Privacy Protection Measures
2026.07(2026.07 Version)
玉山金融控股股份有限公司(以下稱本公司) 暨所屬各子公司(以下合稱本公司及子公司)係依照「金融控股公司法」「個人資料保護法」、「金融機構間資料共享指引」及其他相關法令規定,蒐集、處理及利用您的個人資料。為讓您安心使用本公司所提供的各項服務,謹此向您說明本公司的隱私權保護措施(下稱本措施)如下:
E.Sun Financial Holding Company, Ltd. (hereinafter referred to as the “Company”), and its subsidiaries (hereinafter collectively referred to as the “Company and its Subsidiaries”), collect, process, and use personal data in accordance with the Financial Holding Company Act, the Personal Data Protection Act, the Guidelines for Data Sharing between Financial Institutions, and other applicable laws and regulations.
To ensure that you may use the services provided by the Company with peace of mind, the Company hereby explains its Privacy Protection Measures (hereinafter referred to as the “Measures”), as follows:
(一)本公司所蒐集的個人資料,將依其蒐集時所闡述之特定目的使用,包含但不限於提供服務或廣告/活動訊息、資料分析處理、履行法定義務、風險管理、洗錢防制、契約義務、其他法令許可目的,及訴訟、非訟、仲裁或其他紛爭解決事件之處理;本公司所蒐集個人資料之使用目的、利用對象、時間等資訊,請參考相關網頁之內容。
(二)本公司僅於蒐集時所闡述之特定目的必要期間內,保存您的個人資料。惟如相關法令另有保存期間之規定,或因業務執行須另訂保存期間,或依個別契約另有約定保存期間者,則以最長者為準。
1. Personal data collected by the Company shall be used in accordance with the specific purposes stated at the time of collection. Such purposes include, but are not limited to, the provision of services and the delivery of advertisements or promotional information, data analysis and processing, the performance of statutory or contractual obligations, risk management, anti-money laundering compliance, and other purposes as permitted under applicable laws and regulations, as well as the handling of litigation, non-contentious matters, arbitration, or other dispute resolution proceedings. For further details regarding the purposes of use, categories of recipients, and periods of use of personal data, please refer to the relevant information published on the Company’s website.
2. The Company shall retain your personal data only for the period necessary to fulfill the specific purposes stated at the time of collection. However, where a longer retention period is required by applicable laws and regulations, necessary for business operations, or stipulated in individual contracts, such longer period shall prevail.
(一)當您使用本公司服務或本網站時,本公司可能會向您蒐集個人資料,包含姓名、身分證統一編號、電話、E-mail、住址及其他相關必要資料。另外,本公司亦將保留您在本網站瀏覽或查詢時,伺服器自行產生的相關紀錄(包括但不限於您使用網站服務所連線設備的IP位址、使用時間、設備資訊、瀏覽器資訊及點選紀錄等)。
(二)謹提醒您,與本公司網站所連結的其他網站,也有可能蒐集您的個人資料。對於您於其他網站主動提供的個人資料,將依相關法令及各該連結網站所揭露之隱私權保護政策蒐集、處理與利用,不適用本措施。
1. When you use the services of the Company or visit this website, The Company may collect your personal data, including your name, ID number, phone number, e-mail, address, and other necessary related information. In addition to, the Company will also retain automatically generated by the server when you are browsing or searching for information on this website (including but not limited to your IP address, browsing time, equipment information, browser information, and clickstream data).
2. Please note that other websites that are linked to our website may also collect your personal data. The personal data you actively provide on other websites shall not be governed by these Measures and shall be collected, processed, and used in accordance with related regulations and the privacy policies of the linked websites.
