Privacy Policy

We believe in complete transparency about how we handle your information

Last Updated: January 15, 2025

Quick Navigation

Introduction

At CloudXStreamWise, we take your privacy seriously. This policy explains exactly what information we collect, why we need it, and how we protect it. We've written this in plain English because we believe you shouldn't need a law degree to understand how your data is handled.

When you work with us on security testing and vulnerability assessments, you're trusting us with sensitive information. We don't take that trust lightly. This policy covers all our services, our website, and any communications you have with our team.

Important Note for Taiwan Users

Our services comply with Taiwan's Personal Data Protection Act and international privacy standards. We maintain specific protections for users in Taiwan, including data localization options and enhanced consent mechanisms.

Information We Collect

Information You Give Us Directly

When you contact us or request our services, we collect basic business information. This includes your name, company details, email address, and phone number. We also gather information about your security testing needs and technical environment.

During security assessments, we may need access to system logs, network configurations, and other technical data. We only collect what's necessary to complete your security evaluation effectively.

Contact Information Company Details Technical Requirements System Access Logs Communication Records Service Preferences

Information We Collect Automatically

Our website collects standard web analytics data to help us improve your experience. This includes your IP address, browser type, pages visited, and how long you spend on our site. We use this to understand which content is most helpful and identify technical issues.

We don't use invasive tracking or create detailed behavioral profiles. Our focus is on improving our services, not building advertising profiles.

How We Use Your Information

Service Delivery

We use your information primarily to deliver the security testing services you've requested. This includes conducting vulnerability assessments, generating reports, and providing ongoing support.

Communication

We'll contact you about project updates, security findings, and service improvements. We may also send relevant industry insights, but you can opt out of these communications anytime.

Legal Compliance

Sometimes we're required to retain certain information for legal or regulatory purposes. We only keep what's necessary and delete it as soon as legally permissible.

Service Improvement

We analyze service data to improve our testing methodologies and develop better security solutions. This analysis uses aggregated, anonymized data whenever possible.

When We Share Your Information

We generally don't share your information with third parties. However, there are specific situations where sharing may be necessary:

  • Service Providers: We work with trusted technology partners who help us deliver our services. These partners are bound by strict confidentiality agreements and can only use your data for the specific services they provide to us.
  • Legal Requirements: If required by law, court order, or government regulation, we may need to disclose certain information. We'll always notify you when legally permitted to do so.
  • Business Transfers: In the unlikely event of a merger or acquisition, your information would be transferred as part of the business assets. Any new owner would be bound by this same privacy policy.
  • With Your Consent: We may share information for purposes not covered here, but only with your explicit consent and clear explanation of why it's necessary.

Your Privacy Rights

Access Your Data

You can request a copy of all information we have about you. We'll provide this in a readable format within 30 days of your request.

Correct Information

If any of your information is incorrect or outdated, you can ask us to update it. We'll make corrections promptly and notify any relevant third parties.

Delete Your Data

You can request deletion of your personal information, subject to legal retention requirements. We'll delete everything we legally can within 30 days.

Data Portability

You can request your data in a machine-readable format to transfer to another service provider. We'll provide this at no charge.

Limit Processing

You can ask us to stop using your information for specific purposes while still maintaining your account and service relationship with us.

Object to Processing

You can object to certain uses of your information, particularly for marketing purposes. We'll stop immediately unless we have compelling legal grounds to continue.

To exercise any of these rights, simply email us at help@cloudx-streamwise.com with your request. We'll need to verify your identity first, but we'll respond within 30 days. There's no charge for most requests, though we may charge a reasonable fee for excessive or repetitive requests.

How We Protect Your Information

Security isn't just our business—it's how we protect your trust. We use enterprise-grade security measures to protect your information both in transit and at rest.

Technical Safeguards

  • All data transmissions use TLS 1.3 encryption
  • Data at rest is encrypted using AES-256 encryption
  • Access controls limit who can view your information
  • Regular security audits and penetration testing
  • Secure backup systems with encryption

Operational Security

Our team receives regular security training and follows strict data handling procedures. We use multi-factor authentication, regular access reviews, and detailed audit logs. Physical access to our systems is strictly controlled and monitored.

We maintain incident response procedures and will notify you immediately if any security breach affects your information.

Data Retention

We keep your information only as long as necessary to provide services and meet legal obligations. Here's our general retention schedule:

  • Active Client Data: Maintained throughout our business relationship and for two years after service completion for warranty and support purposes.
  • Security Assessment Data: Technical findings and reports are kept for three years to track security improvements and provide ongoing consultation.
  • Communication Records: Email and phone records are kept for two years for quality assurance and dispute resolution.
  • Website Analytics: Anonymous usage data is kept for 26 months to analyze long-term trends and improve user experience.
  • Legal Hold Data: Any information subject to legal proceedings is retained until the matter is fully resolved.

International Data Transfers

Our primary data processing occurs within Taiwan, but some of our technology partners operate internationally. When we transfer your information outside Taiwan, we ensure it receives the same level of protection through:

  • Adequacy decisions recognizing equivalent privacy protections
  • Standard contractual clauses approved by regulatory authorities
  • Binding corporate rules for multinational service providers
  • Your explicit consent for specific transfer purposes

Policy Updates

We review and update this policy regularly to reflect changes in our services, legal requirements, and industry best practices. When we make significant changes, we'll notify you via email and post the updated policy on our website.

Minor updates like contact information changes or clarifications won't trigger notifications, but we'll always update the "Last Updated" date at the top of this policy.

Questions About Privacy?

We're here to help with any questions or concerns about your privacy. Our team is committed to transparency and will work with you to address any issues promptly.

Email: help@cloudx-streamwise.com
Phone: +886224685188
Address: No. 11號, Zhongshan Rd, Tamsui District, New Taipei City, Taiwan 251

For privacy-specific inquiries, please use "Privacy Inquiry" in your subject line. We'll respond within 48 hours during business days.