類神經網路股份有限公司(Aiii,以下稱「本公司」)提供 Aiii DocuGuard 服務(以下稱「本服務」)。 本服務是一個安全文件發佈與瀏覽平台,允許企業使用者建立、管理及分享受控文件, 並透過 Magic Link 與權限白名單機制授權外部訪客瀏覽。
Aiii Co., Ltd. ("Aiii", "we", "us", or "our") provides the Aiii DocuGuard service (the "Service"). The Service is a secure document publishing and viewing platform that enables enterprise users to create, manage, and share controlled documents, with external visitors authorized through Magic Link and permission whitelist mechanisms.
本政策詳細說明我們如何蒐集、存取、使用、處理、儲存、分享及保護使用者資料, 特別是透過 Google OAuth 登入取得之 Google 使用者資料。本政策符合 Google API Services User Data Policy 及 Google APIs Terms of Service。
This policy describes in detail how we collect, access, use, process, store, share, and protect user data, particularly Google user data obtained through Google OAuth sign-in. This policy complies with the Google API Services User Data Policy and Google APIs Terms of Service.
1. Data Collection(資料蒐集方式)
本服務透過以下方式蒐集使用者資料:
The Service collects user data through the following methods:
1.1 Google OAuth 登入(自動蒐集) / Google OAuth Sign-in (Automatic)
當您選擇以 Google 帳戶登入本服務時,我們透過 Google OAuth 2.0 協定取得您授權的帳戶資訊。 此流程由 Google 提供的授權同意畫面發起,您可在該畫面檢視並同意本服務存取的資料範圍。
When you choose to sign in with your Google account, we obtain your authorized account information through the Google OAuth 2.0 protocol. This process is initiated by Google's consent screen, where you can review and approve the data scopes the Service requests.
1.2 使用過程中產生(自動蒐集) / Generated During Use (Automatic)
當您使用本服務時,系統會自動記錄必要的技術與安全資料,包含但不限於存取事件日誌、IP 位址、 User-Agent(瀏覽器/裝置資訊)及操作時間戳。
When you use the Service, the system automatically records essential technical and security data, including but not limited to access event logs, IP addresses, User-Agent (browser/device information), and operation timestamps.
1.3 您主動提供 / Voluntarily Provided by You
當您使用 Magic Link 功能存取受控文件時,您需主動輸入電子郵件地址以接收驗證連結。
When you use the Magic Link feature to access controlled documents, you are required to voluntarily provide your email address to receive a verification link.
2. Data Accessed(我們存取的 Google 使用者資料)
本服務僅請求以下最小必要的 Google OAuth scopes:
The Service only requests the following minimum necessary Google OAuth scopes:
| OAuth Scope | 存取的資料 Data Accessed | 用途 Purpose |
|---|---|---|
openid | OpenID Connect 識別碼 OpenID Connect identifier | 驗證使用者身分、建立安全的登入狀態 Verify user identity and establish secure sign-in state |
email | 電子郵件地址、Email 驗證狀態 Email address and verification status | 帳號識別、文件存取權限比對、通知聯絡 Account identification, document access permission matching, and notifications |
profile | 顯示名稱、頭像網址 Display name and profile photo URL | 介面中顯示使用者資訊 Display user information in the interface |
具體而言,透過上述 scopes,我們實際取得並儲存的 Google 使用者資料包含:
Specifically, through the above scopes, the Google user data we actually obtain and store includes:
- •電子郵件地址(例如 [email protected])
Email address (e.g. [email protected]) - •顯示名稱(例如「王小明」)
Display name (e.g. "John Doe") - •頭像網址(Google 帳戶提供的 Profile Photo URL)
Profile photo URL (provided by the Google account) - •Email 驗證狀態(email_verified:true / false)
Email verification status (email_verified: true/false) - •Firebase UID(由 Firebase Authentication 產生的唯一識別碼,非 Google 原始 ID)
Firebase UID (a unique identifier generated by Firebase Authentication, not the original Google ID)
我們明確不會存取以下資料:
We explicitly do not access the following data:
- •Gmail 郵件內容或附件
Gmail email content or attachments - •Google Drive 檔案或資料夾
Google Drive files or folders - •Google Calendar 行事曆事件
Google Calendar events - •Google Contacts 聯絡人
Google Contacts - •Google Photos 相片
Google Photos - •任何其他非上述 scopes 涵蓋的 Google 服務資料
