CCIC CDIB International Corp.

Privacy Policy

China Development Financial Holding Company and its affiliated companies (hereinafter the “Group”) is dedicated to providing more diversified and comprehensive financial product. The Group will collect, process and use (hereinafter “Process or Processing”) your personal data and any information (hereinafter “Data”) which is necessary for rendering above product and service to you. The Group respects your information that you provide us and implement appropriate measures to protect your Data. In accordance with Data Protection Law of the Republic of China and related laws and regulations and for the purpose of helping you understand how the Group Process and protect your Data, the Group sets out our privacy policy as below :

How the Group Processes Data

The purposes of Processing of Data (Based on the Standard Purpose and the Types of personal data in Data Protection Law of the Republic of China as announced and amended from time to time by the supervisory authority): 001 Life and Health Insurance; 002 Personnel Administration (including but limited to new employee’s working experience and working performance, emergency contacts, employee welfare management, employee selection, information of current and previous employees, current job title, education background, test for dispatch of job position, learning and training, determination of salary , salary, attendance, employee welfare, deprivation of right, examination and inspection, or other measures taken for personnel administration); 007 Real Estate Management; 008 Enterprises Counseling; 014 Civil Servants Property-Declaration Administration, Conflict of Interest and Political Donation; 020 Management of Agents and Intermediaries; 022 Foreign- Exchange Regulation; 030 arbitration; 035 Deposit Insurance; 036 Borrower Account/Credit Facilities Administration; 037 Share and Stock-Holding Registration; 040 Marketing (including cross selling marketing); 044 Investment Management; 059 Processing of Data by Financial Service Industry Necessary for Compliance with Laws and Regulations and Order of Financial Supervisory Authority; 060 Resolve of Financial Dispute; 061 Financial supervising, management and inspection; 063 Data Processing by Non Government Agency Necessary for Compliance with a Legal Obligation; 065 Insurance Broker, Agency and notarization; 067 Credit Card, Debit Card Charge Card and Electronic Stored Value Cards Administration; 068 Trust Business and Management; 069 Processing of Data Necessary for the Performance of a Contract, in Order to Take Steps At the Request of the Data Subject Prior to Entering into a Contract or Other Legal Relationship; 071 Building Administration Urban Renewal and Public Housing Policy; 077 Real Estates Service; 082 Combined Borrower/Saver Account; 088 Borrower Account/Credit Facilities Administration; 090 Consumer, Customer Management and Service; 091 Consumers Protection; 093 Real Estate and Property Insurance; 094 Property Management; 098 Business and Technical Intelligence; 104 Accounts Management and Factoring transaction; 112 Cheque- exchange management; 113 Plead, Petition and Report to the Government Cases; 129 Accounting and Related Services; 136 Information and Data Bank Administration; 137 Information Security and Management; 148 Online Shopping and Other Electronic Transaction; 154 Private Investigation; 157 Research and Statistical Analysis; 160 Certificate Management; 166 Securities, Futures, Securities Investment Trust and Consulting Service; 177 Other Financial Management Service; 179 Other Financial Administration; 181 Other Corporation Registered- Items or Businesses Specified in the By-Laws of Associations and Foundations; 182 Other Consultancy and Advisory Services.

The Period, Territory, Recipients and Operations of Processing of Data: Period:For a period which does not exceed the period necessary for the performance of the purpose of Processing of Data, for the fulfillment of an official duty and for compliance with related laws and regulations (such as Money Laundering Control Act or Business Entity Accounting Act). Territory: The Republic of China, where affiliated companies and subsidiaries of the Group and where the correspondent banks are located, where Data transmits to other countries not limited by the supervisory government authority in charge of subject industry, where third parties Processing Data on behalf of the Group and where business offices of the companies or institutes are located which the Group has business relationship with. Recipients :

1. Except that Processing of Data is necessary for compliance with related laws and regulations, you has given explicit consent to the Group or third parties Processing Data on behalf of the Group, the Group will not disclose your Data to any other third parties. 2. The Group, the affiliated companies and subsidiaries of the Group overseas, the correspondent banks, Joint Credit Information Center, the Taiwan Clearing House, Financial Information Service Corporation, credit guarantee institutes, National Credit Card Center of R.O.C, credit card international organization, cards accepting banks, corporation or institutes process Data on behalf of the Group, Taiwan Stock Exchange Corporation, Taiwan Futures Exchange, Taiwan's GreTai Securities Market, Taiwan Depository and Clearing Corporation, business association, Corporations issuing stocks, leasing and settlement banks, Taiwan Integrated Shareholder Service Company and other government authorized institutes in charge of securities affairs and other supervisory authority in charge of subject industry, International Data recipients which locates in the territory not limited by the supervisory authority in charge of subject industry, the companies or institutes with whom the Group cross marketing and selling, the companies or institutes which the Group has business relationship and agencies and financial supervisory authorities investigating powers entitled by related laws and regulations.

