X Stories 故事迷
EN / 中文
X Stories 故事迷
最後更新日期:2026年3月1日Last Updated: March 1, 2026
本隱私政策由烏夏數位文創娛樂股份有限公司(下稱「本公司」)就其提供之【故事迷(X Stories)】行動應用程式及其相關之網站與服務(合稱「本服務」)所訂定,並與《使用條款》分別適用且相互參照;除非另有說明,本政策中未定義之專有名詞,均以《使用條款》之定義為準。 This Privacy Policy is issued by Usha Digital Culture & Creative Entertainment Co., Ltd. (the “Company”) for the X Stories mobile application and related websites and services (collectively, the “Service”). It applies alongside, and is incorporated by reference into, our Terms of Use. Unless otherwise stated, capitalized terms not defined here have the meanings given in the Terms of Use.
您於註冊或使用本服務時,即表示您已閱讀、理解本《隱私政策》,並同意本公司依本政策處理您的個人資料。 By registering for or using the Service, you acknowledge that you have read and understood this Privacy Policy and agree that we may process your personal data in accordance with it.
本政策僅適用於我們透過您使用本服務而收集或接收之資訊;對於我們不擁有或不控制之第三方(如應用程式商店與支付服務、第三方網站、分析與效能監測等第三方服務提供者)之作法、其網站或APP內容、或其對您個人資料之使用,本政策不適用且本公司不承擔責任。若某些特定服務另訂有專屬隱私條款,該等條款在與本政策不一致時優先適用。 This Policy applies only to information we collect or receive through your use of the Service. It does not apply to the practices of third parties that we do not own or control (e.g., app stores and payment services, third-party websites, analytics and performance providers), their sites/apps, or their use of your personal data. If a particular feature or service has its own privacy terms, those terms will prevail to the extent of any inconsistency with this Policy.
在適用法域(例如GDPR)之下,本公司就本政策所述處理活動原則上為資料控制者,除非另有明示。 Where required by applicable law (e.g., under the GDPR), the Company acts as the data controller for the processing activities described in this Policy unless expressly stated otherwise.
「個人資料」係指可直接或合理連結至一位可識別自然人之資訊,亦包括可藉由識別碼或一個或多個屬於個人身體、心理、經濟、文化或社會身份特徵而識別之資訊。視適用法令,個人資料可能包含線上或裝置識別碼(如IP位址、第三方服務產生之識別碼等)。各類型與用途將於下文分別說明。 “Personal data” means information that identifies or can reasonably be linked to an identifiable natural person, including identifiers or one or more factors specific to the person’s physical, mental, economic, cultural, or social identity. Under applicable law, this may include online or device identifiers (e.g., IP address, identifiers generated by third-party services). Types and purposes are detailed below.
為提供與優化服務、履行合約、維護安全與遵循法規,我們會在您使用本服務時處理下列類別的資訊。實際項目會依您使用的功能、裝置/系統設定與您的授權而有所不同。 To provide and improve the Service, perform our contract, maintain security, and comply with law, we process the following categories of information when you use the Service. Actual items may vary by features used, device/OS settings, and your authorizations.
(1) 帳號與基本資料a. Account & Basic Details
暱稱、性別、生日、電子郵件等。 Nickname, gender, date of birth, email address, etc.
(2) 內容與互動b. Content & Interactions
您的互動選項(分支選擇)、閱讀進度與觀看紀錄、偏好設定、活動/問卷回覆等。本服務目前不提供使用者自行上傳圖片、音訊或視訊。 Your interaction choices (branch selections), reading progress and viewing history, preferences, activity/survey responses, etc. The Service currently does not allow users to upload images, audio, or video.
(3) 客服與通訊c. Support & Communications
您主動寄給我們的詢問、回覆內容與聯絡方式。 Inquiries you send us, your replies, and your contact details.
(1) 裝置與系統資訊a. Device & System Data
裝置型號、作業系統版本、螢幕參數、效能與錯誤診斷訊息、應用版本、裝置與應用識別碼(依平台政策與您的授權而定)。 Device model, OS version, screen parameters, performance and error diagnostics, app version, device and app identifiers (subject to platform policies and your permissions).
(2) 網路與連線資訊b. Network & Connection Data
電信/網路服務商、IP位址、網路類型、時區與語言、連線時長與工作階段資訊。 Carrier/ISP, IP address, network type, time zone and language, session and connection duration details.
(3) 使用紀錄與事件c. Usage Records & Events
頁面/螢幕檢視、閱讀/瀏覽歷程、停留時間、功能使用與點擊、錯誤與崩潰紀錄、安裝與啟動時間、App使用中/背景執行狀態、版本升級、內購與代幣變動相關事件等。 Page/screen views, reading/browsing history, time on page, feature usage and clicks, error/crash logs, install/launch timestamps, foreground/background state, version upgrades, in-app purchase and token-related events, etc.
(4) 位置資料d. Location Data
以IP推斷之概略位置(國家/城市)。 Approximate location (country/city) inferred from IP.
