私隱政策 Privacy Policy
最後更新:2026 年 7 月 8 日 · Last updated: 8 July 2026
elematch 由 Open The Door Company(「本公司」、「我們」)營運。本政策說明我們如何收集、使用、保存、轉移及刪除你的個人資料,以及你可行使的權利。我們以最少收集、限期保存為原則:出生日期屬個人資料,我們只收集提供服務所必需的資料。elematch is operated by Open The Door Company. This policy explains how we collect, use, retain, transfer and delete your personal data, and the rights you may exercise. We follow data minimisation and time-limited retention: a birth date is personal data, and we collect only what the Service needs.
本政策旨在符合香港《個人資料(私隱)條例》(PDPO)、新加坡《個人資料保護法》(PDPA)及馬來西亞《2010 年個人資料保護法》(PDPA,經 2024 年修訂)的適用要求。This policy is intended to comply with the Hong Kong PDPO, the Singapore PDPA and the Malaysia PDPA 2010 (as amended in 2024), as applicable.
一、我們收集甚麼 What we collect
- 帳戶資料:電郵地址(用於登入、帳戶及服務通知)。Account data: email address, for login, account and service notices.
- 分析輸入:你為個人分析或團隊合盤輸入的姓名(可選;建議以代號或縮寫代替真實姓名)、出生日期及性別(性別只用於人生階段計算)。Analysis inputs: name (optional — we recommend codenames or initials instead of real names), birth date and gender (gender is used solely for life-stage calculation).
- 用量與交易:方案、每月用量、儲值結餘及交易紀錄。付款卡資料由 Stripe 直接處理,我們不會接觸或儲存你的信用卡號碼。Usage and transactions: plan, monthly usage, credit balance and transaction records. Card details are handled directly by Stripe — we never see or store your card number.
- 技術資料:為保安及運作所需的基本日誌(如 IP 位址、瀏覽器類型)。Technical data: basic logs needed for security and operation (e.g. IP address, browser type).
我們不會要求出生時辰,亦不收集政府身份證明文件、健康資料或其他敏感類別資料。We never ask for birth time, and we do not collect government ID, health data or other sensitive categories.
二、收集及使用的目的與依據 Purposes & legal bases
| 目的 Purpose | 資料 Data | 依據 Basis |
|---|---|---|
| 生成你所要求的個人分析及團隊報告 Generate the analyses and team reports you request | 出生日期、性別、姓名(可選) Birth date, gender, name (optional) | 履行與你的合約 / 你的同意 Contract performance / consent |
| 管理帳戶、方案、用量與付款 Manage accounts, plans, usage and payments | 電郵、用量、交易紀錄 Email, usage, transactions | 履行合約、法律責任(帳務) Contract; legal obligations (billing) |
| 服務保安、防止濫用 Security and abuse prevention | 技術日誌 Technical logs | 合法利益(保障服務及用戶) Legitimate interests |
| 直接促銷(如有) Direct marketing (if any) | 電郵 | 僅在你事先明確同意(opt-in)下進行,你可隨時免費取消 Only with your explicit prior opt-in; unsubscribe anytime, free |
我們不會出售或出租你的個人資料,亦不會將其用於與上述無關的用途。報告由自動化系統(包括人工智能模型)生成,屬參考內容;我們不會作出對你產生法律效力或類似重大影響的純自動化決策,亦不會利用你的資料作自動化的僱傭決定。We never sell or rent your personal data, nor use it for unrelated purposes. Reports are generated by automated systems (including AI models) as reference content; we make no solely automated decisions with legal or similarly significant effects, and never use your data for automated employment decisions.
三、他人資料:團隊功能的同意要求 Other people's data
如你在團隊合盤中輸入其他人士的資料,你必須事先取得該人士的明確同意,並向其說明資料將用於 elematch 團隊分析。此為服務條款第 2.3 條下你的責任。任何人如發現自己的資料在未經同意下被輸入,可電郵 contact@elematch.asia 要求刪除,我們會盡快處理。If you enter another person's data in a team map, you must first obtain their explicit consent and explain the purpose — your responsibility under clause 2.3 of the Terms. Anyone whose data was entered without consent may email contact@elematch.asia for deletion, which we will action promptly.
四、保存期與自動刪除 Retention & auto-deletion
- 已儲存的分析與團隊資料:建立後 90 日自動刪除(系統每日自動清理)。Stored analyses and team data: auto-deleted 90 days after creation (daily automated cleanup).
- 帳戶基本資料(電郵、方案):保存至你刪除帳戶為止。Basic account data (email, plan): kept until you delete your account.
- 交易紀錄:按適用稅務及會計法律所需年期保存。Transaction records: kept for the period required by tax and accounting law.
五、資料保安 Security
- 每人只見自己的資料:資料庫層面的存取控制(row-level security)確保用戶之間互相不能讀取對方資料。Each person sees only their own data: database row-level security prevents users from reading one another's data.
- 所有連線經 HTTPS 加密傳輸;資料於儲存層加密。All connections use HTTPS; data is encrypted at rest.
