Personal Data Protection

This Company (hereinafter referred to as ‘the Company’) hereby discloses this policy to comply with the Personal Data Protection Act and relevant statutory provisions, thereby clarifying the Company's methods for collecting, processing, utilising, and protecting personal data pertaining to customers, business partners, and the Company's internal departments and personnel. All parties engaged in business dealings or employment relationships with the Company shall comply with this policy.

This policy applies to the following data subjects:

1. Our company's clients（including potential customers）
2. Cooperative manufacturers, business partners, and their designated contact persons.
3. The internal departments, employees, contractors, or other personnel within the company who may have access to personal data.

This company collects personal data for the following purposes, including but not limited to:

1. Customer management and service.
2. Staff personnel management.
3. Fulfilment of employment contracts.
4. Vetting and management of suppliers or collaborative relationships.
5. Regulatory compliance and risk management.
6. Investigation and analysis, internal management requirements.

The types of data collected may include names, national identification numbers, contact details, CV information, job titles, bank account details, usage records, and device information, depending on the individual's status and the purpose of collection.

1. Period: The retention period required for the purpose of collection, the duration of relevant contracts, or as stipulated by law.
2. Location: The Taiwan region and areas where the Company operates or where data processing servers are located.
3. Recipients: The Company, third parties with whom the Company has business relationships, competent authorities as prescribed by law, and service providers necessary to achieve specific purposes.
4. Methods: Collection, processing, and utilisation of data via paper documents, electronic files, internal systems, or other automated processing methods.

Our company has established an information security system compliant with ISO 27001 standards in the Taiwan region. Access, processing, and transmission of internal data are subject to authorisation management and monitoring mechanisms to prevent the leakage, loss, alteration, or other improper use of personal data.

Pursuant to Article 3 of the Personal Data Protection Act, data subjects shall have the right to exercise the following rights:

1. To make an enquiry or request access.
2. To request a copy.
3. To request supplementation or correction.
4. To request cessation of collection, processing or use.
5. To request deletion.

To exercise the aforementioned rights, please contact our Data Protection Officer and follow the relevant procedures.

This company reserves the right to amend the content of this policy in accordance with actual business requirements and changes in legislation. Such amendments shall be announced on the website or notified separately, with no individual notifications issued. It is recommended that you review this policy periodically to ensure you are aware of the latest rights and obligations.

Contact details:

Data Protection Department: The Administration Department of this company

Email address:ikka@ikka.com.tw

Contact telephone number:(03)587-0928

The Company has incorporated the following quantitative data and management indicators pertaining to personal data protection policies into its 2025 ‘Employee Personal Data Protection Training Programme’:

The personal data protection training course for Taiwan office staff has been completed by a total of 8 participants, with a total course duration of 2 hours. Trained employees represent 80% of the total workforce.