玉山銀行蒐集、處理及利用個人資料法定告知事項

Mandatory Disclosure Regarding Use of Personal Data by E.SUN Bank


2024.01 (2024.01 Version)

玉山商業銀行股份有限公司(以下簡稱本行)個人資料運用法定告知事項:
由於個人資料之蒐集,涉及 臺端的隱私權益,本行向 臺端蒐集個人資料時,依據個人資料保護法(以下稱個資法)第八條第一項規定,應明確告知 臺端下列事項:(一)非公務機關名稱(二)蒐集之目的(三)個人資料之類別(四)個人資料利用之期間、地區、對象及方式(五)當事人依個資法第三條規定得行使之權利及方式(六)當事人得自由選擇提供個人資料時,不提供將對其權益之影響。

Mandatory disclosure regarding use of personal data by E.SUN Commercial Bank Co., Ltd. ("Bank"): Due to the fact that gathering personal information involves risking your privacy, the Bank is bound by Article 8, Paragraph 1 of the Personal Data Protection Act (PDPA) to inform you of the following: (1) Name of the non-government institution that will be collecting your information; (2) Purposes for collecting information; (3) Types of personal information collected; (4) The time, place, subject, and method of which personal information is used; (5) Information owner's rights vested under Article 3 of PDPA; and (6) Impacts to information owner's interests when opting not to provide personal information.

  1. 一、蒐集之目的:Purpose of collection:

    (一) 共通特定目的:
    040行銷(包含金控共同行銷或合作推廣業務)、059金融服務業依法令規定、金融監理需要、犯罪預防及刑事偵查,所為之蒐集處理及利用(包括但不限於執行洗錢防制作業及配合全球打擊恐怖份子調查等目的)、060金融爭議處理、061金融監督、管理與檢查、063非公務機關依法定義務所進行個人資料之蒐集處理及利用、069契約、類似契約或其他法律關係管理之事務、090消費者、客戶管理與服務、091消費者保護、098商業與技術資訊、104帳務管理及債權交易業務、129會計與相關服務、135資(通)訊服務、136資(通)訊與資料庫管理、137資通安全與管理、148網路購物及其他電子商務服務、152 廣告或商業行為管理、157調查、統計與研究分析、177其他金融管理業務、182其他諮詢與顧問服務。

    Common purposes:
    040 Marketing (includes cross-selling and joint marketing in a financial group);059 Information gathering, processing and uses required by law on financial service providers for supervisory purpose, crime prevention and criminal investigation (including but not limited to implementing anti-money laundering operations and facilitating global counter terrorism investigations); 060 Resolution of financial disputes; 061 Financial supervision, governance and inspection; 063 Information gathering, processing and uses required by law on non-government institutions; 069 Management of contracts, contract-like arrangements or legal relations; 090 Consumer/Customer management and service; 091 Consumer protection; 098 Commercial and technical information; 104 Account management and debt transactions; 129 Accounting and related services; 135 Information/Communication services; 136 Information, communication and database management; 137 Information/Communication security and management; 148 Online shopping and other e-commerce services; 152 Advertisement or commercial behavior administration ;157 Survey, statistics and analysis; 177 Other financial management; 182 Other consultancy services.
    (二) 業務特定目的:
    Service specific purposes:

    1. 存匯業務:
      022外匯業務、036存款與匯款業務、067信用卡、現金卡、轉帳卡或電子票證業務、082借款戶與存款戶存借作業綜合管理、104帳務管理及債權交易業務、106授信業務、111票劵業務、112票據交換業務、160憑證業務管理、181其他經營合於營業登記項目或組織章程所定之業務。
      Deposits:
      022 Foreign currencies; 036 Deposits and remittance; 067 Credit card, cash card, debit card and stored value card; 082 Combined management of loan and deposit accounts; 104 Account management and debt transactions; 106 Credit; 111 Notes; 112 Check clearance; 160 Certificate management; 181 Other registered services or services specified in the Memorandum of Association.
    2. 授信業務:
      022外匯業務、067信用卡、現金卡、轉帳卡或電子票證業務、082借款戶與存款戶存借作業綜合管理、088核貸與授信業務、106授信業務(含事後管理)、111票券業務、126債權整貼現及收買業務、154徵信、181其他經營合於營業登記項目或組織章程所定之業務。
      Loans:
      022 Foreign currencies; 067 Credit card, cash card, debit card and stored value card; 082 Combined management of loan and deposit accounts; 088 Loan approval and disbursement; 106 Credit (including post-lending management); 111 Notes; 126 Debt discount and purchase business; 154 Credit assessment; 181 Other registered services or services specified in the Memorandum of Association.
    3. 信用卡業務:
      001人身保險、022外匯業務、067信用卡(含附加功能服務)、現金卡、轉帳卡或電子票證業務、082借款戶與存款戶存借作業綜合管理、088核貸與授信業務、093財產保險、106授信業務、127募款(包含公益勸募)、154徵信、160憑證業務管理、181其他經營合於營業登記項目或組織章程所定之業務。
      Credit cards:
      001 Life and health insurance; 022 Foreign currencies; 067 Credit card (including supplementary features), cash card, debit card and stored value card; 082 Combined management of loan and deposit accounts; 088 Loan approval and disbursement; 093 Property insurance; 106 Credit; 127 Fundraising (including fundraising for charities); 154 Credit assessment; 160 Certificate management; 181 Other registered services or services specified in the Memorandum of Association.
    4. 外匯業務:
      022外匯業務、036存款與匯款業務、082借款戶與存款戶存借作業綜合管理、088核貸與授信業務、106授信業務、154徵信、181其他經營合於營業登記項目或組織章程所定之業務。
      Foreign exchange:
      022 Foreign currencies; 036 Deposit and remittance; 082 Combined management of loan and deposit accounts; 088 Loan approval and disbursement; 106 Credit; 154 Credit assessment; 181 Other registered services or services specified in the Memorandum of Association.
    5. 財富管理業務:
      001人身保險、022外匯業務、036存款與匯款業務、044投資管理、065保險經紀、代理、公證業務、068信託業務、082借款戶與存款戶存借作業綜合管理、093財產保險、094財產管理、166證券、期貨、證券投資信託及顧問相關業務、181其他經營合於營業登記項目或組織章程所定之業務。
      Wealth Management Services:
      001 Life and health insurance; 022 Foreign currencies; 036 Deposits and remittance; 044 Investment management; 065 Insurance brokerage, agency, and notarization; 068 Trust; 082 Combined management of loan and deposit accounts; 093 Property Insurance; 094 Property Management; 166 Securities, futures, securities investment trust and consulting services; 181 Other registered services or services specified in the Memorandum of Association.
    6. 財務金融業務:
      022外匯業務、036存款與匯款業務、044投資管理、068信託業務、082借款戶與存款戶存借作業綜合管理、094財產管理、111票券業務、166證券、期貨、證券投資信託及顧問相關業務、181其他經營合於營業登記項目或組織章程所定之業務。
      Financing:
      022 Foreign currencies; 036 Deposits and remittance; 044 Investment management; 068 Trust; 082 Combined management of loan and deposit accounts; 094 Property management; 111 Notes; 166 Securities, futures, securities investment trust and consulting services; 181 Other registered services or services specified in the Memorandum of Association.
    7. 電子支付機構相關業務:
      022外匯業務、036存款與匯款業務、044投資管理、067信用卡、現金卡、轉帳卡或電子票證業務、068信託業務、082借款戶與存款戶存借作業綜合管理、088核貸與授信業務、094財產管理、106授信業務、112票據交換業務、154徵信、166證券、期貨、證券投資信託及顧問相關業務、181其他經營合於營業登記項目或組織章程所定之業務。
      Electronic payment service providers:
      022 Foreign currencies; 036 Deposits and remittance; 044 Investment management; 067 Credit card, cash card, debit card and stored value card; 068 Trust; 082 Combined management of loan and deposit accounts; 088 Loan approval and disbursement; 094 Property management; 106 Credit; 112 Check clearance 166 Securities, futures, securities investment trust and consulting services; 181 Other registered services or services specified in the Memorandum of Association.
    8. 其他:
      其他經營合於營業登記項目或組織章程所定之業務,或經中央主管機關核准辦理之其他有關業務(例如:保管箱業務、黃金存摺、電子金融業務、代理收付業務、共同行銷或合作推廣業務…等。
      Other:
      Other registered services or services specified in the Memorandum of Association or approved by the authority (e.g. safety deposit box, Gold Investment, electronic banking, automatic payment, joint marketing and promotion...)

