Privacy Policy

Information We Collect

Running a budgeting platform means we need certain information to make everything work properly. Here's what we gather and why it matters.

Account Information

When you sign up, we collect your email address, name, and password. The password gets encrypted immediately – we can't see it, which is exactly how it should be. You'll also create a profile with preferences about currency, budget categories, and notification settings.

Financial Data

This is the core of what we do. You enter transaction details, income sources, expense categories, and savings goals. We also track budget limits you set and spending patterns over time. None of this connects directly to your actual bank accounts unless you choose to use third-party integrations.

Usage Information

We track how you interact with our platform – which features you use most, when you log in, what pages you visit. This helps us improve the service and fix problems before they affect everyone.

Device and Technical Data

• IP address and general location (city level, not your home address)
• Browser type and operating system
• Device identifiers and screen resolution
• Cookie data and session information

How We Use Your Information

Everything we collect serves a purpose. We don't gather data just to have it sitting around.

Service Delivery

Your financial data powers the budget calculations, spending analyses, and goal tracking features. We use your email to send login codes, password resets, and important account notifications. Usage patterns help us personalize your dashboard and suggest relevant budget categories.

Security and Fraud Prevention

We monitor login patterns to spot unusual activity. If someone tries accessing your account from a new device in a different country, we'll flag it. Technical data helps us identify and block malicious attempts to access user accounts.

Platform Improvement

Aggregated usage data shows us which features people love and which ones confuse everyone. We use this to prioritize development work. For example, if most users never touch a particular feature, we might simplify it or remove it entirely.

Communication

We'll send you budget alerts when you're approaching spending limits, monthly summary reports, and occasional updates about new features. You control which emails you receive through your account settings.

Data Storage and Security

Your information lives on secure servers located in Taiwan, managed by certified data centers. We use industry-standard encryption both when data travels across the internet and when it sits in our databases.

Encryption Practices

All connections to BoxNetDrive use TLS 1.3 encryption. Your password gets hashed using bcrypt with individual salts. Financial data in our database is encrypted with AES-256. We rotate encryption keys regularly and store them separately from the data itself.

Access Controls

Only essential team members can access user data, and only when necessary for support or technical maintenance. Every access gets logged. We conduct quarterly reviews of who has access to what.

Backup Procedures

We backup all data daily, keeping copies for 30 days. Backups are encrypted and stored in separate geographic locations from the primary servers. If something goes wrong, we can restore your information.

Your Rights Under Taiwan Law

Taiwan's Personal Data Protection Act gives you specific rights over your information. We take these seriously.

To exercise any of these rights, contact us at [email protected] with your account email. We'll verify your identity and process the request within the timeframes required by Taiwan law.

Data Sharing and Third Parties

We're careful about who gets access to your information. Here's the complete list of situations where data might be shared.

Service Providers

We work with companies that help run the platform – cloud hosting providers, email delivery services, customer support tools. They only get the minimum data needed to do their job, and they're contractually bound to protect it. We audit their security practices annually.

Payment Processors

If you upgrade to a premium subscription, payment information goes directly to our payment processor. We never see your full credit card number. They're PCI DSS compliant and handle thousands of transactions daily.

Analytics Services

We use privacy-focused analytics that don't track individual users across the web. They help us understand aggregate usage patterns without compromising your privacy.

Legal Requirements

If Taiwan authorities issue a valid legal request for user data, we're obligated to comply. This happens rarely. When it does, we review each request carefully and only provide what's specifically required by law. Where legally permitted, we'll notify you.

Business Transfers

If BoxNetDrive is acquired or merges with another company, your data would transfer to the new entity. They'd be bound by this privacy policy until they provide notice of any changes.

What We Never Do

We don't sell your data to advertisers. We don't share your financial information with marketing companies. We don't let third parties use your data for their own purposes. Your budget details stay private.

Data Retention

We keep different types of information for different periods, based on what makes sense and what the law requires.

After these periods expire, we permanently delete the data. For active accounts, you control your financial data and can delete transactions or entire budget periods anytime through the app.

Cookies and Tracking

Like most websites, we use cookies. But we keep it minimal and give you control.

Essential Cookies

These keep you logged in and remember your preferences during a session. The platform doesn't work without them. They expire when you close your browser or after 30 days of inactivity.

Analytics Cookies

Help us understand how people use BoxNetDrive. They track things like which features get used most and where people get stuck. You can disable these in your account settings without affecting functionality.

What We Don't Use

No advertising cookies. No cross-site tracking. No third-party marketing pixels. We're not interested in following you around the internet.

Children's Privacy

BoxNetDrive is designed for adults managing family budgets. We don't knowingly collect information from anyone under 16. If we discover that someone under 16 has created an account, we'll delete it immediately. Parents can create supervised accounts for teenagers learning about budgeting, but the parent remains the account holder.

International Data Transfers

Your data stays in Taiwan. We don't transfer it to other countries. Some service providers we use have global operations, but they maintain Taiwan-based data centers for our users. If this ever changes, we'll update this policy and notify you at least 60 days in advance.

Changes to This Policy

We update this document when we add features, change practices, or respond to new legal requirements. The "Last Updated" date at the top tells you when the most recent changes happened.

For minor updates that don't affect your rights, we'll post the revised policy and note the changes. For significant changes, we'll email you 30 days before they take effect. Continuing to use BoxNetDrive after changes means you accept them.

You can always view previous versions by contacting us. We keep an archive of all policy versions.

Your Choices

You control your data and how we communicate with you.

Email Preferences

Customize which emails you receive in account settings. Budget alerts, monthly summaries, and feature announcements can all be toggled individually. Some critical emails about security or policy changes can't be disabled while you have an account.

Data Visibility

Choose whether to share anonymous usage data to help improve the platform. This is entirely optional and doesn't affect your experience.

Account Deletion

Delete your account anytime through settings or by emailing us. We'll walk you through what happens to your data and give you a final chance to export everything.