(1) 當您選擇使用第三方登入或授權我們與第三方帳號連結時,我們可能依您同意與該平台條款取得必要的帳號基本資料(如名稱、帳號識別碼、電子郵件等)。 a. Where you choose to sign in via a third party or link accounts, we may receive basic account details (e.g., name, account ID, email, etc.) as permitted by your consent and that platform’s terms.
(2) 我們亦可能自分析、錯誤與效能監測、驗證/風控等第三方服務商,接收與裝置或事件表現相關之技術性資料,用於成效統計、反詐欺與服務優化。 b. We may receive technical data related to device or event performance from third-party analytics, crash/performance, verification/risk-control services for measurement, anti-fraud, and service optimization.
(3) 我們不控制第三方對其取得資料的獨立處理活動;就其如何處理您的個人資料,請參考各第三方之隱私政策與設定選項。 c. We do not control third parties’ independent processing of data they obtain. Please consult each third party’s privacy policy and settings.
透過應用商店或支付服務完成的內購或其他交易,由該等第三方處理與保存;我們不會接觸您的完整信用卡號或安全碼,僅可能取得與訂單/交易相關的必要資訊(如訂單編號、交易時間、品項、金額、狀態等)。 In-app purchases and other payments made via app stores or payment processors are handled and stored by those third parties. We do not see your full card number or security code. We may receive necessary order/transaction details (e.g., order ID, time, item, amount, status, etc.).
我們可能將前述資料去識別或以統計方式彙整,產生不指向特定個人的資訊,用於服務營運、報表、趨勢洞察與產品改進。 We may de-identify or aggregate the above data to produce information that no longer identifies an individual, for operations, reporting, trend insights, and product improvement.
我們會依據適用法令與您的設定,為下列目的處理您的個人資料: We process your Personal Data for the purposes below, in line with applicable law and your settings.
建立與管理帳號、提供核心功能、處理您提出的請求與交易(如付款、訂單與交付)、提供必要的服務通知,並執行軟體驗證與版本更新。僅於特定情境或地區法令要求(如稅務或身分驗證)且確有必要時,我們可能請您提供必要識別資料(如姓名或可辨識之文件號碼等),並於蒐集前另行告知目的與範圍。 Create and manage accounts, deliver core features, handle your requests and transactions (e.g., billing, orders, fulfillment), send necessary service notices, and perform software validation and updates. In limited contexts or where required by law (e.g., tax or identity checks), we may request specific identifiers (e.g., name or document number) after informing you of purpose and scope.
回覆詢問、提供技術支援,並就服務公告、政策更新或您可能感興趣之產品/功能進行聯繫;於您同意或法令允許範圍內,傳遞行銷訊息。 Respond to inquiries, provide technical support, and contact you about service notices, policy updates, or products/features you may be interested in. We will send marketing messages where you consent or as permitted by law.
依據您的偏好與使用行為,提供個人化內容、功能與推薦。於適用地區或情境下,可能運用自動化處理與建立使用者輪廓以提升相關性與改進使用體驗。 Provide personalized content, features, and recommendations based on your preferences and usage. In applicable regions or contexts, we may use automated processing and profiling to improve relevance and experience.
蒐集匯總與統計資料,用於了解使用情形、監測效能、偵測與修復錯誤,並持續改進與測試服務與新功能。 Collect aggregated/statistical data to understand usage, monitor performance, detect/fix errors, and continuously improve and test the Service and new features.
為保護您、我們與其他使用者的權益並確保服務穩定運作,我們將進行身分驗證、資安與反詐騙監測、風險評估與稽核;偵測、防範與調查詐騙、垃圾訊息或其他違法/有害活動,維護帳號與系統安全,並執行使用條款。 To protect you, us, and other users and to ensure the stable operation of the Service, we will verify identity; conduct security and anti-fraud monitoring; risk assessment and audits; detect, prevent, and investigate fraud, spam, and other unlawful/harmful activity; maintain account/system security; enforce the Terms.
履行法律或契約義務、處理爭議、回應主管機關或司法程序,並在必要時行使或防禦法律上之權利主張。 Comply with legal or contractual obligations, handle disputes, respond to authorities or legal process, and establish/exercise/defend legal claims as necessary.
在取得必要授權或經去識別化/匯總後,進行使用者研究、問卷與效果評估,以提升產品與服務品質與創新。 With appropriate authorization or after de-identification/aggregation, conduct user research, surveys, and effectiveness evaluations to enhance quality and innovation.
進行計費、對帳及必要之紀錄與留存,完成交付、退款、客服處理與合規義務,並提供與訂單相關之通知。 Billing, reconciliation and required records/retention; fulfillment, refunds, customer service, and compliance; order-related notifications.
於蒐集時另行告知並取得您同意之特定目的(如特定裝置權限或特定資料類型之處理)。 For specific device permissions or data types, we will inform you and obtain consent where required.
我們僅於具備合法依據時處理您的個人資料,不同處理情境對應不同依據,並可能同時適用。 We process Personal Data only where a valid legal basis applies. Different activities may rely on different (or multiple) bases.
