哈啦Money 記帳 — 隱私權政策

最後更新：2026 年 6 月 11 日

哈啦Money 記帳（以下簡稱「哈啦Money」或「本服務」）重視您的隱私。本政策說明我們在您使用哈啦Money 行動應用程式及相關服務時，蒐集哪些資料、如何使用與保護這些資料，以及您可行使的權利。

一、我們蒐集的資料

1. 帳號資料
   您註冊時提供的電子郵件或手機號碼、暱稱與密碼。密碼一律以單向雜湊（bcrypt）儲存，我們無法讀取您的原始密碼。
2. 第三方登入（Google / Apple）
   您選擇以 Google 或 Apple 帳號登入時，我們自該平台取得您的帳號識別碼、姓名與電子郵件（Apple 可選擇隱藏真實信箱），用於建立與識別您的會員帳號。我們不會取得您的第三方帳號密碼，也不會存取該帳號的其他資料。
3. 記帳與財務資料
   您在本服務中建立的消費與收入紀錄、預算、分類、標籤、定期交易、發票資訊等。這些資料儲存於我們的雲端伺服器，以提供跨裝置同步、報表統計與資料備份。
4. 電子發票掃描與匯入（相機權限）
   您使用發票掃描功能時，本應用程式會請求相機權限，即時辨識發票上的 QR Code 內容並轉為記帳資料；辨識過程不會保存照片或影像。您匯入財政部電子發票平台的消費彙整檔（CSV）或設定手機條碼時，相關發票明細僅用於建立您的記帳紀錄與分類。
5. 語音記帳（麥克風權限）
   您使用語音記帳時，本應用程式會請求麥克風權限。語音內容由您裝置作業系統提供的語音辨識服務（Apple／Google）轉換為文字後，僅將辨識出的文字用於建立記帳紀錄；我們不會儲存您的錄音檔。
6. 裝置與推播資訊
   為提供推播通知（如分享帳本邀請），我們會記錄您裝置的推播識別碼（FCM token）與基本裝置屬性。
7. 匿名統計（群眾比較）
   「群眾比較」報表使用去識別化、彙總後的消費統計。您可於應用程式設定中關閉「貢獻匿名統計」，關閉後您的資料不會納入任何彙總統計。

二、資料的使用目的

1. 提供記帳、雲端同步、報表分析、預算管理、分享帳本等核心功能。
2. 提供消費分類建議（依據您的記帳內容進行規則與模型比對）。
3. 傳送與服務直接相關的通知（如分享邀請、訂閱狀態）。
4. 客戶服務、問題排查與服務改善。

個人資料蒐集之類別包含：C001 辨識個人者、C073 安全細節、C093 財務交易。蒐集、處理及利用悉依中華民國個人資料保護法辦理。

三、訂閱與付款

1. 進階（Premium）訂閱之付款由 Apple App Store 或 Google Play 平台處理；我們不會取得、也不會儲存您的信用卡或付款帳戶資訊。
2. 我們僅接收平台提供的收據與訂閱狀態資訊，用於確認您的訂閱權益。
3. 自動續訂之管理與取消，請於 Apple ID 或 Google Play 帳戶的訂閱設定中操作；續訂將於當期到期前依平台規則自動扣款。

四、資料的分享

1. 我們不會出售您的個人資料。
2. 分享帳本：您主動啟用分享功能時，您指定的對象可依您授權的範圍檢視您的記帳資料；您可隨時停止分享。
3. 基礎設施服務商：本服務託管於 Amazon Web Services（AWS）雲端基礎設施；資料傳輸全程以 TLS 加密。
4. 依法揭露：於法律要求或政府機關依法定程序請求時，我們可能揭露必要之資料。
5. 本應用程式目前不顯示第三方廣告，亦不向廣告商提供您的個人資料；若未來導入廣告服務，我們將先更新本政策並明確標示。

五、資料安全

1. 密碼以 bcrypt 單向雜湊儲存；連線一律使用 TLS 加密。
2. 應用程式提供生物辨識／密碼鎖定（App Lock）選項，防止裝置上的未授權存取。
3. 雖然我們採取合理之技術與組織措施保護您的資料，但任何網路傳輸或儲存方式均無法保證絕對安全；若發生重大資料事故，我們將依法通知您。

六、資料保存與刪除

1. 您的資料於帳號存續期間保存，以提供持續的記帳與同步服務。
2. 您可依個人資料保護法第三條行使下列權利：查詢或請求閱覽、請求製給複製本、請求補充或更正、請求停止蒐集處理或利用、請求刪除。
3. 行使方式：透過應用程式內之問題回報功能，或來信 halamoney.tw@gmail.com。我們將於合理期間內處理您的請求。
4. 您可自行選擇是否提供資料；惟部分功能（如雲端同步、分享帳本）須以必要資料之提供為前提，不提供時該等功能將無法使用。

七、未成年人

若您未滿十八歲，應由您的家長（或監護人）閱讀、瞭解並同意本政策之所有內容後，方得使用本服務。

八、政策變更

我們可能不時修訂本政策。重大變更時，我們將於本頁面或應用程式內公告。您於變更後繼續使用本服務，視為您已閱讀、瞭解並同意修訂後之內容。

九、聯絡我們

對本政策有任何疑問或建議，請來信：halamoney.tw@gmail.com

HalaMoney — Privacy Policy

Last updated: June 11, 2026

HalaMoney ("HalaMoney", "the Service") values your privacy. This policy explains what data we collect when you use the HalaMoney mobile application and related services, how we use and protect that data, and the rights you may exercise.

