transfer Safeguards
- Standard contractual clauses with all international service providers
- Regular compliance audits of overseas partners
- Data processing agreements that meet Taiwan's legal requirements
- Ongoing monitoring of international privacy law changes
Cookies and Tracking Technologies
We use essential cookies to maintain your session and provide core functionality. Analytics cookies help us understand how users interact with our platform, allowing us to improve the service.
Cookie Categories
- Essential cookies: Required for login, security, and core platform functions
- Analytics cookies: Help us understand usage patterns and improve user experience
- Preference cookies: Remember your settings and customization choices
You can control cookie settings through your browser preferences. However, disabling essential cookies may affect platform functionality.
Data Breach Response
In the unlikely event of a data breach affecting your personal information, we follow a comprehensive incident response plan that prioritizes user notification and regulatory compliance.
Our Response Process
- Immediate containment and assessment of the security incident
- Notification to Taiwan's National Development Council within 72 hours
- Direct communication to affected users within 72 hours when required
- Detailed investigation and implementation of additional safeguards
- Post-incident review and security improvement measures
Changes to This Policy
We review and update this privacy policy annually, or when significant changes occur in our data processing practices or legal requirements. Material changes will be communicated through email notification and prominent website announcements.
Previous versions of this policy are archived and available upon request. We believe in transparency about how our privacy practices evolve over time.
Privacy Contact Information
For questions about this privacy policy or to exercise your data rights, contact our Data Protection Officer: