Privacy Policy

Privacy Policy

KGI Bank Co. Ltd. Online Privacy Notice

KGI Financial Holding Co., Ltd. (formerly known as China Development Financial Holding Corporation) , KGI Bank Co., Ltd., KGI Securities Co., Ltd., KGI Life Insurance Co., Ltd., KGI Futures Co., Ltd., KGI Securities Investment Advisory Co., Ltd., KGI Securities Investment Trust Co. Ltd., KGI Insurance Brokers Co., Ltd., CDIB Capital Group and new domestic subsidiaries that should be disclosed on this website due to organizational changes in the future according to law, (hereinafter collectively referred to as the “Group”) is required to collect, process, utilize and share the information you provide and to provide customers with diversified and more complete financial products or other services. The Group respects your information that you provide us and implements appropriate measures to protect your Data. In accordance with Personal Data Act and the Guidelines for Data Sharing among Financial Institutions and other relevant laws and regulations, the Privacy Policy is formulated as follows. Unless otherwise stipulated by law or otherwise agreed between you and the Group, the contents of this Privacy Policy will be followed:

Purpose of collection, processing, and use of website information

This website will record your Internet access IP address, Internet access time and the pages you browse on the website and other information. These data are required for the management of this website, such as: total analysis of internal website traffic and network behavior survey, in order to improve the service quality of this website.

Scope of Application

  1. It is applicable to websites and mobile applications (hereinafter collectively referred to as the Group's websites and applications) hosted by the domain name applied for in the name of the Group, but does not include links to other websites other than the Group's websites and applications.If you click the links to other websites, please refer to the privacy policy of it.
  2. The customer information referred to in this policy includes basic customer information, identity verification information, account information, transaction records of financial products or services, negative information, know-your-customer (KYC) information and financial institution value-added information, electronic communication history records (such as IP address, Internet access time, and pages viewed on the website, etc.) or other information shared with the customer's consent.

Customer Data Protection Measures

In order to implement the rights and responsibilities for the protection of customer data, the Group implements adequate measures to protect your Data, including but not limited measures as below:

  • The Group adopts the control of data access rights. Only authorized personnel are able to access and process your Data within the necessary scope to avoid revealing your Data. If the information you provide does not need to be preserved, it will be destroyed. All authorized personnel have duly signed the non-disclosure agreement and any breach of data protection obligation shall be subject to disciplinary action or legal consequences.
  • The Group implements Secure Socket Layer (SSL) information security protocol to elevate the level of data transmitting security. In addition, the Group uses 256-bit or higher or other types of encryption technology to protect your Data
  • The Group implements firewall, unauthorized detection, and shield system to safeguard our servers and other information storage devices to prevent unauthorized access.
  • The Group has implemented physical security measures, such as entrance control, deployment of security guard, security guard control system and back-up storage system to keep your Data safe even in cases of emergencies or disasters.
  • If the Group entrusts relevant units (including suppliers) to provide services due to business needs, it will also strictly require the third parties (including suppliers) to abide by their confidentiality obligations, and take necessary inspection procedures to confirm their compliance. If there is a need to provide your personal Data to a third party (including suppliers), it should meet the following circumstances or other laws and regulations:
    • Your consent according to the law.
    • When requested by judicial units or other competent authorities through legal and formal procedures.
    • Compliant with international transfers permitted by law.
    • In order to provide you with other services or preferential rights and interests, which will need to share your information with a third party (including suppliers) who provides the service or preferential treatment, this website will provide a full explanation and inform you during the activity, and you can freely choose whether to accept this service or preferential treatment.
  • The Group implements Data collection, processing and use management procedures to comply with relevant laws and regulations. The Group only collects, processes and uses the Data within the purposes and objects as stated in the “KGI Financial Holding Co., Ltd. and its Subsidiaries Personal Data Management Policy and Personal Data Notification Statement” under this policy in an adequate, relevant and moderate manner and limited to what is necessary related to such purposes while keeping the Data accurate and updated.
  • The Group establishes an auditing mechanism through internal regulations, and ensures comprehensive personal data protection through external personal data protection-related certifications.

