Privacy Policy

Aethertek technology co., Ltd. and all subsidiaries and affiliates of Aethertek technology co., Ltd. (hereinafter, collectively referred to as the “Aethertek”), take processing of personal data very seriously. Aethertek ensures a reasonable and transparent processing of personal data in accordance with all applicable laws, local and international regulations, including the European Union’s General Data Protection Regulation (“GDPR”). Aethertek protects personal data and the privacy of individuals within all areas of its business in accordance with the terms of this Privacy Policy of Aethertek (“Privacy Policy”).

1. Personal data and data subject

For purpose of this Privacy Policy, “personal data” means any information relating to an identified or an identifiable natural person (a “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, e.g. by reference to a name, an identification number or online identifiers.

Personal Data is generally categorized as either “ordinary personal data” or “sensitive personal data”. Sensitive personal data is always confidential and includes racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, health, and sexual orientation. Ordinary personal data is partly confidential, includes information related to criminal offences and national identification numbers, information regarding a person’s salary, pension, debt, application material, etc., and all other types of ordinary personal data, including name, customer number, (business) contact information such as email and telephone number, photos, IP-address, and other usage information collected via cookies.

This Privacy Policy applies to all personal data Aethertek collects and processes about individuals, including employees, visitors, customers, suppliers (including third party service providers), other stakeholders and users of Aethertek’s websites and services.

2. Principles of personal data protection

Aethertek complies with the following principles in order to ensure the protection of personal data in accordance with GDPR:

  • Purpose limitation
    Aethertek may only collect and process personal data, including sensitive data (if any) for specified, explicit and legitimate purposes relevant for the business of Aethertek.
  • Lawfulness, fairness, and transparency
    Personal data must be processed lawfully, fairly, and in a transparent manner in relation to the data subject. Where legally required, Aethertek will inform the individual about the purpose for processing their personal data, their rights to have their personal data rectified, deleted or blocked, and the identity of the company responsible for the collection and processing of their personal data.
  • Data minimization
    Aethertek may only collect and process personal data adequate, relevant and limited to what is necessary in relation to purposes for which they are processed.
  • Accuracy
    To ensure that personal data processes are accurate, Aethertek must make sure that personal data is reviewed and updated in regular intervals, where appropriate.
  • Storage limitation
    Personal data must only be stored for the length of time required to fulfil the purpose, or as prescribed by the law.
  • Integrity and confidentiality
    When processing personal data, it is important that such personal data is safeguarded by adequate security measures to minimize risks, such as loss of data, unauthorized access, destruction, and accidental disclosure.
  • Cross border transfer of data
    Specific rules apply when Aethertek transfers personal data from the EU/EEA to third countries or international organizations as discussed further in the data transfer section below.

3. Owner and Data Controller

Aethertek is the owner (“Owner”) and data controller (“Data Controller”) of the personal data covered by this Privacy Policy.

Contact details:
Headquarter: 9F, No.605, Ruiguang Rd., Neihu Dist., Taipei City 114, Taiwan (R.O.C.) Telephone: +886-2-26582068
For any questions related to this Privacy Policy and processing of personal data, please contact Aethertek.

Personal data transfer, including cross-border transfer (from one country to another), between Aethertek and its affiliated companies, offices worldwide, and the parent company is in compliance with applicable law. Please see more details in the chapter about transfer of personal data of this Privacy Policy.

4. The types of and purpose for the collection of personal data

Aethertek collects and processes personal data, including sensitive data (if any) only for specified, explicit and legitimate purposes relevant for the business of Aethertek. The purpose of the collection and processing of personal data also depends on the type of data subjects. Responsible departments and their employees who have access to personal data must follow the legal requirements, the principles of this Privacy Policy and internal guidelines.

