Privacy Policy

1. Business operation: via email or through other channels, to perform works, cooperate or communicate, negotiate or folfill contracts, etc.
2. Commercial marketing: via email, website or through other channels, to provide business information or cooperation channels relevant to ASEH, or respond to or communicate related matters.
3. Security management: through appropriate measures to ensure the security of data, personnel and the facility.
4. Website maintenance and communication: to improve the function and services of the company’s website, provide the latest information related to business and investment, or respond to website user’s inquiries.
5. Recruitment and job applicant interviews
6. Where it is necessary to fulfill statutory obligations
7. Where it is necessary to assist public authorities in performing statutory duties: such as investigation of illegal activities, prevention or investigation of criminal cases.
8. Where it is necessary to assert, exercise or protect ASEH’s legal rights
9. To conduct various operational management procedures

1. Under specific circumstances, ASEH may collect, process and use certain personal data as follows:
1. ASEH may collect, process and use the personal data of personnel communicating, collaborating or conducting any interaction with ASEH in the course of business-related functions through meetings, activities or other business channels, as follows:
• Personal information including name, gender, employer and business title
• Contact information including telephone number and e-mail address
• Other information that may be used to directly or indirectly identify the personnel
2. To ensure the safety and security of both the personnel and workplace environment, ASEH may collect, process and use the personal data of persons entering ASEH facilities for the purpose of performing job duties or business visits, as follows:
• Personal information including name, gender, employer, business title, ID/passport number or other forms of identification and facial photography
• Contact information including correspondence address, telephone number and e-mail address
• Other information necessary for furthering public interests
3. ASEH may collect, process and use the personal data of persons visiting the company’s website and utilizing the web services (subscription to e-news, online inquiries and online reporting systems), as follows:
• Personal information including name, gender, employer, business title, ID/passport number or other forms of identification and facial photography
• Contact information including correspondence address, telephone number and e-mail address
• Other information that may be used to directly or indirectly identify the website user, such as website user’s relation with Company
• Data collected by Cookies
4. ASEH may collect, process and use the personal data of individuals making investment enquiries about the Company through phone, e-mail or any communication channels or persons who become shareholders of the Company, as follows:
• Personal information, including name, gender, employer, business title, ID/passport number or other forms of identification and facial photography
• Contact information, including correspondence address, telephone number and e-mail address
• Other information that may be used to directly or indirectly identify them
5. ASEH may collect, process and use the personal data of job applicants for vacant positions at ASEH, as follows:
• Personal information, including name, gender, birth date, ID /passport number or other forms of identification and facial photography
• Expertise and experience, including educational background and occupation, language ability and other professional skills or qualification certificates
• Contact information, including correspondence address, telephone number and e-mail address
• Other information that may be used to directly or indirectly identify the job applicant
• Other information necessary for furthering public interests
2. ASEH shall not collect, process and use sensitive personal data including medical records, healthcare, physical examination and criminal records except for the following situations:
1. Where it is expressly required by applicable laws and regulations
2. Where it is necessary to fulfill statutory obligations with maintenance and protection measures that are appropriate and secure
3. Where it is necessary to assist the public authority in performing its statutory duties of investigating illegal activities, preventing or investigating criminal cases
4. Consent is given by the data subject
3. Unless notification may be waived in accordance with the applicable laws and regulations, ASEH shall inform the data subject of the followings:
1. The personal data to be collected, processed and used
2. Specific Purpose of collection, processing and use of personal data
3. Data subject may base on the various Specific Purposes and decide to consent or reject, in whole or in part, the collection, processing and use of requested and/or suggested personal data by ASEH (opt-in)
4. Data subject rejecting collection, processing and use of personal data by ASEH, or providing inaccurate or incomplete personal data for ASEH to collect, process and use may result in ASEH’s inability to provide the data subject with specific or complete information, feedback or services
4. ASEH shall collect, process and use personal data to the extent not exceeding the necessary scope of Specific Purpose and ensure the collection, processing and use of personal data that have legitimate and reasonable connection with Specific Purpose. The data subject may base on the various Specific Purposes and request, in whole or in part, the cessation of the collection, processing and use of personal data by ASEH, or deletion/destruction of personal data collected, processed or used by ASEH (opt-out) and ASEH shall proceed in accordance with such request

1. ASEH may disclose personal data to third parties under the following circumstances:
1. The third party is a public authority:
• Where it is necessary to fulfill statutory obligation
• Where it is necessary to assist the public authority (the Court, Prosecutor/Policy/Investigation Bureau, or national or local government agency, etc.) in performing its statutory duties of investigating illegal activities, preventing or investigating criminal cases
• Where it is necessary to assert, exercise or protect ASEH’s legal rights
• At the request of the data subject
2. The third party is a private legal entity (including Company’s subsidiaries), private institution or organization, or individual persons:
• Where it is necessary to fulfill statutory obligation
• Where it is necessary to assert, exercise or protect ASEH’s legal rights
• For the use to the extent not exceeding the necessary scope of the Specific Purpose
• At the request of the data subject
2. ASEH shall manage third party disclosures in compliance with the following:
1. Verifying the identity of the third party
2. Notifying data subject and obtaining his/her consent unless notification may be waived in accordance with applicable laws and regulations (e.g. notification or consent may prevent the public authority from performing statutory duties)
3. Disclosing minimal and only necessary personal data, and requiring third parties to comply with applicable laws and regulations on personal data protection

ASEH shall take measures that are reasonable and necessary to maintain the accuracy of personal data and, proactively or at the request of the data subject, supplement or correct personal data.

