Privacy Policy of User

Gogolook official site (hereinafter referred to as the “Site”) is constructed and operated by GOGOLOOK Co., Ltd. (hereinafter referred to as the “Company”).  In order to protect your interest and right in access to the Site, all users who access the Site (hereinafter referred to as “you” or “the user”) shall read the Privacy Policy of User carefully.  The Company respects the user’s privacy and uses the best efforts to protect the user’s personal data.  Before accessing the Service, please read the Privacy Policy of User (hereinafter referred to as the “Privacy Policy”) carefully and keep noting any amendments or changes thereto published by the Service.  The Company shall be entitled to amend or change the Privacy Policy at any time.

The user referred to in the Privacy Policy shall mean any person who browses, accesses or completes the contact form at the Site.  Your access to the Service or continued access to the Service upon any amendments to or changes hereto shall constitute your full knowledge, acknowledgement and acceptance of the Privacy Policy or the amendments or changes hereof, and agreement that the Company may collect, process and utilize your personal data according to the Privacy Policy.  Where it is impossible for you to comply with, or you disagree to, the Privacy Policy, or your country/territory excludes the Privacy Policy, in whole or in part, please cease to access the Site immediately.

In particular, without your permission, the Company will not provide your personal data to any third party, except in any special case.  You need to understand that you agreement to the Privacy Policy shall constitute your permission to the Company to use the information provided by you in the latest manner defined in the Privacy Policy.  The Site might collect, process or utilize your personal data in any territory outside Taiwan, under the protection of tangible and technical safety device.  If you disagree to said collection, processing and utilization, please cease accessing the Site immediately.

The Privacy Policy is stated as following.  Please do read the Policy carefully.

Article 1. Scope of Applicability

The Privacy Policy is applicable to the collection, processing, utilization and protection of your personal data when you accessing the Site, provided that it is not applicable to any other website linking the Service.  Any third party website linking via the Site shall apply its exclusive privacy protection policy.  The Company will not bear any liability for the website managed by the third party jointly and severally.  When the user links such website, the personal data protection shall apply the privacy protection policy exclusive for the website.

Article 2. Personal Data Safety

The user must be a person with disposing capacity according to laws.  Please understand that protection of the user’s personal privacy constitutes the Company’s core management philosophy.  The Company will use the ”de-identification“ technology to integrate them into the ”anonymous statistical analysis data“ that cannot identify specific parties. On the premise of maintaining the safety of your data, the “anonymous statistical analysis data” exclude any “personal data.”  For the detailed requirements, please refer to Article 3 hereof.  Meanwhile, without the user’s consent, the Company will not provide the user’s personal information, data, access logs and activity tracks to any third party unrelated to the Service, except in the following circumstances:

  1. The Company will need to provide the user’s data pursuant to laws, court orders, administrative investigation procedures or other legal proceedings, provided that the data will be provided to the investigation unit only and also protected under the R.O.C. laws.
  2. The Company needs to exercise the rights pursuant to laws or defends any legal action.
  3. The Company may provide the products or services requested by the user with a third party to hold or support any event and in such event the Company may execute  by sharing with or communicating to the third party the user’s data in necessary.  Notwithstanding, the Company will expressly inform the user on the website-page for the event that the user’s personal data will be made available to the third party jointly running or co-sponsoring the event as a result of the user’s participation in the event and held, or collected, processed and utilized by the third party on a commission basis.  The user’s participation in the event shall constitute the user’s acknowledgement and agreement that the person data may be made available to the third party jointly running or co-sponsoring the event, for the purposes contemplated by the event.
  4. Where the Service is merged or consolidated by another company, in whole or in part, the Company will transfer the user’s personal data to that company, provided that the Company will try its best to notify the user before the user’s personal data are transferred and apply a different privacy policy instead.

Article 3. Personal Data Protection Clauses

According to Article 8 of the Personal Data Protection Act (hereinafter referred to as the “Act”), the Company shall advise the user of the following requirements:

