Privacy and Security

TOP

● Privacy Policy

SinoPac Holdings established the "Customer Information Confidentiality Measures" and disclosed them on the company website to protect customers' personal data and privacy. The Company announced the methods for the collection, scope, and use of customers' personal information, and the information security and retention methods. SinoPac Holdings also established the "Personal Data Protection Policy and Archive Maintenance Measures" to implement regulations for the use of personal data. The “Supplier Corporate Social Responsibility Code of Conduct” established by SinoPac Holdings also requires third-party suppliers to reasonably protect business information and personal data to ensure that the Company and individual privacy are not damaged due to data leaks.

● Privacy Incident Escalation Process

According to SinoPac Holdings' Personal Data Protection Policy and Archive Maintenance Measures, in the event of a suspected leak of customer private data, hacker attack on customers' personal data, or other privacy incidents, the designated person or department responsible for privacy issues shall immediately process the incident in accordance with the Emergency Response Rules and report to the Convener and Executive Secretary of the Personal Data Protection and Management Task Force. They shall report the response measures and solutions (including the methods adopted for limiting damages to the party, notifying the party after the incident is investigated, and the contents of the notification to the party after the incident is investigated) within 2 days. The “Employee Rewards and Punishment Regulation” of SinoPac Holdings and its subsidiaries also specify the disciplinary actions in case of breach. If an employee commits a breach of customers' private data and damages the interests of the company, the unit supervisor shall submit a list of personnel to be penalized to the Human Resources Department, and the results shall be submitted to the authorized supervisor for approval in accordance with the tiered internal accountability regulations.

● Privacy Issues Reporting Channels