Cybersecurity Policy

1. Purpose
To maintain the Confidentiality, Integrity, and Availability (CIA) of the information assets belonging to WTG Technology Co., Ltd. (hereinafter referred to as "the Company"), to comply with relevant
regulatory requirements, and to protect user data privacy against intentional or accidental threats from both internal and external sources.
2. Scope
This policy applies to all Company personnel, outsourced service providers, and visitors. All parties are required to comply with this policy and all related cybersecurity operational standards.
To mitigate risks such as improper use, leakage, tampering, or destruction of data caused by human error, malicious intent, or natural disasters, cybersecurity management is implemented through the "Statement of Applicability," "Document Management Procedures," "Cybersecurity Audit Management Procedures," and "Corrective and Preventive Action Management Procedures," as well as the following specific procedural documents:
  • Policy Formulation & Evaluation: (Cybersecurity Policy, Cybersecurity Objective Management Procedures, Organizational Context Analysis Procedures).
  • Cybersecurity Organization (Cybersecurity Organization Management Procedures).
  • Human Resources Security (Human Resources Security Management Procedures).
  • Asset Management (Information Asset Management Procedures).
  • Data Security (Data Security Management Procedures).
  • Risk Identification and Control (Cybersecurity Risk Management Procedures).
  • Access Control Security (Access Control and Password Management Procedures).
  • Physical and Environmental Security (Physical and Environmental Security Management Procedures).
  • Operations Security Management (Operations Security Management Procedures).
  • Network Security Management (Network Security Management Procedures).
  • Information Systems Acquisition, Development, and Maintenance Security (System Development and Maintenance Management Procedures).
  • Supplier Service Management (Supplier Relationship Management Procedures).
  • Cybersecurity Incident Response and Handling (Cybersecurity Threat Intelligence and Incident Management Procedures).
  • Business Continuity Management (Business Continuity Management Procedures).
  • Compliance with Regulations and Company Policies (Regulatory Compliance Management Procedures).
3. Roles and Responsibilities
To ensure the effective implementation of the Company's cybersecurity policy, responsibilities are assigned as follows:
  • Cybersecurity Committee: Established by the Company and chaired by a Chief Information Security Officer (CISO) appointed by senior management. The committee oversees the coordination and management review of cybersecurity policies, plans, operations, and resource allocation.
  • Cybersecurity Working Group: Established under the Committee, with a Management Representative appointed by the CISO. This group is responsible for drafting and revising management procedures to maintain the effective operation of the Cybersecurity Management System (ISMS). Performance results must be reported to the Committee for management review at least once a year.
  • Departments: All units within the Company must adhere to the regulations formulated by the Cybersecurity Working Group.
  • External Parties: All employees, remote system users, and contractors must comply with this policy and related management regulations.
  • Liability: Any actions endangering cybersecurity shall result in civil or criminal liability according to the law, as well as administrative disciplinary action per Company regulations.
4. Definitions
  • Cybersecurity: The preservation of confidentiality, integrity, and availability of information and communications; it may also involve properties such as authenticity, accountability, non-repudiation, and reliability.
  • Confidentiality: The property that information is not made available or disclosed to unauthorized individuals, entities, or processes.
  • Availability: The property of being accessible and usable upon demand by an authorized entity.
  • Integrity: The property of accuracy and completeness of assets.
  • Authenticity: The property that an entity is what it claims to be.
  • Non-repudiation: The ability to prove the occurrence of a claimed event or action and its originating entities, so that the event cannot be denied later.
  • Accountability: The property that ensures that the actions of an entity can be traced uniquely to that entity.
  • Reliability: The property of consistent intended behavior and results.
5. Operational Instructions
  • The Company integrates cybersecurity objectives across all levels to establish the following overall goals:
    。Protect business information from unauthorized access (Confidentiality).
    。Protect business information from unauthorized modification (Integrity).
    。Establish business continuity plans to ensure ongoing operations (Availability).
    。Ensure all business execution meets legal and regulatory requirements (Compliance).
  • Review :
    This policy shall be reviewed at least once a year to comply with government regulations, reflect technological trends, and ensure management effectiveness.
  • Implementation:
    。Cybersecurity policies and performance reviews shall align with the Cybersecurity Committee meetings.
    。The Company shall use the "Cybersecurity Objective Effectiveness Measurement Table" (I-2-05-01) annually to measure performance and review the appropriateness of policy goals.
    。The Company shall conduct an annual organizational context analysis (I-2-19) to identify internal and external issues and understand stakeholder expectations.
    。The "Statement of Applicability" (I-1-02) shall be reviewed annually to verify the scope and the justification for including or excluding specific controls.
    。Approval: This policy and its amendments shall take effect upon approval by the Cybersecurity Committee.

 
Privacy Policy
 
WTG Technology Co., Ltd. (hereinafter referred to as "the Company") provides this Privacy Policy to explain how this website handles your personal information, ensuring that you can use our services and information with peace of mind. To protect your rights and interests, please read the following details carefully:
1. Scope of Application
This Privacy Policy covers how this website handles personally identifiable information collected when you use our website services. This policy does not apply to related websites linked through this site, nor does it apply to personnel not commissioned by or involved in the management of this website.
2.Collection, Processing, and Utilization of Personal Data
  • Purpose-Based Collection: When you visit this website or use the functional services provided herein, we will request necessary personal data depending on the nature of the service. We will process and utilize your personal data only within the scope of that specific purpose. Without your written consent, this website will not use your personal data for other purposes.
  • Interactive Features: This website will retain information such as your name, email address, contact information, and time of use when you use interactive features such as service mailboxes or surveys.
  • Browsing Logs: During general browsing, the server will automatically record relevant activities, including the IP address of your connecting device, time of use, browser type, and browsing and clicking history. This data is used as a reference to improve our website services and is for internal use only; it will never be released to the public.
  • Statistical Analysis: To provide accurate services, we perform statistical analysis on the collected survey content. The results, presented as statistical data or descriptive text, are used for internal research. We may publish such data and text as needed, provided they do not involve information relating to specific individuals.