Privacy Policy

Introduction
ACROSSSER ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy details our practices regarding the collection, use, disclosure, and protection of your personal data when you interact with us, use our websites, products, and services. By engaging with our services, you agree to the collection and use of your personal data as outlined in this policy.

Scope and Application
This Privacy Policy applies to users in the Asia-Pacific region (APAC), the European Union (EU), and the United States (US), with specific compliance notes for Germany (GDPR) and California (CCPA/CPRA). Our practices ensure compliance with regional privacy regulations, including but not limited to GDPR and the CCPA. This includes the processing of account information for users who register for services such as our eRMA platform.

Information We Collect
We collect personal data for the purpose of providing our services, maintaining the functionality and security of our website, responding to inquiries, and conducting lawful business operations. The categories of personal data we collect depend on the manner in which you engage with us. Such data may be provided directly by you, collected automatically through your use of our services, or obtained from third-party sources acting on our behalf or with whom we maintain a business relationship.

a. Information You Provide
We collect information directly provided by you:

Name and contact details (first name, last name, email address, phone number, company name, job title).
Business information (number of employees, business type, country/region).
Information submitted through inquiry forms or emails, including messages, requests for quotes (RFQ), or support requests.
Marketing and communication preferences.

b. Information Collected Automatically
We automatically collect information about your interaction with our services, including:

Device information (IP address, browser type, operating system, device identifiers).
Usage data (pages visited, links clicked, date and time of access).
Location data (derived from IP addresses for regional content personalization).

c. Information from Third Parties
We occasionally obtain information from third parties, including:

Social media platforms (LinkedIn) if you interact with our content or campaigns.
Third-party service providers, such as Google Analytics, HubSpot, Facebook Ads, and LinkedIn Insights, that provide marketing insights and analytics.
Publicly available databases and industry publications.

d. Account Information (eRMA Login)
If you register for an account to access our eRMA system, we collect information such as your username, encrypted password, email address, company affiliation, and any additional data you provide to manage your profile and track your RMA requests.

Purposes of Processing
We process your personal data for the following purposes:

Responding to inquiries and providing customer support.
Managing and fulfilling product or service orders.
Personalizing and improving our website, products, and services.
Marketing and promotional activities, including remarketing campaigns.
Analytics and performance monitoring to optimize user experience.
Compliance with legal obligations and internal audits.
Managing and securing registered user accounts for services such as the eRMA platform.

Legal Bases for Processing
Our lawful bases for processing your personal data vary based on your location:

European Users (GDPR)
If you are in the EU/EEA/UK, this section specifically applies to you.

Personal Data We Collect: Includes identification, contact data, location, and transactional data.
Legal Bases: Consent, performance of a contract, legal obligations, legitimate interests. Managing and securing user accounts (such as the eRMA platform) based on performance of a contract or legitimate interest.
Your Rights: Access, rectify, erase, restrict processing, object, and portability.
Cross-Border Transfers: Data transferred outside EU (Taiwan) under standard contractual clauses.
Retention: Retained only as long as necessary per GDPR.
Data Breach Notification: Procedures compliant with GDPR (72-hour

notification).

California Users (CCPA/CPRA)
If you reside in California, USA, this section specifically applies to you.

Personal Information We Collect: Identifiers, commercial info, internet activity, geolocation.
Business Purposes: Product improvement, analytics, marketing, fraud prevention. Account management, authentication, and security for registered services.
Disclosure: Categories disclosed for business purposes but not sold.
Your Rights: Right to know, delete, correct, opt-out, limit sensitive data, and non-discrimination.
Do Not Track Signals: ACROSSER currently does not respond to DNT signals but offers opt-out.
Submitting Requests: Details on verifying identity and submitting consumer requests.
Retention: Information retained per CCPA/CPRA retention standards.

APAC (Asia-Pacific) Users
If you're located in the APAC region, this section applies to you.

Personal Data: Collected similarly to the categories above.
Purposes: Used for service provision, customer support, analytics, and product management.
Legal Compliance: We adhere to applicable local data protection laws across APAC regions, including but not limited to:
Japan: Complies with the Act on the Protection of Personal Information (APPI), including requirements for breach notification, cross-border transfers, and user consent for third-party sharing.
Singapore: Complies with the Personal Data Protection Act (PDPA).
Australia: Complies with the Privacy Act 1988.
Thailand: Complies with the Personal Data Protection Act (PDPA).
Cross-Border Transfers: Data may be transferred to Taiwan or other regions, with appropriate safeguards in place.
Privacy Rights: Rights may include access, correction, deletion, or objection, depending on your jurisdiction.
Retention and Security: Personal data is retained in accordance with applicable local laws and securely stored.

Turkey Users (KVKK)
If you are located in Turkey, this section applies to you in accordance with the Law on the Protection of Personal Data No. 6698 (KVKK).

Personal Data We Collect: Identification, contact details, device information, usage data, and transactional data.
Legal Bases: Data is processed based on your explicit consent or other legal grounds permitted under KVKK, such as contract performance, legal obligations, or legitimate interests.
Your Rights: Under KVKK, you have the right to:

Learn whether your personal data is being processed
Request information regarding the processing
Learn the purpose and whether it is used appropriately
Know the third parties your data is shared with (domestic or international)
Request correction, deletion, or anonymization
Object to negative consequences resulting from automated processing
Request compensation for damages arising from unlawful processing

Cross-Border Transfers: Data may be transferred to Taiwan or other countries only where sufficient safeguards exist or explicit consent has been obtained.
Retention: Your data is retained only as long as necessary for the purposes stated and in accordance with KVKK.

