Acer understands the importance of the protection of personal information and privacy to our clients. As such, we consider our policies on personal information protection and privacy to be a priority. All Acer employees must carefully protect confidential or proprietary information provided by customers, and our products use data security technology. However, both technology and the risk of hacking or intrusion into systems are always changing, and so in addition to constantly reviewing the necessity for collecting Acer’s Privacy Protection Measures customer information and strengthening information security protection measures, the Company also distributes risk through information security protection systems to provide an additional layer of privacy protection.
• The collection and use of personal information must comply with the Personal Information Protection Act, and the subjects of said information have the right to know, access,correct, and delete their personal information.
• We regularly require our employees to undergo training on privacy-related issues.
• The collection, processing, and use of personal information must be undertaken in accordance with the Company's Principles for the Management of Personal Data, approved by the supervisor, and then sent to the Legal Department and the Information Technology Unit for review.
• In 2019, we obtained ISO 27001 certification for our information security management system, further deepening our information security culture. We also passed the routine annual certification in 2020.
• We have established a protection mechanism for personal data relating to customers. If there are suspicions of a customer data security problem, the notification mechanism is activated immediately to protect against risk and minimize the harm caused.
• Cooperations between subcontractors and customers must also comply with laws on handling personal data, with processing and use carried out in accordance with the law and clearly laid out in the contract.
• We hold regular personal information protection courses for our employees to raise their awareness of personal information protection and to reduce the incidence of any related problems. In 2020, the number of people trained in privacy-related education reached 13,956 across the Group.