Statement of Use of Personal Information

壹、就凱基證券股份有限公司（下稱「本公司」）蒐集、處理、利用及國際傳輸您的個人資料事宜，茲依據「個人資料保護法」第8條第1項及「歐盟一般個資保護規則」第13條(如有適用)規定，向您告知下列事項： 1. With respect to the collection, processing, use and international transmission of your personal information, we, KGI Securities Co. Ltd. (hereinafter “the Company”) hereby inform you of the followings according to Paragraph 1 of Article 8 of Personal Information Protection Act and if applicable, Article 13 of the EU General Data Protection Regulation:

一、 本公司係基於下列特定目的，蒐集、處理、利用及國際傳輸您的個人資料：
Your personal information is collected, processed, used, and internationally transmitted by the Company for the following purposes:
(一) 為經營證券、期貨業務及經營其他合於法規、營業登記之項目或組織章程所定之相關業務，並包含配合公司內部或母公司所為之相關行政作業、營運及管理之相關行為，例如辦理有價證券與有價證券持有人登記、投資管理、法人或團體對股東名冊之內部管理、信託業務、財產管理、財務顧問服務、資通安全與管理、相關電子商務服務、資訊與資料庫管理、調查統計與研究分析、憑證業務管理、客戶管理與服務、內部控制及稽核、風險管理等。
conducting securities, futures, and other related business permitted by applicable laws or within the scope of business registration, bylaws or article of incorporation of the Company, including relevant acts carried out for the administrative operations or business management of the Company or its parent company(ies), such as registration of securities and holders of securities, investment management, internal management of shareholder list, trust business, property management, financial advisory services, information technology security and management, relevant e-commerce services, information and database management, investigation statistics and research analysis, certification business management, client management and services, internal control, audit and risk management.
(二) 為履行您與本公司間契約關係或類似契約關係、提供您各項客戶服務，例如徵信、行銷、相關諮詢與顧問服務等。
performing contract/quasi-contract obligations, providing you with various client services, such as credit checking, marketing, relevant advisory and consultation services.
(三) 為履行法定義務，例如執行洗錢防制及打擊資恐工作、內部檢舉制度、遵循各國金融法規(包括但不限於美國海外帳戶稅收遵從法(FATCA)、共同申報準則(CRS)、歐盟股東權利指令(SRD II))等。
performing legal obligations such as implementation of anti-money laundering and counter-terrorism measures, and internal whistleblower system, compliance with financial regulations of various jurisdictions (including but not limited to FATCA, CRS, SRD II).
(四) 為遵循金融監理、司法、稅務與其他具有司法、檢調或行政調查權機關之命令、調查及檢查，以及為處理訴訟、非訟、仲裁或其他金融爭議之目的。
complying orders, investigations, exanimations of financial supervisory, judicial, tax regulators and other similar organizations, and handling litigations, non-litigating matters, arbitrations, or resolving financial disputes.

