隱私權政策
Privacy Policy
最後更新:2026 年 6 月 23 日
Last Updated: June 23, 2026
📋前言
台灣凱惠資訊科技有限公司(以下稱「本公司」或「我們」)非常重視您的個人隱私與資料安全。
本隱私權政策說明我們透過 台灣凱惠(以下稱「本服務」)在您使用 Google 帳號授權整合功能時,
如何收集、使用、儲存及保護您的個人資料。
使用本服務即表示您同意本政策所述之條款。若您不同意,請勿使用需要 Google 授權的功能。
重要聲明:本服務僅存取您明確授權的 Google Calendar 資料,不會存取您的 Gmail、Google Drive 或其他 Google 服務資料。
📊我們收集哪些資料
當您使用本服務的 Google Calendar 整合功能時,我們可能收集以下資料:
- Google 帳號基本資訊:您的電子郵件地址(用於識別授權身份)
- Google OAuth 授權憑證:存取權杖(Access Token)與更新權杖(Refresh Token),用於代表您存取 Google Calendar
- Google Calendar 資料:
- 行事曆清單與行事曆名稱
- 行事曆活動(事件標題、時間、地點、描述等)
- 使用記錄:您操作日曆同步功能的時間與行為記錄(用於系統除錯與安全審計)
🔐Google 授權範圍說明
本服務申請以下 Google OAuth 2.0 授權範圍:
| 授權範圍 |
用途說明 |
| https://www.googleapis.com/auth/calendar |
讀取及管理您的 Google 日曆,包含建立、修改、刪除行事曆與活動 |
| https://www.googleapis.com/auth/calendar.readonly |
以唯讀方式查看您的 Google 日曆資料,不進行任何寫入操作 |
| https://www.googleapis.com/auth/calendar.events |
在您的 Google 日曆中建立、修改及刪除活動(事件) |
我們僅申請完成服務所需的最小授權範圍,且嚴格遵守
Google API 服務使用者資料政策,
包含「有限使用」要求(Limited Use Policy)。
本服務對 Google 使用者資料的使用,符合 Google API 服務使用者資料政策的「有限使用」規定,
包括但不限於:不會將 Google 資料用於廣告投放,不會將資料出售給第三方。
🎯資料使用目的
我們收集的資料僅用於以下明確目的:
- 提供日曆同步服務:將您在 台灣凱惠的預約、排程資訊同步至您的 Google 日曆
- 避免衝突排程:讀取您的 Google 日曆以偵測時段衝突,提升預約準確性
- 維護服務連線:使用 Refresh Token 於授權到期後自動更新存取權,確保服務不中斷
- 安全審計:記錄存取日誌以偵測異常行為並保護帳號安全
我們不會將您的 Google Calendar 資料用於:廣告投放、行為分析、資料銷售、機器學習模型訓練,
或任何與上述服務目的無關之用途。
🛡️資料儲存與保護
- 儲存位置:資料存放於 Microsoft Azure(日本西部資料中心),符合企業級安全標準
- 傳輸加密:所有資料傳輸均透過 TLS 1.2 以上加密協定
- 存取控制:OAuth Token 以加密方式儲存,僅限授權系統元件存取
- 資料保留:
- OAuth Token:於您撤銷授權後立即刪除
- 同步記錄:保留 90 天後自動刪除
- 使用日誌:保留 30 天後自動刪除
- 人員存取:僅限必要的維運人員可在業務需要時存取資料,且有留存稽核記錄
🤝資料分享與揭露
我們不會出售、出租或交換您的個人資料。以下情況除外:
- 法律要求:依法律規定或主管機關要求時,在必要範圍內提供
- 服務維運:與協助我們提供服務的技術合作夥伴(如雲端平台服務商)共享,這些合作夥伴均受保密協議約束
- 緊急安全:為防止詐騙、人身安全威脅等緊急情況時
在所有情況下,我們僅分享完成目的所需的最少資料。
✅您的權利
您對自己的 Google 資料授權享有以下權利:
-
撤銷授權:您可隨時至
Google 帳號安全設定
撤銷本服務的存取權限,撤銷後我們將立即停止存取您的 Google Calendar
- 查詢資料:您可聯絡我們,查詢我們持有的您的相關資料
- 刪除資料:您可要求刪除我們持有的所有 Google 授權相關資料
- 資料攜帶:您可要求以機器可讀格式取得您的資料副本
- 更正資料:若資料有誤,您可要求我們更正
撤銷 Google 授權不會影響您在 台灣凱惠上的其他功能,僅會停用 Google Calendar 同步相關服務。
🔄政策更新
本政策可能因服務調整或法規變更而修訂。重大變更時,我們將透過電子郵件或平台通知告知您。
繼續使用本服務即表示您同意更新後的政策。建議您定期查閱本頁面以取得最新版本。
📋Introduction
Taiwan Kaihui Information Technology Co., Ltd. (hereinafter "we", "us", or "our") takes your personal
privacy and data security very seriously. This Privacy Policy explains how we collect, use, store, and
protect your personal information through the Taiwan Kaihui (hereinafter "the Service")
when you use the Google account authorization integration feature.