(一)本公司及子公司與其他金融機構間係依「金融機構間資料共享指引」、「個人資料保護法」及「金融監督管理委員會指定非公務機關個人資料檔案安全維護辦法」等相關法規命令,參與及提供資料共享服務機制(以下稱本機制),以發展金融科技形塑友善金融生態圈、推動場景金融適用範圍、提供顧客便利性服務及發揮經營綜效、整體集團風險管理、促進集團各成員間之跨業合作。
(二)本公司及子公司與其他金融機構間進行資料共享時,有關資料之共享目的、強化客戶資料保護機制、參與員工授權、內部審核及分層負責機制、申訴及處理爭議之內部標準程序等項目,均依循前揭相關法規命令辦理。
(三)除依其他法令得為資料共享以外,本機制下所蒐集之資料均經顧客同意,或於顧客簽署各類契約文書中明文約定而取得,或來自公開資訊。
(四)經前項取得之顧客資料均嚴密地保存在專門建置的資料庫中,未來因業務需求而依法令委由管理資訊系統之第三人代為處理或儲存時,亦會依法進行相應管理措施,對於共享資料之使用均依業務權責進行權限控管,必須在法令許可之規範下,依訂定之管理制度,方可進行資料分享作業,不在授權範圍內之任何人,均不得亦無法取得資料。
1. The Company and its Subsidiaries, together with other financial institutions, participate in and provide a data-sharing mechanism (the “Mechanism”) in accordance with the Guidelines for Data Sharing between Financial Institutions, the Personal Data Protection Act, and the Regulations Governing the Security and Maintenance of Personal Data Files for Non-Government Agencies designated by the Financial Supervisory Commission, as well as other applicable laws and regulations, for the purposes of promoting financial technology development, fostering a consumer-friendly financial ecosystem, expanding the scope of scenario-based financial services, providing convenient customer services, achieving business synergies, enhancing group-wide risk management, and facilitating cross-industry collaboration among group entities.
2. When the Company and its subsidiaries, or other financial institutions, engage in data sharing, all relevant matters—including the purposes of data sharing, enhanced protection mechanisms for personal data, employee authorization controls, internal review procedures and hierarchical accountability mechanisms, and standard operating procedures for complaint handling and dispute resolution—shall be conducted in accordance with the applicable laws and regulations.
3. Except where data sharing is otherwise permitted under applicable laws and regulations, all data collected under the Mechanism is obtained either with the customer’s consent, as expressly stipulated in agreements or contractual documents executed by the customer, or from publicly available information.
4. All personal data obtained pursuant to the preceding paragraph shall be securely stored in dedicated databases. Where necessary for business purposes and in compliance with applicable laws and regulations, such data may be entrusted to third parties managing information systems for processing or storage, subject to appropriate management and control measures.
Access to and use of shared data shall be strictly governed by business-specific authorization controls and internal control mechanisms. Data sharing may only be conducted in accordance with applicable laws and established internal management policies, and any person outside the scope of authorization shall neither be permitted nor able to access such data.
為確保資訊系統及資料傳輸之安全性,將以SSL(Secure Sockets Layer)機制進行資料傳輸的加密,並且加裝防火牆防止不法入侵,以避免個人資料遭非法存取。另應用4至16不定位數密碼及亂碼化方式儲存密碼,並對於資料庫之運用、維護、系統使用人員權限設定及產出表報之管理等事宜,實施妥適之管理政策,以強化資料傳輸、儲存及應用之安全。
To ensure the security of information systems and data transmission, the Company will adopt Secure Sockets Layer (SSL) encryption mechanisms for data transmission and deploy firewalls to prevent unauthorized intrusion, thereby safeguarding personal data against unauthorized access. In addition, passwords consisting of 4 to 16 characters are stored in an encrypted and obfuscated format, and appropriate management policies are implemented with respect to database utilization, maintenance, user access controls, and the management of generated reports, so as to enhance the security of data transmission, storage, and use.