1. ASEH shall retain personal data for a reasonable period of time not exceeding the necessary scope of Specific Purpose, which in principle does not exceed 5 years. Unless continuous retention of personal data is expressly required by applicable laws and regulations or necessary for ASEH to perform duties or business, or has the consent of the data subject, ASEH shall, proactively or at the request of the data subject, cease the collection, processing and use of personal data, or delete/destruct personal data if collection, processing and use is no longer necessary, the legitimate and reasonable connection with Specific Purpose no longer exists, or the laws and regulations on retention become not applicable.
2. ASEH shall establish appropriate and secure measures to manage the storage, processing, transmission, retention, access privileges of personal data and data storage/transfer tools. ASEH shall commit to safeguarding personal data to prevent damage, loss, theft, leakage, unauthorized access, copies, use or alteration. The measures include:
1. Using appropriate and secure networks and tools for data transmission and storage, such as encryption software (SSL or HTTP) to transfer data and setting up firewalls
2. Classifying personal data according to level of security to ensure that the collection, processing and use of such data do not exceed the necessary scope of the Specific Purpose, and preventing access by unauthorized personnel
3. Classifying personal data according to results of risk assessments, and adopting appropriate management procedures for the collection, processing, use and disclosure of such data

Personal data may be transferred among and used by ASEH’s subsidiaries located in different countries to the extent not exceeding the original scope of the Specific Purpose. ASEH shall manage the transfer and use of personal data in accordance with the Policy and applicable privacy and personal data laws and regulations in the countries where the personal data is transferred and used.

To improve and enhance the company’s website services, ASEH uses cookies to collect, process and use certain persona data, such as the user’s internet protocol address. To know more about our use of cookies, please refer to ASEH’s Cookie Terms.

With respect to personal data collected, processed and used by ASEH, the data subject is entitled to the legal rights as follows:

1. The right to request an inquiry or review
2. The right to request a copy
3. The right to supplement or correct the incomplete or incorrect personal data
4. The right to request the cessation of collection, processing and use
5. The right to request the deletion/destruction of personal data that is displayed or stored internally at ASEH, or publicly available on public websites, files or other forms of storage
6. Where necessary and technically feasible, the right to request the transfer of personal data, in electronic and machine readable format, to designated third party data controller
7. The right to report any personal data violation to public authorities in the area where the data subject is a resident or where the personal data is used

1. The protection of privacy and personal data is an integral component of ASEH’s internal control and risk management system. ASEH on an annual basis conducts risk assessments and internal compliance audits, on bi-annual basis engages independent parties to audit ASEH’s implementation of privacy and personal data protection and from to time to time, conducts supplier compliance audits to ensure full compliance with Policy and applicable laws and regulations.
2. ASEH’s new employees are required to complete a training course on the protection of privacy and personal data. All employees of ASEH also receive regular updates on relevant laws and regulations governing privacy and personal data and management guidance to enhance their compliance awareness.
3. ASEH adopts a zero-tolerance policy to any violation of privacy and personal data protection. Should a violation be identified after thorough investigations, ASEH shall immediately review and improve management measures, and take disciplinary actions against errant personnel and where necessary, seek indemnity or prosecution in accordance with applicable laws and regulations.
4. ASEH’s employees, external parties or natural persons may file a report or complaint on suspected violations via “ Code of Conduct Compliance Reporting System” or any other updated channels announced by ASEH.
5. For matters concerning the Policy or any other issues related to privacy and personal data, ASEH’s employees, external parties or natural persons may contact the following responsible department of ASEH:

ASE Technology Holding Co., Ltd.

Chief Administration Officer Office

Q1: What is personal data?

A: Personal data is information that in general may be used to identify a natural person such as name, birth date, ID/passport number, identifiable features, fingerprints, marital status, family information, educational background, occupation, contact information, financial status, and may include additional data on medical and healthcare records, genetics, social and physiological identity, records of physical examinations, criminal records, etc.

Q2: Why does ASE need to use my personal? What/How my personal may be used?

A: Based on the types of your interaction with ASEH, ASEH may, for specific purposes, use certain information that may be used to identify you.

Please refer to Section A and Section B for a complete description of how your personal data may be used.

Q3: Can I refuse to provide my personal data?

A: You may decide to consent or refuse, in whole or in part, to provide personal data. However, refusal to provide or providing inaccurate or incomplete personal data may result in ASEH’s inability to provide you with specific or complete information, feedback or services.

Please refer to Sub-Section III of Section B for more details.

Q4: Can I make request for my personal data?

A: You have a legal right to request, in whole or in part, ASEH to stop collecting, processing and using your personal data, or delete/destruct your personal data and related records.

Please refer to Sub-Section IV of Section B and Section H for more details.

Q5: How do I contact ASEH to make enquiries on personal data?

A: You may contact our Chief Administration Officer Office at +886 7 3617131 #83830 or email privacy@aseglobal.com

Please refer to Sub-section IV and V of Section I of Policy.