Skip to Main Content

Hitachi Logo
earth icon
    mail icon Contact Us
    Hitachi Global
    Hitachi Global

    Privacy Policy

    Introduction

     

    Taiwan Hitachi Asia Pacific Co., Ltd. (hereinafter referred to as “Hitachi Taiwan” or “we”) fully understands the importance of personal data to you and is committed to protecting your personal data. In order to explain how we collect, use, share, and protect your personal data and other related information, we have established this Personal Data Protection Policy (“this Policy”). Please be sure to read it carefully, especially the provisions that are prominently highlighted in bold and underlined text, and make the decisions you consider appropriate.

     

    Once you click “Agree,” sign an acknowledgment, or otherwise accept this Policy, you are deemed to have known and understood all the terms of this Policy and to have agreed that we process your personal data in accordance with this Policy. This Policy shall then come into effect and become legally binding between you and Hitachi Taiwan.

     

    Hitachi Taiwan primarily protects personal data in the following ways:

     

    1. Collection, Processing, Use, and Provision of Personal Data
    Hitachi Taiwan has established a personal data protection management system for personal data that is collected, processed, used, and provided during the course of business operations, and complies with the principles of legality, legitimacy, and necessity in the collection, processing, use, and provision of personal data.

     

    2. Implementation of Security Systems and Measures
    With respect to the collection, processing, and use of personal data, Hitachi Taiwan always complies with the applicable personal data protection laws and regulations. To ensure the security of personal data, Hitachi Taiwan will adopt reasonable data security safeguards, properly manage personal data, restrict channels through which personal data may be disclosed externally, and prevent unauthorized reading or access (collectively referred to as “access”), and strives to prevent personal data leakage incidents.

     

    3. Respect for the Rights of Data Subjects
    When you request disclosure, correction, or deletion of your personal data, or request to reject the collection, processing, use, or provision of personal data, Hitachi Taiwan will, in accordance with the requirements of the applicable laws and regulations, respect the rights of data subjects and respond to and handle such requests as soon as possible.

     

    4. Establishing and Continuously Improving the Personal Data Management System
    Hitachi Taiwan’s management and employees all understand the importance of personal data protection. The Company has established and implements relevant personal data management systems internally to ensure that personal data is used and protected appropriately. Such management systems will be fully implemented and continuously improved.

     

     

    Definition of Personal Data

     

    Personal data refers to data related to a natural person, recorded electronically or by other means, and that can be used to identify the identity of a specific natural person, excluding de-identified data. Examples include name, date of birth, national ID number, photograph or voice recording, type of work or job title, and other related data (including data that cannot identify a specific individual when used alone, but can identify a specific natural person when combined with other data).

     

    Sensitive personal data refers to personal data that, once leaked, unlawfully provided, or misused, may endanger personal safety or property, or may easily lead to harm to a natural person’s reputation, mental or physical health, or discrimination. Such data includes personal financial account data such as bank account and loan records, personal biometric data such as fingerprints, iris scans, and facial recognition features, personal health and physiological data such as past medical history and fertility information, personal identity data such as ID cards and passports, as well as data such as religious beliefs and movements or whereabouts. Sensitive personal data referred to in this Policy is prominently highlighted in bold. Please carefully consider whether to provide such data to us during use. However, personal data relating to medical records, medical treatment, genetics, sexual life, health examinations, and criminal records as specified in Article 6 of the Personal Data Protection Act shall be handled in accordance with the relevant provisions, regardless of whether such data constitutes sensitive personal data under this section.

     

    We do not collect personal data relating to medical records, medical treatment, genetics, sexual life, health examinations, or criminal records as specified in Article 6 of the Personal Data Protection Act. Please confirm that the personal data you provide does not include such data. If we discover that the personal data you provided contains such data, we will immediately delete it.

     

     

    Scope of Application

     

    This Policy applies to: (1) the personal data we obtain online when you use our website; and (2) the personal data we obtain through your purchase and use of our products and services.

     

    This Policy does not apply to products and services for which separate privacy policies have been published. If Hitachi Taiwan has separately established another version of a personal data protection policy for a specific product and/or service, then the corresponding personal data protection policy shall apply to such specific product and/or service.