  • Employment
    Aethertek collects and processes personal data, including sensitive data (if any) of applicants, candidates and employees for employment purposes and in accordance with legal requirements.
  • Visitors
    Aethertek collects and processes personal data of visitors including name, title (if applicable) and contact details for security reasons and registers such information in the visitor log prior to granting visitors access to the Aethertek premises.
  • Aethertek’s Website Users 
    Aethertek collects by itself or through third parties personal data of website users, which may include: cookies, usage data, name, contact details, and company information, if applicable. The data is collected and processed for marketing, advertising, and analytics purposes, and also for contacting the website users, any App users, managing contacts and sending messages, remarketing and behavioral targeting.
For operation and maintenance purposes, Aethertek and any third-party service providers may collect files that record a user’s interaction with the website (“System logs”). Such personal data is obtained through consent by the website users in case of usage data and collected automatically on the Aethertek’s website. The website does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honour the “Do Not Track” requests, please read their privacy policies.
Users are responsible for any third-party personal data obtained, published or shared through the website and confirm that they have the third party’s consent to provide such personal data to Aethertek. Users who are uncertain about which personal data is mandatory are welcome to contact Aethertek.
  • Cookies
    Any use of cookies – or other tracking tools – by the website and/or by the owners of third-party services used by the website serves the purpose of providing the services required by the user, in addition to any other purposes described in this Privacy Policy.
    Aethertek uses cookies to understand and save user preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. Aethertek may contract with third-party service providers to assist in better understanding UR website visitors. These service providers are not permitted to use the information collected on Aethertek’s behalf except to help conduct and improve Aethertek’s business.
  • Marketing
    Aethertek collects and processes personal data (including name and contact details) about current and new customers, business partners, suppliers, including third- party service providers, distributors, leads and individuals, website users and on individuals who have signed up for Aethertek’s newsletters or other electronical marketing materials, as well as in some cases for the following purposes: analytics, contacting, managing contacts and sending messages, remarketing and behavioral targeting, advertising, and exhibitions.
    Such personal data is collected and processed under the marketing consent. Aethertek obtains valid consent through an online form. The marketing department and other involved departments must ensure that marketing consent is obtained before collecting and processing such personal data.
    Aethertek may use third parties as a service provider to send out marketing information on its behalf but only in accordance with applicable legal requirements. For any further questions related to marketing information, please contact the marketing department.
  • Contracts, purchase orders, and other transactional agreements
    In connection with its sales and purchase transactions, Aethertek collects and processes personal data, including the name, contact details, delivery details, correspondence, and payment details necessary for conducting business and to comply with export compliance regulations and other legal due diligence obligations.
  • Accounting and Finance
    Aethertek collects personal data for accounting and financial purposes in accordance with applicable requirements. This information is provided to accounting by other internal departments or received directly from the individuals/companies, employees, and includes information such as name, address, company name, registration number, payment details and bank details, delivery address and other mandatory information.
  • Legal action
    In case of a dispute, Aethertek may retain personal information necessary for its legitimate interest to ensure that Aethertek can properly bring or defend legal claims in court or during the stages leading to possible legal action. Aethertek may need to share this information with third parties such as insurance and/or legal advisers and Aethertek may also be required to reveal personal data upon request of public authorities.
  • Reporting (whistleblowing) system
    Aethertek respects confidentiality of whistle-blowers and has several channels in place for such reporting, including electronic/digital systems. Aethertek collects and processes personal data in the reporting system for the purpose of conducting investigations, and to take remedial or legal actions in accordance with legal requirements and this Privacy Policy.
  • Consent & withdrawal of consent
    To the extent that our processing activities is based on your consent, you will have the right to withdraw your consent at any time. If you withdraw your consent, we will cease to process your personal data, unless and to the extent that continued processing is permitted or required according to the applicable personal data legislation or other applicable law. If you withdraw your consent, it will not affect the lawfulness of processing conducted prior to the withdrawal.
Where personal data is processed for a public interest, in the exercise of an official authority vested in Aethertek or for the purpose of the legitimate interests pursued by Aethertek, an individual may object to such processing by providing a ground related to the individual’s particular situation to justify the objection. However, if personal data is processed for direct marketing purposes, an individual can object to such processing at any time without providing any justification by contacting Aethertek.

5. Legal grounds for processing of personal data

Aethertek may process personal data if one of the following options applies:

  • Individual/company has given prior consent to processing of his/her/its personal data for one or more specific purposes. Note: Under some legislations Aethertek may be allowed to process personal data until individual object to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of personal data is subject to European Data Protection law;
  • Processing of data is necessary for the performance of a contract and/or for any pre- contractual obligations thereof;
  • Processing is necessary for compliance with any legal obligations;
  • Processing of your personal data is necessary to establish, exercise or defend any legal claims;
  • Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in Aethertek;
  • Processing is necessary for the purposes of the legitimate interests pursued by Aethertek or by a third party, if such interests are not considered to override individual/company interests or fundamental rights. Such legitimate interests may be Aethertek’s interests in developing, marketing and selling the products and providing services, pursuing and maintaining business relationship with customers, suppliers, distributors, partners and other business relations.