二、 個人資料蒐集之種類、利用期間、對象、地區及方式：
Type of personal information to be collected, period, parties, areas and method of using personal information
(一) 種類：基於上述目的或所涉業務執行必要範圍內所蒐集之個人資料，包括您的基本資料（例如姓名、身分證統一編號、護照號碼、出生年月日、住所／居所／工作／電子郵件地址、電話／手機／傳真號碼、教育程度、職業、任職公司名稱、家庭情形等）、帳務資料、信用資料、收入資料、資產或財務資料、授信資料、投資資料、位置資料、網路識別碼及相關業務申請書或契約書所載之其他任何得以直接或間接方式識別個人之資料。
Type: the type of personal information to be collected for the above purposes or due to business necessity includes your basic information (e.g., name, I.D. number, passport number, date of birth, residence/company/e-mail address, telephone/mobile phone/fax number, education, occupation, name of employer, family situation), information regarding billing, credit, income, assets or finance, facility, investments, location data, online identifier, and other information which may be directly or indirectly identify a person, as provided in the related business application forms or contracts.
(二) 期間：於前述特定目的存續期間、主管機關許可本公司業務經營之期間、因執行業務所需或依法令規定或契約（或類似契約）約定之保存期間、或經您同意之期間內(以期間最長者為準)。
Period: during the term the above specific purposes exist, the Company is licensed to conduct business, required by business, during the retention period as set forth by law/regulations or contract/quasi-contracts, or the period you agree (whichever is longer).
(三) 對象：包括：
Parties: including:
1. 本公司及各分公司、本公司所屬金融控股公司及其子公司(包括但不限於與本公司共同行銷或交互運用客戶資料者)、與本公司合作推廣業務之公司、未受中央目的事業主管機關限制之國際傳輸個人資料之接收者、您指定之金融機構、與本公司因業務需要訂有契約關係或業務往來之機構或顧問（如律師）、受讓本公司全部或部分業務之受讓人。
The Company and each of the Company’s branches, the Company’s financial holding parent company and its subsidiaries (including but not limited to those with whom the Company conducts co-marketing or client data sharing), the entities with which the Company cooperates for business promotion),  the receiver not restricted by competent authority for international transmission, the financial institutions you designate, consultants (such as lawyers) or organizations having a contractual or business relationship with the Company due to business needs, the transferees of all or part of the business of a securities firm.
2. 金融監理、司法、稅務或依法有調查權之機關或爭議處理及徵信機構，包括但不限於證券交易所、期貨交易所、證券櫃檯買賣中心、集中保管結算所、證券商業或期貨商業同業公會(或其他相關商業同業公會)、財團法人證券投資人及期貨交易人保護中心、金融消費評議中心等，及您的所有有價證券之股票發行公司、交割銀行、保管機構、臺灣票據交換所(發放股利)等依法令授權辦理股務事務之相關機構及其他經目的事業主管機關指定，包含在業務經營上，與監督管理檢查、發行、買賣、徵信、交易、交割、股務等有關之相關機構，及對前款所列利用對象有管轄權之國內外金融監理機構、司法機關或其他相關政府機關。
Financial supervisory, judicial, or tax authorities or organizations with legal investigation authority or in connection with dispute resolution and credit checking, including without limitation to, TWSE, Futures Exchange, Taipei Exchange, TDCC, Taiwan Securities Association, Futures Association (or other related commerce association), Securities and Futures Investors Protection Center, Financial Ombudsman Institution, the share issuing company, settlement banks, custodians, Taiwan Clearing House (for dividend payment), and other organizations involved in the business in connection with supervision, issuance, transaction, credit checking, trading, and settlement, and those domestic or foreign financial supervisory organizations and judicial organizations competent and applicable to the parties listed in the above paragraph.
(四) 地區：前項所述對象營業活動之相關地區及為達蒐集、處理、利用及國際傳輸目的所需使用之相關地區，包括本國、海外機構所在地、往來銀行及通匯行所在地、未受中央目的事業主管機關限制之國際傳輸個人資料之接收者所在地、本公司業務委外機構所在地、與本公司有業務往來之機構營業處所所在地。
Area: to the extent permitted by laws and regulations or necessary to carry out business, the Company and the aforementioned parties may, within the area of its business, and relevant areas necessary for collecting, processing, using and internationally transmitting (including but not limited to the area where the Company, offshore institutions, banks, international transmission receivers are located), collect, process, use and internationally transmit your personal information.
(五) 方式：透過自動化機器或其他非自動化方式（包含但不限於書面、電子方式或國際傳輸等）於前揭特定目的範圍內依合理且適法方式為之。「歐盟一般個資保護規則」如有適用，當進行國際傳輸時，本公司將確保該等傳輸受到法律所要求適當程度之安全保護，如本公司將您的個人資料傳輸至無法保證與中華民國同等個資保護等級的國家或司法管轄區時，本公司將要求接收方提高其對個人資料之保護至與本公司相等程度，以確保您的個人資料不因國際傳輸喪失應受之保護。
Method: via automated machines or other non-automated methods (including but not limited to written, electronic method or international transmission) and with reasonable and legal method within the above specific purposes. If the EU General Data Protection Regulation is applicable, in transmitting personal information internationally, the Company shall ensure such transmission enjoys adequate level of protection required by law. If the Company transmits your personal information to countries or jurisdictions where same level of protection as provided by the Republic of China cannot be guaranteed, the Company will request the receiver to increase the protection to such level provided by the Company, so as to ensure the protection to your personal information is not be undermined.

