I. Purpose of the Policy

Chipbond Technology Corporation ( hereinafter referred to as "the Company" ) values your privacy and the protection of personal data. In accordance with the Personal Data Protection Act and other applicable regulations, the Company has established this "Privacy and Personal Data Protection Policy" ( hereinafter referred to as "this Policy" ).
The Company is committed to collecting, processing, and using personal data in compliance with legal, fair, and transparent principles. With the protection of personal data as a primary premise, the Company has established and implemented a reasonable and necessary personal data protection management system to ensure that personal data is used appropriately and within its intended purposes while safeguarding the rights and interests of stakeholders. Furthermore, the Company regards personal data protection as a key component of corporate social responsibility and sustainable governance and is dedicated to creating a trustworthy and secure information environment.

 

II. Scope of Application

This Policy applies to all individuals who interact with the Company, including but not limited to customers, business partners, employees, job applicants, website visitors, and participants in various activities organized by the Company.
If any specific privacy notice applies to a particular service of the Company, the provisions of that specific notice shall take precedence over this Policy.

 

III. Collection and Processing of Personal Data

  1. Legal Basis: The collection, processing, and use of personal data are conducted in accordance with the Personal Data Protection Act and other applicable laws and regulations.
  2. Purpose of Collection: Personal data is collected, processed, and used to the extent necessary for providing products or services, marketing, fulfilling contractual obligations, communication, website maintenance, recruitment, human resources management, safety and security management, business operations, or compliance with legal obligations.
  3. Methods of Collection: The Company may collect personal data through online registration, paper forms, questionnaires, event registration, submission of resumes, customer service, emails, or other interaction methods.
  4. Categories of Data Collected: The personal data collected may include, but is not limited to, names, contact information (such as telephone numbers, email addresses, and mailing addresses), identification information, job titles, service or employment records, health-related information, transaction records, device usage information, social activity records, or other information capable of directly or indirectly identifying an individual.
  5. Data Processing: "Processing"  refers to any act of recording, inputting, storing, editing, correcting, copying, retrieving, deleting, exporting, linking, transmitting internally, or performing other reasonably necessary operations on personal data to establish or utilize personal data files.

 

IV. Use of Personal Data

  1. Retention Period: Personal data shall be retained from the date of collection until the purpose of collection ceases or until the expiration of legally mandated retention periods. The Company may, within a reasonable scope, extend the retention and use of personal data as necessary to fulfill contractual obligations, perform business operations, or comply with legal requirements.
  2. Geographical Scope: Within the territory of the Republic of China (Taiwan) and in regions where cross-border data transfer is conducted as required by law or business needs.
  3. Recipients of Data: The Company, its corporate group, affiliates, outsourced service providers, business partners, and any government authorities legally authorized to access such data.
  4. Methods of Use: Data may be collected, processed, used, stored, analyzed, or transmitted through automated or non-automated means as necessary to achieve the intended purposes.

 

V. Principles for Data Protection, Sharing, and Disclosure

  1. The collection, processing, or use of personal data shall respect the rights of the Data Subject, and shall not exceed the scope necessary to achieve the specified purpose. Such use shall maintain a legitimate and reasonable connection to the purpose for which the data was collected.
  2. The Company shall adopt reasonable and necessary technical and organizational measures to prevent unauthorized access, alteration, disclosure, loss, or destruction of personal data. Such technical and organizational measures include, but are not limited to, access control, data encryption, employee training, and internal audit procedures.
  3. Except with the consent of the Data Subject or as required by law, the Company shall not disclose personal data to any third party unrelated to the Company's business purposes. By providing data to the Company, the Data Subject shall be deemed to have consented to the Company's use of that data. However, should the Data Subject refuse to provide such data, or if the data provided is determined to be incomplete or inaccurate, the Company may consequently be unable to provide relevant services or process subsequent related matters.
  4. Where cross-border data transfers are necessary for business operations, the Company shall comply with applicable laws and adopt appropriate safeguards to protect the rights and interests of Data Subjects.

 

VI. Rights of Data Subjects

In accordance with Article 3 of the Personal Data Protection Act, data subjects may exercise the following rights with respect to their personal data:

  1. Request to access or review personal data;
  2. Request copies of personal data;
  3. Request supplementation or correction of personal data;
  4. Request cessation of collection, processing, or use;
  5. Request deletion of personal data.
    To exercise these rights, please contact the Company's dedicated personal data protection contact provided below. The Company will process your request within the statutory timeframe, except where refusal is permitted by law.

 

VII. Cookies and Tracking Technologies

To provide optimal services, the Company's website may use cookies or similar technologies. Users may configure their browsers to refuse or delete cookies; however, some website functions may not operate properly as a result.

 

VIII. Policy Updates and Announcement

The Company may update this Policy from time to time as required by law or business needs. In the event of significant changes, the Company will notify stakeholders through website announcements or other appropriate channels. The latest version of this Policy will always be available on the Company's official website.

 

IX. Contact Information

For any questions, suggestions, or to exercise your rights under this Policy, please contact:
CHIPBOND Technology Corporation
Sustainable Development Division
ESG@chipbond.com.tw