Any other Google service data not covered by the scopes listed above
3. Data Usage(我們如何使用與處理資料)
我們使用所蒐集的資料僅限於以下明確目的:
We use the collected data exclusively for the following specific purposes:
| 資料類型 Data Type | 使用目的 Purpose | 處理方式 Processing Method |
|---|---|---|
| 電子郵件地址 Email address | 帳號登入與身分驗證;文件存取權限比對(白名單 / 網域比對);Magic Link 寄送 Account sign-in & authentication; document access permission matching (whitelist/domain); Magic Link delivery | 存於 Firebase Auth 及 Firestore users collection;於文件存取時與 accessRules 比對 Stored in Firebase Auth and Firestore users collection; matched against accessRules during document access |
| 顯示名稱、頭像 Display name, avatar | 於服務介面中顯示使用者身分 Display user identity in the interface | 存於 Firestore users collection,僅在前端介面渲染時讀取 Stored in Firestore users collection; read only during frontend rendering |
| Email 驗證狀態 Email verification status | 判別內部員工與外部訪客身分 Distinguish between internal staff and external visitors | 由 Firebase Auth 提供,用於 Firestore 安全規則中的 isInternal() 判斷 Provided by Firebase Auth; used in Firestore Security Rules isInternal() check |
| 存取日誌 Access logs (IP, User-Agent, timestamp) | 安全稽核、異常存取偵測、合規記錄 Security auditing, anomalous access detection, compliance records | 透過 Server-side API 記錄至 Firestore accessLogs,僅限內部管理者讀取 Recorded to Firestore accessLogs via server-side API; readable only by internal admins |
| 工作階段資料 Session data | 文件瀏覽的時間限制控制(預設 2 小時) Time-limited document viewing control (default 2 hours) | 存於 Firestore sessions collection,由 Server-side API 管理 Stored in Firestore sessions collection; managed by server-side API |
我們明確不會將 Google 使用者資料用於:
We explicitly will not use Google user data for:
- •廣告投放、行銷推廣或任何廣告相關目的
Advertising, marketing, or any advertising-related purposes - •出售、出租或以營利為目的轉讓予第三方
Selling, renting, or transferring to third parties for profit - •建立跨服務的使用者行為追蹤檔案或使用者剖析(profiling)
Building cross-service user behavior tracking profiles or user profiling - •訓練一般化(generalized)的 AI 或 ML 模型
Training generalized AI or ML models - •任何與提供本服務核心功能無關的用途
Any purpose unrelated to providing the core functionality of the Service
4. Data Storage & Retention(資料儲存與保存)
4.1 儲存位置與基礎設施 / Storage Location & Infrastructure
- •主要儲存平台:Google Firebase(包含 Firebase Authentication 與 Cloud Firestore),資料由 Google Cloud Platform 託管,受 Google Cloud 的安全基礎設施保護
Primary storage platform: Google Firebase (including Firebase Authentication and Cloud Firestore), hosted by Google Cloud Platform and protected by Google Cloud's security infrastructure - •應用程式託管:Firebase App Hosting,所有傳輸均透過 HTTPS/TLS 加密
Application hosting: Firebase App Hosting; all transmissions are encrypted via HTTPS/TLS
4.2 各類資料保存期間 / Data Retention Periods
| 資料類型 Data Type | 儲存位置 Storage | 保存期間 Retention |
|---|---|---|
| 使用者帳戶資料 User account data (email, name, avatar) | Firebase Auth + Firestore | 帳戶存續期間;刪除帳戶後 30 日內移除 Duration of account; removed within 30 days after deletion |
| 文件瀏覽工作階段 Document viewing sessions | Firestore sessions | 預設 2 小時,到期後自動失效 Default 2 hours; automatically expires |
| 安全稽核日誌 Security audit logs (access events, IP, device info) | Firestore accessLogs | 依營運與法令需求保存(通常不超過 1 年) Retained per operational and legal requirements (typically no more than 1 year) |
| 瀏覽器端功能性資料 Browser-side functional data | Local Storage / Cookie | 僅於使用期間存在 Exists only during use; removed upon clearing browser data |
我們僅在達成上述目的所需的最短期間內保存資料。若您提出刪除請求且無法定保存義務,我們將在 30 個工作天內處理。
We retain data only for the minimum period necessary to fulfill the above purposes. If you submit a deletion request and there is no legal retention obligation, we will process it within 30 business days.
