JSDesign - Modern Home Connection
久盛設計

Privacy Policy

Last Updated: October 22, 2025

Effective Date: October 22, 2025

This Privacy Policy is available in English, Traditional Chinese, and Simplified Chinese. In case of conflicts, the Traditional Chinese version governs.

1. Introduction

Welcome to JSDesign Flooring & Interior Design ("JSDesign," "we," "us," or "our"). We are committed to protecting your personal information and your right to privacy.

This Privacy Policy describes how we collect, use, store, and protect your personal information when you visit our website (https://jsdesign.vercel.app) or use our flooring and interior design services.

We comply with the Taiwan Personal Data Protection Act (PDPA) and international privacy standards including GDPR principles.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

About JSDesign

  • Company: JSDesign Flooring & Interior Design
  • UBN: Unified Business Number (UBN): 91840524
  • Address: No. 253, Zhongfeng Rd, Longtan District, Taoyuan City, Taiwan 325
  • Phone: +886-973-267-217

2. Information We Collect

We collect information in the following ways:

2.1 Information You Provide Directly

When you contact us or request our services, you may provide:

  • Contact Information: Name, phone number, email address, mailing address
  • Project Details: Property location, room dimensions, flooring preferences, budget range
  • Communication Records: Messages via contact forms, LINE conversations, email correspondence, phone call notes
  • Service Requests: Consultation scheduling, quote requests, installation appointments

Note: You choose what information to provide. However, certain information is necessary to provide our services (e.g., contact details for quotes).

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • Technical Data: IP address (anonymized), browser type and version, device type, operating system, screen resolution
  • Usage Data: Pages visited, time spent on pages, click patterns, scroll depth, referral source
  • Location Data: General geographic location (city/region level) based on IP address when you view Google Maps
  • Performance Data: Page load times, website errors, server response times (via Vercel Analytics)

Technologies: This data is collected through cookies, web beacons, and similar tracking technologies (see Section 9).

2.3 Information from Third Parties

We may receive information from:

  • LINE Platform: When you contact us via LINE, we receive your LINE display name and profile picture (if visible)
  • Social Media Platforms: If you interact with us on Facebook, Instagram, TikTok, or YouTube, we may see publicly available profile information
  • Google Reviews: If you leave a review, we can see your Google profile name and review content

Note: We do not purchase or receive marketing lists from third-party data brokers.

2.4 Sensitive Information We Do NOT Collect

We do not knowingly collect:

  • Financial Data: No credit card numbers, bank account details, or payment information (payments handled offline)
  • Biometric Data: No facial recognition, fingerprints, or voice recordings
  • Health Information: No medical records or health-related data
  • Government IDs: No passport numbers, driver's license numbers, or national ID numbers (unless required for legal contracts)
  • Children's Data: No information from individuals under 16 years old

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Delivery

  • Respond to your inquiries and consultation requests
  • Provide flooring and interior design quotes and estimates
  • Schedule site assessments, measurements, and installations
  • Communicate project updates, timelines, and completion notices
  • Process contracts and service agreements
  • Provide post-installation support and warranty services

3.2 Website Functionality

  • Display our business location on Google Maps
  • Enable language preferences (EN, Traditional Chinese, Simplified Chinese)
  • Improve website performance and user experience
  • Fix technical errors and optimize page loading

3.3 Analytics and Improvements

  • Analyze website traffic patterns to understand user behavior
  • Identify popular content and improve website navigation
  • Measure marketing campaign effectiveness
  • Test new features and design improvements
  • Generate aggregate statistics (no individual identification)

3.4 Legal Compliance and Protection

  • Comply with Taiwan PDPA and China PIPL requirements
  • Respond to legal requests from government authorities
  • Protect against fraud, security threats, and abuse
  • Enforce our Terms of Service and legal agreements
  • Maintain business records for tax and accounting purposes

3.6 Artificial Intelligence (AI) and Algorithms

We currently do NOT use your personal data for:

  • Training AI models or machine learning algorithms
  • Automated decision-making that affects your service
  • Algorithmic profiling or behavioral predictions
  • Third-party AI services or LLM training

Future Note: If we implement AI features in the future, we will update this Privacy Policy and obtain your explicit consent where required by law.