為提供與營運服務、建立與管理帳號、處理訂單/交易、提供客服支援與必要通知,以及回應您提出的請求所必須之處理。 To provide/operate the Service, create/manage accounts, process orders/transactions, provide support/necessary notices, and respond to your requests.
為營運、維護與改善服務(含改進與分析、效能監測、偵錯、產品/功能測試與一般安全維護),並進行統計與使用分析,提供基本的個人化內容或推薦,以及一般性商業運作所必要之處理。進行此等處理時,我們會衡量對您權益與自由之影響,確保不逾越您的基本權利。 To operate, maintain, and improve the Service (including improvements, analytics, performance monitoring, debugging, product/feature testing, general security), conduct statistics and usage analysis, provide basic personalization, and for ordinary business operations. We balance these interests against your rights and freedoms.
於法律要求事先同意,或您主動選擇參與之情境(如行銷訊息、問卷研究等)下,基於您的同意而處理。 Where prior consent is required by law or you opt in (e.g., marketing messages, surveys, etc.).
為遵循適用法令(如稅務、會計、合規留存、權利主張或防禦、回應政府機關或司法程序)所必要之處理。 Where processing is necessary to comply with applicable laws (e.g., tax, accounting, recordkeeping, responding to governmental or judicial requests, exercising or defending legal claims).
在保護您或他人重大利益、或於法律允許之公共利益目的所必須的情況下(如偵測、調查與防止欺詐、濫用或其他違法或有害行為,以及維護系統與使用者安全)。 Where necessary to protect vital interests of you or others, or for public-interest purposes allowed by law (e.g., detection, investigation, and prevention of fraud/abuse or other unlawful/harmful acts; safeguarding systems and users).
若本服務觸及歐盟、英國或其他適用GDPR/UK GDPR之法域,我們將依當地資料保護法規之合法依據處理個人資料;於其他法域,則依當地資料保護法及主管機關要求辦理。 Where the Service involves the EU, UK, or other GDPR/UK GDPR jurisdictions, we process Personal Data under the lawful bases recognized by local data protection law. In other jurisdictions, we comply with applicable local data protection laws and regulatory requirements.
為了提供、維運與優化服務,並依您的偏好提供更相關的內容,本服務與受託之服務提供商可能使用Cookie、像素、標籤、SDK、API、裝置識別資訊、應用分析與效能監測工具,以及伺服器日誌等技術(以下合稱「追蹤技術」),用於記住偏好、維持工作階段、進行效能與錯誤診斷、統計與趨勢分析、反濫用/反詐欺。我們不在App內展示第三方廣告,亦不進行個人化廣告或再行銷追蹤。 To provide, operate, and improve the Service—and to deliver more relevant content based on your preferences—we and our service providers may use cookies, pixels, tags, SDKs, APIs, device identifiers, app analytics and performance tools, and server logs (“Tracking Technologies”) to remember preferences, maintain sessions, perform performance/error diagnostics, statistics and trend analysis, and anti-abuse/anti-fraud. We do not show third-party ads inside the app and do not conduct personalized advertising or cross-context behavioral advertising/remarketing.
部分瀏覽器會發出「請勿追蹤(DNT)」訊號。目前多數網站與業界尚未達成一致標準;因此我們可能不因DNT而改變行為。在某些地區(如歐盟/英國),非必要的追蹤技術可能須先徵得您的同意;您可依裝置設定或(如適用)頁面提供的偏好工具調整或撤回同意。 Some browsers send Do Not Track (DNT) signals. As there is no industry consensus, our practices may not change in response to DNT. In certain regions (e.g., EU/UK), non-essential Tracking Technologies may require your prior consent; you can adjust or withdraw consent in your device settings or (where offered) on-page preference tools.
我們不會出售、出租或分享您的個人資料給第三方。但為了提供、維運與優化本服務,以及依法遵循或保護權益之必要,我們可能依本政策與下列對象分享必要且相稱的資料。我們將與受託處理者簽訂資料處理協議,要求其僅依我們指示、限於特定目的,採取適當的安全措施處理資料,並僅與符合合理安全標準之服務供應商合作。第三方就其自行蒐集或以獨立控制者身分處理之資料,適用該第三方的隱私政策與選擇機制,本政策不適用。 We do not sell, rent, or share your Personal Data with third parties. To provide, operate, and improve the Service—and where required to comply with law or protect rights—we may share necessary and proportionate data as described below. We enter into data-processing agreements with processors, require them to follow our instructions for specified purposes, implement appropriate security measures, and work only with service providers that meet reasonable security standards. Where a third party independently collects personal data or acts as an independent controller, that party’s privacy policy and choices apply; this Policy does not govern such independent processing.
雲端與代管、資料分析與量測、錯誤追蹤與效能監測、客戶支援、電子郵件投遞、付款處理與防詐/風險控管、內容與基礎設施服務等,旨在代我們履行服務、強化安全與效能、提供客戶支援。 Cloud/hosting, data analytics/measurement, crash and performance monitoring, customer support, email delivery, payment processing and fraud/risk control, content and infrastructure services—to perform services on our behalf, enhance security/performance, and support customers.