5. Data Sharing(資料分享與揭露)
我們僅在以下有限情形中與第三方分享您的資料:
We only share your data with third parties in the following limited circumstances:
| 接收方 Recipient | 分享的資料 Data Shared | 目的 Purpose | 法律依據 Legal Basis |
|---|---|---|---|
| Google / Firebase | 帳戶驗證資訊 Account authentication info | 身分驗證、雲端基礎設施 Authentication, cloud infrastructure | 服務營運所必要 Necessary for service operation |
| Aiii Studio AI service provider | 去識別化之存取日誌摘要 De-identified access log summaries | 內部管理者產生安全報告 Security reports for internal admins | 正當利益(安全維運) Legitimate interest (security ops) |
| 主管機關 / 司法機關 Government / judicial authorities | 依要求範圍而定 As required by scope of request | 依法令或司法/行政命令 Per legal or judicial/administrative orders | 法律義務 Legal obligation |
除上述情形外,我們不會出售、出租或任意提供您的個人資料給任何第三方。
Other than the circumstances listed above, we will not sell, rent, or otherwise provide your personal data to any third party.
6. Google API Services User Data Policy Compliance
Aiii DocuGuard 使用 Google OAuth 2.0 進行使用者驗證。 對於透過 Google API 取得的使用者資料,我們嚴格遵守 Google API Services User Data Policy,並承諾:
Aiii DocuGuard uses Google OAuth 2.0 for user authentication. For user data obtained through Google APIs, we strictly comply with the Google API Services User Data Policy and commit to the following:
- •目的限制:僅將 Google 使用者資料用於提供或改善本服務中對使用者可見且必要的功能
Purpose limitation: Google user data is used solely to provide or improve user-facing functionality of the Service - •最小權限:僅請求
openid、email、profile三個最小必要 scopes,不請求任何敏感或限制型 scopes
Least privilege: Only the three minimum necessary scopes (openid, email, profile) are requested; no sensitive or restricted scopes - •禁止廣告用途:不將 Google 使用者資料用於投放廣告、再行銷或任何廣告相關目的
No advertising: Google user data is not used for advertising, remarketing, or any advertising-related purposes - •禁止販售:不出售或授權他人出售 Google 使用者資料
No selling: Google user data is not sold or licensed to others - •禁止 AI/ML 訓練:不使用 Google 使用者資料訓練一般化(generalized)的 AI 或 ML 模型
No AI/ML training: Google user data is not used to train generalized AI or ML models - •安全傳輸:所有 Google 使用者資料的傳輸均透過 HTTPS/TLS 加密進行
Secure transmission: All Google user data is transmitted via HTTPS/TLS encryption
7. Security Measures(資訊安全措施)
我們採取多層次的技術與管理措施保護您的資料安全:
We implement multi-layered technical and administrative measures to protect your data:
7.1 存取控制 / Access Control
- •基於角色的存取控制(RBAC):系統區分超級管理者、內部員工、外部訪客三種角色,各有不同的資料存取權限
Role-based access control (RBAC): The system distinguishes between super admin, internal staff, and external visitors, each with different data access permissions - •文件級別的精細權限:每份文件可獨立設定白名單 Email、允許網域、公開/私密存取規則
Document-level granular permissions: Each document can independently configure whitelisted emails, allowed domains, and public/private access rules - •伺服器端安全規則:所有資料存取均受 Firestore Security Rules 強制驗證,無法從客戶端繞過
Server-side security rules: All data access is enforced by Firestore Security Rules and cannot be bypassed from the client side
7.2 工作階段安全 / Session Security
- •伺服器端 Session 管理:工作階段資料完全由 Server-side API 控制,客戶端無法直接讀寫或竄改
Server-side session management: Session data is entirely controlled by server-side API; clients cannot directly read, write, or tamper with it - •時間限制:文件瀏覽工作階段預設 2 小時,到期後自動失效,前端每 5 分鐘與伺服器同步驗證
Time limit: Document viewing sessions default to 2 hours and automatically expire; the frontend re-validates with the server every 5 minutes
7.3 內容安全 / Content Security
- •HTML 消毒(Sanitization):所有使用者產生的 HTML 內容均透過 DOMPurify 進行嚴格消毒,防止 XSS(跨站腳本攻擊)
HTML sanitization: All user-generated HTML content is strictly sanitized via DOMPurify to prevent XSS (cross-site scripting) attacks - •禁止危險標籤:系統禁止 iframe、script 等可執行外部程式碼的 HTML 標籤
Dangerous tags blocked: HTML tags capable of executing external code (e.g. iframe, script) are prohibited
7.4 稽核與監控 / Auditing & Monitoring
- •完整的存取日誌:所有文件存取事件均記錄至 Server-side 稽核日誌