     

    This Policy does not apply to products and/or services provided to you by other third parties. Our official website may contain links to third-party websites. The products or services related to such third-party websites are not governed by this Policy. We recommend that when you visit such third-party websites, you review their personal data protection policies to understand the personal data protection measures of those third parties.

     

     

    Collection, Processing, and Use of Personal Data

     

    The personal data we collect includes, but is not limited to, your name, age, gender, date of birth, national ID number/passport number, residential address, email address, phone number (including mobile number), social media account information such as LINE and WeChat, credit card number and authorization code, and bank account information.

     

    We may process your relevant sensitive personal data (excluding the data specified in Article 6 of the Personal Data Protection Act). We will process such data only with your separate consent and will adopt necessary security measures to protect the safety of your sensitive personal data, except where otherwise required by law or regulation.

     

    If any personal data you provide is not your own personal data, before providing us with the personal data of another data subject, you must ensure that you have disclosed this Policy to that person and obtained their authorization and consent. We will protect the personal data of such other data subjects in accordance with this Policy.

     

    1. Responding to inquiries through contact methods provided on the official website

    When you submit written or telephone inquiries to Hitachi Taiwan through the contact methods provided on the official website regarding business matters, company information (corporate information inquiries, R&D activities, CSR activities), recruitment, or data compliance (cybersecurity, personal data, and data protection), we will, with your authorization and consent, collect your name and email address in order to facilitate future contact and respond to or answer your inquiry. You may also choose to further provide your gender, contact phone number, and company name to make it easier for us to contact you.

     

    2. Other purposes

    In addition to the above inquiries, we may also collect and use your personal data for the purpose of promoting our products and services to you, when necessary for your purchase and use of our products and services, and for the purpose of improving our products and services. If we need to collect and use your personal data in other specific business scenarios, we will inform you separately and obtain your consent in accordance with the law.

     

     

    Use of Cookies and Web Beacons

     

    A cookie is a small text file that our website sends to your browser when you visit our official website, which helps the browser record information related to the visit, such as default language and other settings. Cookies can provide you with a more convenient browsing experience on your next visit to the official website. Web Beacon technology can be used in conjunction with cookies and can record the number of visits you make to a specific page.

     

    We use cookies for multiple purposes, including making it easier for you to use our official website, counting the number of visitors to webpages, remembering your language settings, and providing customized advertisements. The official website may use cookies or similar technologies such as web beacons (Clear GIFs). You may also refuse to accept cookies by changing your browser settings, or configure your browser to alert you when cookies are being accepted. When you refuse to accept cookies, you may also refuse web beacons. Please refer to your browser instructions for details. If you refuse to accept cookies, you may not be able to use services on the official website that require cookies. We appreciate your understanding.

     

     

    Purposes for Which We Collect, Process, and Use Your Personal Data

     

    You agree that Hitachi Taiwan may collect your personal data from the channels described above and that we may, to the extent necessary, collect, process, and use your personal data for the following purposes. If we collect, process, and use your personal data for other purposes not specified in this Policy, we will obtain your prior consent.

    a. To perform contracts between business partners and Hitachi Taiwan;
    b. To contact customers or suppliers for negotiations or meetings;
    c. To provide our services, including after-sales service for products;
    d. To send meeting notices or new product information;
    e. To respond to various inquiries;
    f. To conduct surveys and analyze them to improve our products or services;
    g. To provide personal data to affiliates of the Hitachi Group when Hitachi Taiwan and such affiliates jointly carry out business activities;
    h. To comply with legal and regulatory requirements, execute court orders, fulfill other legal procedures, or respond to requests from competent government authorities.

     

     

    Provision of Personal Data to Third Parties

     

    As a general rule, we will not provide your personal data to third parties. If we provide your personal data to any third party not disclosed in this Policy, we will inform you separately. In addition, we will obtain your separate consent for providing your personal data to third parties, except as otherwise provided by law or regulation.

     

    We will only provide your personal data to third parties in the following ways:

    a. Provision to partners: For the purpose of providing relevant products and/or services to you, implementing certain functions, or for business collaboration purposes, we may, in accordance with the law and upon prior notice to you and with your consent, provide personal data to partners;

    b. Provision to affiliates: Based on our company management requirements, we may provide personal data to our affiliates, after informing you and obtaining your consent;

    c. Provision in accordance with relevant agreements or other legal documents signed with you;

    d. Disclosure in accordance with applicable laws and regulations, legal procedures, compulsory administrative or judicial requirements, and/or requirements of higher supervisory authorities, including but not limited to provision to government agencies, judicial authorities, and their subordinate units.