(一)當您訪問或使用本網站、行動應用程式(APP)時,本網站、APP會記錄您的訪問或使用足跡,以提供您更佳的個人化服務、方便您參與個人化的互動活動,及為管理本網站使用情形(包括但不限於分析訪客人數、網站流量、使用者分布、產品/服務關注程度、線上活動行為及使用模式)、提升本網站服務品質、提供符合您需求或興趣偏好之客製化資訊或廣告並追蹤其成效等目的。其中部分資料及訪客個人化設定資料將由本公司自行或透過合作廠商(如Google Analytics)運用cookies或其他類似技術之工具來紀錄、存取及蒐集您的線上行為資料。線上行為資料包括當您訪問本網站、其他網站及社群媒體平台(不論是否與本網站相連結者)所為網路行為而產生之資訊(包括但不限於IP位址、Cookie ID與其內容、唯一識別碼、網域名稱、裝置資訊、使用時間、瀏覽器類型、語言設定、地理位置、作業系統、伺服器紀錄、網頁搜尋/瀏覽/點選紀錄及使用模式與資訊或經合作廠商以其名義取得前開資料分析歸納而成標籤等類似資料),但均屬於不記名的訪客資料且不涉及個人聯絡方式。
(二)惟提醒您,當您訪問或瀏覽使用其他網站與社群平台時,該網站可能會蒐集您的資料,您將受其他網站各自的隱私權保護政策拘束。如您欲停止使用cookies或其他類似技術之工具,您可隨時自行更改瀏覽器、安裝程式或變更裝置之設定。如您選擇拒絕 cookies或其他類似技術之工具,您將可能無法使用本網站或APP部分個人化服務,或是參與部分線上活動。
1. When you visit or use the Company’s website or mobile application (“App”), the Company may record and track your browsing activities for the purposes of providing you with enhanced personalized services, facilitating your participation in personalized interactive activities, and managing the usage of the Company’s website (including but not limited to analyzing visitor numbers, website traffic, user distribution, levels of interest in products and services, online behavioral activities, and usage patterns), improving the quality of the Company’s services, providing customized information or advertisements tailored to your preferences or interests, and tracking the effectiveness thereof. Certain data and user preference settings may be recorded, accessed, and collected by the Company, either directly or through third-party service providers (such as Google Analytics), using cookies or other similar technologies. Online behavioral data includes information generated from your activities when visiting the Company’s website, other websites, or social media platforms (regardless of whether such platforms are linked to this website), including but not limited to IP addresses, cookie identifiers and their contents, unique identifiers, domain names, device information, time of use, browser type, language settings, geographic location, operating system, server logs, records of webpage searches, browsing and click activities, usage patterns, and tags or similar data derived by third-party service providers through the analysis and aggregation of the foregoing data. All such data is anonymized and does not involve personally identifiable contact information.
2. Please note that when you visit or use other websites or social media platforms, such platforms may also collect your personal data, and your data will be governed by the respective privacy policies of those platforms. If you wish to disable cookies or other similar technologies, you may do so at any time by adjusting the settings of your browser, applications, or devices. If you choose to reject cookies or similar technologies, you may be unable to use certain personalized services provided by the Company’s website or App, or to participate in certain online activities.
(一)在符合法令或經取得您同意之情況下,本公司及子公司、參與本機制資料共享之金融機構以及與本公司及子公司合作供應產品及服務的第三方供應商,得揭露、轉介或交互運用您的個人資料。惟為符合法令規定或配合政府機關之調查,本公司得於法令要求範圍內將您的個人資料揭露予主管機關、稅捐稽徵機關、司法機關及其他依法有調查權之機關。
(二)前述參與本機制資料共享之金融機構將另於本網站進行揭露。
1. Subject to applicable laws and regulations or with your consent, the Company and its Subsidiaries, financial institutions participating in the Mechanism, and third-party service providers cooperating with the Company and its Subsidiaries in the provision of products and services may disclose, transfer, or jointly use your personal data.
