Privacy and Security Policies

Open Information Security Inc.

Official Website Privacy Protection and Information

Security Policy

Welcome to the "Open Information Security Inc. Official Website (from now on the website). For you to safely use the various services and information provided by the website, we would like to explain the "Privacy Protection" and "Information Security" policy content of the website. Please carefully read the following articles, which are aimed at protecting your interests.

Privacy Protection Policy

Scope of policyThe collection, processing, and use of personal information involved when using the services of the website; however, it does not apply to third-party websites linked to the functions of the website. If you access other websites through links on the website, because each website has its own privacy protection and information security policies, please read the instructions of each website carefully.
Collection, handling, and use of information

  1. When you browse the website or download files, the website will not collect any personal information.
  2. For the online services of the website, such as Contact Windows and Contact Us, you need to provide relevant personal information such as name, address, contact phone number, and email address. If you provide any incorrect or untrue information, the website has the right to refuse to provide services.
  3. The Website will log users' IP addresses, access times, and the frequency with which various information is accessed.
  4. For internal administration, the Website will use information on the browsing and access activities of users to analyze the total volume of website traffic and network activity. This information is important to our efforts to improve service quality.
  5. The Website uses a third-party analytics service provider (currently Google Analytics) to analyze information in cookies. Our third-party analytics service provider will not use cookies to obtain personal information.
  6. Under the Personal Information Protection Act and related legislation, your personal information that is collected by the Website will not be sold or leased to other groups, individuals, or private entities, nor will such information be exchanged with them, except under the following circumstances: (1) a law enforcement agency needs it for a lawful investigation; or (2) a public authority needs the information for an investigation or to carry out its duties.
  7. Some pages of the website may contain content from third-party websites. Third-party websites may use related technologies to provide you with personalized content. You should refer to the privacy policies of third-party websites for more information.
  8. For all page data on the website, please inform the company if it needs to be quoted and indicate the source. When using the photos on the website, in addition to the above points, please also pay attention to the portrait rights of the photographed and the relevant regulations on the protection of personal information.

Use of CookiesThe Website will read and write cookies in your browser under the following circumstances to provide services tailored to your needs:

  1. Cookies are created when you register or log on to the Website and are overwritten when you log off.
  2. Cookies are used to tabulate the number of visits and to analyze the browsing habits of users. The information collected is used for reference in helping operators of the Website to improve services. If you are unwilling to accept cookies, you can set the level of security (located under Internet Options in your browser) to High and refuse acceptance of any cookies. This might, however, prevent certain functions of the Website from operating normally.

Systems on the website for the protection of personal information

  1. The company has established an Information Security and Personal Information Protection Committee, clearly defining the responsibilities and obligations of relevant personnel, and establishing and implementing a personal information management system.
  2. The company complies with the security maintenance items required by the "Personal Information Protection Act", regularly conducts risk assessments of personal information, and adopts appropriate security measures to fulfill the responsibility of properly protecting personal information.
  3. When granting access rights to personal information, the company only opens the minimum rights required for business needs and implements responsibility segregation and rights review.
  4. When the specific purpose of collecting personal information disappears or the retention period expires, it will take the initiative or at the request of the data subject to delete, stop processing, or use relevant personal information. However, this does not apply if it is necessary to perform statutory duties or business or with the consent of the data subject.
  5. In the event of a personal information incident that violates the "Personal Information Protection Act" or related regulations, the government will immediately activate emergency reporting and response operations, and handle follow-up matters following relevant laws and regulations.

Revisions to privacy policyThe privacy protection policy of the website may be revised at any time as needed and posted on the website.
Inquiries about privacy policyYou are welcome to contact us should you have any questions about the Website's privacy policy.

Information Security Policy

Any unauthorized attempt to upload or modify the various services and related information provided by the website is strictly prohibited and may violate the law. Prohibited any unauthorized attempts to compromise the confidentiality, integrity, and availability of the website. Violators will be prosecuted by law.
To ensure the security and continuous operation of the website, the following security measures are adopted:Establish procedures for handling information security incidents, and assign relevant personnel necessary responsibilities to quickly and effectively handle information security incidents.Establish a change management mechanism for information facilities and systems to prevent vulnerabilities in system security.Carefully handle and protect personal information following relevant regulations of the Personal Information Protection Act.Regularly update appropriate patches and settings based on security maintenance notifications from platform vendors or application service vendors.Formulate account and password operation regulations to issue passwords and manage passwords based on information security management requirements.When logging into the website management system, the system access authority necessary for personnel at all levels to perform tasks is set by the system administrator to assign accounts and passwords with authority and is regularly reviewed and updated.Due to the inherent openness of the Internet, no data transmission over the Internet can be guaranteed 100% secure. While we strive to protect your personal information, we cannot ensure or warrant the security of any information transmitted by our users through the Internet. Users bear all risks associated with data transmission over the Internet.If you have any opinions on the information security policy of the website, please feel free to contact us at any time.The information security policy of the website may be revised at any time as needed and posted on the website.