若您選擇使用第三方帳號登入或與該平台互動時,該平台得依其政策接收必要的帳號或活動資訊;該等處理由該平台依其隱私權政策獨立為之。 If you choose third-party sign-in or interactions, the platform may receive necessary account or activity information under its policies; such processing is undertaken independently under that platform’s privacy policy.
於合法且必要之情形下,為了集中化營運、合規、內部審計、風險控管或提供整合服務,我們得與關係企業分享必要且相稱的資料。 Where lawful and necessary for centralized operations, compliance, internal audit, risk control, or integrated services, we may share necessary and proportionate data with affiliates.
依合法程序或主管機關要求、為防範詐欺與安全事件、或為行使/保護我們、使用者或他人之合法權益而揭露必要資訊。 Disclosures required by lawful process or authorities; for fraud prevention and security incidents; or to establish, exercise, or protect the lawful rights of us, users, or others.
於合併、收購、資產或業務移轉、重整或破產等交易或協商過程中,為達成交割或進行必要之盡職調查,可能在合理必要範圍內分享或移轉資料;交易完成後,我們會要求承受方持續遵守本政策或另行告知您新的資料實務與您的選擇。 In the course of mergers, acquisitions, asset/business transfers, reorganizations, or insolvency proceedings, we may share or transfer data as reasonably necessary for due diligence and completion. After closing, we will require the successor to honor this Policy or will otherwise inform you of new practices and your choices.
本服務可能請求下列系統權限,並整合第三方技術類別及其目的如下;實際請求可能因地區、版本或功能而異,前述權限僅於實際需要時徵求。各項第三方技術與SDK僅為完成其特定目的而運作;未經您的同意,不會擴張處理用途,我們遵循最小必要與按次授權原則;您如拒絕授權,僅會影響相關功能,不影響其他基礎服務。 The Service may request the following system permissions and integrate the following third-party technology categories for the stated purposes. Requests may vary by region, version, or feature and are sought only when needed. Third-party SDKs operate solely for their specified purposes; we adhere to data-minimization and purpose-limitation principles and only request permissions when necessary. If you decline a permission, only the related feature is affected—core services remain available.
(1) 通知:服務提醒與必要通知。 a. Notifications: Service reminders and necessary notices.
(2) 網路存取:提供線上內容、錯誤回報、風險控管與日誌記錄。 b. Network Access: Online content, error reporting, risk control, and logging.
(3) 裝置儲存空間:離線快取。 c. Device Storage: Offline cache.
(4) 裝置識別:效能監測、錯誤排查與風險控管(依平台政策與您的設定)。 d. Device Identification: Performance monitoring, troubleshooting, and risk control (per platform policies and your settings).
(5) 前後台狀態:在反作弊場景用於風險識別(僅在必要時並依您授權)。 e. Foreground/Background State: Risk signals in anti-cheat scenarios (only when necessary and authorized).
(1) 分析、效能與崩潰監測a. Analytics, Performance & Crash Monitoring
處理裝置資訊、事件與錯誤日誌等,用於效能監控、問題排查、使用統計與產品優化。 Process device information, events, and error logs to monitor performance, troubleshoot, compile usage statistics, and optimize products.
(2) 驗證與風險控管b. Verification & Risk Control
處理裝置識別、網路狀態與APP基本資訊等,用於登入驗證、反濫用/防詐欺與安全維護。 Process device IDs, network status, and basic app info for login verification, anti-abuse/anti-fraud, and security maintenance.
(3) 登入c. Sign-In
處理基本帳號識別與公開檔案資訊(依您實際授權為準,如暱稱、頭像、平台識別碼等)及回跳事件,用於社群登入、身分驗證,並建立/維護帳號與登入狀態(如Google、Apple、Facebook、微信;實際提供項目可能依地區或版本調整)。 Process basic account identifiers and public profile info (as authorized by you—e.g., nickname, avatar, platform ID, etc.) and callback events for social sign-in, identity verification, and account/session establishment/maintenance (e.g., Google, Apple, Facebook, or WeChat; availability may vary by region/version).
(4) 雲端託管與基礎設施d. Cloud Hosting & Infrastructure
處理伺服器日誌(如IP、時間戳、請求路徑、狀態碼、User-Agent、錯誤訊息等)、請求網域、服務版本/SDK版本等技術性資訊,用於服務運作與可靠性、效能監測與故障排查。 Process technical information from server logs (e.g., IP address, timestamp, request path, status code, user agent, error messages, etc.), request domains, and service/SDK versions for service operation and reliability, performance monitoring, and incident troubleshooting.
(5) 付款與內購e. Payments & In-App Purchases
處理相關交易資訊(如Apple App Store/Google Play等平台內購或其他支付服務產生之收據等),用於處理訂單、退款對帳與合規留存,相關交易資料由平台/支付服務處理與保存。 Process transaction-related data (e.g., receipts from Apple App Store/Google Play or other payment services) for orders, refunds/reconciliation, and compliance. Transaction data are processed and stored by the platform/payment service.