Notwithstanding the foregoing, the Company may, to the extent required under applicable laws and regulations or in cooperation with investigations conducted by governmental authorities, disclose your personal data to competent authorities, tax collection authorities, courts, judicial authorities, and other authorities with statutory investigative powers.
2. The financial institutions participating in the Mechanism as described above will be publicly disclosed on the Company’s website.
如果您的個人資料有變更,可通知本公司及子公司分支單位服務中心,經確認後更正您的相關資料,使本公司及子公司能持續提供您完整之金融資訊與服務。
If there are any changes to your personal data, you may notify the Company and the service centers of its branches and subsidiaries. Upon verification, your personal data will be updated accordingly, enabling the Company and its Subsidiaries to continue to provide you with comprehensive financial information and services.
除法令另有規定外,您得對本公司及子公司所蒐集、處理、利用與保存之個人資料,提出以下請求:
Unless otherwise provided under applicable laws and regulations, you may exercise the following rights with respect to your personal data collected, processed, used, and retained by the Company and its subsidiaries.
(一) 查詢、請求閱覽或製給複製本。
To request access to or review, or obtain copies of your personal data.
(二) 補充或更正。
To request supplementation or correction of your personal data.
(三) 停止蒐集、處理或利用。
To request the cessation of the collection, processing, or use of your personal data.
(四) 刪除。
To request the deletion of your personal data.
(五) 撤回有關蒐集、處理或利用之同意。
To withdraw your consent to the collection, processing, or use of your personal data.
(六) 請求停止行銷個人資料。
To request that the Company and its subsidiaries cease using your personal data for marketing purposes.
(七) 限制處理或利用方式。(限歐盟境內之資料主體適用)
To request the restriction of the processing or use of your personal data. (Applicable only to data subjects located within the European Union.)
(八) 請求限制自動決策臺端的個人資料或查詢自動決策所涉之邏輯及可能產生的重大後果。(限歐盟境內之資料主體適用)
To request the restriction of automated decision-making in relation to your personal data, or to obtain information regarding the logic involved and the potential significant consequences thereof. (Applicable only to data subjects located within the European Union.)
(九) 請求攜出或移轉個人資料。(限歐盟境內之資料主體適用)
To request the portability or transfer of your personal data. (Applicable only to data subjects located within the European Union.)
(十) 得向主管機關反應個人資料爭議事項。
To file complaints with the competent authorities regarding matters relating to personal data.
如您對於本措施或個人資料運用相關事項有任何疑問或有相關爭議時,得向玉山銀行客服(0800-30-1313、02-21821313)詢問或於訪客留言板(https://www.esunbank.com.tw/bank/about/services/customer/message-board)諮詢或申訴。
If you have any questions or disputes with respect to the Measures or the use of your personal data, you may contact the Customer Service Center of E.Sun Bank (Tel: 0800-30-1313; 02-21821313) or submit inquiries or complaints via the Visitor Message Board on the Company’s website (https://www.esunbank.com.tw/bank/about/services/customer/message-board).
請妥善保管您的CA(Certificate Authority)憑證、密碼或任何個人資料,不要將CA憑證、密碼或任何個人資料提供給任何人或其他機構。在您使用完本網站所提供的各項服務功能後,請務必記得登出帳戶,若您是與他人共享電腦或使用公用電腦,切記要關閉瀏覽器視窗,以防止他人讀取您的個人資料。
You are advised to properly safeguard your Certificate Authority (CA) certificate, passwords, and any personal data, and not to disclose such information to any third party.
After completing the use of the services provided on this website, please ensure that you log out of your account. If you are using a shared or public computer, you should close the browser window to prevent unauthorized access to your personal data.
為因應社會環境變遷、業務需求、科技發展與法令修改等,將不定時修訂本措施,並於本網站公告,以落實保障您的權益。
In response to changes in the social environment, business needs, technological developments, and amendments to applicable laws and regulations, the Company may revise the Measures from time to time and publish such revisions on its website in order to ensure the protection of your rights and interests.