Back to Homepage

Privacy Policy

Current

Last updated: August 18, 2025

Your Privacy Matters

We're committed to protecting your personal information and being transparent about how we collect, use, and share your data across our SSO platform and connected services.

Transparency

Clear information about data collection

Security

Industry-standard data protection

Control

You own and control your data

1. Information We Collect

Account Information

When you create an account with our SSO service, we collect:

  • Name, email address, and phone number
  • Profile information (avatar, bio, preferences)
  • Authentication credentials (encrypted passwords, OAuth tokens)
  • Account settings and preferences

Usage Information

  • Login activity and session information
  • Connected applications and services
  • Device information (browser, operating system, IP address)
  • Security events and authentication logs

Third-Party Connections

When you connect third-party services (Google, Line, etc.), we may receive basic profile information as permitted by those services and your privacy settings.

2. How We Use Your Information

Service Provision

  • Authenticate your identity
  • Provide SSO functionality
  • Maintain account security
  • Enable service integrations

Security & Safety

  • Detect suspicious activity
  • Prevent fraud and abuse
  • Monitor security threats
  • Comply with legal requirements

We do not: Sell your personal information, use your data for advertising, or share your information without your consent except as described in this policy.

3. Information Sharing

With Connected Services

When you use our SSO to access third-party applications:

  • We share only the minimum information required for authentication
  • You control which information is shared through consent screens
  • You can revoke access to connected services at any time

Legal Requirements

We may disclose information when required by law, to protect our rights, or to protect the safety of our users or others.

Service Providers

We work with trusted service providers for hosting, security, and analytics. These providers are bound by strict confidentiality agreements.

4. Data Security

Technical Safeguards

  • End-to-end encryption in transit
  • Encrypted storage of sensitive data
  • Regular security audits and testing
  • Access controls and monitoring

Operational Safeguards

  • Employee security training
  • Principle of least privilege access
  • Incident response procedures
  • Regular backup and recovery testing

5. Your Rights and Controls

Access & Review

View and review all your account information, connected services, and privacy settings at any time.

Update & Correct

Update or correct your personal information directly in your profile settings.

Connection Control

Manage which applications can access your account and revoke access at any time.

Privacy Settings

Control what information is shared with connected services and manage your privacy preferences.

If you have questions about this Privacy Policy or your personal data, please contact us at privacy@windflight.com.tw.

This Privacy Policy is effective as of August 18, 2025. We may update this policy from time to time, and we'll notify you of any material changes.