NTT Taiwan Ltd. (hereinafter referred to as “NTT Taiwan”) has acquired ISO/IEC 27001:2005 certification of the Conformity Assessment Scheme for Information Security Management System (ISMS) with NTT Taiwan's whole divisions since December 12th, 2008. NTT Taiwan is the first 100% Japanese company and the first foreign capital Type 2 telecommunication company that acquired this certification in Taiwan.
The personal information of the customer ("Personal Information") provided by the customer will be handled in the following manner by NTT Taiwan Ltd..
- The Company will comply with laws and standards concerning the protection of Personal Information, and take all necessary measures to protect the Personal Information of the customer.
- The purposes of using the Personal Information
The use of the Personal Information provided by the customer will be limited to the following circumstances.
Personal Information will be used:
- with respect to the service, a) for confirmation of the individual's identity, b) for billing purposes, c) for notification purposes in connection with changes of charges and service conditions, installation dates, service suspension, and contract termination, and d) for any other purpose necessary for the provisioning of the services;
- with respect to the service and any other services provided by the Company, a) to conduct sales promotion of the Company's services, b) to conduct customer surveys and c) to send promotional materials or gifts, etc. by means including the use of the telephone, email and postal service;
- for purposes of improving Company's services and for developing new services;
- to answer any questions or provide consultation as may be requested by the customer;
- for any other matters agreed by the customer, not listed above
- To manage the Personal Information properly, Company will protect the Personal Information provided by the customer through continuous improvement efforts to:
a) maintain internal regulations and internal control to protect the Personal Information,
b) provide employee education, and
c) take appropriate measures against illegal access, loss, destruction, falsification, and disclosure of Personal Information.
- Entrustment of Personal Information
The Personal Information may be entrusted to Company's vendors or business partners to the extent reasonably necessary for the fulfillment of purposes listed above. In such case, Company will select appropriate vendor who have implemented necessary measures to protect the Personal Information, and the Company will take all appropriate and necessary actions including but not limited to entering into contractual agreement with such vendor to protect the Personal Information of the customer.
Notwithstanding anything to the contrary stated above, the Company may provide Personal Information of the customers to Governmental authority (e.g. Courts and Police) if required or requested properly pursuant to law.