Privacy Policy

Last Updated: March 15, 2025
At SmartMentis, we understand that your privacy matters. This policy explains how we collect, use, and protect your personal information when you use our API and integration testing services. We've written this in plain language because legal documents shouldn't require a law degree to understand.

Information We Collect

When you work with us, we collect information that helps us provide better testing services and maintain secure business relationships. Here's what we gather and why:

Business Information

We collect basic business details like your company name, contact information, and project specifications. This helps us understand your testing requirements and communicate effectively about your API integration needs.

Technical Data

During testing processes, we access API endpoints, integration logs, and system performance data. We only collect what's necessary to identify issues and optimize your integrations. No sensitive business data leaves our secure testing environment.

Data Type Purpose Retention Period
Contact Information Communication and service delivery Duration of business relationship + 2 years
Project Data Testing execution and reporting 90 days after project completion
Technical Logs Issue identification and resolution 30 days after testing completion

How We Use Your Information

We're pretty straightforward about data usage. Everything we collect serves a specific purpose in delivering quality testing services:

  • Execute comprehensive API testing according to your specifications
  • Generate detailed reports about integration performance and issues
  • Communicate project updates and technical findings
  • Maintain secure access to testing environments
  • Provide ongoing support and troubleshooting assistance
  • Improve our testing methodologies based on real-world scenarios

Important: We never use your data for marketing purposes or share technical details with other clients. Your testing environments remain completely isolated.

Data Protection and Security

Security isn't just a checkbox for us—it's fundamental to everything we do. Our testing infrastructure uses enterprise-grade protection:

Technical Safeguards

All data transmissions use TLS 1.3 encryption. Our testing servers operate in isolated environments with regular security audits. Access controls ensure only authorized team members can view project data, and we maintain detailed access logs for accountability.

Operational Security

Our team follows strict data handling protocols. We use secure communication channels, maintain updated security certifications, and conduct regular training on privacy best practices. Physical access to our systems is restricted and monitored.

Taiwan Data Protection Compliance

We comply with Taiwan's Personal Data Protection Act (PDPA) and maintain data processing standards that meet local regulatory requirements. Our Taiwan operations ensure your data remains within appropriate jurisdictional boundaries when required.

Your Rights and Control

You maintain significant control over your information throughout our working relationship. Here are your rights and how to exercise them:

Access and Transparency

You can request copies of all data we hold about your organization at any time. We'll provide this information within 15 business days, along with details about how we've used it.

Correction and Updates

If any information we have is incorrect or outdated, let us know and we'll fix it immediately. This is particularly important for contact details and project specifications.

Data Deletion

You can request deletion of your data after project completion. We'll remove all non-essential information within 30 days. Some technical logs may be retained longer for security purposes, but these contain no personally identifiable information.

Processing Restrictions

If you need us to limit how we process your data, we can implement restrictions while maintaining essential service functionality. This might affect our ability to provide certain testing services, but we'll work with you to find suitable alternatives.

Data Sharing and Third Parties

We believe in transparency about data sharing. Here's exactly when and how we might share your information:

Service Providers

We work with carefully selected technology partners for hosting and security services. These providers operate under strict confidentiality agreements and can only access data necessary for their specific functions.

Legal Requirements

We may disclose information when legally required by Taiwan authorities or in response to valid legal processes. We'll notify you of such requests unless legally prohibited from doing so.

Business Transfers

If SmartMentis undergoes a merger or acquisition, your data would transfer to the new entity under the same privacy protections. We'd notify all clients before any such transfer occurs.

We never sell your data. Your information isn't a product—it's something you've trusted us with to provide better testing services.

International Data Transfers

While SmartMentis operates primarily in Taiwan, some of our security and hosting infrastructure operates across multiple regions to ensure optimal performance and redundancy.

When data crosses borders, we ensure it receives equivalent protection through:

  • Contractual safeguards that meet Taiwan's data protection standards
  • Technical measures including encryption and access controls
  • Regular audits of international partners and service providers
  • Compliance monitoring to ensure ongoing protection standards

Cookies and Website Data

Our website uses minimal tracking technology focused on functionality rather than surveillance:

Essential Cookies

We use session cookies to maintain secure connections and remember your preferences during visits. These don't track you across other websites.

Analytics Information

We collect basic usage statistics to improve our website experience—things like which pages are most helpful and how long people spend reading our technical documentation. This data is anonymized and aggregated.

You can disable cookies in your browser settings, though this might affect some website functionality like secure forms and session management.

Changes to This Policy

Privacy practices evolve, and so might this policy. When we make changes, we'll notify existing clients via email at least 30 days before implementation. Significant changes will be clearly highlighted, not buried in legal language.

We maintain an archive of previous policy versions, so you can always review what was in effect during your project timeline. Updates typically address new services, regulatory changes, or improvements to our data protection practices.

Data Retention Practices

We don't keep your information longer than necessary. Here's our approach to data retention:

Project Data

Active project information is retained throughout the testing engagement plus 90 days for any follow-up questions or additional analysis you might need.

Communication Records

Email correspondence and project communications are kept for two years to maintain continuity if you return for additional services.

Technical Logs

System logs containing technical data are automatically purged after 30 days. These logs help us troubleshoot issues during active projects but aren't needed long-term.

Financial Records

Invoice and payment information is retained for seven years to comply with Taiwan's business record-keeping requirements.

Privacy Questions and Contact

If you have questions about this policy or want to exercise your privacy rights, we're here to help.
Email us at help@smart-mentis.com
Call us at +886-2-2767-0686
Visit our office at No. 166, Xinmin St, Tamsui District, New Taipei City, Taiwan 251
We typically respond to privacy inquiries within 48 hours and provide requested information within 15 business days.