Privacy Policy

Information We Collect

When you work with us, we collect different types of information depending on how you engage with our services. We're transparent about what we gather and why we need it.

Information You Provide Directly

• Contact details including your name, email address, phone number, and company information when you reach out for consultation
• Business information about your current financial processes, systems, and digitization goals during our assessment phase
• Financial data you share for analysis purposes, which we handle with strict confidentiality protocols
• Communication records from emails, calls, and meetings to maintain service continuity and quality
• Payment information processed through secure third-party payment processors (we don't store full card details)

Information We Collect Automatically

• Technical data like IP addresses, browser types, and device information when you visit our website
• Usage patterns including pages visited, time spent, and navigation paths to improve our digital experience
• Cookie data that helps us remember your preferences and analyze site performance

How We Use Your Information

Every piece of information we collect serves a specific purpose in delivering and improving our services. Here's what we do with your data:

Data Sharing and Disclosure

We limit data sharing to situations where it's necessary for service delivery or required by law. Here's who might access your information and under what circumstances:

Service Providers and Partners

We work with carefully vetted third-party service providers who help us deliver our services. These include cloud hosting providers, payment processors, and specialized software vendors. All these partners sign strict confidentiality agreements and can only use your data for the specific purposes we authorize.

Legal Requirements

Sometimes we're legally obligated to share information with government authorities, regulatory bodies, or in response to valid legal processes. This might include tax authorities, financial regulators, or law enforcement agencies with proper jurisdiction. We'll notify you about such requests unless legally prohibited from doing so.

Business Transitions

If FluxIsRadiix undergoes a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. You'll receive notice before your data becomes subject to a different privacy policy.

Your Rights and Control

Under Taiwan's Personal Data Protection Act, you have specific rights regarding your personal information. We've made it straightforward to exercise these rights:

• Access: Request a copy of all personal data we hold about you. We'll provide this within 30 days in an accessible format
• Correction: Update or correct inaccurate information at any time by contacting us directly
• Deletion: Request deletion of your personal data, subject to legal retention requirements for financial records
• Restriction: Limit how we process your data in certain circumstances, such as when you're disputing accuracy
• Objection: Object to processing based on legitimate interests or for direct marketing purposes
• Portability: Receive your data in a structured, commonly used format to transfer to another service provider
• Withdraw Consent: Revoke consent for processing activities at any time without affecting previous lawful processing

Data Security Measures

Protecting your information isn't just about compliance — it's fundamental to how we operate. We've implemented multiple layers of security:

Technical Safeguards

• 256-bit SSL encryption for all data transmission between your devices and our servers
• Encrypted storage for sensitive financial data using industry-standard AES-256 encryption
• Regular security audits and penetration testing by independent third-party specialists
• Automated backup systems with secure off-site storage and disaster recovery protocols
• Multi-factor authentication requirements for all team members accessing client data

Organizational Safeguards

• Strict access controls ensuring team members only access data necessary for their role
• Comprehensive confidentiality agreements for all employees and contractors
• Regular security training covering data protection, phishing awareness, and incident response
• Clear incident response procedures with designated privacy officers and escalation protocols

While we implement robust security measures, no system is completely immune to breaches. If we ever experience a security incident affecting your data, we'll notify you within 72 hours and explain what happened, what data was affected, and what steps we're taking.

Data Retention and Deletion

We don't keep your data indefinitely. Our retention practices balance your privacy rights with legal and business requirements:

After retention periods expire, we securely delete or anonymize your data. For sensitive financial information, we use DoD 5220.22-M standard wiping procedures. You can request early deletion in most cases, though we may need to retain certain records for legal compliance.

International Data Transfers

FluxIsRadiix primarily operates in Taiwan, but we sometimes use cloud services and partners located in other countries. When we transfer your data internationally, we ensure appropriate safeguards:

• Standard contractual clauses approved by Taiwan's National Development Council for transfers outside Taiwan
• Preference for partners certified under recognized international frameworks like ISO 27001
• Data processing agreements requiring equivalent protection standards regardless of location
• Regular audits of international partners to verify compliance with privacy commitments

Most of our data processing happens on servers located in Taiwan or other Asia-Pacific regions with strong data protection laws. We avoid storing sensitive financial data in jurisdictions with weak privacy protections.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to function properly and improve your experience. Here's what we use and why:

Essential Cookies

These keep our website working and secure. They remember your login status, maintain security sessions, and ensure forms work properly. You can't opt out of these because they're necessary for basic functionality.

Analytics Cookies

We use analytics tools to understand how visitors use our site — which pages are popular, where people struggle, and how we can improve. This data is aggregated and anonymized. You can opt out through your browser settings or by contacting us.

Preference Cookies

These remember your choices like language preferences or display settings. They make your experience more convenient but aren't essential — you can disable them without affecting site functionality.

You can control cookies through your browser settings. Keep in mind that blocking certain cookies might affect website functionality. Most browsers let you block third-party cookies while allowing first-party ones, which is a good balance for most users.

Children's Privacy

Our services are designed for businesses and professionals. We don't knowingly collect information from individuals under 18 years old. If we discover we've inadvertently collected such data, we'll delete it immediately. Parents or guardians who believe we may have information about a minor should contact us right away.

Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website at least 30 days before the changes take effect.

Minor updates that don't materially affect your rights — like clarifying existing practices or fixing typos — might not trigger notifications. We recommend checking this page occasionally to stay informed about how we're protecting your information.

The "Last Updated" date at the top of this policy tells you when we last made changes. If you continue using our services after updates take effect, we'll consider that as acceptance of the revised policy.