Privacy Policy
Your privacy matters to us. We're committed to protecting your personal data and being transparent about how we collect, use, and safeguard your information when you use NexApiStreamOn's security and firewall management solutions.
Information We Collect
When you use our security and firewall management platform, we collect different types of information to provide you with better service. This isn't about gathering unnecessary data – it's about understanding what you need to keep your systems secure.
- Account Information: Name, email address, company details, and contact information you provide during registration
- Technical Data: IP addresses, device information, browser type, operating system, and network configuration details
- Usage Information: How you interact with our platform, features you use most, and security events you monitor
- Security Logs: Firewall events, threat detection data, and security incident reports necessary for our services
- Communication Records: Support tickets, feedback, and any correspondence with our team
We only collect data that's essential for providing security services or improving your experience. We don't gather information just because we can.
How We Use Your Information
Every piece of data we collect serves a specific purpose in delivering robust security management. Here's exactly what we do with your information:
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Account Details | Service delivery, authentication, billing | Contract fulfillment |
| Security Logs | Threat detection, incident response | Legitimate business interest |
| Usage Analytics | Platform improvement, feature development | Legitimate business interest |
| Communication Data | Customer support, service notifications | Contract fulfillment |
We also use your information to send important security alerts, platform updates, and respond to support requests. You won't receive marketing emails unless you specifically opt in.
Data Protection and Security Measures
Since we're in the security business, we take protecting your data very seriously. Our approach goes beyond standard industry practices:
- End-to-end encryption for all data transmission and storage
- Multi-factor authentication required for all administrative access
- Regular security audits and penetration testing by third-party experts
- Isolated data environments with role-based access controls
- Automated threat monitoring and incident response protocols
- Secure backup systems with geographic redundancy
Our Taiwan-based servers comply with local data protection regulations and international security standards. We maintain ISO 27001 certification and undergo quarterly compliance reviews.
Data Sharing and Third Parties
We don't sell your personal information. Period. However, we do share certain data with trusted partners when necessary for service delivery:
- Cloud Infrastructure Providers: For secure hosting and data storage (AWS, Google Cloud)
- Security Intelligence Partners: For threat data and vulnerability information sharing
- Analytics Services: For platform performance monitoring (anonymized data only)
- Legal Requirements: When required by Taiwan law enforcement or regulatory bodies
All third-party partners sign strict data processing agreements and must meet our security standards. We regularly audit their compliance.
In case of business restructuring, merger, or acquisition, we'll notify you at least 30 days in advance about any changes to data handling practices.
Your Rights and Control Options
You have significant control over your personal data. Under Taiwan's Personal Data Protection Act and our commitment to privacy, you can:
- Access Your Data: Request a complete copy of information we hold about you
- Correct Inaccuracies: Update or fix any incorrect personal information
- Delete Your Account: Request complete removal of your data from our systems
- Limit Processing: Restrict how we use certain types of your information
- Data Portability: Export your data in a machine-readable format
- Object to Processing: Opt out of specific data uses like analytics
To exercise these rights, contact our privacy team at contact@nexapistreamon.app. We'll respond within 15 business days and complete most requests within 30 days. Some security-related data may need to be retained for incident investigation purposes.
Data Retention and Deletion
We keep your data only as long as necessary for providing services and meeting legal obligations. Our retention schedule varies by data type:
| Data Category | Retention Period | Deletion Process |
|---|---|---|
| Account Information | Until account closure + 90 days | Automatic deletion |
| Security Logs | 2 years for compliance | Secure overwrite |
| Support Communications | 3 years for service improvement | Archive then delete |
| Usage Analytics | Anonymized after 1 year | Personal identifiers removed |
When data reaches its retention limit, we use secure deletion methods including cryptographic erasure and physical destruction of storage media when necessary.
International Data Transfers
While our primary operations are in Taiwan, some data may be processed in other countries where our security partners operate. We ensure adequate protection through:
- Standard contractual clauses approved by Taiwan authorities
- Adequacy decisions recognizing equivalent protection levels
- Additional safeguards like encryption and access controls
- Regular compliance monitoring of international partners
Any data transfer outside Taiwan is documented and subject to the same security standards we maintain domestically.
Cookies and Tracking Technologies
Our platform uses cookies and similar technologies to enhance security and user experience. We're transparent about what we track and why:
- Essential Cookies: Required for authentication and core platform functionality
- Security Cookies: Help detect suspicious activity and prevent unauthorized access
- Performance Cookies: Monitor system performance and identify optimization opportunities
- Preference Cookies: Remember your dashboard settings and display preferences
You can control cookie preferences through your browser settings, though disabling essential cookies may limit platform functionality. We don't use advertising or social media tracking cookies.
Changes to This Privacy Policy
We review and update this privacy policy annually or when significant changes occur to our data practices. When we make important changes, we'll notify you through:
- Email notification to your registered address
- Prominent notice on our platform dashboard
- Updated effective date at the bottom of this policy
Continued use of our services after policy changes indicates acceptance of the updated terms. If you disagree with changes, you can close your account before they take effect.
Questions About Your Privacy?
Our privacy team is here to help with any questions or concerns about how we handle your personal data.
This Privacy Policy is effective as of January 15, 2025, and was last updated on January 15, 2025.