本服務可能包含連結或整合至第三方服務或平台(如應用商店、支付服務、社群登入、分析與效能監測等第三方服務提供者)。您對該等第三方之使用,受其各自的服務條款與隱私政策拘束;請自行閱讀並依其提供的退出或偏好設定機制操作。 The Service may link or integrate to third-party services or platforms (e.g., app stores, payment services, social sign-in, analytics/performance providers). Your use of such third parties is governed by their terms and privacy policies. Please read them and use their opt-out/preferences tools.
連結或整合並不構成本公司之任何背書或保證;在法律允許範圍內,我們對任何第三方依其政策所進行之資料處理不承擔任何責任,相關權利請逕向第三方行使。 Links or integrations do not constitute our endorsement or warranty. To the extent permitted by law, we are not responsible for any data processing conducted by third parties under their policies; exercise related rights directly with them.
我們僅在達成蒐集或法定目的所必要之期間內保存您的個人資料,並依法令或契約義務留存最短期限。目的達成後,將刪除或去識別化處理;去識別化或彙整後之資料不再指向特定個人,得為統計與趨勢分析、營運與產品改進,以及風險控管而保存較長期間。 We retain Personal Data only for as long as necessary to fulfill the collection purposes or legal purposes, and for the minimum periods required by law or contract. After purposes are met, we delete or de-identify data. De-identified/aggregated data that no longer identifies an individual may be retained longer for statistics/trend analysis, operations and product improvement, and risk control.
(1) 帳號啟用期間a. While Account is Active
為提供與維運服務所必要而保存。 Retained as necessary to provide/operate the Service.
(2) 帳號關閉或刪除後b. After Account Closure/Deletion
除法律另有要求或為處理爭議、維護權利所必須者外,將於合理期間內刪除或去識別化處理,惟基於法定義務、爭議處理或防詐等必要情形,我們得於法定或必要期間內保留最少限度資訊。若法定保存較長,從其規定。因不同法域之稅務、會計或爭議舉證需求,實際期間可能更長。 Except where required by law or where necessary to resolve disputes or protect rights, we will delete or de-identify Personal Data within a reasonable period. For legal obligations, dispute handling, fraud prevention, or other legally required purposes, we may retain the minimum necessary data for the legally required or necessary period. If a longer statutory retention applies, it prevails. Actual durations may be longer due to tax, accounting, or evidentiary needs across jurisdictions.
(1) 為完成交易、售後服務、對帳與合規之必要,將保存與訂單/付款相關紀錄。 a. Retained order and payment records as necessary for fulfillment, billing and reconciliation, after-sales, reconciliation, and compliance.
(2) 於不牴觸法定保存的範圍內,您可依本政策之權利機制請求刪除;我們將評估可行性,並於不影響會計、稅務或爭議處理之範圍內執行。 b. Subject to statutory retention, you may request deletion under this Policy; we will assess feasibility without impairing accounting, tax, or dispute handling.
(3) 法定保存期間屆滿後,即刪除或去識別化。 c. Upon expiry of statutory retention, data are deleted or de-identified.
網路日誌與會計憑證、稅務所需資料等,將依適用法令或契約所定期間保存;期間屆滿如無其他法定或權利義務必要,將刪除或去識別化。 Server logs, accounting vouchers, tax records, etc., are retained as required by law/contract. Upon expiry, and absent further legal or rights-obligation needs, they are deleted or de-identified.
為確保服務連續性與資安,我們可能在備援與異地備份中短期留存必要資料;逾合理週期即自動覆寫或刪除。因技術限制,刪除請求在備援環境生效可能有時間差。 For continuity and security, necessary data may be retained short-term in backups/replicas and will be overwritten or deleted on a reasonable cycle. Due to technical limits, deletion requests may take time to reflect in backups.
您可依本政策之程序行使刪除權;在可行且不與法定義務牴觸之範圍內,我們將同步通知曾受託處理之第三方刪除相應資料(依法應保留者除外)。 You may exercise your deletion right under this Policy. Where feasible and not conflicting with legal obligations, we will also notify relevant processors to delete corresponding data (excluding data we must retain by law).
我們面向全球提供服務,可能將與您有關的資訊(包含個人資料)傳輸或讓第三方於境外處理;資料可能自您所在的國家或法域傳輸至其他地區進行處理或儲存,以提供、維運與改進服務。 As we provide services globally, your information (including Personal Data) may be transferred to or processed by third parties outside your country/region for processing or storage to provide, operate, and improve the Service.
本服務資料主要在我們或受託服務供應商之雲端基礎設施進行託管,並可能視營運需求於其他國家或法域處理或備援。 Service data are primarily hosted on our or our processors’ cloud infrastructure and may be processed or backed up in other countries/regions as needed.
跨境接收方可能包含:雲端與託管服務商、分析與效能監測服務商、客服與營運委外廠商,以及依法需配合之主管機關(於適用法令要求時)。 Potential cross-border recipients may include cloud/hosting providers, analytics/performance providers, outsourced support/operations vendors, and governmental authorities where legally required.
為確保跨境傳輸之合規與安全,我們將視適用法令採取下列一種或多種措施: To ensure the compliance and security of cross-border data transfers, we implement one or more of the following measures as required by applicable law.
