隱私權政策 · Privacy Policy

生效日期 / Effective Date：2026-05-11
最後更新 / Last Updated：2026-05-11
發布單位 / Publisher：阿諾行銷企劃有限公司（Arno Marketing Planning Co., Ltd.）

一、簡介 / Introduction

繁體中文

阿諾行銷企劃有限公司（以下簡稱「本公司」、「我們」）營運 map.arno.tw 工具（以下簡稱「本服務」），為我們的 SEO 客戶提供 Google Business Profile 之自動化管理、優化、監控與分析功能。本隱私權政策說明我們如何蒐集、使用、儲存、保護、與分享您及您的商家資料。使用本服務即表示您同意本政策之條款。

English

Arno Marketing Planning Co., Ltd. ("the Company", "we", "us", "our") operates the map.arno.tw service (the "Service"), which provides automated management, optimization, monitoring, and analytics for Google Business Profiles on behalf of our SEO clients. This Privacy Policy describes how we collect, use, store, protect, and share your information and your business data. By using the Service, you agree to the terms of this policy.

二、我們蒐集的資料 / Information We Collect

2.1 您主動提供的資料 / Information You Provide Directly

繁體中文

• 帳戶資訊：姓名、Email、聯絡電話、公司名稱、職稱
• 商家設定：目標關鍵字、品牌語氣樣本、通知通道偏好（Discord、Telegram、Line ID 或 Webhook URL）
• 圖片素材：您授權我們上傳至 Google Business Profile 的照片
• 服務溝通內容：與本公司客服或顧問之 Email、訊息、會議記錄

English

• Account information: name, email, phone number, company name, job title
• Business configuration: target keywords, brand voice samples, notification channel preferences (Discord, Telegram, Line ID, or webhook URLs)
• Image assets: photos you authorize us to upload to your Google Business Profile
• Service communication: emails, messages, and meeting notes between you and our team

2.2 透過 Google API 取得之資料 / Information from Google API

繁體中文

在您透過 Google Business Profile 後台明確授權本公司為管理員（Manager）後，我們透過 Google Business Profile API 取得下列資料：

• 商家檔案內容（名稱、地址、電話、營業時間、描述、類別、屬性、服務項目）
• 顧客評價與評分
• 顧客問答（Q&A）
• 已發布之 Local Posts 與媒體（照片）
• 商家成效數據（曝光量、搜尋次數、導航、電話、網站點擊）
• 商家驗證與管理員權限狀態

English

After you explicitly authorize the Company as a Manager via the Google Business Profile back-office, we access the following data through the Google Business Profile API:

• Business profile content (name, address, phone, hours, description, categories, attributes, service items)
• Customer reviews and ratings
• Customer questions and answers (Q&A)
• Published Local Posts and media (photos)
• Business performance metrics (impressions, searches, directions, calls, website clicks)
• Business verification and Manager authorization status

2.3 自動蒐集之資料 / Information Collected Automatically

繁體中文

• 操作審計記錄：您於本服務內所執行之操作（時間戳、目標商家、修改欄位、修改前後值、發起者、來源）
• 技術資料：IP 位址、瀏覽器類型、裝置型別、使用語言、訪問本服務之時間
• Cookies 與類似技術：用於維持登入狀態與基本功能；不用於跨網站追蹤或廣告

English

• Operational audit logs: actions taken within the Service (timestamp, target location, field modified, before/after values, initiator, source)
• Technical data: IP address, browser type, device type, language, time of access
• Cookies and similar technologies: used to maintain login state and core functionality; not used for cross-site tracking or advertising

三、Google API Services 用戶資料政策聲明 / Google API Services User Data Compliance

此節依 Google API Services User Data Policy 之 Limited Use Requirement 撰寫；此為 Google API 申請審核之關鍵條款。

繁體中文

我們對透過 Google API 取得之資料（以下簡稱「Google 用戶資料」）之使用，嚴格符合 Google API Services User Data Policy，包括 Limited Use Requirements。具體而言：

1. 使用範圍限制：Google 用戶資料僅用於提供您（客戶）所請求之 Google Business Profile 管理、優化、監控與報表功能。我們不會將其用於任何其他用途。
2. 不用於廣告：我們不會將 Google 用戶資料用於投放任何形式之廣告，包括客製化廣告、再行銷、或廣告衡量。
3. 不出售或轉讓：我們不會將 Google 用戶資料出售、出租、交易、或轉讓予任何第三方。
4. 不訓練 AI 模型：我們不會將 Google 用戶資料用於訓練、微調、或評估任何通用人工智慧 / 機器學習模型。我們使用 AI 為您草擬評價回覆時，僅將該筆評價與您提供之品牌語氣樣本送入 Anthropic Claude API；該 API 提供方依其服務條款不會將該資料保留或用於訓練。
5. 存取權限最小化：本公司僅有兩名指定之技術工程師具有 production access 權限存取 Google 用戶資料；存取均有日誌記錄並定期稽核。
6. 人工審閱限制：我們不會由人員大量瀏覽 Google 用戶資料，僅在以下情況下技術人員會接觸個別資料：(a) 取得您明確同意；(b) 為因應安全事件、debug、或客戶支援之必要；(c) 為遵守適用法律。