     

    When your personal data is provided to third parties, such third parties will process and protect your personal data in accordance with their respective personal data protection policies. We will endeavor to require such third parties to take the necessary measures to protect personal data. At the same time, we recommend that you read the relevant third parties’ personal data protection policies to understand how they process your personal data and the rights you enjoy as a data subject.

     

     

    Transfer and Disclosure of Personal Data

     

    Except where required by applicable laws and regulations, legal procedures, compulsory administrative or judicial requirements, and/or requirements of higher supervisory authorities, or where your express consent has been obtained, we will not transfer your personal data to any company, organization, or individual. If we transfer your personal data to a third party, we will inform you separately unless otherwise required by law or regulation. The recipient will continue to be bound by this Policy; otherwise, your consent must be obtained again.

     

    Except where required by applicable laws and regulations, legal procedures, compulsory administrative or judicial requirements, and/or requirements of higher supervisory authorities, or where your express consent has been obtained, we will not disclose your personal data.

     

     

    Exceptions to Obtaining Consent

     

    We may process your personal data without first obtaining your authorization and consent in the following circumstances:

    a) Where expressly provided by law;
    b) Where we have a contractual or similar contractual relationship with you and have adopted appropriate security measures;
    c) Where the personal data has been disclosed by you yourself or otherwise lawfully disclosed;
    d) Where it is necessary for academic research institutions to conduct statistical analysis or academic research in the public interest, and the data has been processed by the provider or, as collected, cannot identify a specific individual according to the disclosed method;
    e) Where it is necessary to promote the public interest;
    f) Where the personal data is obtained from sources that are generally available to the public. However, this shall not apply where you have a greater and more compelling interest in prohibiting the processing or use of such data;
    g) Where no infringement of your rights and interests occurs.

     

     

    Retention of Personal Data

     

    As a general rule, unless otherwise stated in the “Cross-Border Transfer of Personal Data” section of this Policy, Hitachi Taiwan will store personal information collected and generated in the course of operations in Taiwan, in accordance with applicable laws and regulations. Unless otherwise required by law, by law enforcement authorities, or unless you consent to a longer retention period, we will retain your personal data for the shortest period required by law and for the period necessary to achieve the purposes described in this Policy.

     

     

    Your Rights and Choices Regarding Personal Data

     

    We will endeavor to ensure your rights to access, correct, or delete your personal data. If applicable laws and regulations prevent us from fulfilling your request, we will provide you with a reasonable explanation.

    a) Right to access and copy: You have the right to access, review, and copy your personal data collected in our services;
    b) Right to correct and supplement: When you find that your personal data held by us is incorrect or incomplete, you have the right to request that your personal data be corrected or supplemented;
    c) Right to delete: When you no longer use our services, or when you withdraw your consent for our processing of your personal data and request deletion of your personal data, or when we collect, use, or share your personal data with others in violation of laws, regulations, or our agreement with you, you have the right to request deletion of your personal data. If the statutory retention period has not expired, or if deletion of personal data is technically difficult to achieve, we will stop processing other than storage and the implementation of necessary security protection measures;
    d) Right to request explanation: You have the right to request that we explain the rules governing personal data processing;
    e) Right to withdraw consent: Each service requires some basic personal data in order to be completed. For personal data that is not necessary to collect, you may give or withdraw your authorization and consent at any time. After you withdraw your consent, we will no longer process the corresponding personal data. However, your withdrawal of consent does not affect the validity of personal data processing activities carried out before the withdrawal based on your consent.

     

    When you request to exercise the above rights or file other complaints, we will conduct a brief verification of your identity and the authenticity of your request. As a general rule, we will respond with our handling opinion or result within 15 days.

     

    As a general rule, we do not charge a fee for reasonable requests. However, for repeated requests that exceed a reasonable scope, we may charge a certain fee at our discretion. Requests requiring excessive technical measures or that are impractical may be rejected.

