跳到主要內容區塊

Hamastar co. Website

Regarding Hamastar

Art editor Img

Privacy Policy Statement

I、Purpose

HamaStar Technology Co., Ltd. (hereinafter referred to as the company) to regulate the collection, processing, and utilization of personal data, promote the rational use of personal data, and demonstrate its determination to protect personal data and privacy. Hereby establishes personal data with the highest guidelines for privacy protection management, to establish safe and reliable information services, and to ensure that the company's business operations comply with the requirements of relevant laws and regulations, maintain continuous business operations, reduce the risk of improper disclosure of personal data. To protect relevant personnel rights and interests of the company to ensure that the company implements personal data protection and information security, maintains the company’s reputation, and provides sustainable services.

 

II、Goal

(I). When the company performs external business and internal administrative operations, the collection, processing, and use of personal data must comply with confidentiality, integrity, and availability, to minimize the probability of incidents that endanger data protection.

(II).  Establish the company's standard operating procedures related to personal data protection to avoid human errors and accidents and strengthen the safety awareness of all the company's personnel (including sales and administrative personnel, the same below) for personal data protection.

(III).  Protect the personal data managed by the company, prevent improper or illegal use of human intentions, and reduce the risk of intrusion and destruction by hackers, viruses, etc.

 

III、Participation and scope of application

The scope of this application’s statement is the collection, processing and utilization of personal data involved in the execution of business, internal administrative operations, or outsourced projects by all personnel of the company or outsourced personnel.

 

IV、Collection, processing, and utilization of personal data

(I).  The personal data collected by the company for the execution of business, internal administrative operations, or outsourcing projects, etc., unless otherwise provided by law or with the consent of the parties to share personal data, all personal data collection operations and specific purposes are legitimate and reasonable Associated. And engage in the processing of personal data appropriately, relevant, not excessively, and fairly and legally.

(II).  The company can only use it for specific purposes under the following circumstances:

A. The law expressly stipulates.

B. Necessary for the promotion of public interest.

C. To avoid danger to the person's life, body, freedom, or property.

D. To prevent major harm to the rights and interests of others.

E. public bodies or academic research institutions based on a common interest for statistical or academic research, and the information was over after treatment provider or gathering held liable under way to expose it impossible to identify the specific parties.

F. With the consent of the parties.

G. Conducive to the rights and interests of the parties.

 

V、Protection of personal data

(I).  The company has established a personal data protection organization to clearly define the responsibilities and obligations of relevant personnel and established a personal data management system.

(II).  The company considers the requirements of the Personal Data Protection Law and relevant laws and regulations, conducts regular risk assessment of personal data, and adopts appropriate security measures to fulfill its responsibility for the good protection of personal data.

(III).  The company is obliged to keep confidential the personal data owned by its business, unless the parties request access or the following circumstances:

A. Judicial agencies, supervisory agencies, or police agencies need to investigate crimes or investigate evidence.

B. It is necessary for the company's target business competent authority to conduct business inspections for business purposes.

C. Other government agencies need to perform public powers and have legitimate reasons.

D. Agency (institutions) related to the safety of public life are needed for emergency rescue.

(IV). When granting personal data access rights, the company only opens the minimum rights required by the business, implements the division of rights, responsibilities and the independence review.

(V). When the specific purpose of personal data collection disappears or the retention period expires, the company will take the initiative or at the request of the party to delete, stop processing or use the relevant personal data. However, it is not limited to those who are required to perform legal duties or business or have written consent from the parties concerned.

(VI). The company regularly conducts personal data protection publicity education and training every year to enhance the safety awareness of personal data protection of all personnel.

(VII). If there is a personal information incident that violates the Personal Data Protection Law or related regulations, the company will immediately make an emergency report, change the job and deal with punishment in accordance with relevant laws and regulations and the company's personnel rules.

 

VI、Rights of the parties

According to the Personal Data Protection Law and relevant regulatory requirements, the company provides the parties with the following rights in respect of their personal data:

(I).  Inquiry or request to read.

(II).  Request a copy.

(III).  Request supplements or corrections.

(IV).  Request to stop collection, processing, or utilization.

(V).  Request deletion.

However, if the company is required to perform legal duties or business, the company may refuse. In addition, if the above-mentioned rights are enforced, the relevant rights and interests of the parties may be affected.

 

VII、Personal data protection contacts channel

The contact information of the company's personal data protection business public operations is detailed on the company's global information network/personal data management policy webpage.

 

VIII、Reference:

(I).  Personal Data Protection Law.

(II).  Implementation rules of the Personal Data Protection Law.