4. Legal Basis for Processing (PDPA/PIPL Compliance)

Under Taiwan PDPA and China PIPL, we process your personal data based on:

Type: Consent

You have explicitly agreed to our data collection and use

Examples: Contact form submissions, marketing opt-ins, LINE conversations you initiate

Type: Contractual Necessity

Processing is necessary to fulfill our service contract with you

Examples: Providing quotes, scheduling installations, delivering contracted services

Type: Legitimate Interests

Processing serves our legitimate business interests while respecting your privacy

Examples: Website analytics, security protection, fraud prevention, business operations

Type: Legal Obligation

We must process data to comply with legal requirements

Examples: Tax records, government reporting, court orders, regulatory compliance

You may withdraw consent at any time by contacting us (see Section 12). Withdrawal does not affect the lawfulness of processing before withdrawal.

5. Data Sharing and Third Parties

We share your personal information only with trusted service providers who help us operate our business:

Provider: Google Analytics

Purpose: Website traffic analysis and user behavior insights

Data Shared: Anonymized IP address, browser type, pages visited, session duration

Location: United States

Safeguards: Google Analytics Data Processing Terms, IP anonymization enabled

Provider: Google Maps

Purpose: Display business location and enable map navigation

Data Shared: Approximate location when viewing map

Location: United States

Safeguards: Google Cloud Data Processing Agreement

Provider: Vercel (Website Hosting)

Purpose: Host website and deliver content

Data Shared: Technical logs, performance metrics

Location: United States, Asia-Pacific CDN

Safeguards: Vercel Data Processing Addendum, SOC 2 Type II certified

External Communication Channels

We provide links to external platforms (LINE, Facebook, Instagram, TikTok, YouTube). When you click these links and contact us or view our profiles, those platforms govern data collection according to their own privacy policies. We do not control their data practices.

5.1 We Do NOT Sell Your Data

JSDesign has NEVER sold, and will NEVER sell, your personal information to third parties for monetary gain or any other consideration.

Clarification: We do not participate in data brokerage, advertising networks that purchase user data, or third-party marketing lists.

5.2 Business Transfers

If JSDesign is involved in a merger, acquisition, or asset sale, your personal information may be transferred to the acquiring entity. We will notify you via website notice and email before your data is transferred and becomes subject to a different privacy policy.

6. International Data Transfers

JSDesign is based in Taiwan. Our analytics and hosting providers may transfer data internationally:

Your website browsing data may be transferred to the United States (Google Analytics, Vercel hosting) with appropriate security measures including encryption, data processing agreements, and contractual safeguards.

If you are located in mainland China and use our Chinese-language website, we comply with PIPL requirements for cross-border data transfers.

7. Data Retention

We retain your personal data only as long as necessary for business purposes and legal compliance:

  • Website Analytics: Typically 26 months (managed by Google Analytics)
  • Project Records: Up to 5 years for warranty support and legal compliance
  • Contact Inquiries: Generally 2 years from last contact

    • When retention periods expire, we securely delete or anonymize your data. You can request deletion at any time by contacting us (see Section 12).

    We may retain data longer if required by law (e.g., tax records, court orders) or for active warranty claims.

    8. Your Privacy Rights (PDPA/PIPL)

    Under Taiwan PDPA and China PIPL, you have the following rights regarding your personal data:

    Right: Right to Access

    Request a copy of the personal data we hold about you

    Details: We will provide data in a commonly used electronic format (PDF or CSV) within 30 days

    Right: Right to Rectification

    Correct inaccurate or incomplete personal data

    Details: Contact us to update your contact information, project details, or preferences

    Right: Right to Deletion ('Right to be Forgotten')

    Request deletion of your personal data under certain conditions

    Details: We will delete your data unless we have legal obligations to retain it (e.g., tax records, ongoing contracts)

