台新金控

Smart Services
Smart Services

Privacy Protection

Privacy Protection Policy and Management Mechanism

To maintain the security of personal information, Taishin has formulated regulations on the protection and management of personal information. Taishin has reviewed the appropriateness of these regulations in accordance with the law to ensure the legal collection and use of personal information of customers and employees. In addition to regularly checking the current status of personal data security maintenance and evaluating possible risks to personal data, Taishin also establishes appropriate management mechanisms based on the results of the risk assessment, and formulate contingency, notification, and prevention mechanisms to implement personal data protection and management measures for security incidents such as theft, alterations, damage, loss, or leakage of personal data.

Privacy Protection Measures

To enhance the ability to respond to personal data infringement incidents and raise the risk awareness of all employees, Taishin has formulated the "Personal Data Infringement Incident Management Standards" to effectively implement emergency response and handling. When a personal data infringement incident occurs, the supervisor shall immediately be notified supervisor and the risk assessment and classification of the incident must be completed within the time limit. Depending on the extent of the impact of the incident, an emergency response team shall be set up for the response, coordination, liaison, and investigation of the incident. Taishin adopts the principle of zero tolerance for personal privacy infringement

 

Also, in order to respect the customers’ rights to their personal data, Taishin’s subsidiaries have formulated “Operating Rules for Exercising the Rights of the Parties” based on their own business requirements, specify customers’ personal data’s inquiry, viewing, copying, supplement, correction, deletion and the right to stop collection, processing and use.

Personal Information Infringement reporting procedure (Taishin Bank example)

The handling of each level of incident and the reporting level

Incident Classification The level at which the incident is handled The time requirement for handling the incident The level at which the incident is reported
  • Level 1 (Note1)

  • Personal Information Protection Implementation Department

  • Must be handled within 2 days.

  • Supervisor of said department/Legal compliance unit

  • Level 2 (Note2)

  • Emergency Response Team

    • Shall complete the reporting within the deadline set by the Company's internal department.
    • The emergency response team shall draw up a response plan within 2 working days.
    • In accordance with the “Financial Supervisory Commission Designated Non-Government Agencies’ Personal Data File Safety Maintenance Measures”, report to the Financial Supervisory Commission within 72 hours for any major personal data incidents.
    • Presidant
    • Other parties to report to in accordance with internal regulations, include but not limited to Personal Data Protection Committee members, etc

Note 1: Level 1 incident: Less than 100 cases of security incidents such as theft, tampering, damage, loss, leakage, etc. of personal data or incidents that meet the definition of other internal regulations.
Note 2: Level 2 incident: More than 100 cases (inclusive) of major incidents such as theft, tampering, damage, loss, leakage of personal data which endanger the Company’s normal operations

To strengthen the awareness on personal protection and establish a corporate culture of respect for personal information, Taishin continues to promote education and training on personal information protection so that employees understand the requirements of relevant laws and regulations. Furthermore, allow employees fully understand the scope of responsibilities, mechanisms, procedures, and measures for personal information protection.

Training for Protection of Personal Information in 2023

Target Courses Coverage Rate (%) Completion Rate (%)
  • New recruits (to complete training within six months after coming onboard)
    • Online course on personal information protection
    • Compliance and behavior guidelines
  • 100
  • 100
  • General employees
    • Personal data protection special issue
    • Online course on personal information protection
    • Classroom course on personal information protection
  • 100
  • 100
  • Contact person for personal data (or delegate representative) for each division
    • Personal data violations response drills
    • Personal data inventory training
  • 100
  • 100
  • Contact person or emergency response team of personal data management for each division
    • Publicity of personal data protection cases/symposium for legal compliance supervisors
    • Publicity of laws and regulations and penalties
    • Personal information infringement response drills
  • 100
  • 100

Internal/External audit defects

Taishin FHC attaches great importance to the security of personal information protection. In 2023, Taishin Bank commissioned an accountant to conduct an audit of the implementation of personal data protection in accordance with the agreed procedures, and no major irregularities were found after the implementation of the agreed procedures.

 

To establish a comprehensive personal information management system, Taishin Life appointed SGS Taiwan on April 29, 2022 to perform the certification and was recommended by SGS Taiwan as an organization that meets the requirements of BS10012:2017 Personal Information Management System (PIMS). In 2023, we continued to pass the PIMS certification.

Grievance Mechanism of Personal Information

Taishin attaches great importance to the protection of personal information, and customers can raise questions or file complaints through different channels. If the results of an investigation confirm a violation of personal information, we will take disciplinary actions (e.g., downgrading of performance evaluation, withholding of bonuses, and internal penalties). We shall also propose specific system and process improvements to address the root cause of the complaint and avoid the recurrence of similar situations. The cases are compiled and submitted to the Fair Customer Treatment and Consumption Review Committee and the Board of Directors each quarter. The management department unit shall continue to monitor improvements to ensure implementation.

Questionaire

Questionaire

You are invited to fill in the questionnaire to assist us realizing the CSR fulfillment.

您正在離開本站!

您現在欲前往的網站並非搜尋結果台新金融控股股份有限公司有限公司(本公司)所有,而是各由其所屬之第三人所有、操縱及控制。 本站對第三人所有之網站亦無任何操縱或控制的權限。 本站上之網路指示連結功能僅為提供您的便利而設。本站及本公司對該第三人所有之網站上的內容品質、效力、正確性、完整性、即時性、適法性,及該網站上之任何言論或聯結不負任何責任。 本站及本公司亦無調查、監視第三人所有的網站上的內容之品質、效力、正確性、完整性、即時性、適法性的義務。本站上之網路指示連結功能無論於任何情形下,不能解釋成為對任何第三人網站的保證、背書、推薦或相類的聲明。 本站及本公司特於此明確宣示對於任何第三人所有網站之內容的品質、效力、正確性、完整性、即時性及適法性不負任何明示或默示的擔保責任。

即將前往的網址 : https://www.taishinholdings.com.tw/news/news_04.jsp?newspage=01&readYear=2020&rowid=24441

公告

台新金控與新光金控合併案,業經金融監督管理委員會核准,並已訂定114年7月24日為合併基準日。合併後,台新金控為存續公司(合併後更名為「台新新光金控」)、新光金控為消滅公司。台新金控將以「客戶權益」為優先,兩家金控合併後,所有台新金控旗下子公司客戶的往來的權益及一切權利義務不變,不會因本合併案而受到任何影響,客戶無需做任何變更申請,敬請放心。若您有任何疑問,歡迎洽詢您的業務代表或撥打以下客服專線: 台新銀行: (02)2655-3355、台新證券: (02)4050-9799、台新人壽: (02)2171-1132、台新投信: (02)2501-3838,我們將竭誠為您服務。再度感謝您的長期支持,更期待您未來繼續惠予指導。

很抱歉,您目前使用的瀏覽器無法支援瀏覽。

建議您升級瀏覽器,以利瀏覽此網站的所有內容,謝謝您的配合。

© 台新金融控股股份有限公司版權所有

建議瀏覽器:IE10+, Chrome, Safari, Firefox