(1) 與接收方簽署具約束力的資料保護條款/合約性保障; a. Binding data-protection clauses/contractual safeguards with recipients;
(2) 實施相稱之技術與組織保護措施,以確保傳輸與儲存安全; b. Appropriate technical and organizational measures to secure transfer and storage;
(3) 視需要進行去識別化或彙整化處理,以降低再識別風險; c. De-identification or aggregation to reduce re-identification risk where appropriate;
(4) 如涉及自歐洲經濟區、英國與瑞士向境外之個人資料移轉,我們將採適用法令認可之移轉機制(如歐盟標準合約條款)作為保護。 d. For transfers from the EEA/UK/Switzerland, use of legally recognized transfer mechanisms (e.g., EU Standard Contractual Clauses) as safeguards.
我們採取合理且適當的技術與組織措施,保護個人資料免於未經授權之存取、揭露、濫用、變更或毀損;並依據資料敏感度落實最小化蒐集與存取控管、權限管理、員工保密義務與安全訓練。 We implement reasonable and appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, misuse, alteration, or destruction; we apply data-minimization, access controls, permissions management, employee confidentiality duties, and security training proportionate to data sensitivity.
於資料傳輸與儲存階段採行加密與存取控制,並依風險等級實施最小必要化等保護措施,以降低資料外洩風險。 We use encryption and access controls during transmission and storage and apply least-necessary protections commensurate with risk to reduce breach risk.
我們採取分層防護(網路與應用層防護)、弱點與修補管理、惡意行為偵測、備援與異地備份,以及稽核與日誌留存(依法定或營運必要期間)。 Layered defenses (network/app layers), vulnerability and patch management, malicious-activity detection, redundancy and off-site backups, and audit/log retention (for legally or operationally necessary periods).
我們致力於保護您的資料,但任何網際網路傳輸或電子儲存方式均無法保證100%安全。在法律允許範圍內,我們不對超出合理控制範圍之外的第三方行為所致之損害承擔責任。 We strive to protect your data, but no Internet transmission or electronic storage is 100% secure. To the extent permitted by law, we are not liable for damages caused by third-party acts beyond our reasonable control.
如發生影響您個人資料安全之事件,我們將依適用法令與合約義務,於合理可行範圍內進行調查、採取補救措施,並通知受影響之使用者,並(依法令要求)通知主管機關。 If a personal-data security incident occurs, we will investigate, take remedial measures, notify affected users, and (where required) notify regulators, consistent with legal/contractual obligations and feasibility.
請妥善管理裝置與帳號權限,避免分享密碼或一次性驗證碼,並定期更新系統與應用程式以降低風險。 Manage your device and account permissions carefully, avoid sharing passwords or one-time codes, and keep systems/apps up to date to reduce security risks.
我們致力於讓您清楚且容易地管理個人資料,並依適用法令保障您行使相關權利,您對個人資料享有下列權利與控制選項。 We aim to make managing your Personal Data clear and simple and to protect your rights under applicable law. You have the following rights and control options:
在不與當地法令衝突的前提下,您通常享有: Subject to local law, you generally have the following rights:
(1) 知情/存取權a. Right to Information/Access
要求揭露或確認是否處理您的個人資料,並取得其副本。 Request disclosure/confirmation whether we process your Personal Data and obtain a copy.
(2) 更正/補充權b. Rectification
要求更正不正確或不完整的個人資料。 Request correction of inaccurate or incomplete Personal Data.
(3) 刪除權c. Erasure
在法定情形下要求刪除您的個人資料(如您撤回同意、或資料不再為達成蒐集目的所必要)。 Request deletion in cases provided by law (e.g., you withdraw consent or data are no longer necessary for the purpose).
(4) 限制處理權d. Restriction
在特定情況下要求暫停對您資料的處理。 Request that processing be suspended in specific cases.
(5) 資料可攜權e. Data Portability
在技術可行時,要求以機器可讀格式取得您的資料,或請我們將其移轉至另一控制者。 Where technically feasible, receive your data in a machine-readable format or request transfer to another controller.
(6) 反對處理權f. Objection
在特定情況下(特別是直接行銷)反對處理。 Object in certain cases (in particular, direct marketing).
(7) 撤回同意權g. Withdrawal of Consent
若處理基於您的同意,您可隨時撤回,撤回前之處理不受影響。 Where processing is based on consent, you may withdraw at any time; processing prior to withdrawal remains lawful.
(1) 功能影響說明a. Feature Impact
如撤回同意、要求刪除或反對特定處理,部分功能可能因此受限;其他不需該同意的功能不受影響。 Withdrawing consent, requesting deletion, or objecting to certain processing may limit related features; other features not dependent on that consent are unaffected.
(2) 控制者範圍說明b. Controller Scope
我們僅能就由我們控制、可存取與保存之資料履行上述權利;第三方獨立控制者所持資料,請依其隱私權頁面行使權利。 We can fulfill rights only for data we control, can access, and retain. For data held by third-party independent controllers, exercise rights via their privacy pages.