    Right: Right to Data Portability

    Receive your data in a structured, machine-readable format

    Details: You can transfer your data to another service provider (if technically feasible)

    Right: Right to Object

    Object to processing based on legitimate interests or marketing

    Details: Opt-out of marketing communications, analytics tracking, or other non-essential processing

    Right: Right to Restrict Processing

    Limit how we use your data while we verify accuracy or assess objections

    Details: We will mark your data as restricted and only process it with your consent or for legal purposes

    Right: Right to Withdraw Consent

    Withdraw your consent at any time for consent-based processing

    Details: Withdrawal does not affect prior lawful processing; we will stop future processing based on that consent

    Right: Right to Lodge a Complaint

    File a complaint with Taiwan's data protection authority

    Details: Contact Taiwan's Ministry of Justice or National Development Council if you believe we violated your privacy rights

    How to Exercise Your Rights

    • Email: jsdesigntaiwan@gmail.com (preferred method)
    • Phone: +886-973-267-217 (business hours: Mon-Fri 9:00-18:00, Sat 9:00-15:00)
    • Mail: No. 253, Zhongfeng Rd, Longtan District, Taoyuan City, Taiwan 325

    Response Time: We will respond to your request within 30 days (PDPA requirement). If we need more time, we will notify you of the delay and reason.

    Verification: To protect your privacy, we may ask you to verify your identity before fulfilling your request (e.g., confirming phone number or email address associated with your inquiry).

    Fee: Exercising your privacy rights is FREE. We do not charge fees for access, correction, or deletion requests.

    9. Cookies and Tracking Technologies

    Our website uses cookies and similar technologies to enhance your experience:

    What Are Cookies?

    Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and understand how you use the site.

    Type: Essential Cookies

    Purpose: Required for website functionality (session management, security)

    Examples: Language selection (EN/ZH-TW/ZH-CN), CSRF protection tokens

    Duration: Session or until you clear browser data

    Opt-Out: Cannot be disabled (website won't function properly)

    Type: Analytics Cookies

    Purpose: Understand website usage and improve performance

    Examples: Google Analytics (_ga, _gid, _gat cookies)

    Duration: Up to 26 months

    Opt-Out: Yes - via browser settings or Google Analytics Opt-out Browser Add-on

    Type: Preference Cookies

    Purpose: Remember your settings and choices

    Examples: Language preference, dismissed banners

    Duration: 1 year

    Opt-Out: Yes - via browser settings (website will reset to defaults)

    Cookies We Do NOT Use

    • Advertising/Marketing Cookies: No third-party ad networks or retargeting pixels
    • Social Media Tracking: No Facebook Pixel, LinkedIn Insight Tag, or similar trackers
    • Cross-Site Tracking: No cookies that follow you across other websites

    How to Control Cookies

    You can manage cookies through your browser settings. All modern browsers allow you to block or delete cookies. Visit your browser's help center for instructions. Note that disabling cookies may affect website functionality.

    googleAnalyticsOptOut: To opt out of Google Analytics specifically, install the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

    Third-Party Tracking

    When you visit our social media pages (Facebook, Instagram, TikTok, YouTube) or click links to those platforms, those companies may track your activity through their own cookies. We do not control their tracking practices. Please review their privacy policies:

    • Facebook Privacy Policy: https://www.facebook.com/privacy/policy/
    • Instagram Privacy Policy: https://privacycenter.instagram.com/policy/
    • TikTok Privacy Policy: https://www.tiktok.com/legal/privacy-policy
    • YouTube Privacy Policy: https://policies.google.com/privacy

    10. Security Measures

    We implement industry-standard security measures to protect your personal information:

    Technical Safeguards

      Measure: Encryption in Transit

      All data transmitted between your browser and our website is encrypted using HTTPS/TLS 1.3 protocol

      Measure: Encryption at Rest

      Sensitive data stored in databases is encrypted using AES-256 encryption

      Measure: Access Controls

      Only authorized JSDesign staff have access to personal data, on a need-to-know basis with unique login credentials