1. Data We Collect

1. Account data
   The email address or phone number, nickname, and password you provide at registration. Passwords are stored only as one-way hashes (bcrypt); we cannot read your original password.
2. Third-party sign-in (Google / Apple)
   When you sign in with a Google or Apple account, we receive your account identifier, name, and email from that platform (Apple lets you hide your real address) to create and identify your member account. We never receive your third-party account password and do not access any other data in that account.
3. Bookkeeping and financial data
   The expense and income records, budgets, categories, tags, recurring transactions, and invoice information you create in the Service. This data is stored on our cloud servers to provide cross-device sync, reports, and backup.
4. E-invoice scanning and import (camera permission)
   When you use invoice scanning, the app requests camera access to read the QR codes on Taiwan uniform invoices in real time and convert them into expense records; no photos or video are saved during recognition. When you import a consumption summary file (CSV) from the Ministry of Finance e-invoice platform or set up a carrier barcode, the invoice details are used only to create your expense records and categorization.
5. Voice entry (microphone permission)
   When you use voice entry, the app requests microphone access. Your speech is converted to text by the speech-recognition service provided by your device's operating system (Apple/Google); only the recognized text is used to create the expense record. We do not store your audio recordings.
6. Device and push information
   To deliver push notifications (such as shared-ledger invitations), we record your device's push identifier (FCM token) and basic device attributes.
7. Anonymous statistics (peer comparison)
   The "peer comparison" report uses de-identified, aggregated spending statistics. You can turn off "contribute anonymous statistics" in the app settings; once off, your data is excluded from all aggregated statistics.

2. How We Use Data

1. To provide the core features: bookkeeping, cloud sync, reports and analysis, budget management, and shared ledgers.
2. To suggest expense categories (by matching your entries against rules and models).
3. To send notifications directly related to the Service (such as sharing invitations and subscription status).
4. For customer support, troubleshooting, and service improvement.

The categories of personal data collected include: C001 identifiers, C073 security details, and C093 financial transactions. Collection, processing, and use comply with the Personal Data Protection Act of the Republic of China (Taiwan).

3. Subscriptions and Payment

1. Payment for Premium subscriptions is handled by the Apple App Store or Google Play; we never receive or store your credit-card or payment-account details.
2. We receive only the receipt and subscription-status information provided by the platform, used to confirm your subscription entitlements.
3. To manage or cancel auto-renewal, use the subscription settings of your Apple ID or Google Play account; renewals are charged automatically per platform rules before each period ends.

4. Data Sharing

1. We do not sell your personal data.
2. Shared ledgers: when you actively enable sharing, the people you designate can view your records within the scope you authorize; you can stop sharing at any time.
3. Infrastructure providers: the Service is hosted on Amazon Web Services (AWS); all data in transit is encrypted with TLS.
4. Legal disclosure: we may disclose necessary data when required by law or upon a lawful request by government authorities.
5. The app currently displays no third-party advertising and provides no personal data to advertisers; if advertising is introduced in the future, we will update this policy and label it clearly first.

5. Data Security

1. Passwords are stored as bcrypt one-way hashes; all connections use TLS encryption.
2. The app offers biometric / passcode lock (App Lock) to prevent unauthorized access on your device.
3. While we take reasonable technical and organizational measures to protect your data, no method of transmission or storage is absolutely secure; in the event of a major data incident we will notify you as required by law.

6. Data Retention and Deletion

1. Your data is retained for as long as your account exists, to provide continuous bookkeeping and sync.
2. Under Article 3 of the Personal Data Protection Act you may: inquire about or request to review your data, request a copy, request supplementation or correction, request that collection, processing, or use be stopped, and request deletion.
3. To exercise these rights, use the in-app issue-report feature or email halamoney.tw@gmail.com. We will handle your request within a reasonable period.
4. Providing data is your choice; however, certain features (such as cloud sync and shared ledgers) require the necessary data and will be unavailable without it.

7. Minors

If you are under eighteen, you may use the Service only after your parent (or guardian) has read, understood, and agreed to all the contents of this policy.

8. Changes to This Policy

We may revise this policy from time to time. For material changes we will post an announcement on this page or in the app. Your continued use of the Service after a change means you have read, understood, and agreed to the revised contents.

9. Contact Us

For any questions or suggestions about this policy, email halamoney.tw@gmail.com.