English

Our use of data obtained through the Google API ("Google User Data") strictly complies with the Google API Services User Data Policy, including its Limited Use Requirements. Specifically:

1. Limited use scope: Google User Data is used only to provide the Google Business Profile management, optimization, monitoring, and reporting features that you (the client) have requested. We do not use it for any other purpose.
2. No use for advertising: We do not use Google User Data for any form of advertising, including personalized ads, retargeting, or ad measurement.
3. No selling or transferring: We do not sell, rent, trade, or transfer Google User Data to any third party.
4. No use for AI model training: We do not use Google User Data to train, fine-tune, or evaluate any general-purpose artificial intelligence or machine learning models. When we use AI to draft review replies, only the specific review text and your provided brand voice samples are sent to the Anthropic Claude API; per Anthropic's terms of service, that provider does not retain or use such data for training.
5. Minimized access: Only two designated technical engineers within our Company have production access to Google User Data; all access is logged and periodically audited.
6. No human reading: We do not engage in mass human review of Google User Data. Personnel access individual records only when: (a) we have your explicit consent; (b) it is necessary to respond to a security incident, debug an issue, or provide customer support; or (c) required by applicable law.

四、我們如何使用資料 / How We Use Information

繁體中文

我們使用所蒐集之資料於下列用途：

• 提供本服務之核心功能（自動化管理、貼文排程、評價監控、報表產出等）
• 偵測新評價、新問題並通知您
• 維持帳戶安全（登入驗證、異常偵測、防止濫用）
• 改善本服務（產品分析、bug 修復、效能優化）
• 應您之要求提供客戶支援
• 履行法律義務

English

We use the information we collect for:

• Providing the core features of the Service (automated management, post scheduling, review monitoring, report generation, etc.)
• Detecting new reviews and questions and notifying you
• Maintaining account security (login verification, anomaly detection, abuse prevention)
• Improving the Service (product analytics, bug fixing, performance optimization)
• Providing customer support upon your request
• Fulfilling legal obligations

五、資料分享 / Information Sharing

繁體中文

我們不會將您的資料或 Google 用戶資料出售或交易予任何第三方。我們僅在下列有限情境下分享資料：

• 服務提供方（Service Providers）：協助本服務運作之必要外部服務商，包括 Linode（主機）、Anthropic（AI API）、Google（Business Profile API）、通知通道供應商（Discord、Telegram、Line）。所有服務商皆受合約約束須保護您的資料。
• 法律要求：當我們善意認為法律要求時（如法院命令、政府機關正式請求）。
• 業務移轉：若本公司被合併、收購、或資產移轉，您的資料可能作為資產之一部份移轉，但我們將事前通知您。
• 取得您同意之第三方：當您明確要求或同意時。

English

We do not sell or trade your data or Google User Data to any third party. We share data only in the following limited circumstances:

• Service Providers: External service providers necessary for Service operation, including Linode (hosting), Anthropic (AI API), Google (Business Profile API), and notification channel providers (Discord, Telegram, Line). All such providers are bound by contracts to protect your data.
• Legal Requirements: When we believe in good faith that disclosure is required by law (e.g., court order, formal government request).
• Business Transfer: If our Company undergoes a merger, acquisition, or asset transfer, your data may be transferred as part of the transaction, with prior notice to you.
• With Your Consent: To third parties you explicitly authorize.

六、資料保留與刪除 / Data Retention and Deletion

繁體中文

• 服務期間：完整保留所有資料以供分析與服務提供。
• 服務終止：您可選擇 (a) 立即刪除全部資料；或 (b) 保留 90 天供您下載備份後刪除。
• 操作審計記錄：因法遵與爭議解決需要保留 24 個月。
• 依您要求隨時刪除：您可隨時透過 Email 至 arnoseostudiowin@gmail.com 要求刪除您的個人資料；我們將於 30 日內處理。

English

• During the engagement: All data is retained for analysis and service provision.
• Upon termination: You may choose (a) immediate deletion of all data, or (b) 90-day retention for backup download before deletion.
• Operational audit logs: Retained for 24 months for legal compliance and dispute resolution.
• Deletion on demand: You may request deletion of your personal data at any time by emailing arnoseostudiowin@gmail.com; we will process the request within 30 days.