    1. 二、個人資料之類別:Types of personal information:

      姓名、身分證統一編號、性別、出生年月日、通訊方式、影像、語音、生物特徵(包含但不限於人像、指紋等)、訪問本網站或行動應用程式(APP)或社群媒體之特定標準資訊(例如:IP位址、Cookie ID 與其內容、唯一識別碼、網域名稱、裝置資訊、使用時間、瀏覽器類型、語言設定、地理位置、作業系統、伺服器紀錄、網頁搜尋/瀏覽/點選紀錄及使用模式與資訊或經合作廠商以其名義取得前開資料分析歸納而成標籤等類似資料)及其他詳如相關業務申請書或契約書之內容,並以本行與客戶往來之相關業務、帳戶或服務及自客戶或第三人處(例如:財團法人金融聯合徵信中心、財團法人保險事業發展中心等)所實際蒐集之個人資料為準。

      Name, national ID number, gender, date of birth, contact information, image, voice, biometric (including but not limited to portrait, fingerprint, etc.), information about specific standard information for accessing the website, app, or social media (for example: IP address, cookie ID and cookie contents, unique identification codes, domain names, device information, usage time, browser type, language settings, geographic location, operating system, server record, webpage search/browse/click record, modes of use, and information or labels and other similar data obtained by partner companies in their own name by analyzing and collating the above-mentioned data), and information such as the contents of relevant business applications or contracts. The information from the relevant business, account or service relationship between the Bank and customers or between the customer and a third party (such as the Joint Credit Information Center, Taiwan Insurance Institute, etc.) shall be deemed the most accurate version of the information.

  2. 三、個人資料利用之期間:Time of use of personal information:

    (一) 特定目的存續期間。
    For the entire duration needed to serve the underlying purposes.
    (二) 依相關法令所定(例如商業會計法等)或因執行業務所必須之保存期間或依個別契約就資料之保存所定之保存年限。
    (以期限最長者為準)。
    For the entire duration required by law (such as the Business Entity Accounting Act), or specified in contracts, or as deemed necessary to perform service activities.(whichever is longer)

  3. 四、個人資料利用之對象、地區及方式:Subject, place, and method of use of personal information:

    (一) 對象:
    本行(含受本行委託處理事務之委外機構)、依法令規定利用之機構(例如:本行母公司或所屬金融控股公司其他子公司等)、其他業務相關之機構(例如:通匯行、財團法人金融聯合徵信中心、財團法人聯合信用卡處理中心、台灣票據交換所、財金資訊股份有限公司、信用保證機構、信用卡國際組織、收單機構暨特約商店等)、依法有權機關或金融監理機關、客戶所同意之對象(例如:本行共同行銷或交互運用客戶資料之公司、與本行合作推廣業務之公司等)、本行所使用之社群媒體或軟體服務供應商(例如:Facebook、LINE、Google、Yahoo、YouTube等) 、美國政府機關及國內外有權機關(例如:金融監理機關或稅務機關等)。
    The Bank (including other institutions commissioned to perform services); institutions that are permitted by law to make use of such information (e.g. the Bank's parent company, financial holding company or any affiliated subsidiaries); other institutions that perform relevant services (e.g. correspondence banks, Joint Credit Information Center, National Credit Card Center, Taiwan Clearing House, Financial Information Service Co., Ltd., credit guarantors, credit card organizations, acquirers and merchants), competent authority according to law or financial supervision authority, recipients agreed by customers (such as: the Bank's joint marketing partners, shared users of customers' information and promotional partners of the Bank), social media or software service providers used by the Bank (for example: Facebook, LINE, Google, Yahoo, YouTube, etc.), government agencies of USA and authorities at home and abroad (for example : financial supervisory authority or tax authority, etc.)
    (二) 地區:
    前揭個人資料利用對象其國內及國外所在地。
    Place:
    Any place, local or foreign, where any of the above subjects are located.
    (三) 方式:
    符合個人資料保護相關法令以自動化機器或其他非自動化之利用方式。
    Method:
    Information is to be used in both automated and non-automated means that comply with the Personal Data Protection Act.

    1. 五、個人資料當事人得行使之權利及方式:Information owner's rights and ways to exercise them:

