資訊安全管理政策 Information Security Management Policy

Since its establishment in 1999, Hotai Finance Corporation has demonstrated financial expertise by continuously improving and innovating diverse financial products. Hotai Finance Corporation has accumulated nearly three million customer cases. To ensure the safety of our customers’ personal data and minimize information security risks, we are committed to strengthening our information safety system and hence issue the Information Security Management Policy. The policy aims to provide employees a clear conduct to follow, and Hotai Finance Corporation expects each employee to participate and advocate for the policy to ensure the smooth operation of data, information systems, equipment, and the internet.

Implement information security, and strengthen service quality
ISMS shall be followed by all employees. All information safety-related measures shall ensure the confidentiality, integrity, and availability of sales information, to prevent the risk of disclosure, damage or loss of information, and appropriate measures shall be taken to minimize risks. Hotai Finance Corporation shall continue to supervise, review and audit the tasks of ISMS to strengthen service quality.

Strengthen information safety training, and ensure operation efficiency
Hotai Finance Corporation has adapted the following in response:

1. a.Through diverse training and communication channels, continue to strengthen employees’ awareness of information safety. For example: employees must undergo mandatory training on information safety to prevent personal data safety breaches.
2. b.Information safety audits are conducted annually, to raise employee awareness and strengthen emergency response.

Ensure emergency response for quick recovery
Establish a recovery plan in case of security breaches on important asset and businesses-related information, and conduct regular drills for smooth operation and recovery to minimize damages in the case of system errors or disasters.