Upon request, Aethertek will provide information to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

6. Place and data transfer

The personal data is processed at the Aethertek’s operating offices and in any other places where the parties involved in the processing are located. Specific rules apply when Aethertek transfer personal data from the EU/EEA to third countries or international organizations. When transferring personal data to third countries or international organizations, Aethertek is obligated to establish appropriate safeguards prior to the transfer.

7. Retention period

Personal data collected by Aethertek shall be processed and stored for as long as required by the purpose for which the personal data has been collected. Aethertek may be allowed to retain personal data for a longer period if Aethertek has obtained valid consent to the processing activity as long as such consent is not withdrawn. Furthermore, Aethertek may be obliged to retain the personal data for a longer period, whenever required to do so for the performance of a legal obligation or to establish, exercise or defend a legal claim.

Once the retention period expires, personal data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be accommodated after expiration of the retention period.

8. Data security and data breach

Aethertek takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of personal data. The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In order to protect your personal data, we continuously assess the risks that may be associated with our processing of your personal data. In particular, we pay attention to protecting your personal data against discrimination, identity theft, financial loss, loss of reputation and data confidentiality. To avoid loss of personal data, we continuously backup our systems, and we make use of encryption or other security measures where necessary. Finally, we train our employees in handling personal data.

In the event of a data breach that involves high risk to your rights, we will notify you of the breach as soon as possible under the given circumstances. “A personal data breach” means a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data. In short, there will be a personal data breach whenever any personal data is lost, destroyed, corrupted, disclosed without proper authorization, or if the data is made unavailable.

If you experience or suspect a personal data breach, please report to Aethertek immediately.

9. Individuals’ rights

Where legally required, Aethertek shall inform individuals of the purpose of processing their personal data, rights to have their personal data rectified, deleted or blocked, and the identity of the company responsible for the collection and process their personal data. In all other cases, users may inquire with Aethertek to find out which rights apply to them.

Individuals have the following rights:

  • Withdrawal of consent – the right at any time to withdraw previously given consent to the processing of his/her/its personal data.
  • Object to processing of personal data – the right to object to the processing of personal data if such processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section of this Privacy Policy.
  • Access to personal data – the right to learn if personal data is being processed by Aethertek, obtain disclosure regarding certain aspects of the processing and obtain a copy of the data undergoing processing.
  • Verify and seek rectification – the right to verify the accuracy of his/her/its personal data and ask for it to be updated or corrected.
  • Restrict the processing of personal data – the right, under certain circumstances, to restrict the processing of his/her/its personal data. In this case, Aethertek will not process mentioned personal data for any purpose other than storing it.
  • Deleted personal data or otherwise removed – the right, under certain circumstances, to obtain the erasure of his/her/its personal data from Aethertek.
  • Have personal data transferred to another data controller – the right, under certain circumstances, to have personal data transmitted to another controller without any hindrance.
  • Lodge a complaint – the right to bring a claim before his/her/its competent data protection authority.

10. Ongoing Audit & Monitoring

Through a combination of external and internal controls, ongoing audit and monitoring, Aethertek seeks to maintain secure processing of data and prevent data loss. In case of audit findings, the responsible department must prepare a mitigation plan, including corrective and preventive actions to mitigate risks and bring procedures and policies in compliance with legal requirements, corporate standards and this Privacy Policy.

11. Reporting system and contact details

In case of questions and/or possible violations of this Privacy Policy, please contact Aethertek:
E-mail: [email protected]

Any request can be exercised free of charge and will be addressed as expeditiously as possible and always within one (1) month or sooner, if required by applicable law.

12. Changes to this Privacy Policy

Aethertek reserves the right to amend this Privacy Policy. The latest edition will always be available at our website, and we strongly recommend that you continually monitor and update yourself with our Privacy Policy.