Comprehensive access logs: All document access events are recorded in server-side audit logs - •真實 IP 記錄:透過 Server-side API 從 HTTP headers 取得訪客真實 IP 位址
Real IP recording: Visitor real IP addresses are obtained from HTTP headers via server-side API - •防篡改設計:稽核日誌僅允許伺服器端(Admin SDK)寫入,客戶端無法建立、修改或刪除日誌記錄
Tamper-proof design: Audit logs can only be written by the server-side Admin SDK; clients cannot create, modify, or delete log records
7.5 傳輸加密 / Encryption in Transit
- •所有資料傳輸均透過 HTTPS(TLS 1.2+)加密
All data transmission is encrypted via HTTPS (TLS 1.2+) - •Google OAuth 授權流程全程於 Google 安全伺服器上進行,本服務不接觸使用者的 Google 密碼
The Google OAuth authorization flow is conducted entirely on Google's secure servers; the Service never accesses users' Google passwords
8. Your Rights(您的權利與控制方式)
您對自己的資料享有以下權利:
You have the following rights regarding your data:
- •查詢權:您可請求查詢我們持有的您的個人資料副本
Right of access: You may request a copy of the personal data we hold about you - •更正權:您可請求更正不正確或不完整的個人資料
Right of rectification: You may request correction of inaccurate or incomplete personal data - •刪除權:您可請求刪除您的個人資料,我們將在 30 個工作天內處理(法定保存義務者除外)
Right of erasure: You may request deletion of your personal data; we will process it within 30 business days (except where legal retention obligations apply) - •撤銷授權:您可隨時於 Google 帳戶權限頁面撤銷本服務的存取授權: myaccount.google.com/permissions
Right to revoke: You may revoke the Service's access at any time via Google Account permissions: myaccount.google.com/permissions - •拒絕權:若您不同意本政策,可停止使用本服務並要求刪除帳戶
Right to object: If you do not agree with this policy, you may stop using the Service and request account deletion
如需行使上述權利,請聯絡 [email protected], 我們將在確認您的身分後儘速處理。
To exercise any of the above rights, please contact [email protected]. We will process your request promptly after verifying your identity.
9. Cross-border Data Transfer(跨境資料傳輸)
本服務使用 Google Cloud Platform / Firebase 作為雲端基礎設施,您的資料可能在 Google 全球資料中心之間傳輸與處理。Google Cloud 已通過多項國際安全認證(包含 ISO 27001、SOC 2/3), 並提供符合 GDPR 等國際隱私法規的資料保護機制。
The Service uses Google Cloud Platform / Firebase as its cloud infrastructure. Your data may be transmitted and processed across Google's global data centers. Google Cloud has obtained multiple international security certifications (including ISO 27001, SOC 2/3) and provides data protection mechanisms compliant with GDPR and other international privacy regulations.
我們確保所有跨境傳輸均採取適當的安全措施,包含傳輸加密(TLS)、存取控管及與服務供應商簽訂資料處理合約。
We ensure all cross-border transfers employ appropriate security measures, including encryption in transit (TLS), access controls, and data processing agreements with service providers.
10. Children's Privacy(兒童隱私)
本服務不針對 16 歲以下的兒童提供服務。我們不會故意蒐集兒童的個人資料。 若我們發現已蒐集到兒童的個人資料,將立即刪除。
The Service is not intended for children under the age of 16. We do not knowingly collect personal data from children. If we discover that we have collected personal data from a child, we will delete it immediately.
11. Policy Updates(政策更新)
我們可能因法令變更、服務功能更新或安全需求而修訂本政策。更新後版本將公布於本頁面, 並更新「版本」編號與「生效日期」。若有重大變更,我們將透過服務介面或電子郵件通知您。
We may revise this policy due to changes in laws, service features, or security requirements. Updated versions will be published on this page with a new version number and effective date. For material changes, we will notify you via the Service interface or email.
建議您定期檢閱本政策以了解最新資訊。
We recommend reviewing this policy periodically for the latest information.
12. Contact Us(聯絡我們)
若您對本隱私權政策、資料處理方式或您的個人資料權利有任何問題或疑慮,請聯絡:
If you have any questions or concerns about this privacy policy, data processing practices, or your personal data rights, please contact:
- •公司名稱:類神經網路股份有限公司(Aiii)
Company: Aiii Co., Ltd. - •聯絡信箱:[email protected]
Email: [email protected] - •服務網址:docuguard.aiii.ai
Website: docuguard.aiii.ai
版本 Version 4.0 — 最後更新 Last updated: 2026-02-09