Cookies and Tracking Technologies
We use cookies and similar technologies to:

Improve site functionality and user experience.
Analyze website performance and visitor behavior.
Provide targeted advertising and remarketing.

For detailed information, please review our separate Cookie Policy managed through CookieYes.

Trusted third-party vendors (analytics providers, marketing agencies, CRM platforms) strictly to perform services for us.
Regulatory authorities or law enforcement agencies if required by law.
Corporate affiliates for administrative purposes.

All third-party service providers processing personal data on our behalf are contractually required to use the data only for specified purposes and implement appropriate security measures. We maintain data processing agreements (DPAs) with these vendors in compliance with applicable laws such as the GDPR.

We do not sell your personal data.

Cross-Border Data Transfers
Your data may be transferred and processed outside your home region, including Taiwan, EU, and the US. Transfers from the EU to other countries comply with EU Standard Contractual Clauses to ensure data protection and security.

Retention of Personal Data
We retain your personal data only for as long as necessary to fulfill the purposes outlined or as required by law. Factors determining retention periods include:

Ongoing relationship and active account status.
Legal or regulatory requirements.
Historical analytics or internal business purposes.
The duration of your eRMA account status or until a deletion request is received.

Your Rights and Choices
You have significant control over your personal information. If you have registered an account through our eRMA system, you may request access, correction, or deletion of your account information by contacting us using the details provided in the Contact Information section. Depending on your location, different privacy laws grant you specific rights:

For European Users (GDPR)
If you are located in the EU/EEA/UK, the General Data Protection Regulation (GDPR) grants you the following rights:

Right to Access: Obtain copies of your personal data we hold.
Right to Rectification: Correct inaccuracies or complete incomplete data.
Right to Erasure: Request deletion of your data under specific conditions (e.g., no longer needed or withdrawn consent).
Right to Restrict Processing: Limit how we use your data in certain situations.
Right to Data Portability: Request your data in a structured, machine-readable format for transmission to another provider.
Right to Object: Object to data processing based on legitimate interests or for direct marketing purposes.

For California Users (CCPA/CPRA)
If you are a resident of California, you are entitled to the following under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: Access the categories and specific pieces of personal data we have collected about you.
Right to Delete: Request the deletion of your personal data, subject to certain exceptions.
Right to Correct: Request correction of inaccurate personal information.
Right to Opt-Out: Opt out of the sale or sharing of your personal data.
Right to Limit Use of Sensitive Personal Information: Restrict the use of sensitive information (if applicable).
Right to Non-Discrimination: You will not be denied services, charged different prices, or receive different quality for exercising your privacy rights.

For Asia-Pacific Users (APAC)
If you are located in the Asia-Pacific region (e.g., Taiwan, Singapore, Japan, Australia, South Korea), your rights may vary by country but generally include:

Right to Access: Request access to the personal data we hold about you.
Right to Correction / Rectification: Request correction of inaccurate or incomplete data.
Right to Deletion: Request deletion of your personal data, subject to legal or contractual obligations.
Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.
Right to Restrict or Object to Processing: In some cases, limit or object to the way we process your data.
Right to Data Portability: In jurisdictions where applicable, request transfer of your data in a portable format.
Right to Lodge a Complaint: File a complaint with your local data protection authority.

Do Not Track (DNT) Signals
While our site does not currently respond to browser 'Do Not Track' signals due to a lack of standardized interpretation, you may control cookie preferences directly via our Cookie Policy or through your browser settings.

Automated Decision-Making / Profiling
We do not engage in automated decision-making that legally or similarly significantly affects you. We may conduct profiling for targeted marketing purposes only.

Third-Party Links
Our website includes links to third-party services (LinkedIn, 104, CakeResume, YouTube). Their privacy practices differ from ours; please review their respective privacy policies when visiting these platforms.

Privacy of Minors
Our services are not directed to individuals under the age of 13, or the minimum age required by applicable laws in your jurisdiction. We do not knowingly collect, use, or disclose personal data from anyone under this age without verifiable parental or guardian consent, in compliance with laws such as the U.S. Children's Online Privacy Protection Act (COPPA) and similar regional regulations. If we become aware that such data has been collected inadvertently, we will promptly delete it from our systems.

Data Security Measures
We employ rigorous security measures:

Encryption for data in transit (SSL/TLS protocols).
Regular security assessments and audits.
Limited access to personal data for authorized employees only.

Account credentials, including passwords, are stored in encrypted form. We implement technical and organizational measures to safeguard account information against unauthorized access.

Data Breach Notification
In the event of a data breach, we will promptly inform affected users and regulatory authorities in accordance with applicable laws and regulations.

Recruitment & Job Applications
Job applications are redirected to external platforms (104 and CakeResume). We do not store applicant data on our systems.

Changes to this Privacy Policy
We periodically review and update this policy to reflect changes in our practices, services, legal obligations, or regulatory requirements. Changes will be clearly communicated via our website homepage or other appropriate methods depending on the nature of the update. We encourage you to check this page regularly to stay informed about how we protect your personal data.

Contact Information
If you have any questions, concerns, or wish to exercise your privacy rights under applicable data protection laws, you may contact us through any of the following methods:

Online Inquiry: You can submit a request by visiting the Contact Us section of our website and filling out the inquiry form.
In Person:
ACROSSER Technology Co., Ltd.
7F.-2, No. 133, Ln. 235, Baoqiao Rd.,
Xindian Dist., New Taipei City, Taiwan (R.O.C.)