Information We Collect

The information we collect depends on how you interact with our services. Here's what that looks like in practice.

Information You Provide Directly

When you work with us, you share certain information intentionally. This includes your business contact details, operational data for monitoring purposes, communication preferences, and billing information. We only ask for what we actually need to deliver our services effectively.

Information We Collect Automatically

How We Use Your Information

Every piece of data we collect serves a specific purpose. We don't gather information just to have it.

We analyze operational data to identify efficiency patterns and adjustment opportunities. This analysis happens within our secure systems and remains confidential to your business relationship with us.

Data Sharing and Disclosure

Your business data stays with us unless there's a legitimate reason to share it. Here's when and why we might share information.

Service Providers

We work with carefully selected third parties who help us deliver our services. This includes cloud infrastructure providers, data security services, and payment processors. These providers can only access data necessary for their specific function and are contractually required to protect it.

Legal Requirements

We may disclose information when required by Taiwan law, court orders, or regulatory authorities. We'll notify you about such requests unless legally prohibited from doing so. In three years of operation, we've received two such requests, both related to routine business verification.

Business Transfers

If Evolvratech is acquired or merges with another company, your information would transfer as part of that transaction. You'd be notified in advance and given options regarding your data.

Data Security Measures

Security isn't just about technology. It's about processes, training, and constant vigilance. Here's how we protect your information.

No security system is perfect, but we invest significantly in protecting your data. Our 2024 security audit found zero critical vulnerabilities and resulted in minor recommendations that were implemented within two weeks.

Your Rights and Choices

You have control over your information. Taiwan's Personal Data Protection Act grants you specific rights, and we honor them fully.

Access Your Data

You can request a complete copy of the information we hold about you. We'll provide this in a structured, commonly used format within 30 days. There's no charge for your first annual request.

Correct Inaccuracies

If information we hold is incorrect or incomplete, let us know. We'll update it promptly. For operational data, corrections must be substantiated to maintain data integrity for analytical purposes.

Request Deletion

You can ask us to delete your personal information. We'll comply unless we have a legitimate reason to retain it, such as ongoing service delivery, legal obligations, or unresolved billing matters. We'll explain if deletion isn't possible and why.

Data Portability

You can request your operational data in a format that allows transfer to another service provider. This helps you avoid vendor lock-in and maintains your business flexibility.

Withdraw Consent

For data processing based on consent rather than contract necessity, you can withdraw that consent anytime. This doesn't affect the lawfulness of processing that occurred before withdrawal.

Data Retention

We don't keep information longer than necessary. Our retention periods are based on business requirements, legal obligations, and your preferences.

Active Client Data

While you're an active client, we retain all operational and monitoring data to provide continuous service. This includes historical data needed for trend analysis and plan adjustments.

After Service Termination

When service ends, we retain essential business records for seven years as required by Taiwan tax law. This includes billing records and basic service history. Operational monitoring data is deleted within 90 days unless you request otherwise.

Backup Systems

Deleted data may persist in backup systems for up to 60 additional days before being permanently removed. During this period, the data is not accessible for normal operations but exists for disaster recovery purposes.

Anonymized Data

We may retain anonymized operational data indefinitely for research and service improvement. This data cannot be linked back to specific clients and doesn't constitute personal information under Taiwan law.

International Data Transfers

Our operations are based in Taiwan, and your data is primarily stored and processed here. However, some service providers operate internationally.

When data leaves Taiwan, we ensure it receives equivalent protection through contractual safeguards and by selecting providers in jurisdictions with adequate data protection laws. You can request specific information about international transfers affecting your data.

Currently, data transfers occur to cloud infrastructure providers with data centers in Taiwan and Singapore. These transfers are covered by standard contractual clauses approved by Taiwan's data protection authority.

Cookies and Tracking

Our platform uses cookies to function properly. We're transparent about what cookies we use and why.

Essential Cookies

These cookies are necessary for our service to work. They handle authentication, security, and basic functionality. You can't opt out of essential cookies if you want to use our platform.

Analytics Cookies

We use analytics to understand how clients interact with our platform. This helps us improve usability and identify technical issues. These cookies can be disabled in your browser settings without affecting core functionality.

We don't use advertising cookies or third-party tracking for marketing purposes. Our analytics serve operational improvement, not user profiling.

Children's Privacy

Our services are designed for businesses and professional use. We don't knowingly collect information from individuals under 18 years old. If we discover we've inadvertently collected such information, we'll delete it immediately.

Changes to This Policy

Privacy practices evolve as technology and regulations change. When we update this policy, we'll notify active clients by email at least 30 days before changes take effect.

The "Last Updated" date at the top of this page shows when the current version became effective. Previous versions are available upon request if you want to review what's changed.

Material changes that affect how we use your data will require your renewed consent. You'll have the option to discontinue service if you disagree with policy changes.

Taiwan-Specific Provisions

This policy complies with Taiwan's Personal Data Protection Act. As a business operating in Taiwan, we adhere to local regulations regarding personal data collection, processing, and storage.

Taiwan residents have specific rights under local law, including the right to request information about data processing purposes and the right to claim compensation for damages resulting from PDPA violations. These rights are in addition to those described elsewhere in this policy.

For disputes related to personal data, you may file complaints with Taiwan's National Development Council or pursue resolution through Taiwan's court system.