Language
Search
Close
Contact Us

Privacy Policy

(Kanban Image)

Updated on: September 2025

Flytech Technology Co., Ltd. and its affiliates (hereinafter referred to as “we” or “Flytech”) are committed to implementing robust management and protection of personal data and privacy. In compliance with applicable personal data protection and privacy laws, and with reference to local regulations in our operating locations as well as the EU General Data Protection Regulation (GDPR), we have established this Privacy Policy (hereinafter referred to as “this Policy”) as the guiding principle for privacy protection. This Policy ensures the rights of individuals with respect to their personal data and privacy, while mitigating potential impacts arising from personal data incidents.

This Policy applies to individuals outside Flytech, including but not limited to customers, visitors to our websites, visitors to our premises, investors, users of our products or services, employees of our corporate clients, employees of suppliers and contractors, job applicants, and employees of Flytech (hereinafter referred to as “you”). Any violation of this Policy by Flytech employees will be subject to disciplinary action, up to and including termination of employment. Suppliers who fail to comply with this Policy may face termination of their business relationship with Flytech.

Flytech may revise this Policy from time to time in response to changes in personal data processing practices or legal requirements. We encourage you to read this Policy carefully and review it periodically to stay informed of its latest updates.

1. Personal Data We Collect

When you become, or may become, our employee, supplier, or potential customer, we may collect your personal data depending on the nature of the relationship, including:

  • Name, gender, date of birth
  • Address, telephone number, email address
  • Employer and job title
  • National identification number, passport number, or other identification numbers
  • Facial photograph
  • Data collected through cookies on our websites
  • Educational background, work experience, and professional qualifications of job applicants
  • Transaction details and banking information
  • Other information that may directly or indirectly identify an individual

The specific personal data collected may vary depending on the purposes for which it is collected and used.

2. Purposes of Processing and Use of Personal Data

In compliance with applicable laws, we collect, process, and use your personal data for the following purposes:

  • Provision of Products and Services: Including but not limited to entering into or performing contracts for the provision or procurement of products or services, as well as communications related to such products and services.
  • Communication and Marketing: Including but not limited to updating systems, processes, and related information, facilitating interactions, and maintaining or updating contact information.
  • Operations and Management: Including but not limited to customer or supplier management and human resources management.
  • Physical Security and Safety: Including but not limited to site access records, CCTV recordings, and system login and access records.

3. Processing, Retention, and Use of Personal Data

In compliance with applicable laws, we collect, process, and use your personal data as follows:

  • Notice and Consent: For different categories or purposes of personal data, we will provide clear and sufficient information and grant you the right to make choices regarding specific items. Such data will only be collected, processed, and used after obtaining your consent.
  • Purpose Limitation: The collection, processing, and use of personal data shall not exceed the specified purposes; we will not use the data for other purposes or conduct secondary use, and we will continuously monitor and manage the status of such data.
  • Data Processing Scenarios: When you contact us or visit our website, we may process personal data relating to you. This may include combining data obtained from our websites, products, or services, as well as from different devices, for record-keeping and related use.
  • Accuracy and Updates: We will take reasonable measures to ensure that the personal data we process is accurate and up to date. If your personal data contains errors in relation to the purpose of processing, we will promptly correct or delete it and may periodically confirm its accuracy with you.
  • Scope of Processing: We will take reasonable measures to ensure that the scope of personal data processing is relevant to the purposes set out in this Policy and shall limit processing strictly to such scope.

4. Disclosure of Personal Data

Unless one of the following circumstances applies, we will not disclose your personal data to any third party:

  • With Your Consent: We will only disclose or share your personal data with third parties after obtaining your explicit consent.
  • Affiliates: We may disclose your personal data to our affiliates in order to fulfill our business relationship with you, including but not limited to the provision of related products or services.
  • Suppliers or Service Providers: Within the scope necessary for the business relationship, we may disclose your personal data to suppliers or partners, such as logistics companies responsible for delivering or returning products you have purchased or repaired, banks handling payment transactions, or partners assisting us in providing sales services, technical support, and maintenance services. In such cases, we will enter into agreements with these suppliers, requiring them to process personal data only within the scope of our prior written instructions, comply with applicable legal requirements, and establish mechanisms to safeguard data security and confidentiality.
  • Professional Advisors: For risk assessment purposes, we may disclose your personal data to professional advisors, such as auditors and external marketing, legal, or financial consultants.
  • Legal or Governmental Requirements: We may disclose your personal data, to the necessary extent, to relevant governmental or judicial authorities as required by applicable laws, court orders, or government directives, or in connection with litigation, investigations, or the prevention of criminal activities.

5. Retention of Personal Data

We will not retain your personal data for longer than necessary, unless one of the following circumstances applies:

  • Business Relationship: For managing business relationships (including those with customers and suppliers), we may retain your personal data for a reasonable period of time to facilitate future transactions.
  • Legal Compliance: To comply with tax laws or other legal requirements, we will retain your personal data for the specific period prescribed by applicable laws and regulations.
  • Investigations or Litigation: We will retain your personal data during government or judicial investigations, or throughout the duration of legal proceedings.
  • General Retention Principle: Unless otherwise agreed, the retention period for personal data will generally be five years, or until the specific purpose of collection ceases or the agreed period expires. Upon the expiration of the retention period, we will take one of the following measures to handle your data: permanently delete, destroy, or anonymize the relevant personal data.