七、資料安全 / Data Security

繁體中文

我們採取下列措施保護您的資料：

• 傳輸層加密（TLS 1.3）
• 儲存層加密：OAuth refresh tokens 採 envelope encryption + KMS 主金鑰；資料庫每日加密備份
• 網路安全：Web Application Firewall、fail2ban、自動安全 patch
• 存取控制：僅兩名指定工程師具備 production access；所有存取均有日誌與稽核
• 主機部署於東京 Linode，採用業界標準安全實踐

儘管我們採取上述措施，仍無法保證網路傳輸或儲存之絕對安全。如發生資料外洩事件，我們將依適用法律於 72 小時內通知您與相關主管機關。

English

We employ the following measures to protect your data:

• Transport layer encryption (TLS 1.3)
• At-rest encryption: OAuth refresh tokens use envelope encryption with KMS-managed master keys; database backed up daily with encryption
• Network security: Web Application Firewall, fail2ban, automated security patches
• Access control: Only two designated engineers have production access; all access is logged and audited
• Infrastructure hosted on Linode in Tokyo with industry-standard security practices

Despite these measures, no method of transmission or storage is 100% secure. In the event of a data breach, we will notify you and relevant authorities within 72 hours, as required by applicable law.

八、您的權利 / Your Rights

繁體中文

您對於您的個人資料享有下列權利：

• 查閱權：請求查閱我們持有之您的個人資料
• 更正權：要求更正不正確或過時之資料
• 刪除權：要求刪除您的個人資料（部分例外請見上節）
• 資料攜出權：以結構化、常用、可機器讀取之格式取得您的資料
• 撤回同意權：撤銷對特定資料處理之同意（包括隨時於 Google Business Profile 後台撤銷我們之 Manager 權限）
• 申訴權：向台灣個人資料保護主管機關申訴

行使任一權利，請 Email 至 arnoseostudiowin@gmail.com，我們將於 30 日內回應。

English

You have the following rights regarding your personal data:

• Right of access: Request access to the personal data we hold about you
• Right to rectification: Request correction of inaccurate or outdated data
• Right to erasure: Request deletion of your personal data (subject to exceptions above)
• Right to portability: Receive your data in a structured, commonly used, machine-readable format
• Right to withdraw consent: Withdraw consent for specific data processing (including revoking our Manager access to your Google Business Profile at any time)
• Right to lodge complaint: File a complaint with the Taiwan personal data protection authority

To exercise any right, email arnoseostudiowin@gmail.com. We will respond within 30 days.

九、兒童隱私 / Children's Privacy

繁體中文

本服務不針對 18 歲以下兒童設計，亦不主動蒐集 18 歲以下兒童之個人資料。若我們發現誤蒐集了兒童資料，將立即刪除。

English

The Service is not directed to children under 18, and we do not knowingly collect personal data from children under 18. If we discover that we have inadvertently collected such data, we will delete it immediately.

十、跨境資料傳輸 / International Data Transfers

繁體中文

您的資料可能儲存或處理於台灣以外之地區（主要為東京 Linode 機房）。我們採取適當保護措施確保跨境傳輸之資料安全，並符合適用之資料保護法律。

English

Your data may be stored or processed outside Taiwan (primarily at Linode's Tokyo facility). We implement appropriate safeguards to ensure the security of data in cross-border transfers and to comply with applicable data protection laws.

十一、政策修改 / Changes to This Policy

繁體中文

我們可能不時修訂本政策。重大修改將透過 Email 或服務內公告方式通知您，並於本頁面標示「最後更新」日期。修改後您繼續使用本服務即視為接受新版政策。

English

We may update this Policy from time to time. Material changes will be communicated via email or in-service notice, and the "Last Updated" date on this page will be revised. Continued use of the Service after changes constitutes acceptance of the revised Policy.

十二、聯絡資訊 / Contact

繁體中文

如對本隱私權政策有任何疑問或需行使權利，請聯絡：

• 公司：阿諾行銷企劃有限公司
• Email：arnoseostudiowin@gmail.com
• 公司電話：04-2314-9888
• 負責人：Nuo-Ching Yu（創辦人暨執行長）

English

For questions about this Privacy Policy or to exercise your rights, please contact:

• Company: Arno Marketing Planning Co., Ltd.
• Email: arnoseostudiowin@gmail.com
• Phone: +886-4-2314-9888
• Responsible Officer: Nuo-Ching Yu (Founder & CEO)