Taiwan Cooperative Financial Holding Co., Ltd. and its subsidiaries (hereinafter “the Group”) share customer data in accordance with the Financial Holding Company Act, Personal Data Protection Act, Guidelines for Information Sharing Among Financial Institutions, and other relevant laws and regulations. To fulfill the Group’s duty of keeping customer data confidential and to protect customer rights, the Group has formulated the Customer Data Sharing Privacy Protection Statement (hereinafter “the Statement”).

The Group engages in data sharing operations to strengthen its risk management, improve customer convenience (e.g., reduce redundant data entry), facilitate inter-institutional financial cooperation, and comply with related laws and regulations.

Upon acquiring customer data, the Group adopts appropriate security measures. Data are securely stored within the Group’s databases and managed according to the Group’s internal regulations. Data access is controlled, and the use of shared data is managed based on operational responsibilities and authority. All customer data are shared in compliance with relevant laws and regulations and under the principle of information security. Customer data access and usage are denied for unauthorized personnel.

Customers may, at any time, request through the Group’s service channels (e.g., in writing, by visiting the Group’s business locations, or by calling its customer service hotlines) to cease the sharing of all or parts of their data, or file complaints about disputes arising from the Group’s data sharing operations. Upon receiving such requests, the Group will promptly discontinue the use of the customers’ data within a reasonable number of business days, or proceed with handling the complaints in accordance with its internally established procedures.

Details of data shared by the Company are disclosed in the attached table. Future additions or changes to the data sharing recipients of the Group’s subsidiaries will be announced on the subsidiaries’ respective company websites. Data sharing between the Group and its financial institution partners, unless permitted by other laws, will adhere to the Personal Data Protection Act and other relevant laws and regulations, and will only be conducted after explicitly obtaining customers’ consent.

The Company will amend the Statement when needed in accordance with relevant laws and regulations, and will announce the changes on its company website.
For matters not covered in the Statement, they will be handled in accordance with the “TCFHC Customer Information Confidentiality Measures” announced on the Company’s website.