No Support JavaScript

Ministry of Finance, R.O.C.
Laws and Regulations Retrieving System

Print Time:113.12.31 01:24
 PDF  Print

Content

Title: Guidelines on the Use of the E-Invoice API Ch
Date: 2024.05.22
Legislative: 1.Promulgated by the Financial Data Center ,Ministry of Finance on April 19, 2012.
2.Amended by the Ministry of Finance on March 22, 2016, under Decree No.1050000744.
3.Amended by the Ministry of Finance on March 30, 2023, under Decree No.1120000011, with the title taking effect from March 31, 2023.
4.Amended by the Ministry of Finance on May 22, 2024, under Decree No.1130001345, with Article 3 and 5 taking effect from July 1, 2024.
Content: I. In order to ensure the Developer has consistent criteria to use the E-Invoice application interface provided by the E-Invoice Platform of the Ministry of Finance (the “E-Invoice Platform”) to develop software products to provide E-Invoice services to product users, these Guidelines are specially formulated.
   
II. The authorized use, application review, and other related matters of the E-Invoice Application Programming Interface set forth in the Guidelines shall be coordinately handled by the Fiscal Information Agency of the Ministry of Finance (hereinafter referred to as the “FIA”).

III. The terms used in the Guidelines are defined as follows:
    (I) E-Invoice Application Programming Interface (“API”): The program that links to the interface provided by the E-Invoice Platform for the use of E-Invoice Services and query E-Invoice data, including the function or application service used to exchange information, and other application programming interfaces approved by the FIA. However, when the purchaser is a business entity, institution, or group, only the alphanumeric code numbers and actual date of E-Invoice will be returned.
    (II) Software Products: The software products the Developer designs and develops by the use of API.
    (III) Value-Added Derivative Works: The derivative works designed and developed by the use of Software Products and applies to the E-Invoice service or other service.
    (IV) Product Users: Those who use the Software Products developed by Developer.
    (V) Developer: The business entity, organization, or government agency that uses API to design and develop Software Products to provide Product Users with E-Invoice Services.
    (VI) E-Invoice Services: Query, display, or download of Product Users’ E-Invoice data and uniform invoice lottery prizes winning information, including the services for necessarily and legally displaying query results, cloud donation of E-Invoice, and carrier consolidation. However, when the purchaser is a business entity, institution, or group, E-Invoice only provides services for querying, displaying, or downloading alphanumeric code numbers and actual date of E-Invoice.

IV. The method for authorizing the uses are as follows:
    (I) The Developer shall apply for the use of the API in accordance with the written or online application form provided by the FIA, and after examination and approval, the FIA will provide a set of application ID (App ID) and application programming interface key (API Key) as the proof of API use. The Developer shall keep the App ID and API Key in a safe place and maintain proper control, and shall not provide them to a third party.
    (II) The Developer shall provide supporting documents, contact information, and other information required for API application in accordance with the content of the application form, and all information provided shall be true, correct, and complete, and the Developer shall have sufficient right and authority to perform and comply with the Guidelines.
    (III) The Developer who files the application in accordance with the preceding two Subparagraphs will be deemed as having read, understood, and agreed to accept the Guidelines, including the API specifications and content of application form provided by the FIA. If the Developer’s Software Products or Value-Added Derivative Works continue using the API after any amendment or change of the Guidelines, it will be deemed that the Developer has read, understood, and agreed to accept such amendment or change. The Guidelines shall apply to the updated version of the Developer’s Software Product or Value-added Derivative Work. If the Developer does not agree to the Guidelines, they shall stop using API immediately.
    (IV) All rights not expressly granted to the Developer are reserved for the FIA.
    (V) The right authorized by the FIA to the Developer for use of the API in Developer’s Software Products is non-exclusive and the scope of the authorization is for Product Users’ use of E-Invoice Services. The Developer may display the API usage or query result on Developer’s Software Product and provide Product Users separately or combine it with the information content uploaded or posted by Product Users.
    (VI) If the single IP address (IP) or application account (App ID) of the Developer’s Software Product has been connected more than a certain number of times within a certain period, the FIA will conduct traffic control and the specific details will be announced on the E-Invoice Platform.              
    (VII) If the Developer’s application has been approved, the authorization period for use should be no more than three years, and the Developer may apply to the FIA for re-examination between two months and six months prior to the expiration of the authorization period. If the re-examination is approved, the new authorization period shall be counted from the day following the expiration of the previous authorization period. If the re-examination is not approved or the application for re-examination is not made in accordance with the regulations, the FIA will stop providing API and related information upon the expiration of the authorization period.
    (VIII) If the Software Products developed by the Developer cannot be connected to the API due to force majeure factors such as the revision of the API, electronic circuit or equipment failure, repair, maintenance, power outage or other natural disasters, etc., the FIA shall not be responsible for any authorization and compensation. The FIA may announce relevant information on the E-Invoice Platform if appropriate.
    (IX) The FIA may amend the specific items and contents of the API authorization method, and the relevant information may be announced on the E-Invoice Platform or notified to the Developer individually, and the Developer shall always pay attention to and cooperate with the amendment.
    The Developer who has been approved by the FIA before the effective date of the amendment of the Guidelines on March 31, 2023, shall apply for re-examination within two years from the effective date of the amendment. If the application is not approved or if the Developer does not apply for re-examination in accordance with the deadline, the FIA will stop providing API and related information after the application deadline.
    For cases that have been applied before the effective date of the amendment of the Guidelines on March 31, 2023, but have not yet been approved by the FIA, the amendment shall apply.