(1) 帳戶與資料a. Account & Data
您可在本服務內的設定或我的帳戶區域檢視、更新部分資料。 Review/update certain data in the Service under Settings or My Account.
(2) Cookies與本機儲存b. Cookies & Local Storage
您可在瀏覽器隱私/安全設定中拒絕或刪除Cookie、封鎖第三方Cookie,或啟用追蹤防護;停用後部分功能可能受限。 In your browser privacy/security settings, reject or delete cookies, block third-party cookies, or enable tracking protection; some features may be limited if disabled.
(3) 裝置層級偏好c. Device-Level Preferences
iOS:設定>隱私權與安全性>追蹤,關閉對本App的追蹤許可。 iOS: Settings > Privacy & Security > Tracking — disable tracking permission for this App.
Android:設定>隱私>廣告,重設或刪除廣告識別碼。 Android: Settings > Privacy > Ads — reset or delete the advertising ID.
實際路徑可能因系統版本/廠牌不同略有差異。部分設定可能影響我們偵錯與品質改善的能力,但不影響核心使用功能。 Actual paths may vary by OS version/manufacturer. Some settings may affect our ability to debug or improve quality but do not affect core functionality.
(4) 第三方平台廣告(對外宣傳)d. Third-Party Platform Ads (Off-Site Promotion)
我們可能在第三方平台(如社群或搜尋服務)投放品牌或產品宣傳,若您在第三方平台(如Facebook、Google、YouTube、TikTok等)看到我們的廣告,相關資料之收集、使用與個人化分析均由該平台依其隱私政策自行處理,請使用該平台提供的偏好設定或退出工具管理您在該平台上的廣告體驗。我們僅收到不指向個別使用者的彙整成效資料(如安裝數與地區分布),用於評估活動表現與改進產品體驗。 We may run brand/product promotions on third-party platforms (e.g., social/search). If you see our ads on Facebook, Google, YouTube, TikTok, etc., collection/use and personalization on those platforms are handled by the platform under its privacy policy. Use the platform’s preference/opt-out tools to manage your ad experience. We receive only aggregated, non-user-identifying metrics (e.g., installs and regional distribution) to evaluate campaigns and improve the product.
(1) 提出方式a. Method
請透過電子郵件:[email protected],信件主旨建議包含「資料權利請求」,說明要行使的權利與資料範圍。 Email [email protected]. We recommend including “Data Rights Request” in the subject and specifying the right(s) you seek to exercise and the data scope.
(2) 身分驗證b. Identity Verification
為保護您的帳戶安全,我們可能要求提供可合理驗證您身分的資訊(如姓名、註冊電子郵件、國家/地區或帳號相關操作摘要;必要時另請提供驗證碼或身分證明文件)。若請求是由授權代理人提出,須檢附有效授權文件(如授權書或委任文件),並得要求代理人驗證身分。您為驗證所提供之資料僅用於核驗,完成後將於合理期間刪除或依法定保存義務最短留存。 To protect your account, we may request information reasonably necessary to verify your identity (e.g., name, registered email, country/region, a brief account-activity summary; and where needed, a verification code or ID document). If an authorized agent submits the request, include valid authorization (e.g., power of attorney or authorization letter); we may also verify the agent’s identity. Data provided for verification are used solely for verification and will be deleted within a reasonable period or retained only for the minimum time required by law.
(3) 回覆時程c. Response Time
我們將於合理期間內回覆您的請求;如因請求複雜或數量龐大而需要延長處理時間,我們將再行通知並說明原因與延長期間。 We will respond within a reasonable period. If more time is needed due to complexity or volume, we will notify you of the reason and the extension period.
(4) 費用d. Fees
通常不收費;但若請求屬重複、過度或明顯無理,我們得於法律允許範圍內收取合理費用或予以拒絕。 No charge in most cases; for repetitive, excessive, or manifestly unfounded requests, we may charge a reasonable fee or refuse, as permitted by law.
若您位於特定法域(如歐盟/英國/瑞士或美國加州),您亦享有當地法令規定之額外權利。 If you are in a specific jurisdiction (e.g., EU/UK/Switzerland or California), you also have rights under local law.
(1) 歐洲經濟區(EEA)、英國與瑞士a. EEA/UK/Switzerland
處理依據可能基於合約必要、合法利益、法定義務或您的同意(視使用情境而定)。若您認為我們的處理違反相關法規,您有權向所在地主管機關提出申訴。 Processing may be based on contract necessity, legitimate interests, legal obligations, or your consent (depending on context). If you believe our processing violates applicable law, you may lodge a complaint with your local supervisory authority.
(2) 加州居民(CCPA/CPRA)b. California (CCPA/CPRA)
您享有知情/存取、更正、刪除、拒絕出售或分享個資、限制敏感個資與不歧視等權利。 You may have rights to know/access, correct, delete, opt out of sale/share, limit use of sensitive personal information, and non-discrimination.
