Privacy Policy

Who We Are and What This Covers

SuperNexora operates from Taiwan and provides automated expense management services to businesses across the region. This policy applies to anyone who visits our website, signs up for our services, or interacts with our platform.

When we say "personal data," we mean information that identifies you or could reasonably be linked back to you. That includes obvious things like your name and email, but also usage patterns that might reveal your identity over time.

Information We Collect

What You Give Us Directly

Some information you provide when you use our service:

• Account details like your name, business email, phone number, and company information
• Payment information when you subscribe to our platform
• Expense data you upload or connect through integrations
• Messages you send through our support channels
• Preferences you set within your account dashboard

What We Collect Automatically

Our systems gather certain technical information when you use SuperNexora:

• Device details including browser type, operating system, and IP address
• Usage patterns showing which features you access and how often
• Performance data that helps us identify technical issues
• Login timestamps and session duration

How We Use Your Information

Everything we collect serves a purpose. Here's what we actually do with your data:

We occasionally send service updates about platform changes, security notices, or features relevant to your usage. You can adjust communication preferences in your account settings.

Legal Basis for Processing Under Taiwan Law

Taiwan's Personal Data Protection Act requires us to have valid grounds for processing your information. Here's our legal basis:

• Contract performance — we need your data to deliver the service you signed up for
• Legal obligations — certain data retention and reporting requirements apply to financial software providers
• Legitimate business interests — improving security, preventing fraud, and optimizing platform performance
• Your consent — where we've asked specifically and you've agreed

When we rely on consent, you can withdraw it anytime. That won't affect processing that already happened, but we'll stop going forward.

Data Sharing and Third Parties

We don't sell your information. Period. But running a modern software platform means working with specialized service providers:

Service Providers We Work With

• Cloud hosting providers that store platform data securely
• Payment processors that handle subscription billing
• Email service providers for account notifications and support communications
• Analytics tools that help us understand how people use the platform
• Security services that monitor for threats and vulnerabilities

Every third party signs agreements limiting how they can use your data. They're only allowed to process information for the specific services they provide to us.

When We Might Share Data

Beyond routine service operations, we share information in limited situations:

• With your explicit permission for specific integrations you enable
• When legally required by Taiwan authorities with proper documentation
• To protect rights and safety if we believe there's genuine risk
• During business transitions like mergers, though your rights continue under the new owner

Data Storage and International Transfers

Your data primarily stays on servers located in Taiwan and neighboring regions. Some service providers operate facilities outside Taiwan, which means your information might be transferred internationally.

When transfers happen, we use standard contractual protections and work only with providers meeting adequate security standards. Taiwan law requires appropriate safeguards for international data flows, and we follow those requirements.

Your Rights and How to Exercise Them

Taiwan's privacy laws give you meaningful control over your personal information. Here's what you can do:

Access Your Data

You can request a copy of the personal information we hold about you. We'll provide it in a readable format within 30 days. There's no charge for reasonable requests, though we might ask for ID verification first.

Correct Inaccurate Information

Found something wrong? Let us know and we'll update it. Most account information you can change directly in your dashboard settings.

Request Deletion

You can ask us to delete your personal data. We'll comply unless we have a legitimate reason to retain it — like completing transactions you started, meeting legal obligations, or resolving disputes.

Object to Processing

If you believe we're processing your data inappropriately, you can object. We'll review the situation and respond with our reasoning.

Data Portability

Want to move your data elsewhere? Request an export in machine-readable format. We support common file types that work with other expense management platforms.

Withdraw Consent

For processing based on consent, you can change your mind. This doesn't affect past processing but stops future use for that purpose.

To exercise these rights, email us at info@super-nexora.com with your request. We'll respond within 15 business days, usually sooner.

Security Measures

Protecting financial data isn't optional. Here's what we do:

• Industry-standard encryption for data transmission and storage
• Regular security audits and vulnerability assessments
• Access controls limiting who can view sensitive information
• Monitoring systems that detect unusual activity patterns
• Secure backup procedures with encrypted storage
• Employee training on data protection and security protocols

No system is completely invulnerable. If a breach occurs despite our protections, we'll notify affected users and relevant authorities as required by Taiwan law. You'll hear from us directly, not through news reports.

Data Retention

We keep information as long as you maintain an active account. After you close your account, we retain certain data for limited periods:

• Transaction records — 7 years for tax and financial compliance purposes
• Account information — 90 days after closure to handle any final inquiries
• Support communications — 3 years for service quality and dispute resolution
• Aggregated analytics — indefinitely, but fully anonymized so it can't identify individuals

Once retention periods expire, we securely delete information using methods that prevent recovery. For extremely sensitive data, we use specialized deletion procedures that meet financial industry standards.

Cookies and Tracking

Our website uses cookies — small files stored on your device that help the platform function properly and remember your preferences.

Essential Cookies

These make the platform work. They handle authentication, maintain your session, and remember critical settings. You can't fully disable these without breaking core functionality.

Analytics Cookies

These help us understand how people use SuperNexora so we can improve navigation and fix confusing interfaces. The data is aggregated and doesn't identify specific individuals.

Preference Cookies

These remember your choices about language, display options, and dashboard layout.

Most browsers let you control cookies through settings. Blocking certain types might limit platform features, but basic expense management will still work.

Children's Privacy

SuperNexora provides business software. We don't knowingly collect information from anyone under 18, and our services aren't designed for minors. If we discover we've inadvertently gathered data from someone underage, we'll delete it promptly.

Changes to This Policy

Business needs and legal requirements evolve. When we update this policy, we'll post the new version with a revised date at the top. Significant changes get announced through email or prominent notice in your dashboard.

Continuing to use SuperNexora after changes take effect means you accept the updated terms. If you disagree with modifications, close your account before they become binding.