MentraFlow
No. 50號, Huashun St, Zhonghe District, New Taipei City
MentraFlow Logo
Home Learning Program Pricing About Us Contact Us

Privacy Policy

Your privacy matters to us. This policy explains how MentraFlow collects, uses, and protects your personal information when you use our cost management services.

Last Updated: March 15, 2025

Information We Collect

When you use MentraFlow's cost management platform, we collect various types of information to provide you with personalized financial insights and improve our services. Understanding what data we gather helps you make informed decisions about sharing your information.

Account Information

Your name, email address, phone number, company details, and billing information when you create an account or subscribe to our services.

Financial Data

Budget information, expense categories, cost tracking data, and financial goals you input into our platform for analysis and reporting.

Usage Analytics

How you navigate our platform, features you use most, time spent in different sections, and interaction patterns to enhance user experience.

Technical Information

IP address, browser type, device information, operating system, and cookies that help us maintain platform security and functionality.

Automatic Data Collection

Our platform automatically collects certain information through cookies and similar technologies. This includes your browsing patterns, preferences, and technical specifications. You can control cookie settings through your browser, though some features may not function properly if cookies are disabled.

How We Use Your Information

MentraFlow processes your data to deliver effective cost management solutions and maintain our platform's quality. We believe in transparency about how your information supports our services and your business objectives.

  • Provide personalized cost analysis and budget recommendations based on your financial data
  • Generate reports, dashboards, and insights that help optimize your business expenses
  • Process payments, manage subscriptions, and handle billing inquiries efficiently
  • Send important updates about your account, new features, and platform improvements
  • Provide customer support and respond to your questions or technical issues
  • Improve our algorithms and add new features based on user behavior patterns
  • Ensure platform security and prevent fraudulent activities or unauthorized access
  • Comply with legal obligations and regulatory requirements in Taiwan and internationally

We never sell your personal data to third parties or use your financial information for purposes unrelated to providing our cost management services.

Data Processing Legal Basis

Under Taiwan's Personal Data Protection Act, we process your information based on your consent, contract fulfillment, legitimate business interests, and legal compliance. You can withdraw consent for certain processing activities, though this may limit some platform features.

Information Sharing and Disclosure

MentraFlow maintains strict controls over who can access your information. We limit data sharing to essential business operations and trusted partners who help deliver our services while maintaining the same privacy standards.

Authorized Third Parties

  • Cloud hosting providers who store and process data in secure, compliant facilities
  • Payment processors that handle subscription payments and billing transactions
  • Customer support tools that help us respond to your inquiries more effectively
  • Analytics services that provide insights while maintaining data anonymization
  • Security services that monitor and protect against cyber threats

Legal Requirements

We may disclose information when required by Taiwan law, court orders, or regulatory authorities. This includes tax compliance, financial regulations, and legitimate law enforcement requests. We review each request carefully and provide only information specifically required by law.

Business Transfers

If MentraFlow undergoes a merger, acquisition, or sale, your information may transfer to the new entity. We'll notify you of such changes and ensure the new organization maintains equivalent privacy protections for your data.

Your Privacy Rights

Taiwan's Personal Data Protection Act grants you specific rights regarding your personal information. We've designed straightforward processes to help you exercise these rights and maintain control over your data.

Access Your Data

Request a copy of all personal information we hold about you, including how it's used and who has access to it.

Update Information

Correct inaccurate data or update your profile information directly through your account settings or by contacting support.

Delete Your Account

Request complete deletion of your account and associated data, subject to legal retention requirements and active contracts.

Limit Processing

Restrict how we process your information for specific purposes while maintaining essential account functionality.

Data Portability

Export your data in common formats to transfer to other cost management platforms or for personal records.

Withdraw Consent

Revoke permission for optional data processing activities, though some features may become unavailable.

How to Exercise Your Rights

Submit privacy requests through your account dashboard, email us at info@mentraflow.com, or contact our Taiwan office directly. We respond to most requests within 30 days and provide status updates for complex requests requiring additional time.

Data Security and Protection

Protecting your financial information requires comprehensive security measures. MentraFlow implements multiple layers of protection to safeguard your data against unauthorized access, breaches, and other security threats.

Technical Safeguards

  • 256-bit SSL encryption for all data transmission
  • AES-256 encryption for data storage at rest
  • Multi-factor authentication for account access
  • Regular security audits and penetration testing
  • Firewall protection and intrusion detection systems
  • Secure API endpoints with rate limiting
  • Regular software updates and security patches
  • Backup systems with encrypted data recovery

Physical Security

Our Taiwan office maintains restricted access controls, visitor logs, and secure document storage. Data centers hosting our services feature 24/7 monitoring, biometric access controls, and environmental protections against natural disasters.