「剖析」係指以自動化方式處理個人資料,以評估與個人相關之特定面向(如使用偏好、功能使用情形、概略地區)。我們僅將自動化處理用於服務運作與優化(如效能與故障偵測、統計分析、反濫用/防詐),且不會以純自動化決策產生對您具有法律效力或其他重大影響的結果。 “Profiling” means automated processing of Personal Data to evaluate certain aspects relating to an individual (e.g., usage preferences, feature usage, approximate location). We use automated processing only for service operation and optimization (e.g., performance/fault detection, statistical analysis, anti-abuse/anti-fraud) and do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you.
我們重視兒童與未成年人的個人資料保護,並依各地法令採取更嚴格的保護措施。本服務不會在未取得監護人同意的情況下蒐集未達當地可同意年齡之個人資料;各地年齡門檻以當地法令為準。 We are committed to protecting children’s and minors’ Personal Data and apply stricter measures as required by local law. We do not collect Personal Data from users below the locally applicable consent age without guardian consent. Local age thresholds prevail.
(1) 13歲以下a. Under 13
我們不會明知而蒐集或徵求13歲以下兒童的個人資料;13歲以下者不得註冊或使用本服務,也不得向我們提供個人資料。 We do not knowingly collect or solicit Personal Data from children under 13; users under 13 must not register for or use the Service or provide Personal Data to us.
(2) 當地較高門檻優先b. Higher Local Thresholds Prevail
若當地法律對可同意年齡之規定高於13歲,以當地較高門檻為準(在適用GDPR/UK GDPR的地區,預設同意年齡為16歲);未達門檻者不得使用需要個資處理的功能,除非取得可驗證之監護人同意。 If local law sets a higher consent age than 13, that higher threshold applies (e.g., in GDPR/UK GDPR regions, default consent age is 16). Users below the threshold must not use features that require personal-data processing unless we obtain verifiable guardian consent.
(1) 如某些處理需以同意為法源,對未達當地同意年齡者,僅在取得可驗證之監護人同意後始得進行。 a. Where processing relies on your consent as the legal basis and the user is under the local consent age, we proceed only with verifiable guardian consent.
(2) 監護人得隨時撤回同意,我們將停止基於該同意之處理;撤回前之處理合法性不受影響。 b. Guardians may withdraw consent at any time; we will stop processing based on that consent. Processing prior to withdrawal remains lawful.
(3) 監護人亦得代表行使存取、更正、刪除、限制處理、資料可攜與反對處理等權利;為保護兒少及帳戶安全,我們於受理前可能要求合理身分驗證與監護關係證明。 c. Guardians may exercise access, rectification, deletion, restriction, portability, and objection rights on the minor’s behalf. To protect minors and account security, we may require reasonable proof of identity and guardianship.
(4) 我們建議監護人閱讀本政策並協助行使相關權利。 d. We encourage guardians to read this Policy and help exercise relevant rights.
(1) 如發現未經監護人同意,向未達當地同意年齡之使用者蒐集到個人資料,我們將儘速刪除,並採取合理措施避免再發生。
a. If we discover that Personal Data were collected from a user below the local consent age without guardian consent, we will promptly delete the data and take reasonable steps to prevent recurrence.
(2) 如對兒童/未成年人隱私保護有任何問題,或欲通報前述情形,請立即聯絡:[email protected] b. Questions about children/minors’ privacy or reports of the above can be sent to [email protected].
我們可能透過電子郵件提供服務相關資訊、回覆詢問、徵求回饋或告知政策/條款更新。 We may provide service-related information via email, respond to inquiries, solicit feedback, or notify you of policy/terms updates.
我們可能透過App內公告或電子郵件發送必要通知(如密碼重設、帳號安全警示、交易/收據、服務中斷或復原通知、重大政策更新)。 We may deliver necessary notices via in-app announcements or email (e.g., password resets, account-security alerts, transactions/receipts, service-outage/restoration notices, and significant policy updates).
我們可能不時更新本隱私權政策,以反映服務或法規的變動。對於重大變更,我們會於生效日前以明顯方式通知您(如在本頁顯示公告、App內提示或以我們認為適當的其他方式)。 We may update this Policy from time to time to reflect changes in the Service or legal requirements. For material changes, we will provide prominent notice before they take effect (e.g., an announcement on this page, in-app prompts, or other methods we deem appropriate).
除非另行註明,修訂自公告之日起生效。您於生效後繼續使用本服務,即表示同意該等變更。您可透過本政策的最後更新日期確認最新版本。 Unless otherwise noted, revisions take effect on the date of announcement. Your continued use of the Service after the effective date constitutes acceptance of the changes. You can check the latest version by the “Last Updated” date.
本政策以繁體中文為準;其他語言版本僅供參考。 This English version is provided for convenience only. In the event of any discrepancy, the Traditional Chinese version shall prevail.
如您對本隱私權政策或資料處理有任何問題,請以電子郵件聯絡我們。 If you have questions about this Privacy Policy or our data practices, please contact us by email.
資料控制者:烏夏數位文創娛樂股份有限公司 Data Controller: Usha Digital Culture & Creative Entertainment Co., Ltd.
隱私與資料權利聯絡:Privacy & Data Rights Contact: [email protected]