數位鑰匙 App 隱私權宣告

服務提供者:中華電信股份有限公司

Digital Keyring Logo

標題:數位鑰匙 App 隱私權宣告

最後更新日期:2026/4/7

本隱私權宣告適用於您使用數位鑰匙 App 與相關服務(以下稱「本服務」)時之資料處理事項,說明本服務可能蒐集、處理、利用或揭露之資料類型、目的與相關權利。

本服務由中華電信股份有限公司(以下稱「本公司」)提供;本服務目前由中華電信股份有限公司研究院行動數位卡團隊負責推動與維運。

請您於使用本服務前詳閱本宣告。

一、適用範圍

本隱私權宣告適用於數位鑰匙 App、相關網站頁面,以及本服務之相關功能與必要支援服務。

二、服務提供者與聯絡方式

本服務由本公司提供,並由中華電信股份有限公司研究院行動數位卡團隊負責推動與維運。

如您對本服務或本隱私權宣告有任何疑問,可透過下列方式聯絡:

三、我們可能蒐集或處理的資料類型

依本服務目前之設計與運作方式,我們可能蒐集或處理以下資料:

(一)可能與使用者身分連結的資料

  1. 使用者識別碼

    本服務所使用之數位卡內容中,可能以加密方式儲存由客戶提供之使用者識別碼。該識別碼可能對應至特定使用者,但其具體身分對應與管理方式,通常由客戶自行決定與維護。

  2. 裝置識別碼

    本服務於特定功能、管理、診斷或客戶授權之追蹤情境下,可能處理裝置識別碼或其他可用於辨識特定裝置之技術識別資訊。於部分情況下,該等資訊可能與特定使用者或特定數位卡使用情境產生關聯。

(二)通常不直接與使用者身分連結的資料

  1. 產品互動資料

    例如功能使用事件、服務互動紀錄及相關操作資訊等。

  2. 診斷與技術資料

    例如當機資料、效能資料、其他診斷資料與技術性錯誤紀錄等。

前述未直接與身分連結之資料,主要用於維持服務穩定、安全與品質改善。

四、本服務通常不以傳統帳號資料作為使用前提

本服務之部分功能或流程,依其設計,通常不以傳統帳號、密碼或電子郵件地址作為使用前提;惟本服務仍可能因服務提供、互動流程、安全維護及技術支援需要,而處理本宣告所載之相關資料。

五、資料使用目的

我們可能將前述資料用於以下目的:

  1. 提供數位卡及相關功能服務
  2. 驗證服務流程與維持本服務正常運作
  3. 進行錯誤排除、當機分析、效能監測與技術支援
  4. 提升產品穩定性、安全性與使用體驗
  5. 於客戶授權或管理需求範圍內,提供必要之識別資訊或技術資訊,以供客戶進行管理、驗證、追蹤、稽核或服務維護

六、追蹤與廣告說明

本服務不進行跨 App 追蹤,亦不以跨 App 或跨網站方式追蹤使用者行為。

本服務目前不以第三方廣告網路進行個人化廣告投放。

惟在客戶授權或服務管理範圍內,本服務所處理之部分識別資訊,可能提供予客戶,用於其內部管理、服務追蹤、設備管理或稽核用途。

七、資料揭露與分享

除法律要求、主管機關命令、司法程序、資安事件處理,或為維護本服務及相關權利所必要者外,我們不會任意出售您的個人資料。

本服務可能於下列情形下,在必要範圍內揭露或提供相關資料:

  1. 提供本服務所必要之技術維運、雲端或支援服務供應商
  2. 您所屬之客戶,用於其管理、驗證、服務提供、追蹤或稽核目的
  3. 法律明文要求或依法配合之主管機關、司法機關或其他有權機關

八、跨境傳輸與處理

為提供本服務,相關資料可能傳輸、處理並儲存於台灣或第三方雲端服務供應商所提供之伺服器或基礎設施。

您使用本服務,即表示理解並同意前述跨境傳輸、處理與儲存安排。

我們仍會採取合理之技術與管理措施保護資料安全。

九、資料保存與安全措施

本服務採取合理之技術與管理措施,以保護資料安全,並避免未經授權之存取、竄改、洩漏或滅失。

其中,數位卡中之特定識別資料可能以加密方式儲存。

資料之保存期間,將依服務目的、技術維運需要、客戶契約要求、法令遵循義務或爭議處理需要而定。

十、使用者權利與聯絡方式

就本服務相關資料,您得:

  1. 查詢或請求說明
  2. 透過本服務所提供之方式刪除數位卡
  3. 就其他與特定使用者識別資料、客戶關聯資料、管理設定或其他要求,聯繫您所屬之客戶辦理

如您對本服務之資料處理、隱私權事項或本宣告內容有任何疑問,請聯絡:

十一、未成年人使用

本服務並非專為兒童設計。未成年人如需使用本服務,建議由法定代理人、監護人或所屬機構協助了解相關條件與使用方式。

十二、隱私權宣告之修訂

本服務得視法令、服務內容或營運需求,適時修訂本隱私權宣告。修訂後之內容將公布於本頁面,並自公布時起生效。

Title: Digital Keyring App Privacy Policy

Last Updated: 2026/4/7

This Privacy Policy describes data handling matters when you use the Digital Keyring App and related services (the “Service”), including the categories of data that may be collected, processed, used, or disclosed, the purposes of such processing, and your related rights.