Customer Self-Precautionary Measures

Although the Group implements adequate security measures to protect your Data, your attention and cooperation is also required:

  • When you use your certificates, enter password or use any data, please avoid disclosing or sharing your Data. You should keep your certificates, password and Data in a safe condition to prevent disclosing your Data to others.
  • When you log in any services on website of the Group, please remember to log out after using our services. When you use someone’s or public computers, please configure your browser by setting the privacy status to “high” to disable cookies or other recording functions of browsers to prevent disclosing your Data.
  • You should install anti-virus or other network protection software, and regularly update the virus code and software version to reduce the risk of being infected with viruses or implanted with Trojan horse programs, robot programs, etc., which may leak your information.

When you provide your Data to the Group, please be reminded that:

  • Unless otherwise stipulated in the law, contract or with your written consent, please do not provide any special (sensitive) personal information such as medical records, genetics information, information regarding sexual life, health examination and criminal record.
  • Please refrain from providing threatening, obscene, pornographic information or any information destroying the public order and customs.
  • Do not provide other people's personal information without their consents.
  • Except otherwise permitted by relevant laws and regulations and (or) requested by the Group, please refrain from providing any information, such as ID, financial information or password number to us to prevent disclosing your Data or incur any fraudulent conduct.

Cookies Policy

The Group uses cookies to provide you more personalized services. When you are surfing website of the Group, your preference, habit, or information that you entered will be stored and allow you to navigate web pages more efficiently. Most cookies are only valid for a certain period or only for a single visit. Cookies do not contain personally identifiable information (such as name, phone number, address or e-mail address, etc.). Instead, it records the setting information of your personal homepage on the website. Once you close the page, the cookies will no longer be effective.

The web server of the Group can only read the activity records on this website in cookies, but cannot read your activity records on other websites. You can disable cookies by configuring your browser by setting the privacy status to “high”. However, you may be unable to use some of the relevant functions of the Group's website.

Remedies for Customer Rights Protection

You may exercise the following rights by email or by calling the KGI Bank (Phone: 0800-255-777). However, the Group may not act according to your request because it is necessary for the Group to perform its business according to law or as required by other laws and regulations.

  • Any request to reply to the inquiry, offer for a review or provide duplication on the Data collected, provided that the Group may charge a fee to those who makes above request.
  • Any request to supplement or correct the Data, provided that you shall make proper interpretation to the Group.
  • Request to stop collecting , processing and utilizing your Data, and any request to delete your Data.
  • Request to restriction of processing.
  • Request data portability.
  • Reject automated profiling.
  • Reject the processing of personal data for direct marketing purposes.

The influence on your rights and interests if you choose not to provide your Data: Please kindly be reminded that you are freely to determine whether to provide your Data or not. If you decline to provide your Data, the Group will not be able to proceed requisite examination, process your Data and reply your request. Therefore, the Group will not be able to provide our services..

Children's Privacy Policy

  • When children use the services of this website, in addition to protecting children's privacy rights, the consent of the children's parents or guardians will be obtained in accordance with the law when collecting, using and disclosing data to a third party of children or their family members.
  • Children's parents or guardians may apply to view, correct or delete their children's data.
  • The Group ensures the confidentiality, security and integrity of the personal data collected from children.

Modification of Privacy Policy

The Group will modify the Privacy Policy provided by this website at any time as necessary. When this policy is revised, users will be reminded with a prominent display without individual notice. Please refer to the Privacy Policy on the Group's corporate website at any time to protect your rights.