By using the Service, you agree to the terms described in this Policy. If you do not agree, please do
not use features that require Google authorization.
Important Notice: The Service only accesses Google Calendar data that you explicitly
authorize. We do not access your Gmail, Google Drive, or any other Google services.
📊Data We Collect
When you use the Google Calendar integration feature, we may collect the following data:
- Google Account Basic Information: Your email address (used to identify your authorization)
- Google OAuth Credentials: Access Token and Refresh Token, used to access Google Calendar on your behalf
- Google Calendar Data:
- Calendar list and calendar names
- Calendar events (event title, time, location, description, etc.)
- Usage Logs: Timestamps and activity records of your calendar sync operations (for debugging and security auditing)
🔐Google Authorization Scopes
The Service requests the following Google OAuth 2.0 authorization scopes:
| Scope |
Purpose |
| https://www.googleapis.com/auth/calendar |
Read and manage your Google Calendar, including creating, modifying, and deleting calendars and events |
| https://www.googleapis.com/auth/calendar.readonly |
View your Google Calendar data in read-only mode without performing any write operations |
| https://www.googleapis.com/auth/calendar.events |
Create, modify, and delete events in your Google Calendar |
We request only the minimum necessary authorization scopes and strictly comply with the
Google API Services User Data Policy,
including the Limited Use requirements.
This Service's use of Google user data complies with the Google API Services User Data Policy
"Limited Use" requirements, including but not limited to: not using Google data for advertising and
not selling data to third parties.
🎯How We Use Your Data
Data we collect is used solely for the following explicit purposes:
- Providing Calendar Sync: Syncing your appointments and schedules from the Taiwan Kaihui to your Google Calendar
- Conflict Detection: Reading your Google Calendar to detect scheduling conflicts and improve booking accuracy
- Maintaining Service Connection: Using Refresh Tokens to automatically renew access when authorization expires, ensuring uninterrupted service
- Security Audit: Recording access logs to detect anomalous behavior and protect account security
We will NOT use your Google Calendar data for: advertising, behavioral analysis, data sales,
machine learning model training, or any purpose unrelated to the above service objectives.
🛡️Data Storage & Protection
- Storage Location: Data is stored in Microsoft Azure (Japan West datacenter), meeting enterprise-grade security standards
- Transmission Encryption: All data transmissions use TLS 1.2 or higher encryption protocols
- Access Control: OAuth Tokens are stored in encrypted form, accessible only by authorized system components
- Data Retention:
- OAuth Tokens: Deleted immediately upon revocation
- Sync Records: Auto-deleted after 90 days
- Usage Logs: Auto-deleted after 30 days
- Personnel Access: Only necessary operations personnel may access data when required for business purposes, with audit trails maintained
🤝Data Sharing & Disclosure
We do not sell, rent, or exchange your personal data. Exceptions include:
- Legal Requirements: When required by law or regulatory authorities, within the necessary scope
- Service Operations: Shared with technical partners who assist in providing the service (e.g., cloud platform providers), all bound by confidentiality agreements
- Emergency Safety: When preventing fraud, threats to personal safety, or other emergencies
In all cases, we only share the minimum data necessary to fulfill the purpose.
✅Your Rights
You have the following rights regarding your Google data authorization:
-
Revoke Authorization: You may revoke the Service's access at any time through
Google Account Security Settings.
After revocation, we will immediately stop accessing your Google Calendar.
- Access Data: Contact us to inquire about the data we hold about you
- Delete Data: Request deletion of all Google authorization-related data we hold
- Data Portability: Request a machine-readable copy of your data
- Correct Data: Request corrections if any data we hold is inaccurate
Revoking Google authorization will not affect your other features on the Taiwan Kaihui;
it only disables Google Calendar sync-related services.
🔄Policy Updates
This Policy may be revised due to service adjustments or regulatory changes. We will notify you of
significant changes via email or platform notifications. Continued use of the Service constitutes
acceptance of the updated Policy. We recommend checking this page periodically for the latest version.