The Service is provided by Chunghwa Telecom Co., Ltd. (the “Company”). The Service is currently promoted and operated by the Mobile Digital Card Team of Chunghwa Telecom Laboratories.

Please read this Policy carefully before using the Service.

1. Scope

This Privacy Policy applies to the Digital Keyring App, related web pages, and related functions and necessary support services of the Service.

2. Service Provider and Contact Information

The Service is provided by the Company. The Service is currently promoted and operated by the Mobile Digital Card Team of Chunghwa Telecom Laboratories.

If you have any questions regarding this Policy or the Service, please contact us at:

3. Categories of Data We May Collect or Process

Based on the current design and operation of the Service, we may collect or process the following categories of data:

(1) Data That May Be Linked to a User’s Identity

  1. User Identifier

    The content of a digital card used by the Service may store, in encrypted form, a user identifier provided by the customer. Such identifier may correspond to a specific user, while the actual identity mapping and management are generally determined and maintained by the customer.

  2. Device Identifier

    In certain functional, administrative, diagnostic, or customer-authorized tracking scenarios, the Service may process a device identifier or other technical identifiers that can be used to distinguish a specific device. In some cases, such information may become associated with a specific user or a specific digital-card usage context.

(2) Data That Is Generally Not Directly Linked to a User’s Identity

  1. Product Interaction Data

    Such as feature usage events, service interaction records, and related operational information.

  2. Diagnostic and Technical Data

    Such as crash data, performance data, other diagnostic data, and technical error logs.

Such data that is not directly linked to a user’s identity is mainly used to maintain service stability, security, and quality improvement.

4. The Service Generally Does Not Require Traditional Account Information as a Condition of Use

Certain functions or flows of the Service, by design, generally do not require traditional account credentials, passwords, or email addresses as a condition of use; however, the Service may still process the relevant data described in this Policy as necessary for service provision, interaction flows, security maintenance, and technical support.

5. Purposes of Use

We may use the above data for the following purposes:

  1. To provide digital cards and related service functions
  2. To verify service flows and maintain normal operation of the Service
  3. To troubleshoot errors, analyze crashes, monitor performance, and provide technical support
  4. To improve product stability, security, and user experience
  5. To provide necessary identifier-related or technical information to customers, within authorized or administrative needs, for management, verification, tracking, auditing, or service maintenance

6. Tracking and Advertising

The Service does not perform cross-app tracking and does not track users across apps or websites.

The Service does not currently use third-party advertising networks for personalized advertising.

However, within the scope of customer authorization or service administration, certain identifier-related information processed by the Service may be provided to customers for their internal management, service tracking, device administration, or audit purposes.

7. Disclosure and Sharing

Except where required by law, competent authorities, judicial procedures, security incident handling, or where necessary to protect the Service and related rights, we do not arbitrarily sell your personal data.

Relevant data may be disclosed or provided, to the extent necessary, in the following circumstances:

  1. To technical operations, cloud, or support service providers necessary for the Service
  2. To the customer to whom you belong, for its management, verification, service provision, tracking, or audit purposes
  3. To competent authorities, judicial bodies, or other legally authorized entities where required by law

8. Cross-Border Transfer and Processing

For the purpose of providing the Service, relevant data may be transmitted, processed, and stored in Taiwan or on servers or infrastructure provided by third-party cloud service providers.

By using the Service, you acknowledge and agree to the above cross-border transfer, processing, and storage arrangement.

We will still adopt reasonable technical and organizational measures to protect data security.

9. Retention and Security

We adopt reasonable technical and organizational measures to protect data against unauthorized access, alteration, disclosure, or loss.

Certain identifier data in digital cards may be stored in encrypted form.

Data retention periods may vary depending on service purposes, technical operation needs, customer contractual requirements, legal compliance obligations, or dispute-handling needs.

10. User Rights and Contact Methods

In relation to data associated with the Service, you may:

  1. Request inquiry or explanation
  2. Delete digital cards through the functionality provided in the App
  3. Contact the customer organization to which you belong for other matters relating to specific user identifiers, customer-linked data, administrative settings, or other requests

If you have any questions regarding data processing, privacy matters, or this Policy, please contact:

11. Minors

The Service is not specifically designed for children. If minors use the Service, it is recommended that a parent, guardian, or affiliated organization assist them in understanding the relevant conditions and usage requirements.

12. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time in response to legal requirements, service changes, or operational needs. Any updated version will be posted on this page and become effective upon publication.