6. Security and Storage of Personal Data

We take all reasonable and appropriate measures (including but not limited to equipment security management and security audit mechanisms, such as encryption and firewalls) to protect personal data, prevent unlawful intrusion or unauthorized access, and avoid alteration, leakage, or destruction of your personal data.

However, due to the open nature of the internet, information transmitted online cannot be fully guaranteed as secure. While we have implemented reasonable measures to protect your personal data, we cannot guarantee absolute security during the transmission of information via the internet. You acknowledge and assume the potential risks of such transmissions and should ensure that the process of sending information to us does not present security issues.

If we become aware of a personal data breach, we will notify you without undue delay.

7. Cross-Border Transfers

As a multinational enterprise, and within the scope of the original purposes for which personal data was collected, processed, and used, and in compliance with this Policy, your personal data may be transferred and used by subsidiaries located in different countries. The personal data we collect from you may also be transferred, stored, processed, and used across our affiliates and service providers in various countries and jurisdictions.

For such cross-border transfers, storage, processing, and use, we will comply with this Policy as well as applicable privacy and data protection laws and regulations of each relevant jurisdiction.

8. Your Rights Regarding Personal Data

Subject to applicable laws, you may exercise the following rights:

  • Right to Choose Not to Provide Personal Data: You may choose not to provide your personal data. However, if you decide not to provide such data, we may be unable to fully deliver certain website features or services.
  • Right to Withdraw Consent: For personal data collected for different purposes as described in this Policy, you may individually withdraw your prior consent for the collection, processing, and use of such data. Upon exercising this right, we will cease the collection, processing, and use of your personal data.
  • Right to Restrict Processing: You may request restrictions on the processing of your personal data.
  • Right of Access: You may request to access or review your personal data, request a copy of such information, or request information related to the nature of the processing activities.
  • Right to Rectification: You may request rectification or completion of your personal data.
  • Right to Erasure: You may request the deletion of your personal data in accordance with applicable laws. Upon receiving such a request, we will delete your personal data, except where retention is necessary for the fulfillment of legal obligations or as otherwise required by law.
  • Rights under GDPR: If you are a resident of the European Economic Area (EEA), under the GDPR you have the right to request restrictions on the processing of your personal data and, where technically feasible, the right to request the portability of your personal data in a structured, commonly used, and machine-readable format.
  • Rights under CCPA: If your data originates from California, United States, you are entitled to the following rights under the California Consumer Privacy Act (CCPA): the right to access your personal data, the right to request deletion of your personal data, the right to opt out of the sale of your personal data, and the right not to be discriminated against for exercising your CCPA rights.
  • Identity Verification: In certain circumstances, before assisting you in exercising your rights, we may require you to provide proof of identity.
  • Review of Related Facts: Where your request requires verification of other facts (for example, whether our processing of your personal data complies with applicable laws), we will promptly review the relevant facts to determine how to respond to your request.

9. Personal Data Management Mechanisms

  • We incorporate privacy and personal data protection into enterprise-level risk management to mitigate potential impacts.
  • To ensure the effective implementation of privacy protection, we have established personal data protection management systems and conduct regular reviews of their effectiveness.
  • Where necessary, we initiate external audit programs to examine whether personal data protection measures and procedures comply with applicable laws and our internal management systems, to continuously enhance the effectiveness of our data management mechanisms.
  • Our internal control department conducts audit activities covering the collection, processing, and transmission of personal data to ensure that related operations comply with local laws and this Policy.

10. Training and Awareness

We regularly conduct privacy protection training for all personnel and periodically evaluate its effectiveness.

11. Cookie

When you visit our website, we may collect your personal data in accordance with applicable laws or with your prior consent where required, through various methods. Most of the personal data we receive is voluntarily provided by users seeking information about our products and services, or automatically collected through technical tools. When you browse our website, our IT systems may collect passive information such as your Internet Protocol (IP) address, browser type, and operating system.

We use Cookies to record the date and time of your visits. Session Cookies are deleted once you close your browser, while persistent Cookies remain stored on your device until you manually delete them or until they expire according to your browser settings.

12. Disciplinary Actions

We maintain a zero-tolerance approach to any conduct that violates this Policy. Upon receiving a report, we will promptly conduct a thorough investigation and take appropriate action.

If a violation of this Policy is confirmed, we will, in accordance with applicable laws and our internal regulations, impose disciplinary measures on the individual concerned, which may include a warning, demerit, or reduction of bonuses. In serious cases, we may terminate employment and report the matter to the competent judicial authorities for legal action.

13. Changes to This Policy

We may amend this Policy from time to time. Therefore, we encourage you to review it periodically. By continuing to use any services provided on our website after this Policy has been revised, you are deemed to have agreed to the updated terms.

In the event of any material changes to this Policy, we will announce such changes on our website or notify you by email. You may check the Last Updated (month/year) date at the top of this page to confirm the latest version of this Policy.

14. Contact Information

If you have any comments, questions, or concerns regarding this Policy, or if you become aware of any incident that may compromise your rights or any other potential violation of this Policy, you may contact us at any time.

If you believe that we have not properly handled your personal data, you may file a complaint with the data protection authority in your country of residence.

Flytech is committed to keeping the identity of whistleblowers and the content of their reports confidential. We also accept anonymous reports to ensure that whistleblowers are not subject to unfair treatment as a result of their reporting.

 

Flytech Technology Co., Ltd. – Personal Data Protection Team
Address: No. 168, Sing-ai Rd., Neihu District 11494, Taipei City, Taiwan
Email:dpo@flytech.com

TOP