三、 當事人權利 
Your Rights
就本公司保有之您的個人資料，您可以行使以下權利：1.查詢或請求閱覽或請求製給複製本（本公司依法得酌收必要成本費用）；2.請求補充或更正（惟依法您應為適當之釋明）；3.請求停止蒐集、處理、利用、國際傳輸或請求刪除；4.請求處理限制。5.請求資料可攜性。6.拒絕自動化剖析。7.拒絕直接行銷目的之個人資料處理，惟本公司依法令、契約之要求或因執行業務所必須，得不依您的請求為之。如您欲行使上述權利，可於本公司的官方網站上或本公司寄發給您的資料中找到聯繫本公司的電話號碼、電子郵件信箱或營業單位地址。如您認為本公司未依規定蒐集、處理、利用及國際傳輸您的個人資料，您亦可向本公司或主管機關提出申訴。
You may exercise the following rights with respect to your personal information retained by the Company: 1) make an inquiry, request to view or request a duplicate copy (the Company may charge necessary fees in accordance with relevant laws); 2) request to supplement or revise personal information, if a reasonable explanation is provided; 3) request to stop the collection, processing, use, and international transmission or request to delete personal information; ; 4) request to restriction of processing,5) right to data portability; 6) right to object automated individual decision-making; and 7) right to object to processing of personal information for direct marketing purposes; provided, however, the Company may reject your request if it is necessary for the Company to comply with relevant laws, regulations, and contracts, or to carry out its business. Where you wish to exercise said rights, you may access the Company’s telephone number, email address or business place address on the Company’s official website or in the information sent by the Company to you. You may also lodge a complaint with the Company or regulator if you think the Company does not comply with regulations in collecting, processing, using, and internationally transmitting your personal information.

四、 不提供個人資料相關權益之影響
Effect if you refuse to provide personal information
您得自由選擇是否提供相關個人資料。惟您如選擇不提供，本公司將無法進行必要之審核、處理作業及其他相關服務，本公司即得拒絕受理與您的業務往來及其他相關事項之辦理與申請。
You are free to provide your personal information. However, if you refuse to provide, the Company will not be able to carry out the necessary review and process and provide other related services. Therefore, the Company may reject your request or application for conducting business or other related matters with the Company.

貳、如本公司與您的業務往來需自證券交易所證券商聯合徵信系統蒐集您的個人資料，茲依據「個人資料保護法」第9條第1項及「歐盟一般個資保護規則」第14條(如有適用)規定，向您告知下列事項：本公司係為徵信之特定目的，自臺灣證券交易所股份有限公司之證券商聯合徵信系統取得您的個人資料、授信資料、投資資料、與證券交易有關之違約或判刑紀錄。其餘告知內容與上述告知事項相同，不再贅述。

If the dealings between you and the Company call for collection of your personal information from TWSE’s securities firms credit checking system, the Company hereby informs you of the followings in accordance with Paragraph 1 of Article 9 of Personal Information Protection Act and if applicable, Article 13 of the EU General Data Protection Regulation: 
Your personal information (including personal data, credit or investment information, breach or criminal records related to securities transactions) is obtained by the Company from TWSE’s securities firms credit checking system for credit checking purpose. For other matters please refer to the above.

本公司往後將依此告知內容蒐集、處理、利用及國際傳輸您的個人資料，本公司於此告知範圍內蒐集、處理、利用及國際傳輸您的個人資料時，將不再逐一或重複告知。
The Company will collect, process, use and internationally transmit your personal information in accordance with this Statement.  The Company will not inform you again if the collection, process, use and international transmission of your personal information is within the scope of this Statement.

您同意本公司有權修訂本告知書內容，並同意本公司於修訂後，得於本公司網站上公告或以言詞、書面、電話、簡訊、電子郵件、傳真、電子文件或其他足以使您知悉或可得知悉之方式（包括但不限於以前述方式告知提供詳載本告知書內容之網站連結），告知您修訂內容。
You agree that the Company may amend the contents herein and may inform you of the updated version by any method that enables you to be aware of the amendment, including but not limited to, posting the same on company website(s) or providing links to such website(s), disclosing the same verbally or in writing, via telephone, messages, e-mails, fax, or electronic documents. 

若您提供予本公司之資料包含本人以外第三人之個人資料時，您應聲明已以適當方式使該第三人知悉其個人資料會提供予本公司，由本公司於上開告知內容範圍內進行蒐集、處理、利用及國際傳輸。您並應使該第三人同意得為上述處理、利用及國際傳輸該第三人之個人資料，並使其理解所有依法應告知之內容及其權利，故本公司得免再告知該第三人。
If the information you provide include personal information of a third party, you should and you represent you have, inform such third party that his/her personal information will be provided to the Company.  You should ensure the third party agrees the Company may collect, process, use and internationally transmit his/her personal information and that he/she understands the contents he/she should be notified and his/her rights; thus the Company does not need to inform the third party again.

*本告知書之英文翻譯僅供參考，如有歧異，悉以中文版本為準。
*The English translation of this Statement is for reference only.  In the event of any discrepancy, the Chinese version shall prevail.

第4版，2021年5月修訂
version 4, 2021 May