Privacy Protection | ACER ESG
Privacy Protection
Protecting Privacy
The protection of personal information and privacy has gradually become a basic human right protected by national legislation and has developed into a universal value, as well as an important part of consumer rights awareness. As a global brand company, customer data protection measures, complaint handling mechanisms, and information security incident prevention are essential to the company's management responsibilities and brand protection, and it is the core meaning of Acer's management to always emphasize and strengthen the security and protection of data transmission across borders and regions. Ensuring that customers’ personal data is safe and informing customers of the relevant regulations and precautions before accepting equipment for repair. No complaints were received in 2022 about any invasion of customer privacy or loss of customer data or hacking incidents.
Staff | Customers | |
|---|---|---|
Before Using Personal Information | Conduct staff training on personal information protection. | Information security, confidentiality commitments or personal data protection clauses are set out in contracts. |
During the Use of Personal Information | When employees need to use personal information, they shall apply for approval in accordance with the regulations. | When using or storing your personal information, Acer Group’s rules and regulations regarding the use of Personal Data data shall be followed. |
After Using Personal Information | Perform internal audits of personal data management occasionally. |
Privacy Protection Measures
 | All Acer employees are required to carefully protect confidential or proprietary information provided by Stakeholders, and our products make use of data security technologyFacing the risk of network system cracking or intrusion and the rapid changes in technology, Acer not only reviews the need for customer information requests and strengthens information security measures in parallel with Acer's privacy protection practices, but also continues to apply for information security insurance in order to further protect the privacy of stakeholders. |
 | Personal information protection and privacy-related issues are incorporated into the orientation training for new employeesThe importance of personal information protection is promoted and reminded through physical or electronic posters in office areas on a regular basis; The Legal Department and each business unit set up and discuss privacy statements or policies on the websites they operate in order to raise the importance and protection of customers' privacy rights among company members, and conduct education and training courses in response to the implementation and revision of personal data protection regulations around the world. |
 | The collection, processing and use of personal information shall be in accordance with the purposes set forth in the internal personal information registration form and to the extent necessary for the performance of business.After the stakeholder has indicated that he or she no longer wishes to receive marketing messages from Acer, then he or she shall not be engaged in any marketing activities in any way and shall dispose of the personal information appropriately (e.g., by deleting the personal information from the server or moving it to a system other than the one used to send the marketing communications). In other words, Acer prohibits the secondary use of personal information and monitors and manages the use of personal information.
|
2022 Implementation Status
Regulatory compliance
The collection, use and management of personal information are required to comply with local personal information protection laws and regulations, and the basic principle is that the subject of personal information should have the right to know, access, correct and delete their personal information.
Implementation of internal controls and human rights education & training
- Training on personal data protection and privacy-related issues is provided to new recruits at the time of their employment.
- The collection, processing, and use of personal information must be undertaken in accordance with the company’s Principles for the Management of Personal Data, approved by units supervisor, and then sent to the Legal Department and the Information Technology Unit for review.
- In 2022, Acer Group continued to implement global employee personal education training, with a total of 14,334 employees completing it.
Sound mechanism for handling stakeholder issues
A proper protection mechanism is in place for personal information involving stakeholders. If there is a suspected security problem or incident involving stakeholder information, the notification mechanism will be activated immediately in accordance with the relevant regulations to ensure that the risk to stakeholders is minimized when it occurs.
Other concrete actions for protection of privacy
- With respect to the business cooperation between third parties and our customers, this company’s customers must also comply with laws on the handling of personal data on the protection of personal information, and that this be clearly laid out in the contract.
- We hold irregular personal information protection related courses for our employees to raise their awareness of personal information protection and to reduce the incidence of any related problems.