V. The Developer should abide by the following matters:
    (I) The Developer shall not infringe the privacy, trade secrets or other rights of others when using the API to provide Product Users with E-Invoice Services or obtain Product Users’ consent again in accordance with the provisions of Subparagraph 3 for the use outside the scope of services, and shall not violate Article 33 of the Tax Collection Act, the Personal Data Protection Act, the Trade Secrets Act, or other relevant laws and regulations as well as public policy or morals, mislead the public, obstruct or interfere with third parties, infringe on the interests of the FIA, or otherwise act improperly.
    (II) The Developer shall obtain the Product Users’ consent to provide E-Invoice Services to Product Users through the Software Products developed by the Developer. The Developer shall also ensure that the information provided to the E-Invoice Platform or the execution of Software Products and Value-Added Derivative Works functions on behalf of Product Users has obtained Product Users’ consent or the necessary right to use the data, and shall provide Product Users with the necessary right to request the cessation of use or utilization, or deletion of their E-Invoice data, usage records, and related information.
    (III) After providing the specify data to Product Users, if the Developer wants to collect and store any E-Invoice data, usage records, and related information of Product Users for use outside the scope of the E-Invoice Services, the Developer shall inform Product Users of the purpose, scope of collection and use, categories, periods of use, areas of use, targets of use, and methods of use, the laws and regulations involved, the impact of their consent on the rights, and their right to exercise Article 3 of the Personal Data Protection Act; and obtain Product Users’ consent again, and shall retain the E-Invoice data storage and usage traces for at least six months and avoid the use, access, publication, or sharing of the former information by third parties.
    (IV) When providing services for Software Products and Value-Added Derivative Works, the Developer shall specify the scope of authorization of Product Users and shall comply with the relevant provisions of the Personal Data Protection Act, and shall clearly inform Product Users of matters to be informed of the provisions of preceding Subparagraph.
    (V) The Developer shall obtain the Product Users’ consent in accordance with the provisions of this Point, and shall reobtain it every six months with track records preserved.
    (VI) If Software Products are designed and developed by the Developer and with the function for the Product Users to query E-Invoice data, the Developer should also provide cloud donation of E-Invoice function, and should conceal the last three alphanumeric code numbers of the donated cloud E-Invoice character track number.
    (VII) When the Developer publicly releases, displays, or uses Software Products and Value-Added Derivative Works produced by API, they shall indicate the scope of the FIA authorization in an appropriate manner.
    (VIII) The Developer’s utilization of Software Products or Value-Added Derivative Works shall take necessary protective measures on their own and must update them regularly to repair or prevent security loopholes, and should declare in an appropriate manner that the FIA is not responsible for the appropriateness, dependability, timeliness, validity, and integrity of the use of the API.
    (IX) The Developer shall provide the FIA with the relevant research or statistical results on the use of the API for reference at no cost.
    (X) The Developer shall notify the FIA of any changes in the purpose of use or version of Software Products. If the Developer has any other suggestions on the API and related information provided by the FIA, they may also provide said information to the FIA at the same time.

VI. The Developer’s information security system shall comply with CNS27001 national standard or ISO27001 international standard, the scope of which shall include all information technology business activities using API’s software products and value-added derivative works, and shall include these Guidelines, Article 33 of the Tax Collection Act, the Personal Data Protection Act, and the Trade Secrets Act in the compliance list. The related operation processes shall include the following while the Developer may add additional operational processes as necessary. However, the following are not subject to the Developer who is a government agency or authority (institution) affiliated with the Ministry of Finance to disburse cash awards for winning numbers of the uniform invoice and its information and communication security responsibility level is C or above in accordance with the Regulations on Classification of Cyber Security Responsibility Levels:
    (I)  The process of Product Users’ registration and cancellation.
    (II) The assistance to Product Users in the process of transmitting query requirements and displaying query results shall comply with the Guidelines. If E-Invoice data must be temporarily stored, the period of temporary storage shall not exceed the deadline for claiming the uniform invoice lottery prizes.
    (III)  E-Invoice data shall not be collected and stored for use outside the scope of E-Invoice Services before it has been provided to Product Users and reobtaining Product Users’ consent.
    (IV)  The operational procedure to preserve the track records of Product Users’ consent in accordance with the preceding point and the E-Invoice data storage and use.
    The Developer shall maintain the validity of the aforementioned verification and take the duty of care of the E-Invoice data transmitted by it.