      Measure: Secure Hosting

      Website hosted on Vercel's SOC 2 Type II certified infrastructure with DDoS protection and intrusion detection

      Measure: Regular Updates

      Software, plugins, and security patches applied promptly to prevent vulnerabilities

      Measure: Firewall Protection

      Network firewalls and web application firewalls (WAF) block malicious traffic

    Organizational Safeguards

    • Staff Training: Regular privacy and security awareness training for employees
    • Confidentiality Agreements: All staff sign non-disclosure agreements (NDAs)
    • Incident Response Plan: Procedures for detecting, reporting, and responding to data breaches
    • Vendor Due Diligence: Security assessments of third-party service providers before engagement
    • Data Minimization: We collect only the data necessary for stated purposes

    Security Limitations

    While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security against:

    • Sophisticated cyber attacks (zero-day exploits, nation-state actors)
    • Unauthorized access due to stolen credentials or social engineering
    • Hardware failures or natural disasters
    • Security vulnerabilities in third-party services beyond our control

    Your Responsibility: You can help protect your data by:

    • Using secure passwords and not sharing login credentials
    • Being cautious of phishing emails claiming to be from JSDesign
    • Keeping your devices and browsers updated with security patches
    • Contacting us immediately if you suspect unauthorized access to your information

    Data Breach Notification

    In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

    • Notify affected individuals within 72 hours (PDPA/PIPL requirement)
    • Report the breach to Taiwan's data protection authority
    • Provide clear information about what data was compromised
    • Offer guidance on steps you can take to protect yourself
    • Implement corrective measures to prevent future breaches

    11. Children's Privacy

    JSDesign's website and services are NOT directed at children under 16 years old.

  • We do not knowingly collect personal information from children under 16
  • Our services are intended for adults making home improvement decisions
  • If we discover we have inadvertently collected a child's data, we will delete it immediately
  • Parents or guardians who believe we have collected their child's information should contact us at jsdesigntaiwan@gmail.com

    • If you are a parent/guardian and wish to review, delete, or stop further collection of your child's information, please contact us with:

  • Child's name and contact information provided
  • Parent/guardian identification to verify relationship
  • Specific request (access, deletion, etc.)

    • 12. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect:

  • Changes in our business practices or services
  • New legal or regulatory requirements (PDPA/PIPL amendments)
  • Improvements in privacy protection measures
  • User feedback and privacy best practices

    • How We Notify You of Changes

    • Website Banner: Prominent notice on homepage for 30 days after update
    • Email Notification: For material changes that affect how we use your data (sent to customers with active projects or marketing consent)
    • "Last Updated" Date: Always displayed at the top of this policy

    Material Changes

    For significant changes (e.g., new data uses, additional third-party sharing), we will:

    • Provide 30 days' advance notice before changes take effect
    • Request new consent if legally required
    • Allow you to opt-out or object to new processing activities

    Your continued use of our website or services after changes take effect constitutes acceptance of the updated Privacy Policy. If you do not agree to changes, please stop using our services and request deletion of your data.

    13. Contact Information

    If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

    Data Protection Contact

    Email: jsdesigntaiwan@gmail.com

    Phone: +886-973-267-217

    Hours: Monday-Friday: 9:00 AM - 6:00 PM, Saturday: 9:00 AM - 3:00 PM, Sunday: Closed

    Address: No. 253, Zhongfeng Rd, Longtan District, Taoyuan City, Taiwan 325

    LINE: tmdggyygan

    We will respond to your inquiries within 5 business days (privacy rights requests within 30 days per PDPA).

    Supervisory Authority (Taiwan)

    If you believe we have violated your privacy rights under Taiwan PDPA, you may lodge a complaint with:

    Authority: Ministry of Justice, Department of Legal Affairs

    Website: https://www.moj.gov.tw

    This Privacy Policy is provided for informational purposes and does not constitute legal advice. JSDesign reserves the right to update this policy as needed to comply with applicable laws and regulations.
    Back to Top