Information Security Policy

 

The scope of information security at LITEON encompasses employees, clients, suppliers, and shareholders, along with all IT software and hardware associated with its business activities. All information security standards and regulations are based on technical support and the establishment of applications and data security standards. These standards are incorporated into the management system to protect the privacy of LITEON's employees, suppliers, and clients while maintaining information security during business discussions.

 

An information security monitoring system has been implemented to perform vulnerability scanning and prevent external hacker attacks and internal confidential information leakage. IT hardware/software control applies to the establishment of an information security network that includes the Internet and personal IT equipment, such as desktop computers, notebooks, tablets, and smartphones. The control measures are intended to ensure personal information, internal confidential information, and client and supplier information are effectively protected. LITEON values the security and privacy of all stakeholders, including employees, partners (customers, suppliers, consultants, etc.), shareholders, and operation-related information assets. The company has set up an "Information Security Policy" as its management foundation, ensuring control and defining responsibilities.

 

In terms of internal control, a cross-department and cross-functional "Information Security Committee" has been formed, with the chairman of the board serving as the convenor, and the head of IT Lear Lee currently serves as CISO. This committee is responsible for information security protection, incident response processing, and post-incident recovery actions to prevent occurrences of security incidents and reduce potential losses.
The "Information Security Committee" consists of 10 information security units from the Information Security Information Center and over 30 general representatives from public institutions and functional units. Quarterly meetings discuss internal and external security threats and practical protective measures. The information security chief officer regularly reports the implementation results and management strategies to the board of directors annually.

 

LITEON Technology has obtained the ISO 27001 information security management system certificate since 2020, and conducts regular information security management system reviews and continuous certification every year to maintain the effectiveness of information security management measures. The current certificate is valid from 2023/7/1 to 2025/10 /31. We have also joined information security organizations such as Taiwan Chief Information Security Officer Alliance, Taiwan CERT/CSIRT Alliance and High-Tech Information Security Alliance to gain access to information security information and increase corporate information security protection capabilities.

 

Annual information security training is provided to raise awareness among employees and incorporate security measures into workplace processes, ensuring rigorous information protection.


LITEON has established an advanced access control system requiring various authorizations for personnel to enter offices or factories. Guards are strictly selected and trained on protocols for traffic conduction and security checks. Should breaches occur, corrective or disciplinary actions are enforced based on the severity of the violation, which could include warnings, demerits, or termination.


Due to the effective implementation of information security management and privacy mechanisms, LITEON has not experienced any major incidents in 2023, nor has it faced penalties for security issues. There have been no grievances from authorities or complaints regarding privacy breaches from stakeholders, and customer data has not been used for secondary purposes.

 240820-161205.png (105 KB)

240228-161839.png (225 KB)

 

 

Information security management campaign and blueprint

240228-161921.png (431 KB)

Privacy Policy

 

LITE-ON Technology Corp. respects our company websites users’ right of privacy. Please read carefully our company's privacy policy below. We hope to let all visitors fully understand what data we collect, how we collect the data, and how we protect the right of privacy.

If you continue to browse our company websites or if you provide us your private data, it will be regarded as your acceptance of the terms of our privacy policy.

Information We Collect

You do not have to provide any personal information while accessing our company's websites. However certain services or functions of our websites may collect the personal information that can be used to identify the specific individual, such as your name, address, telephone number, email address or any other contact information.
Additionally, we may also automatically collect certain information incidental to your use of our websites, such as the IP address, the type of the browser software, and the operating system of the your computer, as well as the web page accessing information collected through Cookies or Web Beacon, such as the times of access, duration of use, etc.

How Will We Use Your Personal Information

The personal information we will collect may be used in responding to your requests, sending mail and newsletters, or providing the services per your request. We may also use part of the collected information to help improving the content and service quality of our websites. We will not disclose, sell, provide or share your personal information to/with other persons or not LITEON's affiliates, except that (1) we need to provide the services at your request, (2) we already obtained your authorization, or (3) we have the following situations.

We may provide the part of the collected information to our management team and the authorized employees or affiliates relevant to the business as the reference (example: we may provide your resume information to our Human Resources Department for reference.), or we may use the authorized webpage design as the reference for the maintenance or enhancement of our companys web. The provision of the above mentioned information must follow this Privacy Policy as well as other pertinent confidentiality and security measures. We may also disclose the collected personal information for the following reasons: (1) by law requirement; (2) to comply with legal process or governmental requests; (3) to respond the subpoenas or warrants served on LITEON technology Corp.; (4) to protect and defend the rights or property of LITEON Technology Corp.

Modification or Deletion of Your Personal Information

If you wish to modify your personal information, stop receiving information from us, or remove your personal information from our company website database, please mail to webmaster@liteon.com and we will immediately handle it for you.

Changes to this Privacy Policy

LITEON Technology Corp. may revise this Privacy Policy irregularly. You can ascertain that our Privacy Policy has been updated by examining “Last Revised Version and Date”. We suggest you irregularly visit our company website to review our latest privacy policy and its terms.