VII. The rights are belonging as follows:
    (I) The intellectual property rights or other rights of the content provided by the FIA or Product Users obtained by the Developer through the Software Products or the Value-Added Derivative Works shall belong to the FIA or Product Users. Except for the use in accordance with the Guidelines, the Developer shall not arbitrarily reproduce, modify, edit, distribute, or transfer the content without the consent of the FIA or Product Users, nor shall the Developer cause a third party to do so.
    (II)  The use of API and related information provided by the FIA shall be restricted for use by the Developer only, and its use shall not infringe upon the intellectual property rights, trade secrets or other rights of the FIA or third parties.
       
VIII. The registration and other specific information of the Developer shall be handled in accordance with the privacy and website security policy of E-Invoice Platform.

IX. Limitation and exclusion of liability are as follows:
    (I)  If the Developer violates these Guidelines and results in the infringement of the rights and interests of the FIA, they shall be liable for compensation to the FIA.
    (II) If the Developer suffers damage or loss due to the use or inability to use the API, or if the Software Products or Value-Added Derivative Works provided by the Developer cause damage or loss to Product Users or third parties and compensation is claimed by Product Users or third parties, the FIA shall not be liable for any compensation or indemnity.
    (III)  If the Software Products or Value-Added Derivative Works provided by the Developer violates Article 33 of the Tax Collection Act, Personal Data Protection Act, the Trade Secrets Act, or other laws, the Developer shall bear legal responsibility in accordance with the provisions of those laws.
       
X.  The Developer may stop using the API and related information provided by the FIA on their own, and shall inform the FIA in writing.
    If the Developer is determined by the competent tax authority as a temporary suspension business entity, the FIA will cease their use of API until it has reported its resumption of business in accordance with Article 31 of the Value-added and Non-Value-added Business Tax Act and has been approved by the competent tax authority, and must reobtain the Product Users’ consent before it can continue to provide Product Users with E-Invoice services.
    The FIA may terminate the provision of API at any time under any of the following circumstances and the Developer shall not seek any compensation or indemnity from the FIA for such termination:
    (I) The Developer does not comply with or violates the provisions of the Guidelines.
    (II)  The Developer uses improper methods to obtain or fraudulently claims the uniform invoice lottery prizes during the authorization period, and has been prosecuted by District Prosecutors Office.
    (III)  The taxation registration of the Developer is recognized by the competent tax authority as a business entity or organization that is in arbitrary suspension of operation or not in normal operation.
    (IV) The Developer is a business entity or organization that has applied for cancellation of taxation registration and has been approved by the competent tax authority.
    (V) The Developer is a government agency (institution) and has been adjusted, merged, dissolved, or abolished, in accordance with the organization acts of the government agency with which it belongs.
    (VI) The Developer improperly accesses the E-Invoice Platform website or other improper behaviors.
    (VII) For reasons of policy change or other proper causes, the FIA considers that the provision of the API to the Developer for use is no longer in the public interest.
    The occurrence of the preceding Subparagraph shall not affect the rights and obligations that existed prior to the termination.
    In accordance with the provisions of Subparagraphs 4 and 5, Paragraph 3, if a merger is handled by way of absorption or new establishment, the business entity, organization, or government agency (institution) that has been abolished as a result of the merger shall be terminated from providing API by the FIA, and the surviving or new establishing business entity, organization, or government agency after the merger shall apply for API again.

XI. In the event of the latter part of Subparagraph 7, Paragraph 1, Point 4; Paragraph 2, Point 4; and Paragraph 1 and Paragraph 3, Point 10; the Developer shall delete or destroy the Software Products designed and developed by the Developer and their Value-Added Derivative Works for Product Users to use the programs of E-Invoice Services, including the functions generated by the use of API for the exchange of information or application services and the E-Invoice data, carrier data of Product Users. The Software Products and their Value-Added Derivative Works are designed and developed for Product Users to use E-Invoice Services. Identifiable information generated for use outside the scope of the E-Invoice Services after the Product Users have consented again shall not be distributed, reproduced, or used in any other way, and the Product Users shall be notified in an appropriate manner.
Data Source:Ministry of Finance, R.O.C. Laws and Regulations Retrieving System