      依據個資法第三條規定,臺端就本行保有臺端之個人資料得行使下列權利:
      Pursuant to Article 3 of PDPA, you may exercise the following rights over your own information held by the Bank:
      (一) 除有個資法第十條所規定之例外情形外,得向本行查詢、請求閱覽或請求製給複製本,惟本行依個資法第十四條規定得酌收必要成本費用。
      Except for the circumstances described in Article 10 of PDPA, the right to inquire, review or obtain duplicate copies of information held, for which the Bank is permitted under Article 14 of PDPA to collect a small fee to cover its costs.
      (二) 得向本行請求補充或更正,惟依個資法施行細則第十九條規定,臺端應適當釋明其原因及事實。
      The right to supplement or rectify personal information held by the Bank. However, Article 19 of the Implementation Rules of the Personal Data Protection Act requires you to state reasons and facts.
      (三) 本行如有違反個資法規定蒐集、處理或利用臺端的個人資料,依個資法第十一條第四項規定,臺端得向本行請求停止蒐集。
      The right to stop the Bank from collecting personal information according to Article 11, Paragraph 4 of PDPA in the event that the Bank is found to have violated PDPA while collecting, processing or using your personal information.
      (四) 依個資法第十一條第二項規定,個人資料正確性有爭議者,得向本行請求停止處理、利用或限制處理臺端的個人資料。惟依該項但書規定,本行因執行業務所必須並註明其爭議或經臺端書面同意者,不在此限。
      The right to stop the Bank from processing, using, or limited processing of your personal information according to Article 11, Paragraph 2 of PDPA, should you have doubts toward the correctness of information held by the Bank. This excludes situations where you have consented in writing or situations where the Bank is required to continue its use of the information as part of its business activities, provided that the area of dispute has been remarked clearly.
      (五) 依個資法第十一條第三項規定,個人資料蒐集之特定目的消失或期限屆滿時,得向本行請求刪除、停止處理、利用或限制處理臺端的個人資料。惟依該項但書規定,本行因執行業務所必須或經臺端書面同意者,不在此限。
      The right to stop the Bank from processing, using, or limited processing of your personal information, and to have personal information deleted from the Bank's database according to Article 11, Paragraph 3 of PDPA, when the purpose for which information was collected no longer exists or when the duration expires. This excludes situations where you have consented in writing or situations where the Bank is required to continue its use of the information as part of its business activities.
      (六) 得向本行請求限制自動決策臺端的個人資料或查詢自動決策所涉之邏輯及可能產生的重大後果。(限歐盟境內之資料主體適用)
      The right to have the Bank restrict the automatic decision making of your personal information or inquire the logic involved in automatic decision making and the potential major consequences.(applies only to data subjects within the EU)
      (七) 得向本行請求攜出或移轉臺端的個人資料。(限歐盟境內之資料主體適用)
      The right to have the Bank take out or transfer your personal information. (applies only to data subjects within the EU)
      (八) 得向本行請求停止行銷臺端的個人資料。
      The right to stop the Bank from marketing your personal information.
      (九) 得向本行請求撤回本個資聲明之同意。(限歐盟境內之資料主體適用)
      The right to have the Bank withdraw your consent to the personal information declaration. (applies only to data subjects within the EU)
      (十) 得向主管機關反應個人資料爭議事項。
      The right to lodge a complaint with a supervisory authority if you believe your data protection rights have been infringed by the Bank.
      (十一) 因辦理數位身分驗證提供的個人資料,得透過本行營業場所、網路銀行或行動銀行等原註冊通路撤回或修正臺端同意蒐集、處理及利用的個資,若為姓名、身分證字號等重要個資須於本行營業場所辦理。
      The right to have the Bank withdraw or rectify your consent to your personal information provided for Digital Identity Authentication through the original registered channels such as the Bank's place of business, Personal Internet Banking or Mobile Banking; the important personal information such as name, ID number, etc. shall be processed at the Bank's place of business.

    六、其他:Other:

    (一) 臺端如欲行使上述個資法第三條及英國標準協會制訂PIMS(Personal Information Management System)所規定之各項權利,有關如何行使之方式或申訴程序,得向本行客服(0800-30-1313、02-21821313)詢問或於營業時間洽詢各營業單位。
    If you wish to exercise the abovementioned rights vested by Article 3 of the Personal Data Protection Act and the Personal Information Management System (PIMS) adopted by the British Standards Institution (BSI) or inquire on ways you may exercise these rights or the filing procedures, please call customer service (0800-30-1313, 02-21821313) or inquire business units during business hours.
    (二) 臺端得自由選擇是否提供相關個人資料及類別,惟臺端所拒絕提供之個人資料及類別,如果是辦理業務審核或作業所需之資料,本行可能無法進行必要之業務審核或作業而無法提供 臺端相關服務或無法提供較佳之服務,敬請見諒。
    You are free to choose whether to provide personal information and the types of information to provide to the Bank. However, if you refuse to provide information that is necessary for due diligence or operational purposes, the Bank may not be able to offer better services or at all. We seek your understanding in this matter.