Mobile Button

Protecting Privacy

Acer understands the importance of the protection of personal information and privacy to our clients. As such, we consider our policies on personal information protection and privacy to be a priority. All Acer employees must carefully protect confidential or proprietary information provided by customers, and our products use data security technology. However, both technology and the risk of hacking or intrusion into systems are always changing, and so in addition to constantly reviewing the necessity for collecting Acer’s Privacy Protection Measures customer information and strengthening information security protection measures, the Company also distributes risk through information security protection systems to provide an additional layer of privacy protection.

Collection, processing and use of personal data shall be consistent with the purposes as listed in the Personal Data Register, and shall be limited to the scope necessary for carrying out business operations. Besides, as soon as any Individuals express their intention not to receive any marketing material from Acer, no marketing activity (regardless of its format) can be directed at such Individuals. In such case, the personal data of the Individuals shall be properly handled (e.g., deletion from servers, or transfer to the system unrelated to any marketing activity for safe-keeping). In other words, any use of personal data shall comply with the purpose listed in the Personal Data Register. Therefore, no use for secondary purpose is permitted. Acer strictly supervises and manages the use of personal data and completely prohibits the secondary use of customer data.

Acer’s Privacy Protection Measures and their Status in 2021

Regulatory Compliance

  • The collection, use, and management of personal information must comply with local personal information protection regulations and the basic principle that subjects of said information have the right to know what information is being held and access, correct, and delete that information.

Implementation of internal controls and education & training

  • We require new employees to undergo training on personal information protection and privacy-related issues.
  • The collection, processing, and use of personal information must be undertaken in accordance with the Company’s Principles for the Management of Personal Information, approved by management, and then sent to the Legal Department and the Information Technology Unit for review.

Improved information security measures

  • To deepen information security culture and awareness in the Company, in 2019, we obtained ISO 27001 certification, and we have passed routine annual certifications in 2020 and 2021. We have continued to strengthen the deployment and updating of information security protection software and hardware in 2021.

Improved customer problem handling mechanism

  • We have established a protection mechanism for personal information relating to customers. If there are suspicions of a customer data security problem or incident, the notification mechanism is activated immediately to protect against risk and minimize the harm caused to the relevant stakeholders.

Other concrete actions for protection of privacy

  • For business cooperation between subcontractors and our customers, we require that the personal information involved should be handled and used in accordance with the relevant regulations on personal information protection, and that this should be explicitly set out in the contract.
  • We hold regular personal information protection courses for those within the Group to raise their awareness of personal information protection and to reduce the incidence of any related problems. In 2021, the number of people trained in privacy-related education reached 11,332 across the Group. The number of the total hours of the training reaches 16,824 hours.