Privacy Policy

Information We Collect

When you use NextaHyper's services, we collect different types of information depending on how you interact with our platform. Here's what we gather and why it matters for your invoice automation.

Business Information You Provide

You give us this information directly when setting up your account and using our services:

• Company details including business registration number and tax identification
• Contact information for authorized users and billing administrators
• Invoice data including vendor details, amounts, and payment terms
• Banking information necessary for processing payments
• Communication records when you contact our support team

Technical Information We Automatically Collect

Our systems log certain information to keep the service running smoothly and securely:

• IP addresses and device identifiers for security monitoring
• Browser type and operating system specifications
• Access times and usage patterns within the platform
• Error logs and performance data for system improvements

How We Use Your Information

We use your data to provide and improve our invoice automation services. Each use serves a specific business purpose, and we're transparent about what those purposes are.

Data Type	Primary Purpose	Legal Basis
Invoice Data	Processing automation, payment routing, reporting generation	Contract performance
Account Information	Service delivery, user authentication, billing operations	Contract performance
Technical Logs	Security monitoring, performance optimization, troubleshooting	Legitimate interest
Communication Records	Customer support, service improvements, dispute resolution	Legitimate interest
Banking Details	Payment processing, financial reconciliation, audit compliance	Contract performance & legal obligation

Data Storage and Security

Your data is stored on secure servers located in Taiwan, with encrypted backups maintained in accordance with Taiwan banking regulations and data protection standards.

Security Measures We Implement

• End-to-end encryption for all data transmission using TLS 1.3 protocol
• Regular security audits conducted quarterly by independent third parties
• Multi-factor authentication required for all user accounts
• Role-based access controls limiting data visibility to authorized personnel
• Automated monitoring systems detecting unusual access patterns
• Regular backup procedures with secure off-site storage

Despite our security efforts, no system is completely impenetrable. If we detect a data breach that affects your information, we'll notify you within 72 hours as required by Taiwan's Personal Data Protection Act.

Data Sharing and Disclosure

We share your data only when necessary to provide our services or when required by law. Here's the complete picture of when and how your information might be shared.

Service Providers We Work With

We partner with specific third-party services to deliver our invoice automation platform:

• Cloud infrastructure providers for secure data hosting and processing
• Payment processors for banking integration and transaction handling
• Email service providers for system notifications and support communications
• Analytics tools for performance monitoring and service improvement

Each service provider is bound by confidentiality agreements and can only access the minimum data necessary to perform their specific function.

Legal Requirements

We may disclose your information if required by Taiwan law or regulatory authorities, including:

• Tax audits conducted by Taiwan National Taxation Bureau
• Court orders or legal proceedings requiring disclosure
• Financial regulatory investigations or compliance reviews
• Law enforcement requests with proper legal documentation

Your Rights and Control

Taiwan's Personal Data Protection Act gives you specific rights regarding your data. We respect these rights and make it straightforward to exercise them.

What You Can Do

• Access your data by requesting a complete export of information we hold about your account
• Correct inaccurate information through your account dashboard or by contacting support
• Delete your data after contract termination, subject to legal retention requirements
• Object to certain processing activities by contacting our data protection officer
• Request data portability to transfer your invoice records to another provider
• Withdraw consent for optional processing activities at any time

Data Retention

We keep your data for as long as necessary to provide services and meet legal requirements. Different data types have different retention periods based on business and regulatory needs.

Standard Retention Periods

• Active account data: Retained throughout your service subscription
• Invoice records: Seven years from processing date (Taiwan tax law requirement)
• Financial transaction data: Seven years from transaction date
• Support communications: Three years from last interaction
• Technical logs: 90 days unless needed for security investigation
• Marketing communications: Until you unsubscribe or request deletion

After these retention periods expire, we securely delete or anonymize your data so it can no longer identify your business.

International Data Transfers

While your data is primarily stored and processed in Taiwan, some service providers operate internationally. When we transfer data outside Taiwan, we ensure appropriate safeguards are in place.

For transfers to countries without adequate data protection laws, we use standard contractual clauses approved by Taiwan authorities. You can request copies of these agreements by contacting our data protection officer.

Changes to This Policy

We update this privacy policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you via email at least 30 days before the new terms take effect.

Minor updates that don't affect how we handle your data may be posted directly to this page. We recommend reviewing this policy periodically to stay informed about how we protect your information.