Privacy Policy
Last Updated: January 15, 2025
At Ultraflowneuron, we handle server infrastructure and database systems that often contain sensitive business information. This means privacy isn't just a legal requirement for us—it's part of the job. This policy explains how we collect, use, and protect your data when you interact with our services or visit our website.
1. Information We Collect
Information You Provide Directly
When you reach out for a consultation or contract our services, we collect basic contact and business information. This includes your name, email address, phone number, company details, and whatever technical information you share about your infrastructure needs.
If we're working together on a project, we'll also collect information about your database architecture, server configurations, and system requirements. We need this to do our job properly.
Information We Collect Automatically
Our website collects standard technical data when you visit: IP addresses, browser types, device information, and how you navigate through the site. We use this to keep things running smoothly and to understand which parts of our site are actually useful.
- Log data including access times and pages viewed
- Device identifiers and operating system information
- Referring URLs and search terms that brought you here
- Session duration and interaction patterns
Technical Data from Client Projects
During active projects, we access and analyze technical data from your systems. This might include database query logs, server performance metrics, error logs, and configuration files. We only access what's necessary for the specific work we're doing, and we handle it all under strict confidentiality agreements.
2. How We Use Your Information
We use the information we collect for pretty straightforward reasons. Mostly, it's about doing the work you hired us for and keeping communication open.
| Purpose | Types of Data Used |
|---|---|
| Providing IT services and technical support | Contact info, technical specifications, system access credentials |
| Project communication and updates | Email, phone, project documentation |
| System optimization and troubleshooting | Server logs, database performance data, error reports |
| Billing and contract management | Company details, contact information, service agreements |
| Website improvement | Usage statistics, technical logs, feedback |
We don't use your data for advertising or sell it to third parties. That's not our business model. We're not interested in monetizing your information—we make money by doing good technical work.
3. Legal Basis for Processing (Taiwan Context)
Under Taiwan's Personal Data Protection Act, we process your personal data based on several legal grounds:
- Contractual necessity: When we need your data to fulfill our service agreements
- Legitimate interests: For business operations, security, and service improvement
- Your consent: When you've explicitly agreed to specific uses of your data
- Legal obligations: When Taiwan law requires us to retain or process certain information
We comply with regulations from Taiwan's National Development Council and follow industry standards for data protection in IT services.
4. Data Sharing and Disclosure
We keep your information to ourselves unless there's a specific reason to share it. Here's when that might happen:
Service Providers
Sometimes we work with other companies to deliver our services—cloud hosting providers, backup services, or specialized database tools. These providers only get access to the data they need to do their specific job, and they're bound by confidentiality agreements.
Legal Requirements
If Taiwan authorities request information through proper legal channels, we'll comply. We'll also disclose data if it's necessary to protect our legal rights or prevent harm.
Business Transfers
If Ultraflowneuron is acquired or merges with another company, your information would transfer to the new entity. We'd notify you beforehand and give you options about how your data is handled.
We never sell client data to marketers, data brokers, or advertisers. Period.
5. Data Security Measures
Given that we work with database and server infrastructure, security is something we take seriously. Here's what we do:
- All data transmissions use TLS 1.3 encryption
- Client project data is stored on encrypted servers in secure data centers
- Access to client systems is controlled through SSH keys and multi-factor authentication
- Our team follows principle of least privilege—people only access what they need for their work
- Regular security audits and vulnerability assessments
- Secure disposal protocols for decommissioned hardware and deleted data
That said, no security system is perfect. We do our best to protect your data, but we can't guarantee absolute security. If we detect a breach that affects your information, we'll notify you within 72 hours as required by Taiwan regulations.
6. Your Rights and Choices
Under Taiwan's Personal Data Protection Act, you have several rights regarding your personal information:
Access and Portability
You can request a copy of the personal data we hold about you. We'll provide it in a commonly used electronic format within 15 business days. There's no charge for your first request in a calendar year.
Correction
If your information is inaccurate or incomplete, let us know and we'll fix it. This is important for maintaining accurate project documentation anyway.
Deletion
You can ask us to delete your personal data. We'll comply unless we have a legitimate reason to keep it (like ongoing contracts, legal obligations, or unresolved disputes). For active projects, some technical data needs to stay until work is completed.
Restriction and Objection
You can object to certain uses of your data or ask us to restrict processing. This might affect our ability to provide services, but we'll work with you to find reasonable solutions.
Withdrawal of Consent
If we're processing your data based on consent, you can withdraw it anytime. This won't affect any processing that happened before you withdrew consent.
To exercise any of these rights, email us at [email protected] with "Data Rights Request" in the subject line. We'll need to verify your identity before processing requests.
7. Data Retention
We keep different types of data for different periods, based on what's necessary and what's legally required:
- Active project data: Retained for the duration of the project plus 90 days for transition and support
- Contract and billing information: 7 years as required by Taiwan tax regulations
- Technical documentation: 3 years after project completion for reference and support purposes
- Website usage data: 24 months, then aggregated and anonymized
- Communication records: 2 years after last contact
After these periods, we securely delete or anonymize the data. For technical systems we've worked on, we maintain anonymized performance baselines for internal reference—no identifying client information attached.
8. International Data Transfers
Our primary operations are based in Taiwan, and we store most data in Taiwan-based data centers. However, some of our service providers—particularly cloud infrastructure and backup services—may store data outside Taiwan.
When we transfer data internationally, we ensure adequate protection through:
- Standard contractual clauses approved for cross-border data transfers
- Verification that receiving countries have adequate data protection laws
- Additional encryption and security measures for international transfers
- Regular audits of international service providers' security practices
If you have concerns about where your data is stored, we can discuss options for keeping everything within Taiwan's borders. It might affect service choices and costs, but it's doable.
9. Cookies and Tracking Technologies
Our website uses minimal cookies—just what we need for basic functionality and analytics. We're not tracking you across the internet or building advertising profiles.
Essential Cookies
These keep the website working: session management, security features, and remembering your preferences. You can't disable these without breaking site functionality.
Analytics Cookies
We use basic analytics to understand how people use our site. This helps us know which content is useful and where we need to improve. The data is aggregated and doesn't identify individual visitors.
You can disable analytics cookies through your browser settings without affecting core site functions. Most modern browsers have good cookie management tools built in.
10. Third-Party Links
Our website might link to external resources—technical documentation, industry news, or partner services. Once you leave our site, this privacy policy doesn't apply. We can't control how other sites handle your data, so check their policies if privacy matters to you.
We try to only link to reputable sources, but we're not responsible for third-party privacy practices.
11. Children's Privacy
Our services are designed for businesses and professionals. We don't knowingly collect information from anyone under 18. If we discover we've accidentally collected data from a minor, we'll delete it promptly.
12. Changes to This Policy
We update this policy when our practices change or when regulations require it. We'll post the new version here with an updated date at the top. For significant changes, we'll send direct notifications to active clients.
Check back occasionally if privacy policies are your thing. The date at the top tells you when we last made changes.
13. Questions and Complaints
If you have questions about how we handle your data, or if you think we've messed something up, reach out. We'll do our best to address concerns quickly and transparently.
You also have the right to file a complaint with Taiwan's National Development Council if you believe we've violated data protection regulations. We'd prefer you talk to us first so we can fix any issues directly.