Personal Data Protection Policy and Implementation
- Privacy Protection Commitment and Management Framework
- Scope and Responsibilities
- Personal Data Protection Principles
- 2025 Implementation result
Our Company places the highest priority on privacy protection. We have established the “Personal Data Protection and Management Regulations” and developed a robust data governance system. By defining data standards and classifications, we implement rigorous access control and data owner review mechanisms to ensure the Availability, Integrity, and Confidentiality of all information.
The scope of this policy extends to all branches, operating sites, and subsidiaries of the Company, as well as relevant customers and suppliers. For different categories of persons, the Company has designated dedicated departments to manage and ensure that the collection, processing, and use of personal data strictly comply with legal and regulatory requirements:
We commit that all personal data involved in our operations will be used strictly within the authorized scope and in compliance with regulations. We should not provide, rent, or disclose personal data to any unauthorized third party in any form. All data processing follows the Company’s internal standard operating procedures (SOPs), as we are dedicated to upholding the rights of persons.
To strengthen corporate governance and enhance the cybersecurity awareness of all employees, the Company conducts training sessions periodically. The details for 2025 are as follows:
Total Training Hours: 313 hours.
Target Audience: New employees.
Data Breach Incidents: There were zero reported incidents or complaints regarding the leakage, loss, or theft of customer or employee personal data during the year.