Methods:Automated Processing of Data, or non-automated Processing of Data, including but not limited to Data transmission in writing, electronic transmission or international transmission.

In accordance with the Data Protection Act and related laws and regulations, you may exercise your right concerning your Data as below by notification to the Group by means of e-mail or phone (e-mail:ir@cdibh.com;phone:(02)2763- 8800) 1.Any request to reply to the inquiry, offer for a review or provide duplications on the Data collected, provided that the Group may charge a fee to those who makes above request. 2.Any request to supplement or correct the Data, provided that you shall make proper interpretation to the Group. 3.Any request to discontinue Processing of your Data, and any request to delete your Data, provided that the Group may not perform your request if it is necessary for the performance of an official duty or fulfillment of a legal obligation.

The influence on your rights and interests if you choose not to provide your Data: Please kindly be reminded that you are freely to determine whether to provide your Data or not. If you decline to provide your Data, the Group will not be able to proceed requisite examination, Process your Data and reply your request. Therefore, the Group will not be able to provide our service

Data Security

The Group implements adequate measures to protect your Data, including but not limited measures as below :
The Group implements access control to your Data. Only authorized personnel is able to access and Process your Data in a way not excessive in relation to the purposes for which your Data are collected for the avoidance of unlawful disclosure of your Data. The Group implements Secure Socket Layer (SSL) information security protocol to elevate the level of Data transmitting security. The Group implements firewall and unauthorized detection and shield system to safeguard our servers and other information storage devices to prevent unauthorized access. The Group implements physical safety measures, such as entrance control, deployment of security guard, security guard control system and back- up storage system, to keep your Data safe in emergencies or disasters.

When you are using your certificates, password or any Data, please be reminded that (Self-Precautions) :

Although the Group implements adequate measures to protect your Data, your attention and cooperation is also required.

When you use your certificates, enter password or use any Data, please avoid disclosing or sharing your Data. You should keep your certificates, password and Data in a safe condition to prevent disclosing your Data to others.

When you log in any services on website of the Group, please remember to log out after using our services. When you use someone’s or public computers, please disable cookies or other recording functions of browsers to prevent disclosing your Data. Except otherwise permitted by relevant laws and regulations, when you provide your Data to the Group, please be reminded that: 1. Please refrain from providing sensitive information such as medical, genetic, sex life, health examination and prior criminal record. 2. Please refrain from providing threatening, obscene, pornographic information or any information destroying the public order and customs. 3. Please refrain from providing other’s information without his freely given consent. 4. Except otherwise permitted by relevant laws and regulations and (or) requested by the Group, please refrain from providing any information, such as ID, financial information or password number, to us to prevent disclosing your Data or incur any fraudulent conduct.

Cookies Policy

The Group uses cookies to provide you more personalized services. When you are surfing website of the Group, your preference, habit or information that you entered will be stored and allow you to navigate web pages more efficiently. You can disable cookies by selecting appropriate settings of your browser; however you will not be able to use all services on the websites.

Marketing Information and Cross Selling

Except that Processing of Data is necessary for compliance with related laws and regulations, Processing of Data is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract or other Legal contractual relationship or you has given explicit consent to the Group, the Group will not send any marketing information to you. You may give notification to the Group by means of e-mail or phone(e-mail:ir@cdibh.com;phone:(02)2763- 8800)at any time whenever you determine not to receive any marketing information from the Group. The Group will no longer send any relevant messages or materials to you and stop using your Data for marketing purpose after receiving aforesaid notification. For more information concerning how the Group Processes your Data for cross selling and what relevant Data protection measures that the Group implements, please refer to “China Development Financial Holding Corporation and its Subsidiaries Privacy Policy of Using Clients’ Data while Engaging in Cross- selling.”

Changes to this Privacy Policy

You agree that the Group may from time to time update this privacy policy and may notify you of any changes to this privacy policy in verbal or writing or by means of phone, text messages, e-mail, facsimile, electronic documents or any other methods that you may receive or know, including but not limited to provide links to websites, indicating this privacy policy, to you.