Skip to main content
:::

King's Town Bank Privacy Protection Policy

King's Town Bank Privacy Protection Policy

The King's Town Commercial Bank (hereinafter referred to as "the Bank"), in order to ensure your peace of mind, hereby explains its privacy protection policy (hereinafter referred to as "the Policy") and its absolute protection and respect for any information you provide when you use various services provided by the Bank, including but not limited to its official website, online banking, King’s Town mobile banking, and other mobile applications or platforms provided by the Bank (hereinafter referred to as "the Website"), or when you visit the Bank's counter. Unless otherwise specified by laws and regulations or other agreements between you and the Bank, the Bank will follow the content of the Policy.

I. Policy on the Collection of Personal Information

 The Bank's collection, processing, and use of your personal information are in line with the specific purposes and necessary scope of relevant business categories and comply with the provisions of the Personal Data Protection Act and other relevant laws and regulations.

 When you register online as a customer of the Bank, perform mobile device login and transaction confirmation, or use other services provided by the Bank, the Bank will ask you to provide personal information (including but not limited to your name, ID number, gender, date of birth, contact phone number, address, email address, user ID and password, device identification code, and other relevant necessary information). In addition, the Bank will also retain relevant records generated by the server when you browse or search on the Website (including but not limited to the IP address of the device you use to connect, browsing behavior, browser used, usage time, browsing and clicking data records, etc.).

 If you use the Bank's mobile banking or other mobile applications or platforms provided by the Bank, you agree that the Bank's access permissions to your mobile device must include device identification, camera/photos/media/files, phone, network status, etc., in order to facilitate the execution of various services on the Website (including but not limited to push notification services, upload and download of various business documents and files, reading QR codes, account opening photographs, sending red envelopes, capturing screen data, dialing the Bank's customer service phone number, reading the phone identification code in the device security controls, performing identity verification for quick login, and determining whether the network connection status is normal).

 Please note that other websites linked to the Website may also collect your personal information. When you voluntarily provide the aforementioned personal data to other websites, these websites have their own privacy protection policies, and this Policy does not apply to the data processing measures of such websites. The Bank also does not assume any joint responsibility.

II. Policy on the Use of Personal Information

 Any personal information you provide will be processed and used within the necessary scope of the specific purpose for which it was collected. Without your consent or authorization, or as required by relevant laws and regulations, the Bank will not disclose to any third party the personal information, transaction data, and other related data you provide to the Bank.

 Unless a longer retention period is required by law, the Bank will retain your personal information within the retention period necessary for the specific purpose of collection, as specified by relevant laws and regulations or contractual agreements (such as the Money Laundering Control Act, Business Entity Accounting Act, etc.), or the retention period required for the Bank's business operations.

III. Policy on the Use of Cookies

 Cookies serve as a tool for communication and identification with customers. Their purpose is to store any activity or input data you've performed on the website, recording your personal data and preferences to provide you with personalized services or deliver information and activities tailored to your interests. If you do not wish to accept cookies, you can disable the cookies function in your browser. However, you may not be able to use some of the personalized services offered by our website or participate in some online activities. The Bank's cookies are limited to a single visit, and the cookie does not contain any data that would allow others to contact you by phone, email, or traditional mail (snail mail). You can also cancel or restrict this feature through your browser settings.

IV. Exercise of Rights

 The Bank assists you in maintaining accurate, complete, and up-to-date personal data. You may inquire, request access, obtain copies, correct, supplement, cease the collection, process, use or delete your personal data with the Bank. However, the Bank may not comply with your request as required by laws and regulations or as necessary for the execution of business.

V. Measures for Personal Information Protection

 Regarding your personal information file, the Bank will adopt appropriate security measures and make every effort to use reasonable technology and measures to comply with relevant laws and regulations for security maintenance in order to prevent your personal information from being stolen, altered, damaged, lost, or disclosed. The Bank strictly adheres to relevant government regulations and information management principles, employs network firewalls, and supplements with intrusion detection systems and comprehensive antivirus mechanisms to protect information systems in order to prevent unauthorized access and malicious software damage. In addition to using SSL mechanisms to protect the transmission of personal data, cryptography and digital signature mechanisms are employed to enhance the security of data transmission, storage, and usage for important confidential data and to comply with relevant laws and regulations such as the security control standards for electronic banking operations by financial institutions.

 The specific measures are as follows:

 The Company has obtained the "Information Security Management System (ISMS) ISO/IEC 27001: 2013" Certification (valid to October 31, 2025) in December 2022. The Company will continue to make review and improvement, to conform to the latest development trend of information security related laws, technology, organization and operation.

 Every year, our bank carries out an internal evaluation of personal data and submits a self-assessment report for review by the Personal Data Management Committee.

 Pursuant to Article 28, Paragraph 2 of the Implementation Rules of Internal Audit and Internal Control System of Financial Holding Companies and Banking Industries, the Bank is required to engage an accountant each year to perform an audit of the implementation of the personal data protection mechanism project agreement process.

