Notification for the Collection, Processing, and Utilization of Personal Data
1.With respect to the collection, processing, use and international transmission of your personal data, we, KGI Securities Co. Ltd. (hereinafter “the Company”) hereby inform you of the followings according to Paragraph 1 of Article 8 of Personal Data Protection Act and if applicable, Article 13 of the EU General Data Protection Regulation:
No. |
Notification Item |
Notification Content |
1 |
Purpose of Collection |
|
2 |
Types of Personal Data |
Personal data collected within the necessary scope for the aforementioned specific purposes includes basic information (such as name, national identification number, passport number, date of birth, residential/work/email address, telephone/mobile/fax number, education, occupation, employer’s name, family status, etc.), account information, credit information, income information, asset or financial information, credit extension information, investment information, location data, online identifiers, data recorded by cookies and similar technologies, and any other information contained in relevant business application forms or contracts that can directly or indirectly identify an individual. |
3 |
Duration of Use |
Within the duration of the Company’s business operations as permitted by the competent authority, and within any of the following periods (whichever is the longest):
|
4 |
Areas of Use |
The relevant areas where the Company is authorized by the competent authority to operate and where its registered business activities or those stipulated in its articles of incorporation are conducted, as well as areas necessary for achieving the purposes of personal data collection, processing, and use, include: the Company (including its headquarters and all branches), parent companies, subsidiaries, or affiliates under the Company’s control or subordinate relationship, and their respective branches; areas where institutions or consultants that have contractual or business relationships with the Company or the aforementioned companies are located; areas where financial supervisory, judicial, tax authorities, or other domestic or foreign government agencies or third-party institutions to which data must be provided by law are located; and areas where recipients designated by you are located (in the case of international transmission of personal data, limited to jurisdictions not restricted by the central competent authority). |
5 |
Entities Using Personal Data |
|
6 |
Method of Use |
By means of automated machines or other non-automated methods (including but not limited to written, electronic, or international transmission), personal data will be used within the scope of the aforementioned specific purposes in a reasonable and lawful manner. If the EU General Data Protection Regulation (GDPR) is applicable, the Company will ensure that international data transfers are subject to an appropriate level of security protection as required by law. If the Company transfers your personal data to a country or jurisdiction that cannot guarantee a level of personal data protection equivalent to that of the Republic of China (Taiwan), the Company will require the recipient to enhance its data protection measures to a level equivalent to that of the Company, in order to ensure that your personal data remains protected despite the international transfer. |
7 |
Your Rights and How to Exercise |
You may exercise the following rights regarding your personal data held by the Company:
If you wish to exercise any of the above rights, you may submit a request through the following contact methods or any other means by which you can reach the Company. If you believe the Company has collected, processed, or used your personal data in violation of applicable regulations, you may also file a complaint with the Company or the competent authority.
Contact Numbers: (02) 2389-0088 / 0800-085-005 Email Address: service1@kgi.com |
8 |
Impact on your rights if you refuse to provide your personal data |
You have the right to freely decide whether to provide your personal data. However, if you choose not to provide such data, the Company may be unable to carry out the necessary reviews, processing operations, and other related services required for business purposes. As a result, the Company may refuse to engage in business transactions with you or process related matters and applications.
For example, if you do not fully provide the personal data required for the Company to comply with the U.S. Foreign Account Tax Compliance Act (FATCA) in conducting U.S. account investigations, or if you do not consent to the Company reporting your U.S. account information to the U.S. federal government or the government of the Republic of China (Taiwan), the Company may, in accordance with the provisions of FATCA, be required to withhold taxes on certain payments and may further be required to close your account. |
2.If the dealings between you and the Company call for collection of your personal data from TWSE’s securities firms credit checking system, the Company hereby informs you of the followings in accordance with Paragraph 1 of Article 9 of Personal data Protection Act and if applicable, Article 13 of the EU General Data Protection Regulation:
Your personal data (including personal information, credit or investment information, breach or criminal records related to securities transactions) is obtained by the Company from TWSE’s securities firms credit checking system for credit checking purpose. For other matters please refer to the above.
The Company will continue to collect, process, and use your personal data in accordance with the content of this notification. The Company will not provide separate or repeated notifications for such collection, processing, and use within the scope of this notification.
You agree that the Company has the right to amend the content of this notification and that, upon such amendment, the Company may notify you by posting on its website or through verbal, written, telephone, SMS, email, fax, electronic documents, or any other means sufficient to inform or make the content accessible to you (including, but not limited to, providing a website link containing the full content of this notification via the aforementioned methods).
If the data you provide to the Company includes personal data of third parties other than yourself, you declare that you have properly informed such third parties that their personal data will be provided to the Company and will be collected, processed, and used within the scope of this notification. You shall also ensure that such third parties have consented to the aforementioned collection, processing, use, and international transfer of their personal data, and that they understand all legally required notifications and their rights. Therefore, the Company is not required to provide separate notification to such third parties.
version 7, 2025 June