  1. Collection of personal data:
    1. When the user uses the interactive functions, such as service mail and questionnaire, the Site will retain the information about name, email, contact No. and access hours provided by the user.
    2. When the user is browsing the Service, the server will record the information including the IP address of the user’s personal device, the device, access hours, applied browser, language, browsing and selected data logs, and websites browsed by the user before accessing the Site, as the reference to help the Service improve.
    3. The Company uses Cookies to collect personal data to help the Company optimize the Site, customize the services supplied to you, prevent fraud and strengthen the safety of the Site and Service.  You may set removal or rejection of the Cookies sent from the Site in your browser.
    4. In order to provide precise services, the Service will collect the questionnaire to gather statistics and conduct some analysis.  The statistical data or text in the analysis results are provided for internal research.  The Service will publish the same, if necessary, provided that the published contents will not involve personal data.
  2. Purpose for collection of personal data: In order to enable the Company to provide better or more personalized services, and to analyze the user’s access to the Site, provide the products, services, marketing information or advertisements that may better satisfy the user’s needs, and follow up the results thereof, the user acknowledges and agrees to allow the Company to collect the personal data for, including but not limited to, the following purposes, when completing the online contact form:040: Marketing (including co-marketing business by the financial holding); 090: Consumers/customers management and service; 091: Consumer protection; 098: Business and technical information; 135: Information (communication) services: 136: Information (communication) and database management; 137: Cyber security and management; 152: Advertisement or business conduct management (e.g. provide related preferential marketing activities); 157: Investigation, statistics and research & analysis; 176: Other natural person’s collection, processing and utilization of personal data for any proper purposes; 181: Other businesses managed in line with the registered business lines or the business defined in the Articles of Association; and 182: Other consultation and advice services.
  3. Time period for utilization of data:Unless otherwise agreed herein, the Company may process, utilize or internationally communicate the user’s personal data when the Company is surviving.  Unless otherwise claimed or requested by the user, the Company may utilize the user’s personal data when the Company, overseas branches set up by the Company now and in the future, the Company’s subsidiaries and affiliates are surviving.
  4. Territory for utilization of personal data:All over the world.  Please note that the territory where the Company and the personal data server and network server host for the Service, and the territory where the Service-related services or products are distributed or marketed refer to the territory where the user’s personal data may be utilized.
  5. Subject of the personal data utilization:he subjects of the personal data utilization include the Company, overseas branches set up by the Company now and in the future, the Company’s subsidiaries, affiliates, outsourcing entity (e.g. suppliers and cash flow companies), recipients of internationally communicated personal data, other organizations engaged in business transactions with the Company, and agencies with the power of investigation under laws or financial regulatory agencies.
  6. Method for utilization of the personal data:
    1. The personal data provided by the user to the Company will be maintained by the Company in the personal data host and related network server host of the Service, and utilized via automated machines or in any other non-automatic manner under the personal data protection laws.
    2. For the personal data registered or recorded by the user in the Service, the user agrees that the Company may record, keep and utilize the personal data recorded or generated in the Service, or provide the user with the messages about marketing activities and related preferential treatment of the Company, and the Company’s subsidiaries, affiliates and business partners, for the purposes of marketing, market analysis, statistics or research.
    3. The Company might use the personal data provided by the user to the Company in the following manners:
      1. Improve and upgrade the Company’s products and services, as well as the advertisements and interfaces which might be provided to you.
      2. Satisfy your request for certain service and notify special activities or new programs.
      3. Engage in personal marketing, e.g. providing you with the marketing and advertisements satisfying your personal preferences via a third party’s advertising Cookies, and recommend the service contents fitting your request according to the product and service models used by you in the past.
      4. Any purposes and uses agreed by you.
    4. Send the messages about marketing activities and preferential treatments of the Company and its subsidiaries, affiliates or business partners from time to time; if the user doesn’t desire to receive the marketing information any longer, please notify the Company to cancel it via the Company’s email at service@gogolook.com.
  7. The disclosure and exercise of rights in personal data: Insofar as it is not against laws, upon the Company’s confirmation that the personal data are indeed owned by the user, the user may contract the Company or send the user’s request to the Company’s email to exercise the following rights:
    1. inquire, view, or request reproduction of, the data, provided that the Company may charge necessary costs and expenses pursuant to laws;
    2. supplement or correct the user’s personal data, provided that the user shall provide adequate explanation pursuant to laws;
    3. cease to collect, process or utilize, and request for deletion of, the user’s personal data;
    4. cease to send related messages about advertisements/marketing activities related to the Service to the user.
  8. Effects posed to the user’s interest and right by the user’s failure to provide the personal data: The user may choose whether to provide the personal data.  Notwithstanding, if the user refuses to provide the personal data, the user’s access to related services on the Site might be affected adversely.  In this regard, you, as the user, agree not to raise any objection against the Company.
  9. Statutory disclosure of personal data: If the user violates the Company’s Terms and Conditions of User, trading contract, and any other regulations or rules promulgated by the Company, or infringes upon the Company’s or a third party’s interest and right, or the Company is required by laws or any judicial unit to provide the specific user’s personal data, the Company will read, access or disclose the personal data through legal procedures.
  10. Instructions to compilation of data and utilization of de-identification data:
    1. The Company will use the “de-identification” technology to integrate your personal data acquired under this provision into the “anonymous statistical analysis data” that cannot identify specific parties. Concerning the users’ data collected from different places as provided by you, on the premise of maintaining the safety of your data, the “anonymous statistical analysis data” exclude any “personal data.” Relevant personal data in the “anonymous statistical analysis data” will are separated and encrypted.  Meanwhile, all related records will be replaced with random numbers.  In the Site’s database, a series of long codes without personalized features are used for the purpose of de-identification, including the related information used or uploaded by you is also identified based on said classification and then recorded, and represented by a series of long codes for analysis and classification.
    2. You agree that the Company may use the “anonymous statistical analysis data” for analysis and establishment of the database through research and development of the Company’s exclusive system or program, so that the Company may keep improving the quality of service provided to you, and provide more diversified business services by virtue of the Company’s unique analysis and statistical operation.
    3. If any “anonymous statistical analysis data” and any other data acquired by the Company involve any contents that might identify your personal data, the Company will have certain data represented by codes or expressed anonymously, or hide certain data. You agree that the Company may share the “anonymous statistical analysis data” with the overseas branches set up by the Company now and in the future, the Company’s subsidiaries, affiliates and partners, in the manner, including but not limited to, provision of the “anonymous statistical analysis data.”  The Company will not be liable for the timeliness for supply of the personal data to cooperative partners, and will also not give any further notice or confirmation to you once you agree or license a third party to collect or utilize the “anonymous statistical analysis data.”
    4. Please note that without your prior consent, the Company will not declassify any encrypted “personal data”, or restore or license another person to restore the virtual codes for service analysis.  Unless otherwise agreed herein, the Company will not and is not likely to share your and any other users’ unsegregated and encrypted personal data with any third party for any purposes.
    5. The user agrees that any other work and statistical report produced by the Company based on the “anonymous statistical analysis data” shall remain vested in the Company.