Employee Training

All MentraFlow staff receive privacy training covering data handling procedures, incident response protocols, and Taiwan's Personal Data Protection Act requirements. Employees sign confidentiality agreements and undergo background checks before accessing client data.

Incident Response

If a security incident occurs, we'll notify affected users within 72 hours and provide detailed information about the breach, steps taken to resolve it, and recommendations to protect your account. We maintain incident response procedures tested through regular security drills.

Data Retention and Deletion

MentraFlow retains your information only as long as necessary to provide services, comply with legal obligations, and protect our legitimate business interests. Different types of data have varying retention periods based on their purpose and regulatory requirements.

Retention Schedule

Active Account Data

Account information, financial data, and usage records remain accessible while your subscription is active and for 90 days after cancellation to allow reactivation.

Financial Records

Billing information, transaction records, and tax-related documents are kept for seven years to comply with Taiwan accounting and tax regulations.

Support Communications

Customer service interactions, support tickets, and related correspondence are retained for three years to improve service quality and resolve follow-up issues.

Analytics Data

Aggregated, anonymized usage statistics may be retained indefinitely for product development, while individual user analytics are deleted after two years.

Security Logs

Access logs, authentication records, and security monitoring data are kept for one year to investigate potential security incidents and maintain platform integrity.

Automated Deletion

Our systems automatically delete data according to scheduled retention policies. You'll receive advance notice before any significant data deletion, allowing you to export important information if needed.

International Data Transfers

While MentraFlow operates primarily from Taiwan, some of our service providers and cloud infrastructure span multiple countries. We ensure all international data transfers maintain appropriate privacy protections and comply with Taiwan's data protection requirements.

Transfer Safeguards

  • Standard contractual clauses approved by Taiwan authorities
  • Adequacy decisions recognizing equivalent privacy protections
  • Certification programs ensuring international privacy standards
  • Regular audits of international partners and service providers

Data Localization

Whenever possible, we process and store Taiwan users' data within the Asia-Pacific region. Critical financial data remains in Taiwan-approved facilities unless you specifically request processing in other jurisdictions for business purposes.

Cookies and Tracking Technologies

MentraFlow uses cookies and similar technologies to enhance your platform experience, remember your preferences, and analyze usage patterns. Understanding these technologies helps you make informed choices about your privacy settings.

Types of Cookies We Use

  • Essential Cookies: Required for platform functionality, login authentication, and security features
  • Preference Cookies: Remember your settings, language choices, and dashboard configurations
  • Analytics Cookies: Help us understand how you use the platform and identify areas for improvement
  • Performance Cookies: Monitor platform speed, reliability, and technical performance metrics

Managing Cookie Preferences

You can control cookies through your browser settings or our privacy dashboard. Disabling certain cookies may affect platform functionality, but we'll clearly explain any limitations before you make changes.

Children's Privacy

MentraFlow's cost management services are designed for businesses and adults managing financial responsibilities. We don't knowingly collect personal information from children under 18 years old without explicit parental consent.

If we discover we've inadvertently collected information from a minor, we'll delete it immediately and notify the parent or guardian. Parents who believe their child's information was collected without proper consent should contact us immediately for prompt resolution.

Changes to This Privacy Policy

We update this privacy policy periodically to reflect new features, legal requirements, or changes in our data practices. Significant changes will be communicated through email notifications and platform announcements at least 30 days before taking effect.

We recommend reviewing this policy annually or when you notice the "Last Updated" date has changed. Continued use of MentraFlow after policy updates constitutes acceptance of the revised terms, though we'll highlight major changes that might affect your data rights.

Version History

Previous versions of our privacy policy are available upon request. This helps you understand how our data practices have evolved and ensures transparency about changes affecting your information.

Privacy Questions and Contact Information

Our privacy team is available to answer questions, handle data requests, and address concerns about how we protect your information. We're committed to transparent communication about our privacy practices.

Email info@mentraflow.com
Phone +886229400017
Address No. 50號, Huashun St, Zhonghe District
New Taipei City, Taiwan 235

For urgent privacy matters or suspected data breaches, please call our Taiwan office directly during business hours (Monday-Friday, 9:00 AM - 6:00 PM Taiwan time).