     

     

    Cross-Border Transfer of Personal Data

     

    As a member of the corporate group of Hitachi, Ltd. (hereinafter referred to as the “Group Companies”), Hitachi Taiwan needs to use the Group Companies’ unified systems and email systems. As an important part of the Group Companies’ global business management network, we need to always maintain business management and data exchange with the Group Companies. Therefore, Hitachi Taiwan may need to transfer your personal data to servers of its parent company and Group Companies located outside Taiwan, such as in Japan and the United States.

     

    After your personal data is transferred abroad in the manner described above, it will only be stored on the Group Companies’ servers. Unless otherwise notified to you and your separate authorization and consent have been obtained, neither the Group Companies nor any other third party will access or process your personal data stored on overseas servers by any means. During the above cross-border transfer of personal data, Hitachi Taiwan will comply with the requirements of Taiwan’s relevant laws and regulations, conduct a personal data international transfer security assessment where necessary in accordance with the law, and anonymize and de-identify personal data to the greatest extent possible in order to protect the security of your personal data.

     

     

    Personal Data Protection Measures

     

    We are continuously improving organizational and technical measures related to personal data protection. Through a well-established internal personal data management system, we strictly restrict access to and use of personal data. At the same time, we adopt necessary security technologies to protect your personal data from unauthorized access, destruction, tampering, or disclosure.

     

    The online environment is not 100% secure, and we will endeavor to ensure the security of any data you send to us. In the event of an incident that threatens network security, we will promptly address the security risk, take corresponding remedial measures, and report it to the relevant competent authorities in accordance with applicable laws and regulations. At the same time, we will inform you as soon as possible, in accordance with legal and regulatory requirements, of the basic circumstances and possible impact of such incident, the measures we have taken or will take, and the remedial measures available to you. We will notify you of the relevant incident as soon as possible through the contact methods you have provided, such as text message, email, or telephone. If individual notification is difficult, we will issue a public notice through reasonable and effective means, such as posting an announcement on the official website.

     

     

    Protection of Minors

     

    Hitachi Taiwan does not separately provide products and services to minors. Except as otherwise required by laws and regulations or by law enforcement authorities, we do not actively and separately collect personal data from minors. If you believe that we have collected a minor’s data, please contact us promptly, and we will verify the matter and delete the personal data as soon as possible. If you are a minor, you should use our products or services with the consent of your guardian or through your guardian acting on your behalf. Where personal data of minors is collected in connection with products or services used with the guardian’s consent, we will process such personal data only in accordance with the rules set forth in this Policy and only to the extent permitted by law and with the guardian’s consent.

     

     

    Updates to This Policy

     

    This Policy may be updated as new laws or regulations are enacted or amended, our products and/or services are updated or optimized, or other material changes occur. For updates to this Policy, especially material changes, we will notify you as soon as possible through appropriate means (such as a website announcement) of the specific changes to this Policy.

     

    Material changes referred to in this Policy include, but are not limited to, the following:

    ① A material change in our service model, such as changes in the purpose of personal data processing, methods of processing, and categories of personal data processed, or the addition of services or functions involving the collection of personal data;
    ② Changes in third-party recipients to whom we provide personal data or transfer data;
    ③ Material changes to your rights regarding participation in personal data processing and the way such rights are exercised.

     

    The updated version of this Policy shall take effect from the date of publication. However, if the changes involve material changes, we will obtain your consent again for such changes. The updated version of this Policy shall take effect after your consent. If you refuse to accept it, you will not be able to continue using the corresponding service functions.

     

     

    Contact Us and External Dispute Resolution Channels

     

    If you have any questions, comments, or suggestions regarding this Personal Data Protection Policy, please contact us through our official website (click here. Unless otherwise required by law or expressly stated in this Policy, we will respond within 15 days of receiving your inquiry. If you are not satisfied with our response, especially if you believe that our personal data processing activities infringe upon your lawful rights and interests, you may also:

    (1) File a complaint, petition, or provide feedback to the department responsible for personal data protection duties, such as the public opinion mailbox of the Preparatory Office of the Personal Data Protection Commission: https://www.pdpc.gov.tw/cp/138/; or

    (2) File a lawsuit with the court having jurisdiction over Hitachi Taiwan’s place of residence, unless this Policy serves as an appendix to, or part of, any contract, agreement, or similar legally binding document signed between Hitachi Taiwan and you, in which case the dispute resolution method shall be governed by the terms of such contract, agreement, or other document.