Information We Collect

When you work with us or visit our website, we collect different types of information. Some you give us directly, and some we gather automatically as you interact with our services.

Information You Provide Directly

• Contact details like your name, email address, and phone number when you reach out to us
• Company information including business name, address, and industry sector
• Project specifications and technical requirements you share during consultations
• Payment information processed through our secure payment partners
• Communication records from emails, calls, and meetings we have together

Information We Collect Automatically

Our website collects certain technical information to function properly and improve your experience:

• IP address and general location data (city and country level only)
• Browser type, device information, and operating system
• Pages you visit on our site and how long you spend on them
• Referring website that brought you to wittycogni.com
• Date and time of your visits

How We Use Your Information

We're not in the business of selling data. Everything we collect serves a specific purpose related to providing you with better service.

We don't use your information for marketing unless you specifically ask us to keep you informed about our services. Even then, you can unsubscribe anytime.

Legal Basis and Taiwan Compliance

Operating in Taiwan means we follow the Personal Data Protection Act (PDPA) and related regulations. We process your data based on:

• Contractual necessity — we need certain information to fulfill our service agreements with you
• Legitimate business interests — like improving our services and preventing fraud
• Your explicit consent — particularly for any marketing communications
• Legal obligations — when Taiwan law requires us to retain certain records

Data Sharing and Third Parties

We don't hand your information to random companies. But running a business means working with some trusted partners:

Service Providers We Work With

• Cloud hosting providers for secure data storage (servers located in Taiwan and approved international locations)
• Payment processors who handle financial transactions securely
• Email and communication platforms for project correspondence
• Blockchain infrastructure providers necessary for smart contract deployment

All these partners are contractually required to protect your data and use it only for the specific services they provide to us. We vet them carefully before sharing any information.

Your Rights and Control

Your data belongs to you. Under Taiwan's PDPA, you have several rights:

Access and Review

You can request a copy of all personal information we hold about you. We'll provide it in a readable format within 15 business days.

Correction

If any information we have is wrong or outdated, just let us know. We'll fix it promptly.

Deletion

You can ask us to delete your personal data. We'll comply unless we have a legal reason to keep it (like tax records or ongoing contracts).

Data Portability

Want to take your data elsewhere? We'll provide your information in a common, machine-readable format.

Objection to Processing

You can object to how we process your data for specific purposes. We'll stop unless we have compelling legitimate grounds to continue.

To exercise any of these rights, contact us using the details at the bottom of this page. We'll respond within 15 business days.

Data Security Measures

Security isn't just a checkbox for us. Given the sensitive nature of smart contract development, we take protection seriously:

• All data transmission uses TLS encryption (the same technology banks use)
• Our servers are protected by enterprise-grade firewalls and intrusion detection
• Access to client data is restricted to team members who actually need it for their work
• We use two-factor authentication for all internal systems
• Regular security audits and vulnerability assessments
• Encrypted backups stored in geographically separate locations

Despite our best efforts, no system is completely impenetrable. If a breach ever occurs, we'll notify affected clients within 72 hours and explain what happened and what we're doing about it.

Data Retention

We don't keep your information longer than necessary. Here's our general approach:

Active Projects

During active engagements, we retain all relevant project data to provide continuous service and support.

Completed Projects

After project completion, we keep technical documentation and communication records for three years. This helps us provide post-deployment support and address any issues that emerge.

Financial Records

Taiwan tax law requires us to maintain financial records for seven years. We keep only what's legally required.

Marketing Communications

If you've opted into marketing emails, we'll keep your contact information until you unsubscribe or ask us to delete it.

When retention periods end, we securely delete or anonymize data so it can't be traced back to you.

International Data Transfers

While we primarily operate in Taiwan, some of our service providers have servers in other countries. When we transfer data internationally, we ensure:

• The receiving country has adequate data protection laws (we check this carefully)
• Standard contractual clauses are in place that meet Taiwan's requirements
• Data is encrypted during transit and at rest in foreign locations
• You're informed about where your data is being stored or processed

Cookies and Tracking

Our website uses a minimal number of cookies. We're not tracking you across the internet or building advertising profiles.

Essential Cookies

These make the website function properly. They remember your language preference and keep you logged in if you access client resources.

Analytics Cookies

We use basic analytics to understand which pages are most useful and where visitors tend to get stuck. This data is anonymized and helps us improve the site.

You can control cookies through your browser settings. Blocking essential cookies might affect site functionality, but you're free to do so.

Children's Privacy

Our services target businesses and professionals. We don't knowingly collect information from anyone under 18. If we discover we've accidentally collected such data, we'll delete it immediately.

Changes to This Policy

Technology and laws evolve. When we update this policy, we'll change the date at the top and notify active clients by email. Significant changes will be highlighted clearly. We won't reduce your rights under this policy without your explicit consent.

Complaints and Concerns

If you're unhappy with how we've handled your personal data, please tell us first. We'll investigate and respond within 30 days. If you're not satisfied with our response, you have the right to file a complaint with Taiwan's Ministry of Justice Investigation Bureau, which oversees PDPA compliance.