At Thinkultraflow, your privacy matters to us. We're not going to pretend this is the most exciting read you'll have today, but we've tried to make it straightforward. This policy explains what information we collect when you use our mobile applications with AI features, why we need it, and what we do with it. If you have questions after reading this, reach out to us directly.
What Information We Collect
Look, we only collect what we actually need to make our AI-powered apps work properly. Here's the breakdown:
Account Information
When you sign up, we need your email address and the username you choose. Pretty standard stuff. We might also store profile photos if you add one.
Usage Data
We track how you interact with our apps. Which features you use, how often you open the app, what AI functions you engage with. This helps us understand what's working and what isn't.
Device Information
Your device type, operating system version, unique device identifiers, and IP address. Technical necessities for making sure everything runs smoothly on your specific device.
AI Interaction Data
The prompts you enter, the responses generated, and your feedback on AI outputs. This data helps train and improve our AI models over time.
Location Data
Only if you give us permission. Some features work better with location context, but you can always say no. We respect that.
Communications
When you contact our support team or send us feedback, we keep those records. Helps us provide better assistance and remember context from previous conversations.
Why We Need This Information
We're not collecting data just for fun. Each piece serves a specific purpose:
- To actually make the apps function properly and deliver the AI features you signed up for
- To personalize your experience based on how you use our services
- To improve our AI models and make them more accurate and useful over time
- To fix bugs, diagnose technical problems, and keep everything running smoothly
- To send you important updates about service changes or security issues
- To prevent fraud, abuse, and unauthorized access to our systems
- To comply with legal requirements in Taiwan and international jurisdictions where we operate
If we ever want to use your data for something new, we'll ask for your permission first. No surprises.
How We Share Your Data
We don't sell your personal information. Period. But we do share data in specific situations:
Service Providers
We work with third-party companies that help us run our business. Cloud hosting providers, analytics services, customer support platforms. They only get access to the data they need to do their job, and they're contractually obligated to keep it secure.
AI Model Training Partners
Some of our AI capabilities involve partnerships with specialized machine learning companies. When we share data with them for model improvement, it's anonymized and stripped of personally identifiable information.
Legal Requirements
If we're legally required to disclose information by Taiwan authorities or through valid international legal processes, we will. We'll notify you when possible unless prohibited by law.
Business Transfers
If Thinkultraflow gets acquired or merges with another company, your data would transfer as part of that transaction. You'd be notified, and the new owners would be bound by this privacy policy.
Your Rights and Control
You have real control over your data. Here's what you can do:
Access Your Data
Request a copy of all personal information we hold about you. We'll send it in a readable format within 30 days.
Correct Inaccuracies
Found something wrong in your profile or data? Let us know and we'll fix it promptly.
Delete Your Account
Want to leave? You can delete your account and associated data through the app settings or by contacting us directly.
Opt Out of Communications
Unsubscribe from marketing emails anytime. You'll still receive essential service notifications.
Restrict Processing
Limit how we use certain types of your data while still maintaining your account.
Data Portability
Take your data with you. Request a machine-readable export of your information.
To exercise any of these rights, send us an email at [email protected] with your request. We'll verify your identity and process it within the timeframes required by Taiwan's Personal Data Protection Act.
How We Protect Your Information
Security isn't something we take lightly. Here's how we keep your data safe:
Encryption
All data transmitted between your device and our servers uses industry-standard TLS encryption. Data at rest is encrypted using AES-256.
Access Controls
Only authorized employees who need access to perform their jobs can view user data. Everyone signs confidentiality agreements.
Regular Audits
We conduct quarterly security assessments and penetration testing to identify and fix vulnerabilities.
Secure Infrastructure
Our servers are hosted in SOC 2 certified data centers with physical security measures and redundant systems.
Incident Response
We have a documented plan for responding to data breaches, including user notification within 72 hours if your information is compromised.
Employee Training
Our team receives ongoing training about data protection practices and recognizing security threats.
Despite our best efforts, no system is completely bulletproof. If a security incident occurs, we'll let you know quickly and explain what happened and what we're doing about it.
Data Retention
We don't keep your information longer than necessary. Here's our general approach:
Active Account Data
Retained while your account is active and for 90 days after you delete your account, in case you change your mind.
Usage Analytics
Aggregated and anonymized usage patterns are kept for up to 2 years to help with long-term product development.
Support Communications
Customer service records are maintained for 3 years to reference previous issues and maintain service quality.
Financial Records
Payment and transaction data is retained for 7 years to comply with Taiwan tax and accounting regulations.
Legal Hold Data
If information is subject to legal proceedings, we retain it until the matter is fully resolved.
Taiwan-Specific Privacy Provisions
As a company operating in Taiwan, we comply with the Personal Data Protection Act (PDPA). Here's what that means for you:
You have the right to request that we stop collecting, processing, or using your personal data at any time. We'll honor this request within 15 business days unless we have a legal obligation to continue processing.
If we transfer your data outside of Taiwan, we ensure the receiving country has adequate data protection standards or we implement contractual safeguards equivalent to Taiwan's requirements.
You can file a complaint with Taiwan's National Development Council if you believe we've mishandled your personal information. We'd prefer you contact us first so we can resolve any issues directly.
Under Taiwan law, certain types of sensitive personal data require explicit consent. We'll always ask before collecting information about your health, biometric data, medical records, genetic information, sexual life, or any data that could lead to discrimination.
International Data Transfers
Our primary servers are located in Taiwan, but we use cloud services that may store backup copies in other locations. When your data crosses borders, we ensure it's protected through:
- Standard contractual clauses approved by relevant data protection authorities
- Verification that recipient countries have adequate privacy protections
- Additional encryption and security measures during transfer
- Regular compliance audits of our international service providers
If you're accessing our services from outside Taiwan, you acknowledge that your data may be processed in Taiwan under Taiwan privacy laws.
Children's Privacy
Our services aren't designed for children under 16. We don't knowingly collect personal information from anyone under 16 years old. If we discover we've accidentally collected such information, we'll delete it immediately.
If you're a parent and believe your child has provided us with personal information, contact us right away. We take this seriously and will respond quickly.
Changes to This Policy
We'll update this privacy policy occasionally as our practices evolve or laws change. When we make significant changes, we'll notify you through the app or via email at least 30 days before the changes take effect.
Continued use of our services after changes become effective means you accept the updated policy. If you don't agree with the changes, you can delete your account before they take effect.
We maintain an archive of previous policy versions. If you want to review how our practices have changed over time, just ask.
Cookies and Tracking Technologies
Our mobile apps use technologies similar to cookies to remember your preferences and improve functionality. Here's what we use:
- Local storage to keep you logged in and remember your settings
- Analytics SDKs to understand how features are being used
- Crash reporting tools to identify and fix problems quickly
- Performance monitoring to optimize app speed and responsiveness
You can control some of these through your device settings, though disabling certain technologies may limit app functionality. We don't use cross-app tracking or share your activity with advertising networks.
Questions About Your Privacy?
We're here to help. Reach out to our privacy team:
Email: [email protected]
Phone: +886 5537 1209
Mail: No. 114, Zhongyi Rd, Taoyuan District, Taoyuan City, Taiwan 330
We typically respond to privacy inquiries within 2 business days.