Privacy Policy
Last updated: April 1, 2026
ENSCON Co., Ltd. (hereinafter referred to as "the Company," "we," or "us") values your privacy. This policy explains how we collect, process, use, and protect your personal data, and applies to all services provided by the Company, including the enscon.co website and related sub-services.
1. Applicable Regulations
This policy is formulated in accordance with the following regulations:
- Taiwan's Personal Data Protection Act (PDPA) and its enforcement rules
- EU General Data Protection Regulation (GDPR) — applicable to users in the European Union
2. Types of Data Collected
2.1 Data You Actively Provide
- Account information: Email address, password (stored encrypted), company name
- Website creation data: Company information, service descriptions, contact details, etc. provided through voice interviews or the Demo process
- Payment information: Handled by our third-party payment processor (Recur); we do not directly store credit card numbers
- Contact forms: Name, email, phone number, message content
2.2 Data Collected Automatically
- Usage records: Pages visited, feature usage frequency, login times
- Device information: Browser type, operating system, screen resolution
- Cookies and similar technologies: See the Cookie Policy section below
3. Purposes of Data Use
The data we collect is used solely for the following purposes:
- Service delivery: Building and managing your website, account authentication, content management
- Service improvement: Analyzing usage behavior to optimize product experience
- Notifications: Sending website completion notices, subscription expiration reminders, and important system announcements
- Customer support: Responding to your inquiries and technical support requests
- Legal obligations: Compliance with tax and regulatory requirements
We will NOT:
- Sell your personal data to third parties
- Use it for marketing purposes without your consent
- Use your data beyond the purposes stated above
4. Data Sharing and Third-Party Services
We may share data with the following third parties, strictly limited to what is necessary for service delivery:
- Recur (payment processing): Handling subscription payments
- Render / Railway (cloud hosting): Website deployment and operation
- Cloudflare (CDN / DNS): Website acceleration and domain management
- Google Analytics (web analytics): Anonymized usage statistics
- Anthropic Claude (AI services): Website content generation (no personally identifiable information is transmitted)
5. Cookie Policy
This website uses the following types of cookies:
- Essential cookies: Login status, security verification (cannot be disabled)
- Analytics cookies: Google Analytics — to understand website usage (can be disabled via browser settings)
We do not use advertising tracking cookies.
6. Data Protection Measures
- Passwords are stored using SHA-256 encryption with random salt
- All data transmissions are encrypted via HTTPS/TLS
- Servers are located in protected cloud environments (Render / Railway)
- Regular backups to prevent data loss
- Only authorized personnel may access personal data
7. Your Rights
Under the PDPA and GDPR, you have the following rights:
- Right of access: You may request to view the personal data we hold about you
- Right of rectification: You may request correction of inaccurate data
- Right of erasure: You may request deletion of your account and related data
- Right to restrict processing: You may request limitations on how your data is processed
- Right to data portability: You may request to export your data in a machine-readable format
- Right to withdraw consent: You may withdraw your consent to data processing at any time
To exercise any of the above rights, please contact us using the information provided below.
8. Data Retention Period
- Account data: Retained until you delete your account
- Website content: During the active subscription period and 90 days after expiration
- Transaction records: Retained for 5 years as required by tax law
- System logs: Automatically deleted after 180 days
9. Protection of Minors
This service is not intended for minors under 16 years of age. If we discover that we have inadvertently collected data from a minor, it will be deleted immediately.
10. Policy Changes
This policy may be updated from time to time. In the event of significant changes, we will notify you via email or a website announcement. Continued use of the service constitutes your acceptance of the updated policy.