- 資料外洩通報:如發生可能對你構成重大風險的個人資料外洩,我們會按適用法律(包括新加坡 PDPA 及馬來西亞 PDPA 的強制通報要求)通知相關監管機構及受影響用戶,並會在切實可行範圍內盡快處理。Breach notification: if a breach is likely to pose significant risk to you, we will notify the relevant regulators and affected users as required by applicable law (including the mandatory notification regimes of the Singapore and Malaysia PDPAs), as soon as practicable.
六、第三方服務商與跨境傳輸 Processors & cross-border transfers
我們僅使用為提供本服務所需的服務商,並以合約要求其按不低於本政策的標準處理資料:We use only the processors needed to run the Service, contractually required to protect data to no lesser standard than this policy:
| 服務商 Processor | 用途 Purpose | 處理地點 Location |
|---|---|---|
| Supabase | 資料庫與登入驗證 Database & authentication | 雲端(可能位於香港以外,包括新加坡/美國) Cloud (may be outside HK, incl. SG/US) |
| Stripe | 付款處理 Payment processing | 全球(按 Stripe 之基建) Global (Stripe infrastructure) |
| Vercel | 網站寄存 Hosting | 全球邊緣網絡 Global edge network |
由於上述服務商的伺服器可能位於你所在司法管轄區以外,你的資料可能被跨境傳輸及儲存。我們會採取合理措施(包括合約條款)確保資料於境外獲得相若程度的保障。使用本服務即表示你同意上述傳輸安排。Because these processors' servers may be outside your jurisdiction, your data may be transferred and stored across borders. We take reasonable measures (including contractual terms) to ensure comparable protection abroad. By using the Service you consent to these transfers.
七、Cookies Cookies
我們使用三類 cookies:(一)登入狀態及服務運作所必需的 cookies;(二)分析 cookies(Google Analytics),用於統計訪客數量及使用情況,IP 位址經匿名化處理;(三)廣告成效 cookies(Meta Pixel),用於量度廣告成效及轉換。你可隨時透過瀏覽器設定封鎖或刪除 cookies,不影響網站基本使用。We use three types of cookies: (1) essential cookies for login and operation; (2) analytics cookies (Google Analytics) to measure visits and usage, with IP anonymisation; (3) advertising cookies (Meta Pixel) to measure ad performance and conversions. You can block or delete cookies at any time in your browser settings without affecting core site functions.
八、你的權利 Your rights
視乎你所在司法管轄區的適用法律(香港 PDPO、新加坡 PDPA、馬來西亞 PDPA),你可:Depending on the law of your jurisdiction (HK PDPO, SG PDPA, MY PDPA), you may:
- 查閱及索取我們持有關於你的個人資料副本;Access and obtain a copy of your personal data held by us;
- 更正不準確的資料(你亦可隨時在帳戶內自行更正輸入資料——包括出生日期——並重新生成分析);Correct inaccurate data — you can also amend your inputs (including birth date) in your account at any time and regenerate the analysis;
- 撤回同意及要求停止處理(撤回後我們可能無法繼續提供部分服務);Withdraw consent and request that processing stop (some services may then be unavailable);
- 要求刪除帳戶及其所有資料;Request deletion of your account and all its data;
- 拒收直接促銷訊息(隨時、免費);Opt out of direct marketing, at any time and free of charge;
- 就資料處理向我們查詢或投訴;你亦有權向所在地的監管機構投訴(香港:個人資料私隱專員公署 PCPD;新加坡:個人資料保護委員會 PDPC;馬來西亞:個人資料保護局 JPDP)。Raise queries or complaints with us; you may also complain to your local regulator (HK: PCPD; SG: PDPC; MY: JPDP).
行使上述權利,請電郵 contact@elematch.asia。我們一般會於 30 日內回覆(或按適用法律規定的更短時限)。為保障你,我們可能需要先核實你的身份。To exercise these rights, email contact@elematch.asia. We normally respond within 30 days (or any shorter period required by law). We may need to verify your identity first.
九、團隊報告的紅線 The team-report red line
這是我們對每位成員的核心承諾:團隊報告不會展示任何個人的時機參考、升遷或去留建議。團隊層面只呈現整體的協作與工作節奏參考;涉及時機的個人內容,載於當事人的個人報告,作自我反思之用。Our core promise to every member: team reports never show any individual's timing, promotion or retention suggestions. The team level presents only overall collaboration and pacing references; individual timing content appears in that person's own report, for self-reflection.
十、兒童 Children
本服務僅限年滿 18 歲人士使用。我們不會在知情下收集未成年人的個人資料;如你發現有未成年人資料被輸入,請聯絡我們刪除。The Service is for persons aged 18 or above. We do not knowingly collect minors' data; if you find a minor's data has been entered, contact us for deletion.
十一、政策更新與聯絡 Changes & contact
本政策如有更新,我們會在此頁公布並更新「最後更新」日期;重大變更會另行以電郵或服務內通知。Updates will be posted here with a revised "last updated" date; material changes will also be notified by email or in-service.
資料使用者/營運者:Open The Door Company
私隱事宜聯絡:contact@elematch.asiaData user / operator: Open The Door Company · Privacy contact: contact@elematch.asia