Privacy Policy

Privacy & Personal Data Protection Policy

SynPower Co., Ltd. (hereinafter referred to as "the Company") highly values your privacy. To ensure your peace of mind while using our website and related services, we have established this Privacy Protection Policy to safeguard your rights. This policy applies to the collection, processing, and protection of personal data involved in your use of the Company's website.

I. Collection & Use of Personal Data

  • Purpose of Collection: Including but not limited to customer management, marketing, contract fulfillment, after-sales service, recruitment, and other business needs aligned with our registered business scope.
  • Categories of Collection:
    • Identification: Name, job title, contact number, email address, mailing address, etc.
    • Characteristics: Age, gender, date of birth, etc. (limited to specific business requirements).
  • Period & Region: Unless otherwise stipulated by law, your data will be utilized during the Company's operational period within the regions where the Company operates.

II. Data Security Measures

The Company implements rigorous technical and organizational security measures to protect your personal data. In 2025, we maintained a record of zero major cybersecurity or data breach incidents:

  • Technical Aspects: Deployment of high-end firewalls, Managed Detection and Response (MDR) systems, SSL encrypted transmission, and strict access control mechanisms.
  • Management Aspects: Conducted 6 security awareness sessions and 3 social engineering drills in 2025. Access to data is restricted to authorized personnel only, with regular security risk assessments.

III. Rights of the Data Subject

Under the Personal Data Protection Act, you may exercise the following rights regarding the personal data held by the Company:

  1. Right to inquire, review, or request a duplicate copy.
  2. Right to request supplements or corrections.
  3. Right to request cessation of collection, processing, or utilization.
  4. Right to request deletion (within the scope permitted by law).
To exercise the above rights, please submit an application via the contact window at the end of this policy. We will respond within the statutory period of 15 days (extendable if necessary).

IV. Personal Data Breach Response Mechanism

In the event of theft, leakage, tampering, or other infringements of personal data, the Company will initiate the "Cybersecurity Incident Response Procedures":

1. Verification & Control

The security team will immediately isolate affected systems and block threat sources to prevent further damage.

2. Legal Notification

Notification to competent authorities within 72 hours of discovery, with public disclosure of the incident scope and remedial measures.

3. Patching & Prevention

Conducting root cause analysis and vulnerability scanning to harden defenses and update management protocols.

4. Counseling & Remedy

Proactively assisting affected individuals with preventive steps and providing legal consultation to protect their rights.

V. Use of Cookies

To provide the best service, this website places cookies on your browser. If you do not wish to accept cookies, you may disable them in your browser settings; however, this may result in some functions of the website not operating correctly.

Privacy Protection Inquiry Desk

If you have any questions regarding this policy or wish to exercise your data rights, please contact our dedicated team:

📞 Phone: +886-3-369-0966 (Data Protection Group)

This policy will be modified at any time in response to requirements and posted on the website.
Last Updated: December 31, 2025