 Since the transmission of data over the internet cannot be guaranteed to be 100% secure, you must assume the risks associated with transactions and data transmission on the Website. Therefore, we remind you that any personal information disclosed voluntarily in any public domain (such as message boards, news discussion forums, or chat rooms) may be collected and used by others. To safeguard your rights and interests, please properly secure your user ID, password, and any personal data. Do not provide any personal information, especially passwords, to anyone or any other institution. You should install antivirus software and regularly update the software and virus definitions for the computer devices you use. After using the various services and features provided by the Website, be sure to log out. If you share a computer with others or use a public computer, remember to close the browser window to prevent others from accessing your personal information or mail. If you notice any unusual login activity, please change your password immediately to maintain transaction security. The Bank will never ask for your password through phone calls or emails.

VI. Personal Data Protection Commitment

The personal data management policy of the Bank and its affiliated companies is as follows:

 Personal data shall only be collected, processed, and utilized within the necessary scope for specific lawful purposes and only with the consent of the involved party or under statutory circumstances.

 Personal data shall only be retained in accordance with the law or for specific lawful purposes;

 Appropriate security measures shall be taken and every effort shall be made to protect the collected, processed, and utilized personal data with reasonable technology and measures to ensure the security of all such data.

 The parties involved shall be transparently and clearly informed about the collection and usage of personal data, such the duration, location, recipients, and methods of use and the categories of personal data collected, and any other statutory notification items;

 The rights of individuals to their personal data shall be respected, including the rights to inquire or request access, request copies, request supplementation or correction, request cessation of collection, processing, or use, and request deletion;

 The accuracy of personal data shall be ensured, and such data shall be updated when necessary.

 Principles shall be established for handling personal data incidents and emergency response measures shall be in place to respond to incidents such as theft, tampering, damage, loss, or disclosure of personal data, with the parties involved notified in accordance with relevant regulations.

 To ensure the security of all personal data, it is necessary to have appropriate and sufficient transmission mechanisms to ensure personal data is transferred safely and securely both domestically and internationally.

 When commissioning others to collect, process, or use personal data, the contractor shall request that the commissioned party comply with the relevant regulations of this institution/its affiliated companies.

 A personal data management system shall be established and implemented to enforce the personal data management policy;

 In the operation of this personal data management system, the obligations and responsibilities of the Bank and all its affiliated colleagues shall be clearly defined.

 The Bank and its affiliated companies are committed to implementing personal data protection and pledge to adhere to the aforementioned management policies. Should any changes be made, appropriate steps will be implemented to inform the relevant parties, ensuring that they remain aware of their rights.

VII. Bank's Policy on Disclosure of Personal Information to Third Parties

The Bank will never sell, exchange, rent, or disclose your personal information to any third party in any way. However, the Bank may provide your personal information collected through the Website to third parties in the following four situations:

 When your prior consent or authorization has been obtained.

 When requested through a legal and formal process by judicial units, financial regulators, tax authorities, or other agencies with legal investigative powers.

 When it is necessary to share your information with a third party to provide you with additional services or benefits, in such cases, the Website will provide sufficient explanations and notifications during the event, and you are free to choose whether or not to accept these services or benefits.

 Other situations as required by laws or regulations or by the relevant authorities.

VIII. Disclosure on Data Sharing Collaboration

In accordance with Article 4 of the "Guidelines on Data Sharing between Financial Institutions," the Bank discloses the following information for your reference.

 The Bank's current data-sharing partner is King's Town Securities Co., Ltd.

 In order to enhance customer convenience, strengthen risk management, and promote cross-industry cooperation with other financial institutions, the Bank shares data with partner companies for purposes such as identifying risks, managing risks, facilitating customers (for example, helping customers reduce duplicate data entry), or jointly conducting business.

 The Bank's protective measures for customer information are as detailed and described in Section 5 of the Policy on Measures for Personal Information Protection.

 In case of complaints or disputes from customers regarding data sharing, you can contact the Bank through the communication channels listed in Section 9 of this Policy. The Bank's procedures for handling customer complaints and resolving disputes will be conducted in accordance with the "Operating Guidelines for Handling Customer Complaints" of the Bank.

IX. Amendments to the Privacy Policy

The Bank will periodically revise the Policy as necessary (such as in response to changes in the social environment, business needs, technological advancements, and modifications to laws and regulations) to ensure the protection of your privacy rights. The Bank will also take appropriate measures to prevent unauthorized access, alteration, disclosure, or destruction of data. When the Bank completes revisions to the Policy, it will be immediately published on the Website and prominently displayed to remind you to click and read it. Please visit and review it regularly to safeguard your rights and interests.

X. Contact Channels

If users have any issues related to the Policy or personal information, please contact the Bank for more information. The service hotline is (06) 213-5231, and the service hours are from 9:00 AM to 5:30 PM on bank business days. We will do our best to assist and provide a comprehensive explanation.

Enactment on February 21, 2022
Amended on March 25, 2024