Privacy Policy

Last Updated: January 18, 2025

At SparkEnergize, we handle payment data every single day. That means we take your privacy seriously—not just because regulations require it, but because trust is the foundation of what we do. This policy explains how we collect, use, and protect your information when you work with our payment processing automation services in Taiwan.

Information We Collect

Running a payment processing system means we interact with different types of data. Here's what we actually collect and why we need it:

Business Information

When you sign up for our services, we collect basic business details—company name, tax ID, business address, and contact information. This helps us verify your business legitimacy and comply with Taiwan's financial regulations. Pretty standard stuff, but it matters.

Technical and Transaction Data

Our systems process transaction records, payment amounts, timestamps, and merchant IDs. We also collect technical data like IP addresses, browser types, and device information. This isn't about being nosy—it's how we detect fraud patterns and keep your payment systems running smoothly.

User Account Data

If you create an account on our platform, we store your login credentials (encrypted, obviously), user preferences, and activity logs. We track when you log in, what features you use, and how you configure your payment workflows. This helps us improve the system and provide better support when something goes wrong.

How We Use Your Information

We're not in the business of selling data or building advertising profiles. Here's what we actually do with the information we collect:

Service Delivery and Operations

We use your data to process payments, automate workflows, generate transaction reports, and maintain system security. That's our core function—making sure money moves where it's supposed to go, when it's supposed to go there.

Fraud detection and risk assessment through pattern analysis
System performance monitoring and technical troubleshooting
Customer support and issue resolution
Compliance reporting required by Taiwan financial authorities
Service improvement based on usage patterns and feedback
Account management and billing operations

We occasionally send service-related notifications—system updates, security alerts, important changes to our terms. These aren't marketing emails. If your payment system goes down at 2 AM, you'll want to know about it.

Legal Basis for Processing (Taiwan Context)

Under Taiwan's Personal Data Protection Act, we process your information based on several legal grounds:

Legal Basis	What This Means
Contractual Necessity	We need your data to provide the payment processing services you signed up for
Legal Obligation	Taiwan's Banking Act and Anti-Money Laundering regulations require us to maintain certain records
Legitimate Interest	Fraud prevention and system security benefit both you and us
Consent	For optional features like analytics dashboards, we ask for your explicit permission

Data Sharing and Disclosure

We don't hand your data to random third parties. But payment processing requires working with specific partners:

Banking Partners and Financial Institutions

To move money, we work with banks in Taiwan. We share transaction data with these institutions as needed to complete payments. They're bound by their own strict financial regulations.

Service Providers

We use cloud hosting services, security monitoring tools, and customer support platforms. These vendors access limited data only as needed to perform specific functions. All service providers sign data processing agreements and must comply with Taiwan's privacy standards.

Regulatory and Legal Requirements

If Taiwan's Financial Supervisory Commission, tax authorities, or law enforcement request data through proper legal channels, we comply. We also disclose information when necessary to prevent fraud or protect system security.

We don't sell your data. We don't use it for advertising. And we don't share it with anyone unless there's a legitimate operational or legal reason.

Data Security Measures

Payment data is sensitive, so we've built multiple layers of protection:

Technical Safeguards

All data transmissions use TLS 1.3 encryption. Payment information is encrypted at rest using AES-256. Our systems undergo regular penetration testing and security audits. We maintain separate production and development environments to prevent accidental data exposure.

Multi-factor authentication for all administrative access
Automated intrusion detection and response systems
Regular security patches and system updates
Role-based access controls limiting who can view what data
Continuous monitoring for suspicious activity patterns
Encrypted database backups stored in geographically separate locations

But let's be honest—no system is completely invulnerable. If we experience a data breach affecting your information, we'll notify you within 72 hours and explain what happened, what data was affected, and what steps we're taking to address it.

Your Rights Under Taiwan Law

Taiwan's Personal Data Protection Act gives you specific rights regarding your information. Here's what you can actually do:

Access and Portability

You can request a copy of all personal data we hold about you. We'll provide it in a structured, machine-readable format within 15 business days. There's no charge for the first request each year; subsequent requests may incur a reasonable administrative fee.

Correction and Updates

If your business information changes or you spot an error in our records, you can update it directly through your account dashboard or contact our support team. We'll make corrections within 5 business days.

Deletion Rights

You can request deletion of your data, with some limitations. We must retain certain transaction records for 5 years to comply with Taiwan's tax and financial regulations. But we can delete marketing preferences, optional account data, and information no longer needed for legal compliance.

Processing Restrictions

You can ask us to temporarily suspend processing your data if you're disputing its accuracy or questioning the legal basis for processing. This doesn't affect payment processing necessary for active transactions—we can't just stop mid-payment—but applies to secondary uses like analytics.

Objection Rights

You can object to processing based on legitimate interests. For example, if we're using your data for service improvements, you can opt out. We'll stop unless we can demonstrate compelling legitimate grounds that override your interests.

Data Retention Periods

We keep different types of data for different lengths of time based on legal requirements and operational needs:

Data Type	Retention Period	Reason
Transaction Records	5 years	Required by Taiwan's Tax Collection Act and Anti-Money Laundering regulations
Account Information	Duration of service + 2 years	Contract fulfillment and dispute resolution
Support Tickets	3 years	Service quality tracking and issue resolution
System Logs	90 days	Security monitoring and troubleshooting
Marketing Preferences	Until withdrawn	Communication management

When retention periods expire, we securely delete data through multi-pass overwriting. Backup copies are removed during the next scheduled backup rotation.

International Data Transfers

We primarily store data on servers located in Taiwan. However, some service providers operate infrastructure in other countries. When we transfer data internationally, we ensure adequate protection through:

Standard contractual clauses approved by Taiwan authorities
Verification that recipient countries provide adequate data protection
Additional security measures like encryption during transit
Regular audits of international service providers' security practices

You can request specific information about where your data is stored and which countries have access by contacting our privacy team.

Cookies and Tracking

Our platform uses cookies for essential functions. Here's the breakdown:

Essential Cookies

These keep you logged in, remember your session, and enable core payment processing functions. You can't opt out of these without breaking the service.

Analytics Cookies

We use analytics to understand how people use our platform—which features are popular, where people get stuck, what causes errors. This is optional. You can disable analytics cookies in your account settings.

We don't use advertising cookies or third-party tracking for marketing purposes. No hidden trackers, no pixel surveillance, no behavioral profiling for ads.

Children's Privacy

Our services are designed for businesses, not children. We don't knowingly collect information from anyone under 18. If we discover we've accidentally collected data from a minor, we'll delete it immediately.

Changes to This Policy

We update this policy occasionally as our services evolve or regulations change. When we make significant changes, we'll notify you via email and post a notice on our platform at least 30 days before the changes take effect.

You can always find the current version at spark-energize.com/privacy-policy with the last update date clearly displayed. If you don't agree with changes, you can close your account before they take effect.

Questions or Concerns?

If you have questions about how we handle your data, want to exercise your rights, or need to report a privacy issue, reach out to us:

Email: support@spark-energize.com

Phone: +886 6268 6883

Address: No. 75, Wenzhou St, Da'an District, Taipei City, Taiwan 106020

We aim to respond to all privacy inquiries within 5 business days. For complex requests, we'll acknowledge receipt immediately and provide a full response within 30 days.