Article 4. User’s Obligation

  1. The user agrees that the Company may collect, process, utilize and internationally communicated the user’s personal data, subject to the personal data type, term, territory, subject and method of utilization of the personal data as referred to in the preceding paragraph, for the purposes including marketing operations, information operations and database management, cyber security business and management, e-commerce service and investigation and statistics, and research & analysis, with the other business lines of the Company.  The user also understands the interest and right under Article 3 of the Personal Data Protection Act and effect to be posed to the interest and right by failure to provide the personal data timely.
  2. The user agrees that the approach to serve recorded documents, email address, mailing address and phone number are subject to synchronized update in the profile recorded by the user various transactions with the Company.

Article 5. Personal Data Protection

  1. The Company will save the user’s personal data in its data storage system completely, and protect the data carefully to prevent any unauthorized personnel to access such data.  The Company’s personnel have already attended the complete education on confidentiality.  All related personnel have already executed the non-disclosure agreement.
  2. In order to protect the completeness and safety of the user’s personal data, the data processing system storing the user’s personal data is already equipped with information security equipment and necessary security protection policy to protect the user’s personal data from being misappropriated or destroyed.
  3. Where it is necessary to appoint a third party to provide services, the Company will strictly demand that the third party shall adhere to the confidentiality obligation and take any necessary actions to check its compliance.’
  4. Please note that although the Company makes every endeavor to protect the user’s personal data, it is impossible for the Company to guarantee that the user’s personal data will absolutely never be intercepted, transmitted or hacked by a third party.

Article 6. Data Safety

  1. In order to protect the user’s privacy and safety, the Company uses its best effort to take personal data protection measures in line with the current reasonable technical level, including but not limited to, installation of the anti-virus system, de-identification and requirement on the Company’s related personnel for compliance with the Personal Data Protection Act, in order to protect the user’s personal data.
  2. The user who needs to inquire, view, reproduce, supplement or correct, cease computer processing and utilization, and delete the personal data may contact the Company. The Company will deal with it immediately.

Article 7. Amendments to Privacy Protection Policy

Subject to the changes in the market environment, the Company will amend the Policy from time to time.  Where the user has any questions about the Private Policy of User or any matters related to personal data, the user may contact the Company via email or online customer service call.

Article 8. Jurisdiction and Governing Law

The Company retains the ultimate right to interpret the Privacy Policy.  Any defect in the Privacy Policy shall be governed by the R.O.C. laws.  The user agrees that any dispute arising from the Service between the user and the Company shall submit to the jurisdiction of Taiwan Taipei District Court in the first instance, and the R.O.C. laws shall be the governing law.

International Information Security Privacy Standard Certification ISO 27001 and ISO 27701

                   

GOGOLOOK Co., Ltd. has received the international information security standard certification ISO 27001 and international privacy information standard certification ISO 27701 and, therefore, should be considered complying with the international standards and also the OpenBanking policy of Financial Supervisory Commission, and governed by the information security and security control regulations applicable to a bank.  You can access our service without worry or burden and also rest assured that our service will guard your data safety comprehensively.