Disclosure of Customer Data Sharing

  • In order to identify risks, strengthen risk control, enhance convenience for customer, promote cross-industry business cooperation within the Group and ensure customer rights and interests, KGI Financial Holding Co., Ltd., KGI Bank Co., Ltd., KGI Securities Co., Ltd., KGI Life Insurance Co., Ltd., KGI Futures Co., Ltd., KGI Securities Investment Advisory Co., Ltd., and KGI Securities Investment Trust Co. Ltd., (hereinafter collectively referred to as the “customer-data-sharing companies”) need to share the information you provided. In accordance with Personal Data Protection Act, the Guidelines for Data Sharing among Financial Institutions (hereinafter referred to as the "Sharing Guidelines") and other relevant regulations, we hereby disclose the scope of the sharing data.
  •  Please read the chapters of "Customer Data Protection Measures" and " Remedies for Customer Rights Protection" as mentioned above regarding the measures for protecting customer data and remedy for customer rights of customer-data-sharing companies.

Purpose and Scope of Data Sharing

In order to identify risks, strengthen risk control, enhance convenience for customer, promote business cooperation within the customer-data-sharing companies and ensure customer rights and interests, the customer-data-sharing companies needs to share the information you provided.
The shared data includes basic customer information, identity verification information, account information, transaction records of financial products or services, negative information, know-your-customer (KYC) information and financial institution value-added information, electronic communication records (such as IP address), data shared pursuant to customers’ consents, regulations, and for the management of subsidiaries by the financial holding company, etc.

The Companies’ Names and the Objects of Customer-Data-Sharing

In accordance with Article 4 of the Sharing Guidelines, the names of companies that share customer data with KGI Financial Holding Co., Ltd. and the purpose of the co-operation objects are disclosed in the table below. If there are new cooperation partners and objects in the future, the announcement will be made further.

Cooperation projects of Companies that share data

The Group collects, processes, utilizes and shares the information you provide for risk control and to provide customers with diversified and better financial products and services. If the Group adds new partners and new projects, an announcement will be made in the future.

Mobile Device Access

To provide optimal services, please allow KGI Banking APP to access following items on your device(s):
(1) KGI Bank Mobile Banking APP Permissions (for iOS and Android)

Access

Description

Device and App record For push notification and device binding services
Location For searching nearby KGI Bank branches ,Video Conference Service
Phone For calling KGI Bank
Camera For scanning QRCode ,Video Conference Service
Cellular Data For connecting mobile network
Device ID For device binding service
Files and Media For screenshot reminder service
Screen For push notification service
Vibration For push notification service
Contacts For transfer via mobile number
Permission of Biometric Recognition For fast login and transaction verification service
Notifications For push notification service
Permission of browsing the device For detecting if mobile devices could have been hacked
Device Compatibility For different mobile compatibility
RECORD For Video Conference Service
BLUETOOTH For Video Conference Service
READ_MEDIA_IMAGES For screenshot reminder
Microphone For Video Conference Service

(2) Permission of Mobile Corporate eBanking Service APP (the“APP”) of KGI Bank (for iOS and Android)

Access

Description

Tel To dial in service hotline.
Camera To scan QRCODE.
Files and Media (includes Photos) To save the files of screen capture, push notification, encrypted data in the mobile device for use.
Internet To connect Corporate eBanking Service system of KGI Bank.
Push notice To receive push notice and dynamic password message of the APP.
Device ID To identify the device which has be authenticated.
Device Name To identify the device which has be authenticated.
Device Model numbers To identify the device which has be authenticated.
Device OS To identify the device which has be authenticated.
Permission of Fingerprint Recognition To use quick access service to log in Corporate eBanking Service.
Permission of Facial Recognition To use quick access service to log in Corporate eBanking Service.
Permission of browsing the device To detect the suspected cracking mobile devices.
Others System logs to identify user’s operation problems
Siri & Search To activate voice search for APP function or content

Device Name and Call Data

This notice is subject to change. We update this notice periodically in response to environmental changes, social changes, technological advances, service demands, and legal requirements. Please review this notice whenever you have questions about your rights. If we make changes to this notice, we will publish the most recent version on this page